WO2020037654A1 - Procédé, dispositif et système de protection de données en chaîne de blocs, et support d'informations lisible par ordinateur - Google Patents

Procédé, dispositif et système de protection de données en chaîne de blocs, et support d'informations lisible par ordinateur Download PDF

Info

Publication number
WO2020037654A1
WO2020037654A1 PCT/CN2018/102264 CN2018102264W WO2020037654A1 WO 2020037654 A1 WO2020037654 A1 WO 2020037654A1 CN 2018102264 W CN2018102264 W CN 2018102264W WO 2020037654 A1 WO2020037654 A1 WO 2020037654A1
Authority
WO
WIPO (PCT)
Prior art keywords
encrypted
data
blockchain
ciphertext
blockchain node
Prior art date
Application number
PCT/CN2018/102264
Other languages
English (en)
Chinese (zh)
Inventor
袁振南
谈扬
Original Assignee
区链通网络有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 区链通网络有限公司 filed Critical 区链通网络有限公司
Priority to PCT/CN2018/102264 priority Critical patent/WO2020037654A1/fr
Priority to CN201880002220.4A priority patent/CN109690551B/zh
Publication of WO2020037654A1 publication Critical patent/WO2020037654A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies

Definitions

  • This application relates to the field of blockchain technology, and in particular, this application relates to a method, device, system, and computer-readable storage medium for protecting blockchain data.
  • Blockchain technologies such as Bitcoin and Ethereum provide the foundation for building a completely decentralized Internet application.
  • the underlying technology of the blockchain builds a decentralized and trusted distributed network, all nodes maintain a shared database ledger, and all records are traceable and cannot be changed.
  • this application proposes a method, a device, a system, and a computer-readable storage medium for protecting blockchain data to protect the blockchain data and improve the efficiency of the calculation and processing of the blockchain data.
  • Embodiments of the present application provide a method for protecting blockchain data according to a first aspect, including:
  • the first blockchain node performs homomorphic encryption on the encrypted data to obtain the encrypted ciphertext
  • the second blockchain node obtains the request from the blockchain system
  • the second blockchain node calculates the obtained encrypted ciphertext, and uploads the calculation result to the blockchain system.
  • the embodiments of the present application also provide another method for protecting blockchain data, including:
  • the embodiments of the present application also provide another method for protecting blockchain data, including:
  • the calculation results are uploaded to the blockchain system.
  • the embodiment of the present application further provides a blockchain data protection system according to the fourth aspect, including a first blockchain node and a second blockchain node;
  • the first blockchain node is configured to perform homomorphic encryption on the encrypted data to obtain an encrypted ciphertext; upload a request for calculating the encrypted ciphertext to a blockchain system;
  • the second blockchain node is configured to obtain the request from the blockchain system; obtain the encrypted ciphertext according to the request; calculate the obtained encrypted ciphertext, and upload the calculation result to the area Blockchain system.
  • the embodiment of the present application further provides a blockchain data protection device according to a fifth aspect, including:
  • An encryption module for homomorphically encrypting the encrypted data to obtain encrypted cipher text
  • a request uploading module is configured to upload a request for calculating the encrypted ciphertext to a blockchain system, so that other blockchain nodes in the blockchain system perform the encryption ciphertext upon receiving the request. Calculation.
  • the embodiments of the present application further provide another blockchain data protection device, including:
  • a request obtaining module configured to obtain a request for calculating an encrypted ciphertext uploaded by a first blockchain node from a blockchain system; the encrypted ciphertext is obtained by homomorphic encryption of data to be encrypted;
  • An encrypted ciphertext obtaining module configured to obtain the encrypted ciphertext according to the request
  • An uploading module is configured to upload the calculation result to the blockchain system.
  • the embodiments of the present application further provide a computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, the method for protecting a blockchain data according to any one of the foregoing is implemented. .
  • the foregoing blockchain data protection method, device, system, and computer-readable storage medium perform homomorphic encryption on encrypted data, and uploads the obtained encrypted ciphertext to the blockchain system, thereby protecting the security of the blockchain data.
  • Homomorphic encryption supports multiple operations (addition, multiplication) and high computational efficiency. Therefore, by introducing efficient homomorphic encryption with more abundant computing operation types, the efficiency of blockchain data calculation processing is improved.
  • FIG. 1 is a schematic structural diagram of a communication system applicable to a blockchain data protection method according to an embodiment of the present application
  • FIG. 2 is a schematic diagram of a blockchain data protection method according to an embodiment of the present application.
  • FIG. 3 is a schematic diagram of a blockchain data protection method according to an embodiment of the present application.
  • FIG. 4 is a schematic diagram of a blockchain data protection system according to an embodiment of the present application.
  • FIG. 5 is a schematic diagram of a blockchain data protection method according to another embodiment of the present application.
  • FIG. 6 is a schematic diagram of a blockchain data protection device according to an embodiment of the present application.
  • FIG. 7 is a schematic diagram of a blockchain data protection method according to another embodiment of the present application.
  • FIG. 8 is a schematic diagram of a blockchain data protection device according to another embodiment of the present application.
  • FIG. 9 is a schematic diagram of a server according to an embodiment of the present application.
  • first, second, and the like used in this application can be used herein to describe various elements, but these elements are not limited by these terms. These terms are only used to distinguish the first element from another element.
  • a first blockchain node may be referred to as a second blockchain node, and similarly, a second blockchain node may be referred to as a first block Chain node.
  • Both the first blockchain node and the second blockchain node are blockchain nodes, but they are not the same blockchain node.
  • the blockchain data protection method provided in this application can be applied to the communication system shown in FIG. 1.
  • the communication system includes: a blockchain network, a first blockchain node 11 and a second blockchain node 12.
  • a blockchain network includes: a blockchain network, a first blockchain node 11 and a second blockchain node 12.
  • This is for illustrative purposes only, and does not limit the specific number of blockchain nodes. It also does not limit the types of blockchain nodes.
  • Blockchain nodes can specifically be smartphones, tablets, laptops, etc., and combinations thereof.
  • the first blockchain node 11 is used to encrypt the data to be encrypted and upload a calculation request to the blockchain system
  • the second blockchain node 12 is used to obtain the request and calculate the encrypted ciphertext performed in the request.
  • a method for protecting blockchain data includes:
  • the first blockchain node performs homomorphic encryption on the encrypted data to obtain encrypted ciphertext.
  • Blockchain is a new application model of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithms.
  • the so-called consensus mechanism is a mathematical algorithm for establishing trust and obtaining rights between different nodes in a blockchain system.
  • Blockchain nodes refer to computers in the blockchain network, including mobile phones, miners, desktops, servers, etc.
  • the person who operates a blockchain node can be an ordinary wallet user, a miner, and multiple people, etc. .
  • Homomorphic encryption is a special kind of encryption that allows calculations (addition, multiplication) to be performed directly on the ciphertext, and after decryption, the result corresponding to the plaintext calculation is obtained.
  • Homomorphic encryption is divided into full homomorphic encryption (supporting both addition and multiplication) and partial homomorphic encryption (addition or multiplication), which is an important research direction of current cryptography. Especially in terms of full homomorphic encryption, it has a wide range of application scenarios in terms of user privacy protection, such as implementing searchable encryption, and cloud platforms analyzing user encrypted data.
  • the first fully homomorphic encryption scheme was based on lattice ciphers, which was proposed by Craig Gentry in 2009, and has led to a boom in research in this direction.
