WO2020232800A1 - Data processing method and system in block chain network and related device - Google Patents

Data processing method and system in block chain network and related device Download PDF

Info

Publication number
WO2020232800A1
WO2020232800A1 PCT/CN2019/094554 CN2019094554W WO2020232800A1 WO 2020232800 A1 WO2020232800 A1 WO 2020232800A1 CN 2019094554 W CN2019094554 W CN 2019094554W WO 2020232800 A1 WO2020232800 A1 WO 2020232800A1
Authority
WO
WIPO (PCT)
Prior art keywords
public key
target user
original message
target
algorithm
Prior art date
Application number
PCT/CN2019/094554
Other languages
French (fr)
Chinese (zh)
Inventor
辛佳骏
Original Assignee
深圳市网心科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市网心科技有限公司 filed Critical 深圳市网心科技有限公司
Publication of WO2020232800A1 publication Critical patent/WO2020232800A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes

Definitions

  • the invention relates to the field of blockchain data processing, and in particular to a data processing method, system and related equipment in a blockchain network.
  • node A After blockchain network node A signs its own information with a private key, it will send the original information and the corresponding signature to node B, and node B will use node A's public key to verify the signature.
  • the third-party node C (millions of nodes) needs to obtain a verified signature and the public key of node A when synchronizing data, then user B needs to send the verified signature And node A public key to node C.
  • the length of the public key in actual use is about 256 bits
  • the length of the signature is 512 bits. If all transmissions require 768 bits of data, the length of the public key occupies 33% of the bandwidth.
  • the main purpose of the present invention is to provide a data processing method, system and related equipment in a blockchain network, which are used to save network bandwidth in the process of data transmission in the blockchain network.
  • the first aspect of the embodiments of the present invention provides a data processing method in a blockchain network, which is applied to a blockchain node device, and the method includes:
  • Target signature data that has passed the verification and obtaining the original message parameters corresponding to the target signature data, where the target signature data is data obtained after the original message is encrypted using the public key of the target user;
  • Acquiring algorithm parameters corresponding to the public key of the target user where the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to implement the corresponding asymmetric encryption algorithm;
  • the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and The order of the base point is n
  • the original message parameter is the output value e of the cipher hash function applied to the original message or the original message M, according to the target signature data, algorithm parameters and the original message parameters Calculating the public key of the target user includes:
  • the obtaining the original message parameters corresponding to the target signature data includes:
  • the original message M conforms to the output format of the cryptographic hash function, the original message is used as the output value e; otherwise, the output value e is calculated by using the cryptographic hash function and the original message M.
  • the method may further comprise:
  • the first preset condition includes at least one of the following conditions:
  • the method may further include:
  • a second aspect of the embodiments of the present invention provides a data processing system in a blockchain network, which includes:
  • the receiving unit is configured to receive the target signature data that has passed the verification and obtain the original message parameters corresponding to the target signature data, where the target signature data is data obtained after the target user's public key is used to encrypt the original message;
  • the obtaining unit is used to obtain the algorithm parameter corresponding to the public key of the target user, and the algorithm parameter is used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the corresponding asymmetric encryption algorithm.
  • Required calculation parameters are used to obtain the algorithm parameter corresponding to the public key of the target user, and the algorithm parameter is used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the corresponding asymmetric encryption algorithm.
  • the processing unit is configured to calculate the public key of the target user according to the target signature data, algorithm parameters and the original message parameters, and save the calculated public key of the target user on the local blockchain node device.
  • the third aspect of the embodiments of the present invention provides a blockchain node device.
  • the blockchain node device includes a memory and a processor.
  • the memory stores a computer program that can run on the processor.
  • the computer When the program is executed by the processor, the method according to any one of claims 1-4 is realized.
  • the blockchain node device in the embodiment of the present invention is a node forming a CDN network or a blockchain network.
  • a fourth aspect of the embodiments of the present invention provides a computer-readable storage medium having a computer program stored on the computer-readable storage medium, and the computer program may be executed by one or more processors to implement the first aspect And the steps in the data processing method in the blockchain network in any possible implementation of the first aspect.
  • the fifth aspect of the embodiments of the present invention provides a computer program product, which includes computer instructions, which, when run on a computer, enables the computer to execute the first aspect and any one of the possible implementations of the first aspect.
  • the steps in the data processing method in the chain network are not limited to:
  • the blockchain node device in the process of data synchronization, can receive the verified target signature data and the original message parameters corresponding to the target signature data, and calculate according to the target signature data, algorithm parameters, and original message parameters
  • the public key of the target user does not need to transmit the public key of the target user, which saves network bandwidth during data transmission.
  • Figure 1 is a schematic diagram of an embodiment of a blockchain-based data processing method in an embodiment of the present invention
  • FIG. 2 is a schematic diagram of an embodiment of a data processing system based on blockchain in an embodiment of the present invention
  • Figure 3 is a schematic diagram of an embodiment of a blockchain node device in an embodiment of the present invention.
  • the asymmetric encryption algorithm uses two completely different but completely matched pairs of keys—public key and private key.
  • public key is used to encrypt the plaintext
  • private key can be used to decrypt the ciphertext
  • the sender (encryptor) knows the public key of the recipient, and only the recipient (decrypter) is the only one who knows his private key people.
