WO2020228304A1

WO2020228304A1 - Information interaction method and apparatus, and computer device and readable storage medium

Info

Publication number: WO2020228304A1
Application number: PCT/CN2019/123141
Authority: WO
Inventors: 冯承勇
Original assignee: 深圳壹账通智能科技有限公司
Priority date: 2019-05-10
Filing date: 2019-12-05
Publication date: 2020-11-19
Also published as: CN110224989B; CN110224989A

Abstract

The implementation of the present application is applicable to the technical field of data transmission. Provided are an information interaction method and apparatus, and a computer device and a readable storage medium. The method comprises: when it is detected that a user makes a request for information interaction, acquiring a second digital certificate of a second node, and using a second node public key in the second digital certificate to encrypt an identifier of information to be interacted with to generate a first initial ciphertext; acquiring a first node private key to encrypt the first initial ciphertext to generate an interaction ciphertext, and transmitting the interaction ciphertext to an electronic medical record storage device; receiving an information ciphertext, and using the second node public key to decrypt the information ciphertext; and if the decryption is successful, extracting interaction information from a second initial ciphertext obtained by means of decrypting the information ciphertext, and storing the interaction information. By means of using a multi-layer encryption form to ensure the security of interaction information during a transmission process, the privacy during an information interaction process is improved, information will not easily be leaked, and the security of information is better.

Description

Information interaction method, device, computer equipment and readable storage medium

This application affirms that it enjoys the priority of a Chinese patent application filed on May 10, 2019 with the application number 201910390295.0 and titled "Information interaction methods, devices, computer equipment and readable storage media". The entire content of the Chinese patent application is referred to The way is incorporated in this application.

Technical field

This application belongs to the field of data transmission technology, and particularly relates to an information interaction method, device, computer equipment and readable storage medium.

Background technique

With the rapid development of Internet technology, the construction plan of the modern medical and health system of health and health is becoming more and more mature. It is expected that by 2020, a comprehensive health information platform will be built to realize the mutual exchange of information between major hospitals in the region. The health information platform uses electronic medical records to store all patient data and update the data in real time. The currently established health information platforms usually rely on a centralized information system to carry them, and based on the centralized information system to realize the storage and storage of electronic medical records. Update.

In related technologies, each hospital has established a centralized information system. For each hospital, the information system of the hospital stores all the information involved in the hospital, such as staff information, patient treatment information, and hospital Operational information, etc., in order to achieve interconnection of information between major hospitals, generally speaking, information exchanges between hospitals. At present, when hospitals conduct information interaction, they need to extract the information to be interacted from the information system, and transmit the information to be interacted to other hospitals in the form of paper or electronic versions.

In the process of realizing this application, the inventor found that the related technology has at least the following problems: the information stored in the information system of each hospital is only relevant information in the hospital. If the paper or electronic version is used, the information to be interacted The transmission of information to other hospitals will result in poor privacy in the information interaction process, easy information leakage, and poor information security.

Summary of the invention

technical problem

In view of this, this application provides an information interaction method, device, computer equipment, and readable storage medium. The main purpose is to solve the problem that the current use of paper or electronic version to transmit the information to be interacted to other hospitals will cause information The privacy of the interaction process is not good, the information is easy to leak, and the security of the information is poor.

The solution to the problem

Technical solutions

In order to solve the above technical problems, the technical solutions adopted in the embodiments of this application are:

In the first aspect, an information exchange method is provided, which includes:

When it is detected that the user requests information interaction with the second node, the first node obtains the second digital certificate of the second node, uses the second node public key in the second digital certificate to encrypt the identification of the information to be interacted, and generates the first initial Ciphertext

Obtain the private key of the first node, encrypt the first initial ciphertext with the private key of the first node, generate an interactive ciphertext, and transmit the interactive ciphertext to the electronic medical record storage device;

Receive the information ciphertext returned by the electronic medical record storage device, and decrypt the information ciphertext using the public key of the second node. The information ciphertext is generated by the second node after receiving the interactive ciphertext transmitted by the electronic medical record storage device and transmitted to the electronic medical record storage equipment;

If the information ciphertext is successfully decrypted using the public key of the second node, the interactive information is extracted from the second initial ciphertext obtained by decrypting the information ciphertext, and the interactive information is stored. The second initial ciphertext is based on the interactive information by the second node Get encrypted.

In the second aspect, an information exchange method is provided, and the method includes:

When receiving the interactive ciphertext transmitted by the first node, the electronic medical record storage device determines the second node that the first node requests for information interaction. The first node and the second node are nodes for information interaction, and the interactive ciphertext is determined by the first node. The node is generated based on an information exchange request that carries an identification of the information to be exchanged;

Transmit the interactive ciphertext to the second node;

If the information ciphertext returned by the second node after receiving the interactive ciphertext is received, the information ciphertext is returned to the first node, and the information ciphertext is generated by the second node based on the interactive information indicated by the information identifier to be interacted.

In the third aspect, an information exchange method includes:

When receiving the interactive ciphertext transmitted by the electronic medical record storage device, the second node obtains the first digital certificate of the first node, and uses the public key of the first node in the first digital certificate to decrypt the interactive ciphertext. The first node is generated based on an information exchange request carrying an identification of the information to be exchanged, and the first node is a node that requests information exchange with the second node;

If the interactive ciphertext is successfully decrypted using the public key of the first node, extract the first initial ciphertext from the decrypted interactive ciphertext, and the first initial ciphertext is generated by the first node after encrypting the information interaction request;

Obtain the private key of the second node, decrypt the first initial ciphertext with the private key of the second node, and obtain the information identification to be interacted;

The interactive information indicated by the identification of the information to be interactive is extracted, the information ciphertext is generated based on the interactive information, and the information ciphertext is transmitted to the electronic medical record storage device.

In a fourth aspect, an information interaction device is provided, which includes:

The first encryption module is configured to, when detecting a user request for information interaction with the second node, the first node obtains the second digital certificate of the second node, and uses the second node public key in the second digital certificate to identify the information to be exchanged Encrypt and generate the first initial ciphertext;

The second encryption module is used to obtain the private key of the first node, encrypt the first initial ciphertext with the private key of the first node, generate the interactive ciphertext, and transmit the interactive ciphertext to the electronic medical record storage device;

The decryption module is used to receive the information ciphertext returned by the electronic medical record storage device, and decrypt the information ciphertext using the public key of the second node. The information ciphertext is generated and combined by the second node after receiving the interactive ciphertext transmitted by the electronic medical record storage device Transfer to electronic medical record storage device;

The storage module is used for extracting the interactive information from the second initial ciphertext obtained by decrypting the information ciphertext if the public key of the second node is used to successfully decrypt the information ciphertext, and storing the interactive information. The two nodes are encrypted based on the interactive information.

In a fifth aspect, an information interaction device is provided, which includes:

The determining module is configured to, when receiving the interactive ciphertext transmitted by the first node, the electronic medical record storage device determines the second node that the first node requests for information interaction. The first node and the second node are nodes for information interaction. The ciphertext is generated by the first node based on the information interaction request carrying the identification of the information to be exchanged;

The first transmission module is used to transmit the interactive ciphertext to the second node;

The return module is used to return the information ciphertext to the first node if the information ciphertext returned by the second node after receiving the interactive ciphertext is received, and the information ciphertext is interacted by the second node based on the information identifier to be interacted Information generation.