  • Homomorphic encryption can use the existing encryption methods in the prior art, and it will be described below with reference to two examples.
  • Nebula Genomics is committed to using blockchain technology to promote the research and development of genetic analysis. Eliminate middlemen in the gene market, so that users can control the buying and selling of their own genetic data, and scientific research institutions such as hospitals and universities can also purchase genetic data directly from individuals. In this process, users are inevitably required to send genetic data to the buyer, and the buyer then performs calculation analysis on the data.
  • Nebula Genomics uses Intel Software Guard Extensions (SGX, Intel Software Protection Extensions) and some homomorphic encryption (addition), as shown in Figure 3.
  • Enigma provides a more extensive privacy-protected computing platform. Applicable to secure multi-party computing, users can split the data to be processed into multiple copies and distribute them to different nodes for calculation, further improving the calculation processing speed.
  • SPDZ is used to prevent attacks by malicious nodes and perform related homomorphic encryption operations on ciphertext.
  • the homomorphic encryption algorithm selected and designed needs to support multiple operations (addition, multiplication) and high computational efficiency.
  • the first blockchain node performs homomorphic encryption on the encrypted data to obtain encrypted ciphertext, including: the first blockchain node performs homomorphism on the encrypted data through a multi-key privacy protection outsourcing computing algorithm. Encrypt to get encrypted ciphertext.
  • Multi-key privacy protection outsourcing calculation algorithms support addition (SAD), multiplication (SMD), and even division (SDIV) over integers, solving the greatest common factor (SGCD), maximum and minimum filtering (SMMS), and more.
  • the blockchain platform integrates the addition and multiplication in the multi-key privacy protection outsourcing calculation algorithm, which can already meet almost all application requirements, such as counting employee salaries, performing machine neural network learning on user data samples, and other operations. Two operations are derived. In order to better understand the algorithm, we will use add homomorphism and multiplication homomorphism for illustration.
  • the first blockchain node performs homomorphic encryption on the encrypted data by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext, including:
  • the first blockchain node splits the data to be encrypted into a first part and a second part.
  • each data in the data to be encrypted is classified according to attributes. There are two classes, each class is a part, and so on.
  • the first blockchain node encrypts the sum of the first part and the first random number by a set first public key to obtain a first encrypted data; and the second public key sets the second public key.
  • the sum of the partial and second random numbers is encrypted to obtain second encrypted data.
  • This step is expressed as a formula:
  • X is a first encrypted data
  • pka of the first public key x is a first portion
  • r a is a first random number
  • [] pka a first public key pair [] is the number of encrypted
  • pkb second Public key y is the second part
  • r b is the second random number
  • [] pkb is the second public key to encrypt the number in [].
  • the first blockchain node decrypts the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain the first decrypted data; and using the first decryption algorithm and the The first private key decrypts the second encrypted data to obtain second decrypted data.
  • This step is expressed as a formula:
  • X ′ is the first decrypted data
  • PDO is the first decrypted algorithm
  • SK (1) is the first private key
  • Y ′ is the second decrypted data.
  • the first blockchain node decrypts the first encrypted data and the first decrypted data by using a preset second decryption algorithm and a set second private key to obtain third decrypted data.
  • the second decryption algorithm and the second private key decrypt the second encrypted data and the second decrypted data to obtain fourth decrypted data.
  • This step is expressed as a formula:
  • X is the third decrypted data
  • Y is the fourth decrypted data
  • PDT is the second decryption algorithm
  • SK (2) is the second private key.
  • the first blockchain node encrypts the difference between the first sum value and the second sum value through a third public key to obtain an encrypted ciphertext of the data to be encrypted; the first sum value is the A sum of the third decrypted data and the fourth decrypted data, and the second sum value is a sum of the first random number and the second random number.
  • This step is expressed as a formula:
  • S is the first sum value
  • R is the second sum value
  • pkc is the third public key
  • N is the size of the integer field.
  • the ordinary homomorphic addition encryption algorithm only supports the calculation on the ciphertext encrypted under the same key, and SAD in this algorithm, given the ciphertext encrypted by different keys, [x] pka, [x] pkb, and the introduction
  • the random numbers r a and r b can also obtain the ciphertext corresponding to the plaintext addition.
  • the first blockchain node performs homomorphic encryption on the encrypted data by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext, including:
  • the first blockchain node splits the data to be encrypted into a first part and a second part.
  • each data in the data to be encrypted is classified according to attributes. There are two classes, each class is a part, and so on.
  • the first blockchain node encrypts the first part and the first random number through a set first public key, and multiplies the two values obtained after encryption to obtain the first encrypted data. Encrypts the second part and the second random number with the second public key, and multiplies the two values obtained after encryption to obtain the second encrypted data; Encrypt the difference between the product of the second random number and the first part to obtain third encrypted data; use the second public key to pair the fourth random number with the product of the first random number and the second part The difference is encrypted, and the fourth encrypted data is obtained.
  • This step is expressed as a formula:
  • X is the first encrypted data
  • Y is the second encrypted data
  • S is the third encrypted data
  • T is the fourth encrypted data
  • pka is the first public key
  • [] pka is the first public key pair [].
  • Data is encrypted, x is the first part, r x is the first random number, y is the second part, r y is the second random number, [] pkb is the data in [] encrypted by the second public key, pkb is the second public key, R x is the third random number, and R y is the fourth random number.
  • the first blockchain node decrypts the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data.
  • the first private key decrypts the second encrypted data to obtain second decrypted data; and decrypts the third encrypted data through the first decryption algorithm and the first private key to obtain third decrypted data ; Decrypting the fourth encrypted data by using the first decryption algorithm and the first private key to obtain fourth decrypted data.
  • This step is expressed as a formula:
  • X 1 PDO SK (1) (X)
  • Y 1 PDO SK (1) (Y)
  • S 1 PDO SK (1) (S)
  • T 1 PDO SK (1) (T)
  • PDO is the first decryption algorithm
  • SK (1) is the first private key
  • X 1 , Y 1 , S 1 , and T 1 are the first decrypted data, the second decrypted data, the third decrypted data, and the fourth decrypted in this order. data.
  • the first blockchain node decrypts the first decrypted data and the first encrypted data by using a preset second decryption algorithm and a set second private key, and using the second decryption algorithm and Decrypting the second decrypted data and the first encrypted data by the second private key, and multiplying the two values obtained after the decryption to obtain fifth decrypted data; by the second decryption algorithm and the The second private key decrypts the third decrypted data and the third encrypted data to obtain a sixth decrypted data; the fourth decrypted data and all the encrypted data are obtained through the second decryption algorithm and the second private key. Decrypt the fourth encrypted data to obtain the seventh decrypted data.
  • This step is expressed as a formula:
  • h is the fifth decrypted data
  • PDT is the second decrypted algorithm
  • SK (2) is the second private key
  • S2 is the sixth decrypted data
  • T2 is the seventh decrypted data.
  • the first blockchain node encrypts the fifth decrypted data, the sixth decrypted data, and the seventh decrypted data by using a set third public key to obtain the fifth encrypted data and the sixth Encrypted data and seventh encrypted data; encrypting a product of the first random number and the second random number with the third public key, and calculating the (N-1) th power of the value obtained after the encryption, Obtain the eighth encrypted data; encrypt the third random number by the third public key, and calculate the (N-1) -th power of the encrypted value to obtain the ninth encrypted data; pass the third The public key encrypts the fourth random number, and calculates the (N-1) -th power of the value obtained after encryption to obtain tenth encrypted data; N represents the size of the integer field.