  • the basic principle of the asymmetric encryption algorithm is that if the sender wants to send encrypted information that only the receiver can decode, the sender uses the receiver's public key to encrypt the letter, and the receiver uses his own private key to decrypt the letter.
  • the receiver before the sender and receiver communicate, the receiver must send its own randomly generated public key to the sender, while retaining the private key. Since the asymmetric algorithm has two keys, it is especially suitable for data encryption in distributed systems.
  • Widely used asymmetric encryption algorithms include the RSA algorithm, the DSA proposed by the National Bureau of Standards, and the SM2 elliptic curve public key encryption algorithm.
  • the embodiment of the present invention mainly uses the SM2 elliptic curve public key encryption algorithm as an example for illustration .
  • the existing blockchain network needs to send the signature data, public key, and original message corresponding to the target signature data to the next node.
  • the block chain node device can derive the public key through the signature data, and there is no need to transmit the public key during the transmission process, thereby saving bandwidth.
  • the length of the public key is about 256 bits
  • the length of the signature is 512 bits. If all transmissions require 768 bits of data, and if only 512 bits of data are required to transmit signatures, 33% of the bandwidth can be saved.
  • An embodiment of the data processing method in the blockchain network in the embodiment of the present invention includes:
  • the target user's blockchain node device A stores a key (including the public key and the private key) generated based on the SM2 elliptic curve public key cryptographic algorithm.
  • the blockchain node device A obtains the original message After M (transaction information)
  • the private key in the key generated based on the SM2 elliptic curve public key cryptographic algorithm can be used to calculate the original message M to obtain the signature data (r, s), which can be the signature data (r, s) Send to other node B for verification.
  • Node B can verify the received signature data (r', s') based on the public key of the target user. It is understandable that a separate node can be set in the embodiment of the present invention.
  • the target signature data (r",s) that has passed the verification and the original message parameters corresponding to the target signature data are sent to other node devices in the blockchain network.
  • the node device in the blockchain network can receive the verified target signature data and the original message parameters corresponding to the target signature data.
  • the node device in the blockchain network needs to obtain the asymmetric encryption algorithm used in the calculation process of the target user's public key and the calculation parameters required to realize the corresponding asymmetric encryption algorithm, namely the algorithm parameters .
  • the acquisition of the algorithm parameters can be transmitted through the previous node, or can be pre-stored in the local storage space of each node device in the blockchain network during the client installation process, and extracted from the local storage space without network transmission.
  • the corresponding algorithm can be derived according to the characteristics of the adopted asymmetric encryption algorithm to calculate the public key of the target user.
  • the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and the order of the base point is n, and the original message parameters are cryptographic hash functions.
  • algorithm parameters and the original message parameters include:
  • the node may directly receive the cryptographic hash function sent by other nodes (node B) to act on the output value e of the original message M, and it can directly use e to calculate the public key; if the node does not receive the above output value e, but if the original message M is obtained, there are two cases to deal with: 1.
  • the output value e can be calculated using the cryptographic hash function; 2. If the original message M conforms to the output format of the hash function, the original message M can also be Used as the output value e.
  • the finite field inverse calculation algorithm and the point doubling algorithm of the elliptic curve can refer to the solutions in the prior art, which will not be repeated here.
  • a specific U can be pre-designated from multiple points with abscissa (r"-e) in the algorithm parameters. point.
  • the blockchain node device in the process of data synchronization, can receive the verified target signature data and the original message parameters corresponding to the target signature data, and calculate according to the target signature data, algorithm parameters, and original message parameters
  • the public key of the target user does not need to transmit the public key of the target user, which saves network bandwidth during data transmission.
  • network bandwidth resources are greatly saved.
  • the received data needs to be verified, which may specifically include:
  • the method further includes:
  • User A generates a private key and corresponding public key.
  • the public key P For their own private key secret, the public key P A publicly.
  • the private key can be used to generate the signature, and the public key can be used to verify the signature.
  • P requires public synchronized to their own user authentication information A later generation B.
  • user A uses the private key to sign his own information, the original message and the corresponding signature (r, s) will be sent to user B, and user B uses user A’s public key to sign the received signature (r',s' )authenticating.
  • C4 The calculation uses the finite field inverse algorithm to calculate the inverse element t-1 of the parameter t, and verify whether the value of [t-1]mod n is zero, if it is zero, exit the calculation;
  • C6 Find the points U and U′ on the elliptic curve.
  • the x coordinates of U and U′ points are equal to (r ⁇ -e), and the y coordinate is symmetrical about the y axis, which can be specified by additional parameters according to specific business requirements Use U and U′;
  • each verified transaction is a signature
  • the user's wallet address depends on the public key address.
  • both the confirmation of the transaction and the wallet address are often required.
  • Introducing the public key address based on the signature can greatly reduce the amount of communication and reduce the transaction confirmation time and network bandwidth resources of the blockchain.
  • a data processing system in a blockchain network which includes:
  • the receiving unit 201 is configured to receive the target signature data that has passed the verification and obtain the original message parameters corresponding to the target signature data.
  • the target signature data is data obtained after the original message is encrypted using the public key of the target user;
  • the obtaining unit 202 is configured to obtain the algorithm parameters corresponding to the public key of the target user, and the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to realize the corresponding asymmetric encryption algorithm;
  • the processing unit 203 is configured to calculate the public key of the target user according to the target signature data, algorithm parameters, and original message parameters, and save the calculated public key of the target user on the local blockchain node device.