In a sixth aspect, an information interaction device is provided, which includes:

The first decryption module is configured to, when receiving the interactive ciphertext transmitted by the electronic medical record storage device, the second node obtains the first digital certificate of the first node, and uses the first node public key in the first digital certificate to interact with the ciphertext For decryption, the interactive ciphertext is generated by the first node based on an information exchange request carrying an information identification to be exchanged, and the first node is a node requesting information exchange with the second node;

The extraction module is used to extract the first initial ciphertext from the decrypted interactive ciphertext if the public key of the first node is used to successfully decrypt the interactive ciphertext, after the first node encrypts the information interaction request generate;

The second decryption module is configured to obtain the private key of the second node, and decrypt the first initial ciphertext by using the private key of the second node to obtain the information identification to be exchanged;

The transmission module is used to extract the interactive information indicated by the identifier of the information to be interacted, generate the information ciphertext based on the interactive information, and transmit the information ciphertext to the electronic medical record storage device.

In a seventh aspect, a computer device is provided, including a memory, a processor, and computer-readable instructions stored in the memory and running on the processor. The processor implements the first aspect or the second aspect when the processor executes the computer-readable instructions. Aspect or steps of the method of the third aspect.

In an eighth aspect, a computer non-volatile readable storage medium is provided. The computer non-volatile readable storage medium stores computer readable instructions. The computer readable instructions implement the first aspect or the first aspect when executed by a processor. The steps of the method of the second or third aspect.

The information interaction method, device, computer equipment and readable storage medium provided in this application are compared with the current way of transmitting the information to be interacted to other hospitals in the form of paper or electronic version. During the interaction, the first node encrypts the identifier of the information to be interacted, and transmits the encrypted information identifier to be interacted to the second node that needs to interact, and the second node transmits the interactive information when the information interaction is allowed. The use of multi-layer encryption ensures the security of the interactive information during the transmission process, improves the privacy in the information interaction process, and the information is not easy to leak, and the security of the information is better.

The beneficial effects of the invention

Brief description of the drawings

Description of the drawings

FIG. 1A shows a schematic flowchart of an information exchange method provided by an embodiment of the present application;

FIG. 1B shows a schematic flowchart of an information exchange method provided by an embodiment of the present application;

FIG. 1C shows a schematic flowchart of an information exchange method provided by an embodiment of the present application;

2A shows a schematic flowchart of an information exchange method provided by an embodiment of the present application;

2B shows a schematic flowchart of an information exchange method provided by an embodiment of the present application;

FIG. 3A shows a schematic structural diagram of an information interaction device provided by an embodiment of the present application;

FIG. 4A shows a schematic structural diagram of an information interaction party device provided by an embodiment of the present application;

FIG. 5A shows a schematic structural diagram of an information interaction party device provided by an embodiment of the present application;

Fig. 6 shows a schematic diagram of a device structure of a computer device provided by an embodiment of the present application.

Invention embodiment

Embodiments of the invention

The embodiment of the present application provides an information exchange method. As shown in FIG. 1A, the method includes:

101. When it is detected that the user requests information interaction with the second node, the first node obtains the second digital certificate of the second node, and uses the second node public key in the second digital certificate to encrypt the identification of the interactive information to generate the An initial ciphertext.

In this embodiment of the application, when the first node detects that the user requests for information interaction, in order to ensure the security of the process of requesting information interaction, the first node obtains the second digital certificate of the second node to be information interaction, The second node public key in the second digital certificate is used to encrypt the identification of the information to be interacted, thereby generating a first initial ciphertext, so as to subsequently implement information interaction based on the first initial ciphertext.

102. The first node obtains the first node private key, uses the first node private key to encrypt the first initial ciphertext, generates an interactive ciphertext, and transmits the interactive ciphertext to the electronic medical record storage device.

In the embodiment of this application, in order to give the second node an opportunity to verify the credential for information exchange, and the public and private keys have the characteristics of mutual encryption or decryption, therefore, the first node obtains its own first node private key , And use the private key of the first node to encrypt the first initial ciphertext to generate an interactive ciphertext, thereby transmitting the interactive ciphertext to the electronic medical record storage device.

103. The first node receives the information ciphertext returned by the electronic medical record storage device, and uses the public key of the second node to decrypt the information ciphertext. The information ciphertext is generated by the second node after receiving the interactive ciphertext transmitted by the electronic medical record storage device. Transfer to the electronic medical record storage device.

In the embodiment of the present application, when the first node receives the information ciphertext returned by the electronic medical record storage device, the second node public key is used to decrypt the information ciphertext, that is, to verify the received information ciphertext, thereby Determine whether the ciphertext of the information has been tampered with during transmission.

104. If the first node successfully decrypts the information ciphertext using the public key of the second node, extract the interactive information from the second initial ciphertext obtained by decrypting the information ciphertext, and store the interactive information. The two nodes are encrypted based on the interactive information.

In the embodiment of this application, if the first node uses the public key of the second node to successfully decrypt the information ciphertext, it means that the information ciphertext transmitted by the second node to the first node has not been tampered with during the transmission. One node can receive and store the interactive information returned by the second node.

The embodiment of the present application provides another information exchange method. As shown in FIG. 1B, the method includes:

105. When receiving the interactive ciphertext transmitted by the first node, the electronic medical record storage device determines the second node that the first node requests for information interaction, the first node and the second node are nodes for information interaction, and the interactive ciphertext is determined by The first node is generated based on an information exchange request carrying an identification of the information to be exchanged.

In the embodiment of the present application, when the electronic medical record storage device receives the interactive ciphertext transmitted by the first node, it can determine the second node that the first node requests for information interaction, so as to subsequently transmit the interactive ciphertext to the second node .

106. The electronic medical record storage device transmits the interactive ciphertext to the second node.

In the embodiment of the present application, the electronic medical record storage device transmits the received interactive ciphertext transmitted by the first node to the second node.

107. If the electronic medical record storage device receives the information ciphertext returned by the second node after receiving the interactive ciphertext, it returns the information ciphertext to the first node, and the information ciphertext is indicated by the second node based on the information identification to be interacted. Interactive information generation.

In the embodiment of the present application, if the electronic medical record storage device receives the information ciphertext returned by the second node after receiving the interactive ciphertext, it means that the information interaction between the first node and the second node is successful, and the electronic medical record is stored The device returns the information ciphertext to the first node.

The embodiment of the present application provides another information exchange method. As shown in FIG. 1C, the method includes:

108. When receiving the interactive ciphertext transmitted by the electronic medical record storage device, the second node obtains the first digital certificate of the first node, uses the public key of the first node in the first digital certificate to decrypt the interactive ciphertext, and the interactive encryption The text is generated by the first node based on the information exchange request carrying the identification of the information to be exchanged, and the first node is the node that requests information exchange with the second node.