  • This step is expressed as a formula:
  • H, S3, T3, S4, S5, and S6 are the fifth decrypted data, the sixth decrypted data, the seventh decrypted data, the eighth encrypted data, the ninth encrypted data, and
  • pkc is a third public key
  • N represents a size of an integer domain.
  • the first blockchain node sends the fifth encrypted data, the sixth encrypted data, the seventh encrypted data, the eighth encrypted data, the ninth encrypted data, and the tenth Multiply the encrypted data to obtain the encrypted ciphertext of the data to be encrypted.
  • This step is expressed as a formula:
  • the multiplication homomorphism (SMD) given the ciphertexts [x] pka, [x] pkb, and random numbers rx, ry encrypted with different keys can also obtain the ciphertext corresponding to the plaintext multiplication.
  • the multi-key privacy protection outsourced computing algorithm can not only realize the encryption of the data to be encrypted, but also has higher computational efficiency than other homomorphic encryption algorithms.
  • the data to be encrypted is data that needs to be protected, such as transaction data.
  • multi-key privacy protection outsourcing computing algorithm to encrypt the encrypted data, the encrypted ciphertext can be obtained.
  • the first blockchain node uploads a request for computing the encrypted ciphertext to a blockchain system.
  • the request for calculating the encrypted cipher text may be specifically determined according to service requirements, such as calculating an average value or a variance of the encrypted cipher text.
  • the first blockchain node can upload a request to calculate encrypted ciphertext through a smart contract or op_return.
  • Smart contract is a computer protocol designed to spread, verify or execute contracts in an information-based manner. Smart contracts allow trusted transactions to be performed without a third party. These transactions are traceable and irreversible.
  • OP_RETURN can realize the broadcasting and recording of data in the blockchain, omitting the calculation steps, thus achieving the purpose of saving time and computing power.
  • the uploading, by the first blockchain node to the blockchain system, a request to calculate the encrypted ciphertext includes:
  • the first blockchain node uploads the encrypted ciphertext to a distributed file system, and obtains a file hash value of the encrypted ciphertext.
  • Distributed file system refers to the physical storage resources managed by the file system are not necessarily directly connected to the local node, but connected to the node through a computer network.
  • the distributed file system may be an IPFS file system (InterPlanetary File System, Interstellar File System).
  • IPFS is a peer-to-peer distributed file system. It attempts to connect the same file system for all computing devices (IPFS miners).
  • the first blockchain node uploads the encrypted ciphertext to the distributed file system.
  • the file hash value (file hash) can be calculated before uploading the encrypted ciphertext, or the hash value of the file can be returned when uploading IPFS.
  • the first blockchain node stores a correspondence between the file hash value and the encrypted cipher text in the distributed file system into a pre-created distributed hash table.
  • the first blockchain node creates a distributed hash-table (DHT, distributed hash table) in advance, and the DHT is accessed through the blockchain (Ethereum smart contract or Bitcoin op_return, etc.).
  • DHT stores file hash indexes.
  • Other blockchain nodes can obtain specific encrypted cipher text in the distributed file system through hash indexes.
  • the first blockchain node uploads a request for calculating the encrypted ciphertext to a blockchain system; the request includes a file hash value of the encrypted ciphertext.
  • the request for calculating the encrypted ciphertext uploaded by the first blockchain node may include the file hash value of the encrypted ciphertext.
  • the second blockchain node obtains the request from the blockchain system.
  • the second blockchain node can obtain the request from the blockchain system. If the request includes a file hash value of the encrypted ciphertext, the second blockchain node obtains the file hash value of the encrypted ciphertext.
  • the second blockchain node obtains the encrypted ciphertext according to the request.
  • the second blockchain node needs to obtain the corresponding encrypted ciphertext according to the request for calculation.
  • the obtaining, by the second blockchain node, the encrypted ciphertext according to the request includes:
  • the second blockchain node accesses the distributed hash table through the blockchain system.
  • the distributed hash table stores the correspondence between the file hash value and the encrypted cipher text in the distributed file system.
  • the second blockchain node needs to access the distributed hash table through the blockchain system.
  • the second blockchain node searches the distributed file system for the encrypted ciphertext corresponding to the file hash value in the request according to the distributed hash table.
  • the request contains a file hash value.
  • the encrypted cipher text in the distributed file system corresponding to the file hash value can be determined, and then the encrypted cipher text is obtained from the distributed file system.
  • the second blockchain node calculates the obtained encrypted ciphertext, and uploads the calculation result to the blockchain system.
  • the second blockchain node can directly perform calculations on the encrypted ciphertext, such as averaging or variance, to obtain the calculation result, and upload the calculation result to the blockchain system. Since the multi-key privacy protection outsourcing calculation algorithm is adopted, not only the encryption of the blockchain data is realized, but also the efficiency of the calculation of the blockchain data is improved.
  • the second blockchain node calculates the obtained encrypted ciphertext, uploads the calculation result to the blockchain system, and then further includes: the blockchain system verifies the calculation. When the result is valid, a token reward is issued to the second blockchain node. The blockchain system verifies whether the calculation result uploaded by the second blockchain node is accurate. If it is accurate, it will issue token rewards to the second blockchain node that calculates accurately, such as a certain amount of bitcoin, etc. No token reward will be issued to the second blockchain node that uploads the calculation results.
  • the present application also provides a blockchain data protection system, including a first blockchain node 41 and a second blockchain node 42;
  • the first blockchain node 41 is configured to perform homomorphic encryption on the encrypted data to obtain an encrypted ciphertext; upload a request for computing the encrypted ciphertext to a blockchain system;
  • the second blockchain node 42 is configured to obtain the request from the blockchain system; obtain the encrypted ciphertext according to the request; perform calculation on the obtained encrypted ciphertext, and upload the calculation result to the Blockchain system.
  • the first blockchain node 41 performs homomorphic encryption on the encrypted data by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext.
  • the first blockchain node 41 obtains the encrypted ciphertext through the following operations:
  • the first blockchain node splits the data to be encrypted into a first part and a second part
  • the first blockchain node encrypts the sum of the first part and the first random number by a set first public key to obtain the first encrypted data; and sets the second part and the second part by a set second public key. Encrypt the sum of the second random number to obtain second encrypted data;
  • the first blockchain node decrypts the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data; and using the first decryption algorithm and the first A private key decrypting the second encrypted data to obtain second decrypted data;
  • the first blockchain node decrypts the first encrypted data and the first decrypted data by using a preset second decryption algorithm and a set second private key to obtain third decrypted data; through the first Two decryption algorithms and the second private key decrypt the second encrypted data and the second decrypted data to obtain fourth decrypted data;
  • the first blockchain node encrypts the difference between the first sum value and the second sum value through a third public key to obtain an encrypted ciphertext of the data to be encrypted; the first sum value is the third The sum of the decrypted data and the fourth decrypted data, and the second sum is a sum of the first random number and the second random number.
  • the first blockchain node 41 obtains the encrypted ciphertext through the following operations:
  • the first blockchain node splits the data to be encrypted into a first part and a second part