  • the processing unit includes:
  • the second calculation module is used to calculate the inverse element t -1 of the parameter t using a finite field inverse operation algorithm
  • the third calculation module is used to calculate the s" multiple point [s"]G of the base point G on the elliptic curve;
  • the fourth calculation module is used to calculate the point U with the abscissa (r"-e) on the elliptic curve;
  • a fifth calculating means for calculating the target user's public key according to the formula P A ' [t -1] (U- [s "] G).
  • the system before calculating the public key P A 'of the target user, the system further includes:
  • Meeting the first preset condition includes:
  • the system before saving the calculated public key of the target user in the local blockchain node device, the system further includes:
  • the blockchain node device 1 can be a PC (Personal Computer), or a smart phone, a tablet, a handheld computer, Portable computers, smart routers, mining machines, network storage equipment terminal equipment.
  • the blockchain node device 1 may be a node forming a CDN network or a blockchain network.
  • the blockchain node device 1 may include a memory 11, a processor 12, and a bus 13.
  • the processor 11 executes the computer program, the steps in the embodiment of the data processing method in the blockchain-based blockchain network shown in FIG. 1 are implemented, such as steps 101 to 103 shown in FIG. 1.
  • the processor executes the computer program, the function of each module or unit in the foregoing device embodiments is realized.
  • the processor is specifically configured to implement the following steps:
  • the target signature data is the data obtained after encrypting the original message with the public key of the target user;
  • the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to implement the corresponding asymmetric encryption algorithm;
  • the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and the order of the base point is n, and the original message parameter is the output value e of the cryptographic hash function applied to the original message Or the original message M.
  • the processor may also be used to implement the following steps:
  • the processor may also be used to implement the following steps:
  • the original message M conforms to the output format of the cryptographic hash function, the original message is used as the output value e; otherwise, the output value e is calculated by using the cryptographic hash function and the original message M.
  • the processor may also be used to implement the following steps:
  • the first preset conditions include:
  • the processor may also be used to implement the following steps:
  • the memory 11 includes at least one type of readable storage medium, and the readable storage medium includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, etc.
  • the memory 11 may be an internal storage unit of the blockchain node device 1 in some embodiments, for example, the hard disk of the blockchain node device 1.
  • the memory 11 may also be an external storage device of the blockchain node device 1, such as a plug-in hard disk equipped on the blockchain node device 1, a smart media card (SMC), and a secure digital (Secure Digital, SD) card, Flash Card, etc.
  • the memory 11 may also include both an internal storage unit of the blockchain node device 1 and an external storage device.
  • the memory 11 can be used not only to store application software and various data installed in the blockchain node device 1, such as the code of **program 01, etc., but also to temporarily store data that has been output or will be output.
  • the processor 12 may be a central processing unit (CPU), controller, microcontroller, microprocessor or other data processing chip in some embodiments, and is used to run the program code or processing stored in the memory 11 Data, such as executing **program 01, etc.
  • CPU central processing unit
  • controller microcontroller
  • microprocessor microprocessor or other data processing chip in some embodiments, and is used to run the program code or processing stored in the memory 11 Data, such as executing **program 01, etc.
  • the bus 13 may be a peripheral component interconnect (PCI) bus or an extended industry standard architecture (EISA) bus, etc.
  • PCI peripheral component interconnect
  • EISA extended industry standard architecture
  • the bus can be divided into address bus, data bus, control bus, etc. For ease of representation, only one thick line is used to represent in FIG. 10, but it does not mean that there is only one bus or one type of bus.
  • the blockchain node device may also include a network interface 14.
  • the network interface 14 may optionally include a wired interface and/or a wireless interface (such as a WI-FI interface, a Bluetooth interface, etc.), which is usually used in the blockchain
  • the node device 1 establishes a communication connection with other electronic devices.
  • the blockchain node device 1 may also include a user interface.
  • the user interface may include a display (Display) and an input unit such as a keyboard (Keyboard).
  • the optional user interface may also include a standard wired interface and a wireless interface.
  • the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode, organic light emitting diode) touch device, etc.
  • the display can also be called a display screen or a display unit as appropriate, and is used to display the information processed in the blockchain node device 1 and to display a visualized user interface.
  • Figure 3 only shows the blockchain node device 1 with components 11-14 and the computer program 01. Those skilled in the art can understand that the structure shown in Figure 1 does not constitute a limitation on the blockchain node device 1. It may include fewer or more components than shown, or a combination of some components, or a different component arrangement.
  • the present invention also provides a computer-readable storage medium with a computer program stored on the computer-readable storage medium.
  • the computer program is executed by a processor, the following steps can be implemented:
  • the target signature data is the data obtained after encrypting the original message with the public key of the target user;
  • the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to implement the corresponding asymmetric encryption algorithm;
  • the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and the order of the base point is n, and the original message parameter is the output value e of the cryptographic hash function applied to the original message Or the original message M.
  • the processor may also be used to implement the following steps:
  • the processor may also be used to implement the following steps:
  • the original message M conforms to the output format of the cryptographic hash function, the original message is used as the output value e; otherwise, the output value e is calculated by using the cryptographic hash function and the original message M.