In this embodiment of the application, when the second node receives the interactive ciphertext transmitted by the electronic medical record storage device, the second node uses the first node public key in the first digital certificate by obtaining the first digital certificate of the first node Decrypt the interactive ciphertext to verify the interactive ciphertext and determine whether the interactive ciphertext is changed during transmission.

109. If the second node successfully decrypts the interactive ciphertext using the public key of the first node, extract the first initial ciphertext from the decrypted interactive ciphertext, and the first initial ciphertext is encrypted by the first node after the information interaction request generate.

In the embodiment of this application, if the second node successfully decrypts the interactive ciphertext using the public key of the first node, it means that the interactive ciphertext has not been tampered with during transmission, and the second node can decrypt the interactive ciphertext after decryption. Extract the first initial ciphertext from the text.

110. The second node obtains the second node private key, and uses the second node private key to decrypt the first initial ciphertext to obtain the information identification to be exchanged.

In the embodiment of the present application, after the second node successfully decrypts the interactive ciphertext, it can obtain the second node private key, and use the second node private key to decrypt the first initial ciphertext to obtain the information identification to be interacted.

111. The second node extracts the interaction information indicated by the identification of the information to be interacted, generates an information ciphertext based on the interaction information, and transmits the information ciphertext to the electronic medical record storage device.

In the embodiment of the present application, after the second node obtains the identifier of the information to be interacted, the second node can extract the interactive information indicated by the identifier of the information to be interacted, and generate information ciphertext based on the interactive information, and transmit the information ciphertext To the electronic medical record storage device to realize information interaction with the first node.

The embodiment of the present application provides another information exchange method, as shown in FIG. 2A and FIG. 2B, the method includes:

201. The first node generates a certificate query request based on the second node identifier of the second node, and transmits the certificate query request to an electronic medical record storage device.

In the embodiment of the present application, the electronic medical record storage device is a device that realizes the storage of electronic medical records based on the blockchain technology, and stores the electronic medical records of a large number of users. Generally speaking, only hospitals can generate electronic medical records during user treatment. Therefore, a large number of hospitals are connected to electronic medical record storage devices in the form of nodes, and these hospitals are used as nodes to upload user electronic medical records to electronic medical record storage. In the device. In the actual application process, in order to realize the certification of the hospital and avoid the information insecurity caused by blindly allowing the hospital to access the electronic medical record storage device, the electronic medical record storage device will provide registration services for the nodes connected to it, and only Only nodes that have successfully registered in the electronic medical record storage device can implement a series of operations based on the electronic medical record storage device. In the embodiment of the present application, the first node and the second node are used as an example for description of the interacting nodes. Both the first node and the second node are nodes that are successfully registered in the electronic medical record storage device.

Generally speaking, the sign indicating that the node is successfully registered in the electronic medical record storage device is the digital certificate of the node stored in the electronic medical record storage device, that is, the electronic medical record storage device stores every successful registration in the electronic medical record storage device The digital certificate of the node. The digital certificate of the node usually includes the certificate public key, which corresponds to the certificate private key retained by the node itself. The information encrypted by the certificate public key can be decrypted by the certificate private key and encrypted by the certificate private key. The information can be decrypted using the certificate public key. Therefore, in order to ensure the security of various information when requesting information interaction, the interactive information can be encrypted based on the characteristics of the public and private keys, and the encrypted information can be interacted.

Since the digital certificate of each node is stored in the electronic medical record storage device, in order to encrypt the information involved in the interaction process, when the first node wants to interact with the second node, it needs to request the electronic medical record storage device The second digital certificate of the second node, so as to realize the encryption of information during the interaction process based on the second certificate public key in the second digital certificate. Wherein, when the first node requests the second digital certificate of the second node from the electronic medical record storage device, since a large number of nodes are registered in the electronic medical record storage device, a large number of digital certificates are stored in the electronic medical record storage device. Therefore, the first node A node generates a certificate query request based on the second node identifier of the second node, that is, generates a certificate query request including the second node identifier, and transmits the certificate query request to the electronic medical record storage device, so that the electronic medical record storage device is based on the The certificate query request provides the first node with the digital certificate of the second node.

202. When the electronic medical record storage device receives the certificate query request transmitted by the first node, it extracts the second node identifier from the certificate query request, obtains the second digital certificate indicated by the second node identifier, and transmits the second digital certificate to the first node. One node.

In this embodiment of the application, when the electronic medical record storage device receives the certificate query request transmitted by the first node, it can obtain the second digital certificate of the second node based on the certificate query request, and provide the second digital certificate To the first node. Among them, because the certificate query request carries the second node identifier, first, the electronic medical record storage device extracts the second node identifier from the certificate query request; then, it performs a query based on the second node identifier to obtain the second node identifier. The second digital certificate indicated by the node identifier, and the second digital certificate is transmitted to the first node.

203. The first node receives the second digital certificate returned by the electronic medical record storage device after receiving the certificate query request.

In this embodiment of the application, since the electronic medical record storage device will return the acquired digital certificate of the second node to the first node, the first node will receive the return from the electronic medical record storage device after receiving the certificate query request The second digital certificate.

204. When the first node detects that the user requests information interaction with the second node, it obtains the second digital certificate of the second node, and uses the second node public key in the second digital certificate to encrypt the identification of the information to be interacted, to generate a An initial ciphertext.

In the embodiment of the present application, in order to provide the user of the first node with an opportunity to request information interaction, the terminal mounted on the first node may provide an information interaction portal. When it is detected that the user triggers the information interaction portal, it is determined to be detected The user requests information interaction. At this time, the interactive information input page can be displayed, and when it is detected that the user confirms the interactive information input page, obtain the information identification to be interacted in the interactive information input page filled in by the user, so as to interact with the waiting information. The interactive information indicated by the interactive information identifier. Specifically, the identification of the information to be interacted may be a medical record information identification, an employee information identification, an academic document identification, etc. The embodiment of the present application does not limit the specific content of the interactive information identification.

In order to ensure the security of the information exchange process, when the first node transmits to the second node the information identification to be exchanged that it wishes to exchange information, the information identification to be exchanged is encrypted based on the second digital certificate of the second node. Taking into account that the digital certificate of each node will include the certificate public key of the node, when the first node detects that the user requests for information interaction, it can extract the second digital certificate from the second node. The second node public key of the second node. Since each node has a pair of certificate public key and certificate private key, and the certificate public key and certificate private key have the characteristics that the information encrypted by the certificate public key can be decrypted by the certificate private key, in order to avoid the identification of the information to be exchanged It is tampered with during transmission. After the first node obtains the second node public key of the second node, it can use the second node public key as the encryption public key, and use the second node public key to encrypt the interactive information identifier , Thereby generating the first initial ciphertext.

205. The first node obtains the first node private key, uses the first node private key to encrypt the first initial ciphertext, generates an interactive ciphertext, and transmits the interactive ciphertext to the electronic medical record storage device.