  • the first blockchain node encrypts the first part and the first random number respectively through a first public key that is set, and multiplies the two values obtained after encryption to obtain the first encrypted data.
  • Two public keys respectively encrypt the second part and the second random number, and multiply the two values obtained after encryption to obtain the second encrypted data; the third random number and the third random number are obtained by the first public key Encrypt the difference between the second random number and the first partial product to obtain third encrypted data; perform the difference between the fourth random number and the first random number and the second partial product by using the second public key; Encrypt to obtain the fourth encrypted data;
  • the first blockchain node decrypts the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data; and using the first decryption algorithm and the first A private key decrypts the second encrypted data to obtain second decrypted data; decrypts the third encrypted data through the first decryption algorithm and the first private key to obtain third decrypted data; Decrypting the fourth encrypted data by the first decryption algorithm and the first private key to obtain fourth decrypted data;
  • the first blockchain node decrypts the first decrypted data and the first encrypted data by using a preset second decryption algorithm and a set second private key, and by using the second decryption algorithm and the The second private key decrypts the second decrypted data and the first encrypted data, and multiplies the two values obtained after decryption to obtain a fifth decrypted data; the second decryption algorithm and the second decrypted data are obtained.
  • a private key decrypts the third decrypted data and the third encrypted data to obtain a sixth decrypted data; the fourth decrypted data and the first decrypted data are obtained through the second decryption algorithm and the second private key.
  • Four encrypted data are decrypted to obtain seventh decrypted data;
  • the first blockchain node encrypts the fifth decrypted data, the sixth decrypted data, and the seventh decrypted data by using a set third public key to obtain the fifth encrypted data and the sixth encrypted data.
  • the seventh encrypted data encrypt the product of the first random number and the second random number with the third public key, and calculate the (N-1) -th power of the value obtained after encryption to obtain the first Eight encrypted data;
  • the third random number is encrypted by the third public key, and the (N-1) -th power of the value obtained after the encryption is calculated, to obtain the ninth encrypted data; by the third public key Encrypt the fourth random number, and calculate the (N-1) th power of the value obtained after encryption to obtain tenth encrypted data;
  • N represents the size of the integer field;
  • the first blockchain node sends the fifth encrypted data, the sixth encrypted data, the seventh encrypted data, the eighth encrypted data, the ninth encrypted data, and the tenth encrypted data. Multiply to obtain the encrypted ciphertext of the data to be encrypted.
  • the first blockchain node 41 uploads the encrypted ciphertext to a distributed file system, and obtains a file hash value of the encrypted ciphertext;
  • the correspondence between the encrypted ciphertext in the distributed file system is stored in a pre-created distributed hash table; a request to calculate the encrypted ciphertext is uploaded to a blockchain system; the request includes the encrypted ciphertext File hash.
  • the second blockchain node 42 accesses the distributed hash table through the blockchain system; according to the distributed hash table, looks up all the addresses in the distributed file system.
  • a token reward is issued to the second blockchain node.
  • the blockchain system verifies whether the calculation result uploaded by the second blockchain node is accurate. If it is accurate, it will issue token rewards to the second blockchain node that calculates accurately, such as a certain amount of bitcoin, etc. No token reward will be issued to the second blockchain node that uploads the calculation results.
  • a method for protecting blockchain data includes:
  • Blockchain is a new application model of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithms.
  • the so-called consensus mechanism is a mathematical algorithm for establishing trust and obtaining rights between different nodes in a blockchain system.
  • Blockchain nodes refer to computers in the blockchain network, including mobile phones, miners, desktops, servers, etc.
  • the person who operates a blockchain node can be an ordinary wallet user, a miner, and multiple people, etc. .
  • Homomorphic encryption is a special kind of encryption that allows calculations (addition, multiplication) to be performed directly on the ciphertext, and after decryption, the result corresponding to the plaintext calculation is obtained.
  • Homomorphic encryption is further divided into full homomorphic encryption (supporting both addition and multiplication) and partial homomorphic encryption (addition or multiplication), which is an important research direction of current cryptography. Especially in terms of full homomorphic encryption, it has a wide range of application scenarios in terms of user privacy protection, such as implementing searchable encryption, and cloud platforms analyzing user encrypted data.
  • performing homomorphic encryption on the encrypted data to obtain the encrypted ciphertext includes: performing homomorphic encryption on the encrypted data through a multi-key privacy protection outsourcing computing algorithm to obtain the encrypted ciphertext.
  • Multi-key privacy protection outsourcing calculation algorithms support addition (SAD), multiplication (SMD), and even division (SDIV) over integers, solving the greatest common factor (SGCD), maximum and minimum filtering (SMMS), and more.
  • the blockchain platform will integrate the addition and multiplication in the multi-key privacy protection outsourcing calculation algorithm. This can already meet almost all application requirements, such as counting employee salaries, performing machine neural network learning on user data samples, etc. Other operations can Derived on these two operations. In order to better understand the algorithm, we will use add homomorphism and multiplication homomorphism for illustration.
  • the encrypted data is homomorphically encrypted by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted cipher text, including:
  • each data in the data to be encrypted is classified according to attributes. There are two classes, each class is a part, and so on.
  • S512 Encrypt the sum of the first part and the first random number by using the set first public key to obtain the first encrypted data; sum the sum of the second part and the second random number by using the set second public key. Encrypt to obtain the second encrypted data.
  • This step is expressed as a formula:
  • X is a first encrypted data
  • pka of the first public key x is a first portion
  • r a is a first random number
  • [] pka a first public key pair [] is the number of encrypted
  • pkb second Public key y is the second part
  • r b is the second random number
  • [] pkb is the second public key to encrypt the number in [].
  • This step is expressed as a formula:
  • X ′ is the first decrypted data
  • PDO is the first decrypted algorithm
  • SK (1) is the first private key
  • Y ′ is the second decrypted data.
  • This step is expressed as a formula:
  • X is the third decrypted data
  • Y is the fourth decrypted data
  • PDT is the second decryption algorithm
  • SK (2) is the second private key.
  • This step is expressed as a formula:
  • S is the first sum value
  • R is the second sum value
  • pkc is the third public key
  • N is the size of the integer field.
  • the ordinary homomorphic addition encryption algorithm only supports the calculation on the ciphertext encrypted under the same key, and SAD in this algorithm, given the ciphertext encrypted by different keys, [x] pka, [x] pkb, and the introduction
  • the random numbers r a and r b can also obtain the ciphertext corresponding to the plaintext addition.
  • the encrypted data is homomorphically encrypted by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext, including:
  • each data in the data to be encrypted is classified according to attributes. There are two classes, each class is a part, and so on.
  • S51b Encrypt the first part and the first random number respectively by using a set first public key, and multiply the two values obtained by encryption to obtain the first encrypted data; and separately set the second public key to each The second part and the second random number are encrypted, and the two encrypted values are multiplied to obtain the second encrypted data; the third random number and the second random number are summed by the first public key. Encrypt the difference of the first partial product to obtain third encrypted data; encrypt the difference between the fourth random number and the first random number and the second partial product by the second public key to obtain a fourth encryption data.