  • the processor may also be used to implement the following steps:
  • Meeting the first preset condition includes:
  • the processor may also be used to implement the following steps:
  • the embodiment of the present invention also provides a computer program product including one or more computer instructions.
  • the computer can be a general-purpose computer, a dedicated computer, a computer network, or other programmable devices.
  • Computer instructions can be stored in a computer-readable storage medium, or transmitted from one computer-readable storage medium to another computer-readable storage medium.
  • computer instructions can be transmitted from a website, computer, server, or data center through a cable (such as Coaxial cable, optical fiber, digital subscriber line (DSL)) or wireless (such as infrared, wireless, microwave, etc.) to transmit to another website site, computer, server or data center.
  • a cable such as Coaxial cable, optical fiber, digital subscriber line (DSL)
  • wireless such as infrared, wireless, microwave, etc.
  • the computer-readable storage medium may be any available medium that can be stored by a computer or a data storage device such as a server or data center integrated with one or more available media.
  • Available media can be magnetic media (for example, floppy disks, hard drives, tapes), optical media (for example, DVDs), or semiconductor media (for example, Solid State Disks (SSD)), etc.
  • the disclosed system, device, and method may be implemented in other ways.
  • the device embodiments described above are merely illustrative, for example, the division of units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components can be combined or integrated. To another system, or some features can be ignored, or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
  • each unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the above-mentioned integrated unit can be implemented in the form of hardware or software functional unit.
  • the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • the technical solution of this application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including several instructions to make a computer device (which can be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the method described in each embodiment of the present application.
  • the aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program code .

Abstract

A data processing method and system in a block chain network, and a related device, for saving network bandwidth in a block chain network data transmission process. The method provided by embodiments of the present application may comprise: receiving verified target signature data and obtaining a message original text parameter corresponding to the target signature data, the target signature data being data obtained by performing encryption operation on message original text by using a public key of a target user; obtaining an algorithm parameter corresponding to the public key of the target user, the algorithm parameter being used for indicating an asymmetric encryption algorithm used in a public key calculation process of the target user and a calculation parameter required for realizing the corresponding asymmetric encryption algorithm; and calculating the public key of the target user according to the target signature data, the algorithm parameter, and the message original text parameter, and storing the calculated public key of the target user in a local block chain node device.

Description

一种区块链网络中的数据处理方法、系统及相关设备Data processing method, system and related equipment in blockchain network
本申请要求于2019年5月17日提交中国专利局、申请号为201910414781.1、发明名称为“一种区块链网络中的数据处理方法、系统及相关设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office on May 17, 2019, the application number is 201910414781.1, and the invention title is "a method, system and related equipment for data processing in a blockchain network". The entire content is incorporated into this application by reference.
技术领域Technical field
本发明涉区块链数据处理领域,尤其涉及一种区块链网络中的数据处理方法、系统及相关设备。The invention relates to the field of blockchain data processing, and in particular to a data processing method, system and related equipment in a blockchain network.
背景技术Background technique
区块链网络中,当有新的交易信息时,往往需要目标用户采用私钥对该新的交易信息进行数字签名生成签名数据,进而在区块链网络数据同步过程中,往往需要采用该目标用户的公钥对签名数据进行验证。In the blockchain network, when there is new transaction information, it is often necessary for the target user to use the private key to digitally sign the new transaction information to generate signature data, and then in the process of blockchain network data synchronization, it is often necessary to use the target The user's public key verifies the signed data.
例如,区块链网络节点A使用私钥对自己的信息签名以后,会把信息原文及对应的签名发送给节点B,节点B使用节点A的公钥验证签名。现有的区块链网络中,第三方节点C(数以百万计的节点)在进行数据同步时需要获得验证过的签名及节点A的公钥,那么用户B就需要发送验证过的签名及节点A公钥给节点C。例如,实际运用中的公钥长度约为256位,签名长度512位,如果全部传输需要768位数据,公钥长度占据了33%的带宽。For example, after blockchain network node A signs its own information with a private key, it will send the original information and the corresponding signature to node B, and node B will use node A's public key to verify the signature. In the existing blockchain network, the third-party node C (millions of nodes) needs to obtain a verified signature and the public key of node A when synchronizing data, then user B needs to send the verified signature And node A public key to node C. For example, the length of the public key in actual use is about 256 bits, and the length of the signature is 512 bits. If all transmissions require 768 bits of data, the length of the public key occupies 33% of the bandwidth.
随着区块链节点数量的快速增长,区块链网络传输过程中占用的网络带宽越来越多,如何减少区块链网络中的带宽占用,节约网络资源,成了不可逃避的问题。With the rapid growth of the number of blockchain nodes, the network bandwidth occupied during the blockchain network transmission process is increasing. How to reduce the bandwidth occupation in the blockchain network and save network resources has become an unavoidable problem.
发明内容Summary of the invention
本发明的主要目的在于提供一种区块链网络中的数据处理方法、系统及相关设备,用于在区块链网络数据传输过程中节约网络带宽。The main purpose of the present invention is to provide a data processing method, system and related equipment in a blockchain network, which are used to save network bandwidth in the process of data transmission in the blockchain network.