In this embodiment of the application, after the first initial ciphertext is generated, it is considered that the first initial ciphertext may still be tampered with during transmission, and the first certificate included in the first digital certificate of the first node The public key is public. In order to provide the second node with an opportunity to verify whether the received ciphertext has not been tampered with, the first node can also use its own first ciphertext after generating the first initial ciphertext. The node private key signs the first initial ciphertext, generates the query ciphertext, and transmits the query ciphertext to the electronic medical record storage device, so that the electronic medical record storage device transmits the query ciphertext to the second node, so that the second node The node can verify the interactive ciphertext based on the first certificate public key disclosed by the second node, which not only ensures the security of the information interaction process, but also provides the second node with an opportunity to verify the interactive ciphertext, realizing double protection.

In the actual application process, in order for the electronic medical record storage device to determine which node to transmit the interactive ciphertext to when receiving the interactive ciphertext, the first node can also use the second node ID to mark the interactive ciphertext , So that when the electronic medical record storage device receives the interactive ciphertext, it can determine to transmit the interactive ciphertext to the second node, so as to prevent the electronic medical record storage device from transmitting the interactive ciphertext error.

206. When the electronic medical record storage device receives the interactive ciphertext transmitted by the first node, it determines the second node that the first node requests for information interaction, and transmits the interactive ciphertext to the second node.

In the embodiment of the present application, when the electronic medical record storage device receives the interactive ciphertext transmitted by the first node, it can determine the second node that the first node requests for information interaction, and directly transmit the interactive ciphertext to the second node. node. Wherein, if the first node uses the second node identifier to mark the interactive ciphertext, when the electronic medical record storage device receives the interactive ciphertext, it can determine the second node according to the second node identifier marked by the interactive ciphertext, And directly transmit the interactive ciphertext to the second node.

207. When the second node receives the interactive ciphertext transmitted by the electronic medical record storage device, obtains the first digital certificate of the first node, and decrypts the interactive ciphertext using the first node public key in the first digital certificate. If the first node public key successfully decrypts the interactive ciphertext, the following steps 208 to 211 are executed; if the first node public key is used to decrypt the interactive ciphertext failed, then the following steps 215 to 216 are executed.

In the embodiment of this application, since the interactive ciphertext is generated by using the first node private key of the first node for encryption, after the second node receives the interactive ciphertext, the second node can use the first node public key Decrypt the interactive ciphertext, and verify the interactive ciphertext by whether the decryption is successful, so as to determine whether the interactive ciphertext has been tampered with. Among them, the public key of the second node of the first node is public and is stored in the electronic medical record storage device in the form of the first digital certificate. Therefore, when the second node obtains the public key of the first node, it can request the electronic The medical record storage device is provided, and the specific process is consistent with the process in which the first node requests the public key of the second node from the electronic medical record storage device in steps 201 to 202 described above, and will not be repeated here.

Among them, if the second node uses the public key of the first node to successfully decrypt the interactive ciphertext, it means that the interactive ciphertext has not been tampered with. At this time, the second node can decrypt the interactive ciphertext to obtain the interactive ciphertext. The first initial ciphertext in the text, and the interactive information is provided for the first node based on the first initial ciphertext, that is, the following steps 208 to 211 are executed. If the second node fails to sign the interactive ciphertext using the public key of the first node, it means that the interactive ciphertext is likely to be tampered with during transmission, and the first node needs to re-send the interactive ciphertext before the information can be exchanged. That is, the following steps 215 to 216 are executed.

In the actual application process, when the second node receives the interactive ciphertext, if the second node does not want to exchange information with the first node, then the second node does not need to perform the interactive ciphertext using the public key of the first node. In the decryption process, the following steps 215 to 216 are directly executed to inform the first node that the information interaction fails.

208. If the second node successfully decrypts the interactive ciphertext using the public key of the first node, extract the first initial ciphertext from the decrypted interactive ciphertext, obtain the second node private key, and use the second node private key to An initial ciphertext is decrypted to obtain the information identification to be exchanged.

In the embodiment of this application, if the second node successfully signs the interactive ciphertext with the public key of the first node, it means that the interactive ciphertext has not been tampered with. At this time, the second node can decrypt the interactive ciphertext by , Extract the first initial ciphertext from the decrypted interactive ciphertext. In addition, since the first initial ciphertext is encrypted and generated by the public key of the second node of the second node, based on the mutual encryption and decryption characteristics of the public and private keys, the second node can use the private key of the second node to decrypt the first initial ciphertext , Obtain the identification of the information to be queried included in the first initial ciphertext, so that the second node can subsequently determine the target information according to the identification of the information to be queried, and generate an information ciphertext based on the target information.

209. The second node performs information query according to the identifier of the information to be interacted, obtains the interactive information indicated by the identifier of the information to be interacted, uses the public key of the first node to encrypt the interactive information, generates a second initial ciphertext, and uses the private key of the second node The second initial ciphertext is encrypted, the information ciphertext is generated, and the information ciphertext is transmitted to the electronic medical record storage device.

In the embodiment of the present application, after the second node obtains the identifier of the information to be interacted, it can perform information query based on the identifier of the information to be interacted, and obtain the interaction information indicated by the identifier of the information to be interacted. In order to ensure the security of the interactive information in the process of exchanging the interactive information to the first node, the second node may encrypt the interactive information before transmitting the interactive information to the first node. Since the first node public key of the first node is public, and the second node has already obtained the first certificate public key of the first node, in order to ensure the security of the exchange information, the second node can use the first node public key. The key encrypts the interactive information to generate the second initial ciphertext. Subsequently, in order to enable the first node to verify whether the second initial ciphertext has not been tampered with by other malicious nodes when receiving the second initial ciphertext, the second node may provide the first node to verify the received ciphertext Opportunity, that is, the second node uses its own second node private key to encrypt the second initial ciphertext, generates the information ciphertext, and transmits the information ciphertext to the electronic medical record storage device, so that the electronic medical record storage can The ciphertext of the information is transmitted to the first node.

210. The electronic medical record storage device returns the information ciphertext to the first node.

In the embodiment of the present application, after the electronic medical record storage device receives the information ciphertext transmitted by the second node, it can transmit the information ciphertext to the first node, so that the second node can obtain the second information based on the information ciphertext. The node is the interactive information provided by the first node.

211. The first node receives the information ciphertext returned by the electronic medical record storage device, and uses the second node public key to decrypt the information ciphertext. If the second node public key is used to successfully decrypt the information ciphertext, the following step 212 is executed ; If the use of the public key of the second node to decrypt the information ciphertext fails, perform the following steps 213 to 214.

In the embodiment of this application, after the first node receives the information ciphertext returned by the electronic medical record storage device, since the information ciphertext is obtained by the second node, the interactive information is first encrypted using the first node public key of the first node , And then use its own private key of the second node to generate encryption. Therefore, the first node can first use the public key of the second node to decrypt the information ciphertext to achieve verification of the information ciphertext, and only based on the second node After the public key successfully decrypts the information ciphertext, other operations can be continued. If the public key of the second node is used to decrypt the information ciphertext successfully, it means that the information ciphertext has not been tampered with during transmission. Therefore, the first node can decrypt the information ciphertext, and the information after decryption Extract the second initial ciphertext from the ciphertext, that is, perform the following step 212; if the first node uses the second node public key to decrypt the information ciphertext and fails, it means that the information ciphertext is likely to be tampered with during transmission Therefore, the information ciphertext cannot be used normally. At this time, the second node needs to resend the information ciphertext, that is, the following steps 213 to 214 are executed.