  • This step is expressed as a formula:
  • X is the first encrypted data
  • Y is the second encrypted data
  • S is the third encrypted data
  • T is the fourth encrypted data
  • pka is the first public key
  • [] pka is the first public key pair [].
  • Data is encrypted, x is the first part, r x is the first random number, y is the second part, r y is the second random number, [] pkb is the data in [] encrypted by the second public key, pkb is the second public key, R x is the third random number, and R y is the fourth random number.
  • S51c Decrypt the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data; and use the first decryption algorithm and the first private key to decrypt the first encrypted data.
  • Decrypt the second encrypted data to obtain the second decrypted data; decrypt the third encrypted data by the first decryption algorithm and the first private key to obtain third decrypted data; and pass the first decryption algorithm Decrypt the fourth encrypted data with the first private key to obtain fourth decrypted data.
  • This step is expressed as a formula:
  • X 1 PDO SK (1) (X)
  • Y 1 PDO SK (1) (Y)
  • S 1 PDO SK (1) (S)
  • T 1 PDO SK (1) (T)
  • PDO is the first decryption algorithm
  • SK (1) is the first private key
  • X 1 , Y 1 , S 1 , and T 1 are the first decrypted data, the second decrypted data, the third decrypted data, and the fourth decrypted in this order. data.
  • S51d Decrypt the first decrypted data and the first encrypted data by using a preset second decryption algorithm and a set second private key, and perform decryption by using the second decryption algorithm and the second private key.
  • the second decrypted data and the first encrypted data are decrypted, and the two values obtained after decryption are multiplied to obtain a fifth decrypted data; the second decrypted algorithm and the second private key are used to pair the first Decrypt the three decrypted data and the third encrypted data to obtain a sixth decrypted data; and decrypt the fourth decrypted data and the fourth encrypted data by using the second decryption algorithm and the second private key, Get the seventh decrypted data.
  • This step is expressed as a formula:
  • h is the fifth decrypted data
  • PDT is the second decrypted algorithm
  • SK (2) is the second private key
  • S2 is the sixth decrypted data
  • T2 is the seventh decrypted data.
  • This step is expressed as a formula:
  • H, S3, T3, S4, S5, and S6 are the fifth decrypted data, the sixth decrypted data, the seventh decrypted data, the eighth encrypted data, the ninth encrypted data, and
  • pkc is a third public key
  • N represents a size of an integer domain.
  • S51f Multiply the fifth encrypted data, the sixth encrypted data, the seventh encrypted data, the eighth encrypted data, the ninth encrypted data, and the tenth encrypted data to obtain the The encrypted cipher text of the data to be encrypted.
  • This step is expressed as a formula:
  • the multiplication homomorphism (SMD) given the ciphertexts [x] pka, [x] pkb, and random numbers rx, ry encrypted with different keys can also obtain the ciphertext corresponding to the plaintext multiplication.
  • the multi-key privacy protection outsourced computing algorithm can not only realize the encryption of the data to be encrypted, but also has higher computational efficiency than other homomorphic encryption algorithms.
  • the data to be encrypted is data that needs to be protected, such as transaction data.
  • multi-key privacy protection outsourcing computing algorithm to encrypt the encrypted data, the encrypted ciphertext can be obtained.
  • the request for calculating the encrypted cipher text may be specifically determined according to service requirements, such as calculating an average value or a variance of the encrypted cipher text.
  • the first blockchain node can upload a request to calculate encrypted ciphertext through a smart contract or op_return.
  • Smart contract is a computer protocol designed to spread, verify or execute contracts in an information-based manner. Smart contracts allow trusted transactions to be performed without a third party. These transactions are traceable and irreversible.
  • OP_RETURN can realize the broadcasting and recording of data in the blockchain, omitting the calculation steps, thus achieving the purpose of saving time and computing power.
  • the uploading a request for computing the encrypted ciphertext to a blockchain system includes:
  • Distributed file system refers to the physical storage resources managed by the file system are not necessarily directly connected to the local node, but connected to the node through a computer network.
  • the distributed file system may be an IPFS file system (InterPlanetary File System).
  • IPFS is a peer-to-peer distributed file system. It attempts to connect the same file system for all computing devices (IPFS miners).
  • the first blockchain node uploads the encrypted ciphertext to the distributed file system.
  • the file hash value (file hash) can be calculated before uploading the encrypted ciphertext, or the hash value of the file can be returned when uploading IPFS.
  • the first blockchain node creates a distributed hash-table (DHT, distributed hash table) in advance, and the DHT is accessed through the blockchain (Ethereum smart contract or Bitcoin op_return, etc.).
  • DHT stores file hash indexes.
  • Other blockchain nodes can obtain specific encrypted cipher text in the distributed file system through hash indexes.
  • the request for calculating the encrypted ciphertext uploaded by the first blockchain node may include the file hash value of the encrypted ciphertext.
  • the second blockchain node can obtain the request from the blockchain, obtain the encrypted ciphertext according to the request, and obtain the The encrypted ciphertext is calculated.
  • the present application also provides a blockchain data protection device 60, as shown in FIG. 6, including:
  • An encryption module 61 configured to perform homomorphic encryption on the encrypted data to obtain encrypted cipher text
  • the request uploading module 62 is configured to upload a request for calculating the encrypted ciphertext to a blockchain system, so that other blockchain nodes in the blockchain system may receive the request for the encrypted ciphertext when receiving the request. Calculation.
  • the encryption module 61 performs homomorphic encryption on the encrypted data by using a multi-key privacy protection outsourcing computing algorithm to obtain the encrypted ciphertext.
  • the encryption module 61 obtains the encrypted ciphertext through the following operations:
  • Decrypt the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data; and use the first decryption algorithm and the first private key to decrypt the second encrypted data Decrypt the encrypted data to obtain the second decrypted data;
  • the difference between the first sum value and the second sum value is encrypted by a third public key to obtain an encrypted ciphertext of the data to be encrypted; the first sum value is the third decrypted data and the fourth decryption The sum of data, the second sum value is the sum of the first random number and the second random number.
  • the encryption module 61 obtains the encrypted ciphertext through the following operations:
  • the first part and the first random number are respectively encrypted by the set first public key, and the two encrypted values are multiplied to obtain the first encrypted data.
  • the second public key is set to the first public key, respectively.
  • the second part and the second random number are encrypted, and the two values obtained after encryption are multiplied to obtain a second encrypted data;
  • the third random number is paired with the second random number and the first random number through the first public key. Encrypting a difference of a part of the product to obtain third encrypted data; encrypting a difference of the fourth random number with the first random number and the second part of the product by the second public key to obtain fourth encrypted data;
  • Decrypting the first decrypted data and the first encrypted data by a preset second decryption algorithm and a set second private key, and using the second decryption algorithm and the second private key to decrypt the first decrypted data and the first encrypted data Decrypt the second decrypted data and the first encrypted data, and multiply the two values obtained after decryption to obtain the fifth decrypted data; and decrypt the third by the second decryption algorithm and the second private key Decrypt the data and the third encrypted data to obtain a sixth decrypted data; decrypt the fourth decrypted data and the fourth encrypted data by the second decryption algorithm and the second private key to obtain a first Seven decrypted data;
  • the third public key encrypts a product of the first random number and the second random number, and calculates the (N-1) -th power of the value obtained after encryption to obtain eighth encrypted data; through the first Three public keys encrypt the third random number, and calculate the (N-1) th power of the value obtained after encryption to obtain the ninth encrypted data;