为实现上述目的,本发明实施例第一方面提供了一种区块链网络中的 数据处理方法,其运用于区块链节点设备,该方法包括:To achieve the foregoing objective, the first aspect of the embodiments of the present invention provides a data processing method in a blockchain network, which is applied to a blockchain node device, and the method includes:
接收验证通过的目标签名数据并获取所述目标签名数据对应的消息原文参数,所述目标签名数据是采用目标用户的公钥对消息原文进行加密运算之后得到的数据;Receiving the target signature data that has passed the verification and obtaining the original message parameters corresponding to the target signature data, where the target signature data is data obtained after the original message is encrypted using the public key of the target user;
获取所述目标用户的公钥对应的算法参数,所述算法参数用于指示所述目标用户的公钥计算过程中所采用的非对称加密算法及实现对应非对称加密算法所需的计算参数;Acquiring algorithm parameters corresponding to the public key of the target user, where the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to implement the corresponding asymmetric encryption algorithm;
根据所述目标签名数据、算法参数及所述消息原文参数计算所述目标用户的公钥,并保存计算得到的所述目标用户的公钥在本地区块链节点设备。Calculate the public key of the target user according to the target signature data, algorithm parameters, and the original message parameters, and save the calculated public key of the target user in a local blockchain node device.
可选的,作为一种可能的实时方式,本发明实施例中,若所述目标签名数据为(r〞,s〞),所述算法参数中包含SM2算法中使用的椭圆曲线的基点G及所述基点的阶数为n,所述消息原文参数为密码杂凑函数作用于所述消息原文的输出值e或消息原文M,所述根据所述目标签名数据、算法参数及所述消息原文参数计算所述目标用户的公钥包括:Optionally, as a possible real-time manner, in the embodiment of the present invention, if the target signature data is (r",s"), the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and The order of the base point is n, the original message parameter is the output value e of the cipher hash function applied to the original message or the original message M, according to the target signature data, algorithm parameters and the original message parameters Calculating the public key of the target user includes:
将所述r〞与s〞转换为整数之后,根据公式计算参数t,其中t=(r〞+s〞)mod n;After converting the r" and s" into integers, calculate the parameter t according to the formula, where t=(r"+s") mod n;
采用有限域逆运算算法计算参数t的逆元素t -1Calculate the inverse element t -1 of the parameter t using a finite field inverse algorithm;
计算所述基点G在椭圆曲线的s〞倍点[s〞]G;Calculate the s" times point [s"]G of the base point G on the elliptic curve;
计算椭圆曲线上横坐标为(r〞-e)的点U;Calculate the point U whose abscissa is (r"-e) on the elliptic curve;
根据公式计算所述目标用户的公钥P A'=[t -1](U-[s〞]G)。 Calculating the target user's public key according to the formula P A '= [t -1] (U- [s "] G).
可选的,作为一种可能的实时方式,本发明实施例中,所述获取所述目标签名数据对应的消息原文参数包括:Optionally, as a possible real-time manner, in the embodiment of the present invention, the obtaining the original message parameters corresponding to the target signature data includes:
接收目标签名数据对应的消息原文M;Receive the original message M corresponding to the target signature data;
若所述消息原文M符合密码杂凑函数的输出格式,则将所述消息原文作为所述输出值e,否则利用密码杂凑函数和消息原文M计算得到所述输出值e。If the original message M conforms to the output format of the cryptographic hash function, the original message is used as the output value e; otherwise, the output value e is calculated by using the cryptographic hash function and the original message M.
可选的,作为一种可能的实时方式,本发明实施例中,在计算所述目标用户的公钥P A'之前,该方法还可以进一步包括: Alternatively, as a possible real time, embodiments of the present invention, prior to calculating the target user's public key P A ', the method may further comprise:
校验所述目标签名数据(r〞,s〞)是否符合第一预设条件,若符合第一预设条件,则进行计算所述目标用户的公钥P A'的步骤; The step of checking said signature target data (r ", s") meets a first predetermined condition, if they meet a first predetermined condition, calculates the target user's public key P A 'is;
所述第一预设条件包括下列条件中的至少一种:The first preset condition includes at least one of the following conditions:
r〞∈[1,n-1]成立,s〞∈[1,n-1]成立,(r〞+s〞)mod n=t的值不为零,[t -1]mod n的值不为零,(r〞-e)mod n的值不为零。 r"∈[1,n-1] is established, s"∈[1,n-1] is established, (r"+s") mod n=t is not zero, and the value of [t -1 ] mod n Not zero, the value of (r"-e)mod n is not zero.
可选的,作为一种可能的实时方式,本发明实施例中,在保存计算得到的所述目标用户的公钥在本地区块链节点设备之前,该方法还可以进一步包括:Optionally, as a possible real-time manner, in the embodiment of the present invention, before saving the calculated public key of the target user in the local blockchain node device, the method may further include:
校验所述目标用户的公钥P A'是否符合第二预设条件,若符合,则执行保存计算得到的所述目标用户的公钥在本地区块链节点设备的步骤; Check of the target user's public key P A 'meets a second preset condition, if they meet the step of the local node device block chain of the target user to save the calculated public key is performed;
所述第二预设条件包括:等式([t -1]P A'+[s〞]G).x+e=r〞mod n成立。 Said second predetermined condition comprises: the equation ([t -1] P A ' + [s "] G) .x + e = r" mod n holds.