212. If the first node successfully decrypts the information ciphertext using the second node public key, obtain the second initial ciphertext after decrypting the information ciphertext, and use the first node private key to decrypt the second initial ciphertext. Obtain interactive information and store the interactive information.

In the embodiment of this application, if the public key of the second node is used to successfully decrypt the information ciphertext, it means that the information ciphertext has not been tampered with during the transmission process. Therefore, the first node can perform the Decryption, extracting the second initial ciphertext from the decrypted information ciphertext. Among them, because the second initial ciphertext is generated by the second node using the first node public key of the first node to encrypt the interactive information, after extracting the second initial ciphertext, the first node can use its own The private key of the first node decrypts the second initial ciphertext, thereby obtaining interactive information, and storing the obtained interactive information, so as to complete the information interaction with the second node.

213. If the first node fails to decrypt the information ciphertext using the second node public key, it generates a first failure response, and returns the first failure response to the electronic medical record storage device.

In the embodiment of this application, if the first node uses the public key of the second node to decrypt the information ciphertext and fails, it means that the content of the information ciphertext is likely to be tampered with during transmission. Therefore, the information ciphertext cannot be normal. In use, at this time, the second node is required to resend the information ciphertext. In order to remind the second node to resend the information ciphertext, the first node generates a first failure response and returns the second failure response to the electronic medical record storage device, so that the electronic medical record storage device transmits the first failure response to the second node.

Wherein, in order to enable the second node to determine which information ciphertext interaction failed when receiving the first failure response, the first failure response generated by the first node may carry the information identification to be exchanged, so that the second node can follow the first The information identifier to be exchanged carried in the failure response resends the corresponding information ciphertext.

214. The electronic medical record storage device returns the first failure response to the second node.

In the embodiment of the present application, after the electronic medical record storage device receives the first failure response, it can return the first failure response to the second node so that the second node can resend the information after receiving the first failure response Ciphertext.

215. If the second node fails to decrypt the interactive ciphertext using the public key of the first node, a second failure response is generated, and the second failure response is transmitted to the electronic medical record storage device.

In the embodiment of this application, if the second node fails to decrypt the interactive ciphertext using the public key of the first node, it means that the interactive ciphertext is likely to have been tampered with during transmission, and the first node needs to resend the interactive ciphertext. Therefore, the second node generates a second failure response and transmits the second failure response to the electronic medical record storage device, so that the electronic medical record storage device transmits the second failure response to the first node, so that the first node can restart Generate and send interactive ciphertext.

216. The electronic medical record storage device returns the second failure response to the first node.

In the embodiment of the present application, after receiving the second failure response transmitted by the second node, the electronic medical record storage device can transmit the second failure response to the first node, so that the first node receives the second failure response You can then regenerate and send the interactive ciphertext.

By performing the process from step 201 to step 216 above, the information interaction between the first node and the second node can be realized. In the actual application process, in order to prevent criminals from interacting with other nodes in the electronic medical record storage device, the data stored in the node may be stolen and connected to the node in the electronic medical record storage device. Both need to be registered, and only the successfully registered node can realize information interaction with other nodes based on the electronic medical record storage device. Taking the first node as an example, the process of registering the first node in the electronic medical record storage device is shown in FIG. 2B, and the method includes:

217. When the first node detects that the user requests registration, it transmits the identity information of the first node and the public key of the first node to the electronic medical record storage device.

In the embodiment of the present application, the terminal on which the first node relies may provide a registration entry for the user. When the terminal detects that the user triggers the registration entry, it determines that the user requests registration and displays the registration page. Among them, because the electronic medical record storage device relies on the digital certificate to provide the registration service for the node, and the electronic medical record storage device generates the digital certificate for the node based on the node public key of each node, the first node is detecting When the user requests registration, the first node identity information and its own first node public key are transmitted to the electronic medical record storage device, so that the electronic medical record storage device provides registration for the first node based on the first node identity information and the first node public key service.

Specifically, the identity information of the first node may include hospital name information, hospital attribute information, etc. In this way, more convenient and clear information interaction services can also be provided for hospitals with the same attribute. The first node public key can be generated or obtained by the first node itself. Generally speaking, the first node can use information that can be disclosed by itself as the first node public key, for example, hospital number, hospital stock code, etc.; or it can be random Generate a string of characters and use this string as the public key of the first node. The embodiment of the present application does not limit the method for the first node to obtain the public key of the first node.

218. When the electronic medical record storage device receives the first node identity information and the first node public key transmitted by the first node, bind the first node identity information and the first node public key.

In the embodiment of the present application, when the electronic medical record storage device receives the first node identity information and the first node public key transmitted by the first node, because there may be a large number of nodes requesting registration from the electronic medical record storage device at the same time , So that the electronic medical record storage device may receive a large amount of node identity information and node public key at the same time. Therefore, in order to distinguish the received node identity information and the node public key, the electronic medical record storage device will receive the first node identity information And the public key of the first node is bound, so as to subsequently register the first node based on the identity information of the first node and the public key of the first node.

219. The electronic medical record storage device uses the public key of the first node to sign the bound identity information of the first node and the public key of the first node, generates and registers the first digital certificate, and transmits the first digital certificate to the first node. And correspondingly store the identity information of the first node and the first digital certificate.

In the embodiment of the present application, after the electronic medical record storage device binds the received identity information of the first node with the public key of the first node, in order to generate a digital certificate related to each node, it can be based on the digital The certificate verifies the identity of the node, and the electronic medical record storage device uses the public key of the first node to sign the bound identity information of the first node and the public key of the first node to generate a first digital certificate, and based on the first digital certificate Realize the registration of the first node. In the actual application process, in order to avoid the confusion of the corresponding relationship between the digital certificate and the node, the electronic medical record storage device stores the generated first node identity information corresponding to the first digital certificate, or uses the first node identity information to compare the first The digital certificate is marked, thereby establishing a corresponding relationship between the identity information of the first node and the first digital certificate.

After completing the generation of the digital certificate for the first node, in order for the first node to know that it has completed registration in the electronic medical record storage device, the electronic medical record storage device transmits the first digital certificate to the first node.

220. The first node receives the first digital certificate returned by the electronic medical record storage device after completing registration based on the received first node identity information and the first node public key, and stores the first digital certificate.

The first digital certificate is generated after the electronic medical record storage device signs the identity information of the first node and the public key of the first node.

In this embodiment of the application, after the first node receives the first digital certificate returned by the electronic medical record storage device, it can store the first digital certificate, thereby completing the registration in the electronic medical record storage device.

In the method provided by the embodiments of the present application, when information interaction is required, the first node encrypts the identifier of the information to be interacted, and transmits the encrypted information identifier to be interacted to the second node that needs to interact, and the second node allows In the case of information interaction, the interactive information is transmitted, so that the form of multi-layer encryption ensures the security of the interactive information during the transmission process, improves the privacy of the information interaction process, and the information is not easy to leak, and the information security is better .