  • the fourth random number is performed by the third public key Encrypt and calculate the (N-1) power of the value obtained after encryption to obtain the tenth encrypted data;
  • N represents the size of the integer field;
  • the request uploading module 62 includes: an encrypted ciphertext uploading unit 621, configured to upload the encrypted ciphertext to a distributed file system, and obtain a file hash value of the encrypted ciphertext;
  • the correspondence relationship storage unit 622 is configured to store a correspondence relationship between the file hash value and the encrypted cipher text in the distributed file system into a pre-created distributed hash table; and a request upload unit 623, configured to: Upload a request to the blockchain system to calculate the encrypted ciphertext; the request includes a file hash value of the encrypted ciphertext.
  • a method for protecting blockchain data includes:
  • Blockchain is a new application model of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithms.
  • the so-called consensus mechanism is a mathematical algorithm for establishing trust and obtaining rights between different nodes in a blockchain system.
  • Blockchain nodes refer to computers in the blockchain network, including mobile phones, miners, desktops, servers, etc.
  • the person who operates a blockchain node can be an ordinary wallet user, a miner, and multiple people, etc. .
  • the encrypted ciphertext is obtained through a multi-key privacy protection outsourcing calculation algorithm for homomorphic encryption of encrypted data.
  • the multi-key privacy protection outsourcing calculation algorithm supports addition (SAD), multiplication (SMD), etc. This kind of operation can not only realize the encryption of the data to be encrypted, but also has higher calculation efficiency than other homomorphic encryption algorithms.
  • the data to be encrypted is data that needs to be protected, such as transaction data.
  • multi-key privacy protection outsourcing computing algorithm to encrypt the encrypted data the encrypted ciphertext can be obtained.
  • the first blockchain node uploads a request for computing the encrypted ciphertext to a blockchain system.
  • the second blockchain node obtains the request from the blockchain system. If the request includes a file hash value of the encrypted ciphertext, the second blockchain node obtains the file hash value of the encrypted ciphertext.
  • the second blockchain node needs to obtain the corresponding encrypted ciphertext according to the request for calculation.
  • the encrypted ciphertext is stored in a distributed file system; the request includes a file hash value of the encrypted ciphertext; and the obtaining the encrypted ciphertext according to the request includes:
  • the distributed hash table created in advance by the first blockchain node through the blockchain system; the distributed hash table stores a file hash value of the encrypted ciphertext and the distribution Corresponding relationship of the encrypted cipher text in the file system.
  • the distributed hash table stores the correspondence between the file hash value and the encrypted cipher text in the distributed file system.
  • the second blockchain node needs to access the distributed hash table through the blockchain system.
  • the request contains a file hash value.
  • the encrypted cipher text in the distributed file system corresponding to the file hash value can be determined, and then the encrypted cipher text is obtained from the distributed file system.
  • the second blockchain node can directly perform calculations on the encrypted ciphertext, such as averaging or variance. Since the multi-key privacy protection outsourcing calculation algorithm is adopted, not only the encryption of the blockchain data is realized, but also the efficiency of the calculation of the blockchain data is improved.
  • the second blockchain node calculates the encrypted ciphertext to obtain the calculation result, and uploads the calculation result to the blockchain system.
  • the blockchain system verifies whether the calculation result uploaded by the second blockchain node is accurate. If it is accurate, it will issue token rewards to the second blockchain node that calculates accurately, such as a certain amount of bitcoin, etc. No token reward will be issued to the second blockchain node that uploads the calculation results.
  • this application also provides a blockchain data protection device, as shown in FIG. 8, including:
  • a request obtaining module 81 is configured to obtain a request for calculating an encrypted ciphertext uploaded by a first blockchain node from a blockchain system; the encrypted ciphertext is obtained by homomorphic encryption of data to be encrypted;
  • An encrypted ciphertext obtaining module 82 configured to obtain the encrypted ciphertext according to the request
  • a calculation module 83 configured to calculate the obtained encrypted cipher text
  • the uploading module 84 is configured to upload the calculation result to the blockchain system.
  • the encrypted ciphertext is stored in a distributed file system; the request includes a file hash value of the encrypted ciphertext; the encrypted ciphertext acquisition module 82 is configured to pass the blockchain
  • the system accesses a distributed hash table created in advance by the first blockchain node; the distributed hash table stores a file hash value of the encrypted ciphertext and the encrypted password in the distributed file system Correspondence between texts; according to the distributed hash table, look up the encrypted ciphertext corresponding to the file hash value in the request in the distributed file system.
  • An embodiment of the present application further provides a computer-readable storage medium on which a computer program is stored.
  • the storage medium includes, but is not limited to, any type of disk (including a floppy disk, a hard disk, an optical disk, a CD-ROM, and a magneto-optical disk), a ROM (Read-Only Memory, read-only memory), and a RAM (RandomAcceSS Memory, immediately (Memory), EPROM (EraSable Programmable Read-Only Memory, Erasable Programmable Read-Only Memory), EEPROM (Electrically EraSable Programmable Read-Only Memory, Electrically Erasable Programmable Read-Only Memory), flash memory, magnetic card or optical card. That is, the storage medium includes any medium that stores or transfers information in a readable form by a device (for example, a computer). It can be read-only memory, magnetic disk or optical disk, etc.
  • Each blockchain node (including the first blockchain node and the second blockchain node) in FIG. 1 is equivalent to a server.
  • FIG. 9 it is a schematic structural diagram of a server according to an embodiment of the present application, including a processor 92 and a storage device 93.
  • the storage device 93 may be used to store an application program 91 and various functional modules.
  • the processor 92 runs the application program 91 stored in the storage device 93 to execute various functional applications and data processing of the device.
  • the storage device 93 may be an internal memory or an external memory, or include both an internal memory and an external memory.
  • the internal memory may include a read-only memory, a programmable ROM (PROM), an electrically programmable ROM (EPROM), an electrically erasable programmable ROM (EEPROM), a flash memory, or a random access memory.
  • External storage may include hard disks, floppy disks, ZIP disks, U disks, magnetic tapes, and so on.
  • the storage devices disclosed in this application include, but are not limited to, these types of storage devices.
  • the storage device 93 disclosed in the present application is only an example and not a limitation.
  • the processor 92 is a control center of the server, and uses various interfaces and lines to connect various parts of the entire computer. By running or executing software programs and / or modules stored in the storage device 93, and calling data stored in the storage device, Perform various functions and process data. If the server is the server of the first blockchain node, the processor 92 encrypts the encrypted data through a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext, and uploads the encrypted ciphertext to the blockchain system to calculate the encrypted ciphertext. request. If the server is a server of a second blockchain node, the processor 92 obtains the request from the blockchain system, obtains the encrypted ciphertext according to the request, and calculates the obtained encrypted ciphertext.
  • steps in the flowchart of the drawings are sequentially displayed in accordance with the directions of the arrows, these steps are not necessarily performed in the order indicated by the arrows. Unless explicitly stated herein, the execution of these steps is not strictly limited, and they can be performed in other orders. Moreover, at least a part of the steps in the flowchart of the drawing may include multiple sub-steps or multiple stages. These sub-steps or stages are not necessarily performed at the same time, but may be performed at different times. The execution order is also It is not necessarily performed sequentially, but may be performed in turn or alternately with other steps or at least a part of the sub-steps or stages of other steps.