本发明实施例第二方面提供了一种区块链网络中的数据处理系统,其包括:A second aspect of the embodiments of the present invention provides a data processing system in a blockchain network, which includes:
接收单元,用于接收验证通过的目标签名数据并获取所述目标签名数据对应的消息原文参数,所述目标签名数据是采用目标用户的公钥对消息原文进行加密运算之后得到的数据;The receiving unit is configured to receive the target signature data that has passed the verification and obtain the original message parameters corresponding to the target signature data, where the target signature data is data obtained after the target user's public key is used to encrypt the original message;
获取单元,用于获取所述目标用户的公钥对应的算法参数,所述算法参数用于指示所述目标用户的公钥计算过程中所采用的非对称加密算法及实现对应非对称加密算法所需的计算参数;The obtaining unit is used to obtain the algorithm parameter corresponding to the public key of the target user, and the algorithm parameter is used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the corresponding asymmetric encryption algorithm. Required calculation parameters;
处理单元,用于根据所述目标签名数据、算法参数及所述消息原文参数计算所述目标用户的公钥,并保存计算得到的所述目标用户的公钥在本地区块链节点设备。The processing unit is configured to calculate the public key of the target user according to the target signature data, algorithm parameters and the original message parameters, and save the calculated public key of the target user on the local blockchain node device.
本发明实施例第三方面提供了一种区块链节点设备,该区块链节点设备包括存储器和处理器,所述存储器上存储有可在所述处理器上运行的计算机程序,所述计算机程序被所述处理器执行时实现如权利要求1-4任一项所述的方法。The third aspect of the embodiments of the present invention provides a blockchain node device. The blockchain node device includes a memory and a processor. The memory stores a computer program that can run on the processor. The computer When the program is executed by the processor, the method according to any one of claims 1-4 is realized.
可选的,作为一种可能的实时方式,本发明实施例中的区块链节点设备为组成CDN网络或者区块链网络的节点。Optionally, as a possible real-time manner, the blockchain node device in the embodiment of the present invention is a node forming a CDN network or a blockchain network.
本发明实施例第四方面提供了一种计算机可读存储介质,所述计算机可读存储介质上存储有计算机程序,所述计算机程序可被一个或者多个处理器执行,以实现如第一方面及第一方面任一种可能的实施方式中区块链网络中的数据处理方法中的步骤。A fourth aspect of the embodiments of the present invention provides a computer-readable storage medium having a computer program stored on the computer-readable storage medium, and the computer program may be executed by one or more processors to implement the first aspect And the steps in the data processing method in the blockchain network in any possible implementation of the first aspect.
本发明实施例第五方面提供了一种计算机程序产品,其包括计算机指令,当其在计算机上运行时,使得计算机可以执行上述第一方面及第一方面任一种可能的实施方式中区块链网络中的数据处理方法中的步骤。The fifth aspect of the embodiments of the present invention provides a computer program product, which includes computer instructions, which, when run on a computer, enables the computer to execute the first aspect and any one of the possible implementations of the first aspect. The steps in the data processing method in the chain network.
本发明实施例中,区块链节点设备在进行数据同步的过程中,可以接收验证通过的目标签名数据及目标签名数据对应的消息原文参数,并根据目标签名数据、算法参数及消息原文参数计算目标用户的公钥,无需传输目标用户的公钥,节约了数据传输过程中网络带宽。In the embodiment of the present invention, in the process of data synchronization, the blockchain node device can receive the verified target signature data and the original message parameters corresponding to the target signature data, and calculate according to the target signature data, algorithm parameters, and original message parameters The public key of the target user does not need to transmit the public key of the target user, which saves network bandwidth during data transmission.
附图说明Description of the drawings
图1为本发明实施例中一种基于区块链的数据处理方法的一个实施例示意图;Figure 1 is a schematic diagram of an embodiment of a blockchain-based data processing method in an embodiment of the present invention;
图2为本发明实施例中一种基于区块链的数据处理系统的一个实施例示意图;2 is a schematic diagram of an embodiment of a data processing system based on blockchain in an embodiment of the present invention;
图3为本发明实施例中一种区块链节点设备一个实施例示意图。Figure 3 is a schematic diagram of an embodiment of a blockchain node device in an embodiment of the present invention.
具体实施方式Detailed ways
为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本发明,并不用于限定本发明。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the objectives, technical solutions, and advantages of the present invention clearer, the following further describes the present invention in detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, but not to limit the present invention. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.
本申请的说明书和权利要求书及上述附图中的术语“第一”、“第二”、 “第三”、“第四”等(如果存在)是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的实施例能够以除了在这里图示或描述的内容以外的顺序实施。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。The terms "first", "second", "third", "fourth", etc. (if any) in the description and claims of this application and the above-mentioned drawings are used to distinguish similar objects, and do not have to be used To describe a specific order or sequence. It should be understood that the data used in this way can be interchanged under appropriate circumstances so that the embodiments described herein can be implemented in an order other than the content illustrated or described herein. In addition, the terms "including" and "having" and any variations of them are intended to cover non-exclusive inclusions. For example, a process, method, system, product or device that includes a series of steps or units is not necessarily limited to the clearly listed Those steps or units may include other steps or units that are not clearly listed or are inherent to these processes, methods, products, or equipment.