It should be noted that the size of the sequence number of each step in the above embodiment does not mean the order of execution. The execution sequence of each process should be determined by its function and internal logic, and should not constitute any implementation process of the embodiments of this application. limited.

Further, as a specific implementation of the method described in FIG. 1A, an embodiment of the present application provides an information interaction device. As shown in FIG. 3A, the device includes:

The first encryption module 301 is configured to, when it is detected that the user requests to exchange information with the second node, the first node obtains the second digital certificate of the second node, and uses the second node public key in the second digital certificate to treat the interactive information The logo is encrypted to generate the first initial ciphertext;

The second encryption module 302 is configured to obtain the private key of the first node, encrypt the first initial ciphertext with the private key of the first node, generate an interactive ciphertext, and transmit the interactive ciphertext to the electronic medical record storage device;

The decryption module 303 is used to receive the information ciphertext returned by the electronic medical record storage device, and decrypt the information ciphertext using the public key of the second node. The information ciphertext is generated after the second node receives the interactive ciphertext transmitted by the electronic medical record storage device And transfer to the electronic medical record storage device;

The storage module 304 is configured to, if the information ciphertext is successfully decrypted using the public key of the second node, extract the interactive information from the second initial ciphertext obtained by decrypting the information ciphertext, and store the interactive information. The second node is encrypted based on the interactive information.

In specific application scenarios, the device also includes:

The transmission module 305 is configured to transmit the identity information of the first node and the public key of the first node to the electronic medical record storage device when it is detected that the user requests registration, and the identity information of the first node includes at least hospital name information and hospital attributes information;

The receiving module 306 is configured to receive the first digital certificate returned by the electronic medical record storage device and store the first digital certificate. The first digital certificate is used by the electronic medical record storage device to verify the identity information of the first node. And the public key of the first node is generated after signing.

In a specific application scenario, the first encryption module 301 includes:

The generating unit 3011 is configured to generate a certificate query request based on the second node identifier of the second node, and transmit the certificate query request to the electronic medical record storage device;

The receiving unit 3012 is configured to receive the second digital certificate returned by the electronic medical record storage device after receiving the certificate query request.

In specific application scenarios, the device also includes:

The generating module 307 is configured to generate a first failure response if the decryption of the information ciphertext using the second node public key fails, and return the first failure response to the electronic medical record storage device.

In a specific application scenario, the storage module 304 includes:

The obtaining unit 3041 is configured to obtain the second initial ciphertext after decrypting the information ciphertext if the information ciphertext is successfully decrypted by using the second node public key;

The decryption unit 3042 is configured to decrypt the second initial ciphertext using the first node private key to obtain the interaction information, and store the interaction information.

Further, as a specific implementation of the method described in FIG. 1B, an embodiment of the present application provides an information interaction device. As shown in FIG. 4A, the device includes:

The determining module 401 is configured to, when receiving the interactive ciphertext transmitted by the first node, the electronic medical record storage device determines the second node that the first node requests for information interaction, and the first node and the second node are A node for information interaction, where the interaction ciphertext is generated by the first node based on an information interaction request carrying an identification of the information to be interacted;

The first transmission module 402 is configured to transmit the interactive ciphertext to the second node;

The return module 403 is configured to return the information ciphertext to the first node if the information ciphertext returned by the second node after receiving the interactive ciphertext is received, and the information ciphertext is determined by The second node is generated based on the interaction information indicated by the to-be-interaction information identifier.

In specific application scenarios, the device also includes:

The binding module 404 is configured to bind the first node identity information and the first node public key when the first node identity information and the first node public key transmitted by the first node are received;

The signature module 405 is configured to use the first node public key to sign the bound first node identity information and the first node public key, and generate and register a first digital certificate;

The storage module 406 is configured to transmit the first digital certificate to the first node, and correspondingly store the first node identity information and the first digital certificate.

In specific application scenarios, the device also includes:

The extraction module 407 is configured to extract a second node identifier from the certificate query request when the certificate query request transmitted by the first node is received;

The second transmission module 408 is configured to obtain a second digital certificate indicated by the second node identifier, and transmit the second digital certificate to the first node.

In a specific application scenario, the return module 403 is also configured to return the first failure response to the second node if the first failure response returned by the first node is received; or, if the first failure response is received If the second failure response is returned to the second node, the second failure response is returned to the first node.

Further, as a specific implementation of the method described in FIG. 1C, an embodiment of the present application provides an information interaction device. As shown in FIG. 5A, the device includes:

The first decryption module 501 is configured to, when receiving the interactive ciphertext transmitted by the electronic medical record storage device, the second node obtains the first digital certificate of the first node, and uses the first node public key pair in the first digital certificate The interactive ciphertext is decrypted, the interactive ciphertext is generated by the first node based on an information interaction request carrying an identification of the information to be interacted, and the first node is a node requesting information interaction with the second node ；

The extraction module 502 is configured to, if the interactive ciphertext is successfully decrypted using the first node public key, extract a first initial ciphertext from the decrypted interactive ciphertext, and the first initial ciphertext is Generated after the first node encrypts the information exchange request;

The second decryption module 503 is configured to obtain a second node private key, and use the second node private key to decrypt the first initial ciphertext to obtain the information identification to be interacted;

The transmission module 504 is configured to extract the interaction information indicated by the identification of the information to be interacted, generate an information ciphertext based on the interaction information, and transmit the information ciphertext to the electronic medical record storage device.

In a specific application scenario, the transmission module 504 includes:

The query unit 5041 is configured to perform information query according to the identifier of the information to be interacted, and obtain the interactive information indicated by the identifier of the information to be interacted;

The first encryption unit 5042 is configured to use the first node public key to encrypt the interaction information to generate a second initial ciphertext;

The second encryption unit 5043 is configured to use the second node private key to encrypt the second initial ciphertext to generate the information ciphertext.

In specific application scenarios, the device also includes:

The generating module 505 is configured to generate a second failure response if the decryption of the interactive ciphertext using the first node public key fails, and transmit the second failure response to the electronic medical record storage device.

It should be noted that, for other corresponding descriptions of the functional units involved in the information interaction device provided in the embodiments of the present application, reference may be made to the corresponding descriptions in FIGS. 1A to 1C and FIGS. 2A to 2B, which will not be repeated here.

In an exemplary embodiment, referring to FIG. 6, a device is also provided. The device 600 includes a communication bus, a processor, a memory, and a communication interface, and may also include an input/output interface, and a display device, wherein one of the functional units The communication between each other can be completed through the bus. The memory stores computer-readable instructions, and the processor is used to execute programs stored in the memory and execute the information interaction method corresponding to the first node, the electronic medical record storage device, or the second node in any of the above embodiments. .

A computer non-volatile readable storage medium, on which computer readable instructions are stored, when the computer readable instructions are executed by a processor, the first node, the electronic medical record storage device, or the first node in any of the embodiments are implemented The two nodes respectively correspond to the steps of the information interaction method.