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

La présente invention concerne un procédé, un dispositif et un système de protection de données de chaîne de blocs, et un support d'informations lisible par ordinateur, ces derniers étant appliqués au domaine technique de chaînes de blocs. Le procédé consiste : à effectuer, par un premier nœud de chaîne de blocs, un chiffrement homomorphe sur des données à chiffrer de façon à obtenir un cryptogramme chiffré ; à télécharger, par le premier nœud de chaîne de blocs, une requête pour calculer le cryptogramme chiffré à un système de chaîne de blocs ; à acquérir, par un second nœud de chaîne de blocs, la requête provenant du système de chaîne de blocs ; à acquérir, par le second nœud de chaîne de blocs, le cryptogramme chiffré conformément à la requête ; et à calculer, par le second nœud de chaîne de blocs, le cryptogramme chiffré acquis, et à télécharger un résultat de calcul vers le système de chaîne de blocs. Les modes de réalisation de la présente invention peuvent protéger des données de chaîne de blocs et améliorer l'efficacité du calcul et du traitement des données de chaîne de blocs.
PCT/CN2018/102264 2018-08-24 2018-08-24 Procédé, dispositif et système de protection de données en chaîne de blocs, et support d'informations lisible par ordinateur WO2020037654A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2018/102264 WO2020037654A1 (fr) 2018-08-24 2018-08-24 Procédé, dispositif et système de protection de données en chaîne de blocs, et support d'informations lisible par ordinateur
CN201880002220.4A CN109690551B (zh) 2018-08-24 2018-08-24 区块链数据保护方法、装置、系统及计算机可读存储介质

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/102264 WO2020037654A1 (fr) 2018-08-24 2018-08-24 Procédé, dispositif et système de protection de données en chaîne de blocs, et support d'informations lisible par ordinateur

Publications (1)

Publication Number Publication Date
WO2020037654A1 true WO2020037654A1 (fr) 2020-02-27

Family

ID=66191851

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/102264 WO2020037654A1 (fr) 2018-08-24 2018-08-24 Procédé, dispositif et système de protection de données en chaîne de blocs, et support d'informations lisible par ordinateur

Country Status (2)

Country Link
CN (1) CN109690551B (fr)
WO (1) WO2020037654A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111683071A (zh) * 2020-05-29 2020-09-18 百度在线网络技术(北京)有限公司 区块链的隐私数据处理方法、装置、设备以及存储介质
CN112000962A (zh) * 2020-07-13 2020-11-27 广发银行股份有限公司 基于区块链的数据加密处理方法、装置和系统
CN112749165A (zh) * 2021-01-06 2021-05-04 上海能链众合科技有限公司 一种基于区块链的电子数据交换方法
CN112765649A (zh) * 2020-12-31 2021-05-07 平安资产管理有限责任公司 基于区块链的多方数据分析方法、装置、设备和存储介质
CN113656829A (zh) * 2021-07-22 2021-11-16 北京理工大学 一种基于格密码与联盟链的医疗数据安全共享方法

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110188550B (zh) * 2019-05-17 2024-05-24 深圳前海微众银行股份有限公司 一种区块链的数据验证方法和装置
CN110197081B (zh) * 2019-05-30 2021-01-15 北京理工大学 一种基于区块链的云数据共享隐私保护方法
US10778410B2 (en) 2019-06-18 2020-09-15 Alibaba Group Holding Limited Homomorphic data encryption method and apparatus for implementing privacy protection
CN110348231B (zh) * 2019-06-18 2020-08-14 阿里巴巴集团控股有限公司 实现隐私保护的数据同态加解密方法及装置
CN110245193A (zh) * 2019-06-24 2019-09-17 中云(广州)区块链科技有限公司 基于区块链的数据分布式存入和数据检索方法
CN110445851A (zh) * 2019-07-26 2019-11-12 达闼科技成都有限公司 基于分布式网络的通信方法、装置、存储介质和电子设备
CN110765473A (zh) * 2019-10-11 2020-02-07 矩阵元技术(深圳)有限公司 数据处理方法、装置、计算机设备和存储介质
CA3098240A1 (fr) 2019-11-08 2020-02-20 Alipay (Hangzhou) Information Technology Co., Ltd. Systeme et procede pour le developpement d'une application decentralisee basee sur une chaine de blocs
CN111373402B (zh) * 2019-11-08 2022-03-25 支付宝(杭州)信息技术有限公司 轻量去中心化应用平台
CN111162912B (zh) * 2019-12-30 2021-06-15 深圳前海微众银行股份有限公司 一种适用于区块链的验证方法、装置及存储介质
JP7448191B2 (ja) * 2020-02-14 2024-03-12 シスナ株式会社 データ管理システム
CN111538782B (zh) * 2020-04-14 2023-08-08 浙江浙燃能源有限公司 基于区块链的能源大数据管理系统
CN111556147A (zh) * 2020-04-27 2020-08-18 中国银行股份有限公司 一种基于区块链的计算方法及装置
CN111371544B (zh) * 2020-05-27 2020-09-08 支付宝(杭州)信息技术有限公司 基于同态加密的预测方法、装置、电子设备及存储介质
CN111885107B (zh) * 2020-06-17 2023-07-18 万高信息技术(珠海)有限公司 一种基于区块链的可信伪中心存储系统
CN111835500B (zh) * 2020-07-08 2022-07-26 浙江工商大学 基于同态加密与区块链的可搜索加密数据安全共享方法
CN114268437A (zh) * 2020-09-15 2022-04-01 中国电信股份有限公司 数据处理方法、区块链节点、系统和计算机可读存储介质
CN112328699B (zh) * 2020-11-20 2023-07-28 中山大学 一种基于区块链的全同态加密算法的安全外包方法及系统
CN112269790B (zh) * 2020-11-26 2024-02-02 阿拉拇 区块链大数据安全处理系统及方法
CN112685767B (zh) * 2020-12-25 2024-03-26 联想(北京)有限公司 一种基于区块链的数据处理方法及系统
CN113079162B (zh) * 2021-04-02 2022-08-30 浙江永旗区块链科技有限公司 一种基于区块链的分布式存储网络及其实现方法
CN113949591B (zh) * 2021-12-21 2022-07-05 北京中科金财科技股份有限公司 一种基于区块链的数据加密保护方法及系统
CN114900348B (zh) * 2022-04-28 2024-01-30 福建福链科技有限公司 一种区块链传感器数据验证的方法及终端
CN115051799B (zh) * 2022-06-13 2022-11-25 北京天华星航科技有限公司 一种基于区块链的数字信息处理系统
CN116401718A (zh) * 2023-06-08 2023-07-07 科大讯飞股份有限公司 基于区块链的数据保护方法及装置、电子设备和存储介质