需要说明的是,在本发明中涉及“第一”、“第二”等的描述仅用于描述目的,而不能理解为指示或暗示其相对重要性或者隐含指明所指示的技术特征的数量。由此,限定有“第一”、“第二”的特征可以明示或者隐含地包括至少一个该特征。另外,各个实施例之间的技术方案可以相互结合,但是必须是以本领域普通技术人员能够实现为基础,当技术方案的结合出现相互矛盾或无法实现时应当认为这种技术方案的结合不存在,也不在本发明要求的保护范围之内。It should be noted that the descriptions related to "first", "second", etc. in the present invention are only for descriptive purposes, and cannot be understood as indicating or implying their relative importance or implicitly indicating the number of technical features indicated. . Therefore, the features defined with "first" and "second" may explicitly or implicitly include at least one of the features. In addition, the technical solutions between the various embodiments can be combined with each other, but it must be based on what can be achieved by a person of ordinary skill in the art. When the combination of technical solutions is contradictory or cannot be achieved, it should be considered that this combination of technical solutions does not exist. , Is not within the protection scope of the present invention.
不对称加密算法使用两把完全不同但又是完全匹配的一对钥匙—公钥和私钥。在使用不对称加密算法加密文件时,只有使用匹配的一对公钥和私钥,才能完成对明文的加密和解密过程。加密明文时采用公钥加密,解密密文时使用私钥才能完成,而且发信方(加密者)知道收信方的公钥,只有收信方(解密者)才是唯一知道自己私钥的人。不对称加密算法的基本原理是,如果发信方想发送只有收信方才能解读的加密信息,发信者使用收信者的公钥加密信件,收信者使用自己的私钥解密信件。显然,采用不对称加密算法,收发信双方在通信之前,收信方必须将自己早已随机生成的公钥送给发信方,而自己保留私钥。由于不对称算法拥有两个密钥,因而特别适用于分布式系统中的数据加密。广泛应用的不对称加密算法有RSA算法、美国国家标准局提出的DSA、以及SM2椭圆曲线公钥密码算法等,为了便于理解,本发明实施例主要以SM2椭圆曲线公钥密码算法为例进行说明。The asymmetric encryption algorithm uses two completely different but completely matched pairs of keys—public key and private key. When using an asymmetric encryption algorithm to encrypt files, only a matching pair of public and private keys can be used to complete the process of encrypting and decrypting the plaintext. The public key is used to encrypt the plaintext, and the private key can be used to decrypt the ciphertext, and the sender (encryptor) knows the public key of the recipient, and only the recipient (decrypter) is the only one who knows his private key people. The basic principle of the asymmetric encryption algorithm is that if the sender wants to send encrypted information that only the receiver can decode, the sender uses the receiver's public key to encrypt the letter, and the receiver uses his own private key to decrypt the letter. Obviously, using an asymmetric encryption algorithm, before the sender and receiver communicate, the receiver must send its own randomly generated public key to the sender, while retaining the private key. Since the asymmetric algorithm has two keys, it is especially suitable for data encryption in distributed systems. Widely used asymmetric encryption algorithms include the RSA algorithm, the DSA proposed by the National Bureau of Standards, and the SM2 elliptic curve public key encryption algorithm. For ease of understanding, the embodiment of the present invention mainly uses the SM2 elliptic curve public key encryption algorithm as an example for illustration .
现有的区块链网络在进行数据同步的过程中,需要向下一节点发送签 名数据、公钥及目标签名数据对应的消息原文。本发明实施例中,区块链节点设备可以通过签名数据回推出公钥,在传输过程中无需传输公钥,节省带宽。例如,公钥长度约为256位,签名长度512位。如果全部传输需要768位数据,如果只传输签名只需512位数据,可以节约33%的带宽。In the process of data synchronization, the existing blockchain network needs to send the signature data, public key, and original message corresponding to the target signature data to the next node. In the embodiment of the present invention, the block chain node device can derive the public key through the signature data, and there is no need to transmit the public key during the transmission process, thereby saving bandwidth. For example, the length of the public key is about 256 bits, and the length of the signature is 512 bits. If all transmissions require 768 bits of data, and if only 512 bits of data are required to transmit signatures, 33% of the bandwidth can be saved.