Through the description of the above implementation manners, those skilled in the art can clearly understand that this application can be implemented by hardware, or by software plus a necessary general hardware platform. Based on this understanding, the technical solution of this application can be embodied in the form of a software product. The software product can be stored in a non-volatile storage medium (which can be a CD-ROM, U disk, mobile hard disk, etc.), including several The instructions are used to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute the methods described in each implementation scenario of this application.

Those skilled in the art can understand that the accompanying drawings are only schematic diagrams of preferred implementation scenarios, and the modules or processes in the accompanying drawings are not necessarily necessary for implementing this application. The modules of the above implementation scenarios can be combined into one module or further divided into multiple sub-modules.

Claims

An information interaction method, characterized in that it comprises:

When detecting that the user requests information interaction with the second node, the first node obtains the second digital certificate of the second node, and uses the second node public key in the second digital certificate to encrypt the information identification to be interacted, Generate the first initial ciphertext;

Acquiring a first node private key, encrypting the first initial ciphertext using the first node private key, generating an interactive ciphertext, and transmitting the interactive ciphertext to an electronic medical record storage device;

Receive the information ciphertext returned by the electronic medical record storage device, decrypt the information ciphertext using the public key of the second node, and the information ciphertext is received by the second node and transmitted by the electronic medical record storage device After the interactive ciphertext is generated and transmitted to the electronic medical record storage device;

If the second node public key is used to decrypt the information ciphertext successfully, then the interactive information is extracted from the second initial ciphertext obtained by decrypting the information ciphertext, the interactive information is stored, and the second The initial ciphertext is encrypted by the second node based on the interaction information.
The method according to claim 1, wherein the first node obtains the second digital certificate of the second node when it is detected that the user requests to exchange information with the second node, and uses the second digital certificate. Before the public key of the second node in the certificate encrypts the identification of the interactive information, and before generating the first initial ciphertext, the method further includes:

When it is detected that the user requests registration, the first node identity information and the first node public key are transmitted to the electronic medical record storage device, and the first node identity information includes at least hospital name information and hospital attribute information;

Receive the first digital certificate returned by the electronic medical record storage device, and store the first digital certificate. The first digital certificate is used by the electronic medical record storage device to verify the identity information of the first node and the first node The public key is generated after signing.
The method according to claim 1, wherein the first node obtaining the second digital certificate of the second node comprises:

Generate a certificate query request based on the second node identifier of the second node, and transmit the certificate query request to the electronic medical record storage device;

Receiving the second digital certificate returned by the electronic medical record storage device after receiving the certificate query request.
The method according to claim 1, wherein after receiving the information ciphertext returned by the electronic medical record storage device, and decrypting the information ciphertext using the second node public key, the method further include:

If the decryption of the information ciphertext using the second node public key fails, a first failure response is generated, and the first failure response is returned to the electronic medical record storage device.
The method according to claim 1, wherein if the second node public key is used to decrypt the information ciphertext successfully, then the second initial ciphertext obtained by decrypting the information ciphertext is successfully Extracting interactive information from the text and storing the interactive information includes:

If the information ciphertext is successfully decrypted by using the second node public key, obtaining the second initial ciphertext after decrypting the information ciphertext;

Use the first node private key to decrypt the second initial ciphertext to obtain the interactive information, and store the interactive information.
An information interaction method, characterized in that it comprises:

When receiving the interactive ciphertext transmitted by the first node, the electronic medical record storage device determines the second node that the first node requests for information interaction, and the first node and the second node are nodes for information interaction, The interaction ciphertext is generated by the first node based on an information interaction request carrying an information identifier to be interacted;

Transmitting the interactive ciphertext to the second node;

If the information ciphertext returned by the second node after receiving the interactive ciphertext is received, the information ciphertext is returned to the first node, and the information ciphertext is based on the second node The interaction information indicated by the to-be-interaction information identifier is generated.
The method according to claim 6, wherein the method further comprises:

Binding the first node identity information and the first node public key when receiving the first node identity information and the first node public key transmitted by the first node;

Use the first node public key to sign the bound first node identity information and the first node public key, and generate and register a first digital certificate;

The first digital certificate is transmitted to the first node, and the first node identity information and the first digital certificate are correspondingly stored.
The method according to claim 6, wherein when the interactive ciphertext transmitted by the first node is received, before the electronic medical record storage device determines the second node indicated by the first node, the method further comprises :

When receiving the certificate query request transmitted by the first node, extract the second node identifier from the certificate query request;

Obtain a second digital certificate indicated by the second node identifier, and transmit the second digital certificate to the first node.
The method according to claim 6, wherein the method further comprises:

If the first failure response returned by the first node is received, return the first failure response to the second node; or,

If the second failure response returned by the second node is received, the second failure response is returned to the first node.
An information interaction method, characterized in that it comprises:

When receiving the interactive ciphertext transmitted by the electronic medical record storage device, the second node obtains the first digital certificate of the first node, and uses the first node public key in the first digital certificate to decrypt the interactive ciphertext, The interaction ciphertext is generated by the first node based on an information interaction request carrying an information identifier to be interacted, and the first node is a node that requests information interaction with the second node;

If the first node public key is used to successfully decrypt the interactive ciphertext, a first initial ciphertext is extracted from the decrypted interactive ciphertext, and the first initial ciphertext is paired by the first node The information exchange request is generated after encryption;

Acquiring a second node private key, decrypting the first initial ciphertext using the second node private key, to obtain the information identification to be interacted;

The interaction information indicated by the identification of the information to be interacted is extracted, an information ciphertext is generated based on the interaction information, and the information ciphertext is transmitted to the electronic medical record storage device.
An information interaction device, characterized by comprising:

The first encryption module is configured to, when it is detected that the user requests to exchange information with the second node, the first node obtains the second digital certificate of the second node, and uses the second node public key in the second digital certificate Encrypt the identification of the interactive information to generate the first initial ciphertext;

The second encryption module is configured to obtain the private key of the first node, encrypt the first initial ciphertext with the private key of the first node, generate an interactive ciphertext, and transmit the interactive ciphertext to an electronic medical record storage device ；

The decryption module is configured to receive the information ciphertext returned by the electronic medical record storage device, and decrypt the information ciphertext using the second node public key, and the information ciphertext is received by the second node The interactive ciphertext transmitted by the electronic medical record storage device is generated and transmitted to the electronic medical record storage device;

A storage module, configured to extract interactive information from the second initial ciphertext obtained by decrypting the information ciphertext, and store the interactive information if the information ciphertext is successfully decrypted using the second node public key , The second initial ciphertext is obtained by encrypting the second node based on the interaction information.
An information interaction device, characterized by comprising:

The determining module is configured to, when receiving the interactive ciphertext transmitted by the first node, the electronic medical record storage device determines the second node that the first node requests for information interaction, and the first node and the second node are An information interaction node, where the interaction ciphertext is generated by the first node based on an information interaction request carrying an identification of the information to be interacted;

A first transmission module, configured to transmit the interactive ciphertext to the second node;