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106503994A (zh) * 2016-11-02 2017-03-15 西安电子科技大学 基于属性加密的区块链隐私数据访问控制方法
CN106549749A (zh) * 2016-12-06 2017-03-29 杭州趣链科技有限公司 一种基于加法同态加密的区块链隐私保护方法
CN106845960A (zh) * 2017-01-24 2017-06-13 上海亿账通区块链科技有限公司 基于区块链的安全交易方法及系统
US20180152513A1 (en) * 2015-05-13 2018-05-31 Universität Mannheim Method for storing data in a cloud and network for carrying out the method

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107666388B (zh) * 2016-07-28 2019-11-01 郑珂威 基于完全同态加密方法的区块链信息加密方法
CN107294709A (zh) * 2017-06-27 2017-10-24 阿里巴巴集团控股有限公司 一种区块链数据处理方法、装置及系统
CN107342858B (zh) * 2017-07-05 2019-09-10 武汉凤链科技有限公司 一种基于可信环境的智能合约保护方法和系统
CN107911216B (zh) * 2017-10-26 2020-07-14 矩阵元技术(深圳)有限公司 一种区块链交易隐私保护方法及系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180152513A1 (en) * 2015-05-13 2018-05-31 Universität Mannheim Method for storing data in a cloud and network for carrying out the method
CN106503994A (zh) * 2016-11-02 2017-03-15 西安电子科技大学 基于属性加密的区块链隐私数据访问控制方法
CN106549749A (zh) * 2016-12-06 2017-03-29 杭州趣链科技有限公司 一种基于加法同态加密的区块链隐私保护方法
CN106845960A (zh) * 2017-01-24 2017-06-13 上海亿账通区块链科技有限公司 基于区块链的安全交易方法及系统

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111683071A (zh) * 2020-05-29 2020-09-18 百度在线网络技术(北京)有限公司 区块链的隐私数据处理方法、装置、设备以及存储介质
EP3916604A1 (fr) * 2020-05-29 2021-12-01 Baidu Online Network Technology (Beijing) Co., Ltd Procédé et appareil de traitement de données de confidentialité de chaîne de blocs, dispositif, support d'enregistrement et produit programme informatique
US20210377038A1 (en) * 2020-05-29 2021-12-02 Baidu Online Network Technology (Beijing) Co., Ltd. Method and apparatus for processing privacy data of block chain, device, and storage medium
KR20210148863A (ko) * 2020-05-29 2021-12-08 바이두 온라인 네트웍 테크놀러지 (베이징) 캄파니 리미티드 블록체인의 프라이버시 데이터 처리방법, 장치, 디바이스 및 저장매체
KR102377187B1 (ko) 2020-05-29 2022-03-21 바이두 온라인 네트웍 테크놀러지 (베이징) 캄파니 리미티드 블록체인의 프라이버시 데이터 처리방법, 장치, 디바이스 및 저장매체
US11665000B2 (en) 2020-05-29 2023-05-30 Baidu Online Network Technology (Beijing) Co., Ltd. Method and apparatus for processing privacy data of block chain, device, and storage medium
CN112000962A (zh) * 2020-07-13 2020-11-27 广发银行股份有限公司 基于区块链的数据加密处理方法、装置和系统
CN112000962B (zh) * 2020-07-13 2024-02-27 广发银行股份有限公司 基于区块链的数据加密处理方法、装置和系统
CN112765649A (zh) * 2020-12-31 2021-05-07 平安资产管理有限责任公司 基于区块链的多方数据分析方法、装置、设备和存储介质
CN112749165A (zh) * 2021-01-06 2021-05-04 上海能链众合科技有限公司 一种基于区块链的电子数据交换方法
CN112749165B (zh) * 2021-01-06 2024-05-28 上海零数众合信息科技有限公司 一种基于区块链的电子数据交换方法
CN113656829A (zh) * 2021-07-22 2021-11-16 北京理工大学 一种基于格密码与联盟链的医疗数据安全共享方法

Also Published As

Publication number Publication date
CN109690551A (zh) 2019-04-26
CN109690551B (zh) 2023-11-10

Similar Documents

Publication Publication Date Title
WO2020037654A1 (fr) Procédé, dispositif et système de protection de données en chaîne de blocs, et support d'informations lisible par ordinateur
Pal et al. Key management for blockchain technology
Wei et al. Blockchain data-based cloud data integrity protection mechanism
Zhang et al. A novel blockchain-based privacy-preserving framework for online social networks
Hwang et al. A business model for cloud computing based on a separate encryption and decryption service
Thota et al. Big data security framework for distributed cloud data centers
Zheng et al. A blockchain-based trading platform for big data
Wang et al. Security-aware and privacy-preserving personal health record sharing using consortium blockchain
Yan et al. Context-aware verifiable cloud computing
Xu et al. An efficient blockchain‐based privacy‐preserving scheme with attribute and homomorphic encryption
Deng et al. BCTC-KSM: A blockchain-assisted threshold cryptography for key security management in power IoT data sharing
Zhang et al. Blockchain-enabled decentralized attribute-based access control with policy hiding for smart healthcare
Chen et al. A privacy protection method based on key encapsulation mechanism in medical blockchain
Gajmal et al. Blockchain-based access control and data sharing mechanism in cloud decentralized storage system
Reddy et al. Optimal blowfish algorithm-based technique for data security in cloud
Hua et al. Practical m‐k‐Anonymization for Collaborative Data Publishing without Trusted Third Party
Qin et al. Attribute-based encryption with outsourced computation for access control in IoTs
Zhao et al. A blockchain-based transaction system with payment statistics and supervision
Deshmukh et al. Secure fine-grained data access control over multiple cloud server based healthcare applications
Li et al. A blockchain-based scheme for efficient medical data sharing with attribute-based hierarchical encryption
Tu et al. A blockchain implementation of an attendance management system
Rajeshkumar et al. A novel three-factor authentication and optimal mapreduce frameworks for secure medical big data transmission over the cloud with shaxecc
Raj et al. A security-attribute-based access control along with user revocation for shared data in multi-owner cloud system
Chaturvedi et al. A review of homomorphic encryption of data in cloud computing
Wang et al. A multi-keyword searchable encryption sensitive data trusted sharing scheme in multi-user scenario

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18931032

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18931032

Country of ref document: EP

Kind code of ref document: A1