The return module is configured to return the information ciphertext to the first node if the information ciphertext returned by the second node after receiving the interactive ciphertext is received, and the information ciphertext is The second node is generated based on the interaction information indicated by the to-be-interaction information identifier.
An information interaction device, characterized by comprising:

The first decryption module is configured to, when receiving the interactive ciphertext transmitted by the electronic medical record storage device, the second node obtains the first digital certificate of the first node, and uses the public key of the first node in the first digital certificate to Decrypting the interactive ciphertext, the interactive ciphertext is generated by the first node based on an information interaction request carrying an identification of the information to be interacted, and the first node is a node that requests information interaction with the second node;

The extraction module is configured to extract a first initial ciphertext from the decrypted interactive ciphertext if the public key of the first node is used to decrypt the interactive ciphertext, and the first initial ciphertext is The first node encrypts the information exchange request and generates it;

The second decryption module is configured to obtain a second node private key, and use the second node private key to decrypt the first initial ciphertext to obtain the information identification to be interacted;

The transmission module is configured to extract the interaction information indicated by the identification of the information to be interacted, generate an information ciphertext based on the interaction information, and transmit the information ciphertext to the electronic medical record storage device.
A computer device comprising a memory, a processor, and computer-readable instructions stored in the memory and capable of running on the processor, wherein the processor executes the computer-readable instructions as follows step:

When detecting that the user requests information interaction with the second node, the first node obtains the second digital certificate of the second node, and uses the second node public key in the second digital certificate to encrypt the information identification to be interacted, Generate the first initial ciphertext;

Acquiring a first node private key, encrypting the first initial ciphertext using the first node private key, generating an interactive ciphertext, and transmitting the interactive ciphertext to an electronic medical record storage device;

Receive the information ciphertext returned by the electronic medical record storage device, decrypt the information ciphertext using the public key of the second node, and the information ciphertext is received by the second node and transmitted by the electronic medical record storage device After the interactive ciphertext is generated and transmitted to the electronic medical record storage device;

If the second node public key is used to decrypt the information ciphertext successfully, then the interactive information is extracted from the second initial ciphertext obtained by decrypting the information ciphertext, the interactive information is stored, and the second The initial ciphertext is encrypted by the second node based on the interaction information.
The computer device according to claim 14, wherein the processor further implements the following steps when executing the computer-readable instruction:

When it is detected that the user requests registration, the first node identity information and the first node public key are transmitted to the electronic medical record storage device, and the first node identity information includes at least hospital name information and hospital attribute information;

Receive the first digital certificate returned by the electronic medical record storage device, and store the first digital certificate. The first digital certificate is used by the electronic medical record storage device to verify the identity information of the first node and the first node The public key is generated after signing.
A computer device comprising a memory, a processor, and computer-readable instructions stored in the memory and capable of running on the processor, wherein the processor executes the computer-readable instructions as follows step:

When receiving the interactive ciphertext transmitted by the first node, the electronic medical record storage device determines the second node that the first node requests for information interaction, and the first node and the second node are nodes for information interaction, The interaction ciphertext is generated by the first node based on an information interaction request carrying an information identifier to be interacted;

Transmitting the interactive ciphertext to the second node;

If the information ciphertext returned by the second node after receiving the interactive ciphertext is received, the information ciphertext is returned to the first node, and the information ciphertext is based on the second node The interaction information indicated by the to-be-interaction information identifier is generated.
A computer device comprising a memory, a processor, and computer-readable instructions stored in the memory and capable of running on the processor, wherein the processor executes the computer-readable instructions as follows step:

When receiving the interactive ciphertext transmitted by the electronic medical record storage device, the second node obtains the first digital certificate of the first node, and uses the first node public key in the first digital certificate to decrypt the interactive ciphertext, The interaction ciphertext is generated by the first node based on an information interaction request carrying an information identifier to be interacted, and the first node is a node that requests information interaction with the second node;

If the first node public key is used to successfully decrypt the interactive ciphertext, a first initial ciphertext is extracted from the decrypted interactive ciphertext, and the first initial ciphertext is paired by the first node The information exchange request is generated after encryption;

Acquiring a second node private key, decrypting the first initial ciphertext using the second node private key, to obtain the information identification to be interacted;

The interaction information indicated by the identification of the information to be interacted is extracted, an information ciphertext is generated based on the interaction information, and the information ciphertext is transmitted to the electronic medical record storage device.
A computer non-volatile readable storage medium, the computer non-volatile readable storage medium storing computer readable instructions, wherein the computer readable instructions are executed by a processor to implement the following steps:

When detecting that the user requests information interaction with the second node, the first node obtains the second digital certificate of the second node, and uses the second node public key in the second digital certificate to encrypt the information identification to be interacted, Generate the first initial ciphertext;

Acquiring a first node private key, encrypting the first initial ciphertext using the first node private key, generating an interactive ciphertext, and transmitting the interactive ciphertext to an electronic medical record storage device;

Receive the information ciphertext returned by the electronic medical record storage device, decrypt the information ciphertext using the public key of the second node, and the information ciphertext is received by the second node and transmitted by the electronic medical record storage device After the interactive ciphertext is generated and transmitted to the electronic medical record storage device;

If the information ciphertext is successfully decrypted by using the second node public key, the interactive information is extracted from the second initial ciphertext obtained by decrypting the information ciphertext, and the interactive information is stored. The initial ciphertext is encrypted by the second node based on the interactive information.
A computer non-volatile readable storage medium, the computer non-volatile readable storage medium storing computer readable instructions, wherein the computer readable instructions are executed by a processor to implement the following steps:

When receiving the interactive ciphertext transmitted by the first node, the electronic medical record storage device determines the second node that the first node requests for information interaction, and the first node and the second node are nodes for information interaction, The interaction ciphertext is generated by the first node based on an information interaction request carrying an information identifier to be interacted;

Transmitting the interactive ciphertext to the second node;

If the information ciphertext returned by the second node after receiving the interactive ciphertext is received, the information ciphertext is returned to the first node, and the information ciphertext is based on the second node The interaction information indicated by the to-be-interaction information identifier is generated.
A computer non-volatile readable storage medium, the computer non-volatile readable storage medium storing computer readable instructions, wherein the computer readable instructions are executed by a processor to implement the following steps:

When receiving the interactive ciphertext transmitted by the electronic medical record storage device, the second node obtains the first digital certificate of the first node, and uses the first node public key in the first digital certificate to decrypt the interactive ciphertext, The interaction ciphertext is generated by the first node based on an information interaction request carrying an information identifier to be interacted, and the first node is a node that requests information interaction with the second node;

If the first node public key is used to successfully decrypt the interactive ciphertext, a first initial ciphertext is extracted from the decrypted interactive ciphertext, and the first initial ciphertext is paired by the first node The information exchange request is generated after encryption;

Acquiring a second node private key, decrypting the first initial ciphertext using the second node private key, to obtain the information identification to be interacted;

The interaction information indicated by the identification of the information to be interacted is extracted, an information ciphertext is generated based on the interaction information, and the information ciphertext is transmitted to the electronic medical record storage device.