为便于理解,下面对本发明实施例中的具体流程进行描述,请参阅图1,本发明实施例中区块链网络中的数据处理方法一个实施例包括:For ease of understanding, the following describes the specific process in the embodiment of the present invention. Please refer to Figure 1. An embodiment of the data processing method in the blockchain network in the embodiment of the present invention includes:
101、接收验证通过的目标签名数据并获取目标签名数据对应的消息原文参数;101. Receive the target signature data that has passed the verification and obtain the original message parameters corresponding to the target signature data;
本发明实施例中,目标用户的区块链节点设备A中存储有基于SM2椭圆曲线公钥密码算法生成的密钥(包含公钥及私钥),当区块链节点设备A获取到消息原文M(交易信息)之后,可以采用基于SM2椭圆曲线公钥密码算法生成的密钥中的私钥对消息原文M进行运算得到签名数据(r,s),可以将该签名数据(r,s)发送给其他节点B进行校验,节点B可以基于目标用户的公钥对接收到的签名数据(r',s')进行校验,可以理解的是,本发明实施例中可以设置单独的节点对接收到的签名数据(r',s')进行校验,也可以直接在区块链网络中选择一个或多个节点(少于全区块链节点)对接收到的签名数据(r',s')进行校验,校验成功之后将校验通过的目标签名数据(r〞,s〞)及目标签名数据对应的消息原文参数发送给区块链网络中的其它节点设备。区块链网络中的节点设备可以接收验证通过的目标签名数据及目标签名数据对应的消息原文参数。In the embodiment of the present invention, the target user's blockchain node device A stores a key (including the public key and the private key) generated based on the SM2 elliptic curve public key cryptographic algorithm. When the blockchain node device A obtains the original message After M (transaction information), the private key in the key generated based on the SM2 elliptic curve public key cryptographic algorithm can be used to calculate the original message M to obtain the signature data (r, s), which can be the signature data (r, s) Send to other node B for verification. Node B can verify the received signature data (r', s') based on the public key of the target user. It is understandable that a separate node can be set in the embodiment of the present invention. To verify the received signature data (r', s'), you can also directly select one or more nodes (less than all blockchain nodes) in the blockchain network to verify the received signature data (r' ,s') for verification. After the verification is successful, the target signature data (r",s") that has passed the verification and the original message parameters corresponding to the target signature data are sent to other node devices in the blockchain network. The node device in the blockchain network can receive the verified target signature data and the original message parameters corresponding to the target signature data.
可以理解的是,如果传输过程没有数据损坏的情况下,数据(r,s)、(r',s')、(r〞,s〞)是相同的数据。It is understandable that if there is no data damage during the transmission process, the data (r,s), (r',s'), (r",s") are the same data.
102、获取目标用户的公钥对应的算法参数;102. Obtain algorithm parameters corresponding to the public key of the target user;
为了回推计算目标用户的公钥,区块链网络中的节点设备需要获取目标用户的公钥计算过程中所采用的非对称加密算法及实现对应非对称加密算法所需的计算参数即算法参数。该算法参数的获取可以通过上一个节点进行传输也可以是在安装客户端安装过程中预先保存在区块链网络中的各个节点设备的本地存储空间中,在本地存储空间中中提取,无需网络传输。In order to calculate the public key of the target user, the node device in the blockchain network needs to obtain the asymmetric encryption algorithm used in the calculation process of the target user's public key and the calculation parameters required to realize the corresponding asymmetric encryption algorithm, namely the algorithm parameters . The acquisition of the algorithm parameters can be transmitted through the previous node, or can be pre-stored in the local storage space of each node device in the blockchain network during the client installation process, and extracted from the local storage space without network transmission.
103、根据目标签名数据、算法参数及消息原文参数计算目标用户的公 钥,并保存计算得到的目标用户的公钥在本地区块链节点设备。103. Calculate the target user's public key according to the target signature data, algorithm parameters, and message original text parameters, and save the calculated target user's public key on the local blockchain node device.
在获取到目标签名数据、算法参数及消息原文参数之后,可以针对所采用的非对称加密算法的特性推导对应的算法,以计算目标用户的公钥。After obtaining the target signature data, algorithm parameters, and message original text parameters, the corresponding algorithm can be derived according to the characteristics of the adopted asymmetric encryption algorithm to calculate the public key of the target user.
具体的,仅以SM2椭圆曲线公钥密码算法为例进行说明。Specifically, only the SM2 elliptic curve public key cryptographic algorithm is taken as an example for description.
若节点接收到的验证通过的目标签名数据为(r〞,s〞),算法参数中包含SM2算法中使用的椭圆曲线的基点G及基点的阶数为n,消息原文参数为密码杂凑函数作用于消息原文M的输出值e,根据目标签名数据、算法参数及消息原文参数计算目标用户的公钥包括:If the verified target signature data received by the node is (r",s"), the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and the order of the base point is n, and the original message parameters are cryptographic hash functions. Based on the output value e of the original message M, calculating the public key of the target user based on the target signature data, algorithm parameters and the original message parameters include:
将r〞与s〞转换为整数之后,根据公式计算参数t,其中t=(r〞+s〞)mod n;After converting r "and s" into integers, calculate the parameter t according to the formula, where t = (r "+ s ") mod n;
采用有限域逆运算算法计算参数t的逆元素t -1Calculate the inverse element t -1 of the parameter t using a finite field inverse algorithm;
计算基点G在椭圆曲线的s〞倍点[s〞]G;Calculate the base point G at the s" times point [s"]G of the elliptic curve;
计算椭圆曲线上横坐标为(r〞-e)的点U;Calculate the point U whose abscissa is (r"-e) on the elliptic curve;
根据公式计算目标用户的公钥P A'=[t -1](U-[s〞]G)。 According to the formula, calculate the target user's public key P A '=[t -1 ](U-[s》]G).
需要说明的是,节点可能直接接收到其它节点(节点B)发送的密码杂凑函数作用于消息原文M的输出值e,则可直接使用e进行公钥的计算;如果节点未接收到上述输出值e,但获取到了消息原文M,则要分两种情况处理:1、可以利用密码杂凑函数计算出上述输出值e;2、如果消息原文M符合杂凑函数的输出格式,也可以把消息原文M当作输出值e来使用。It should be noted that the node may directly receive the cryptographic hash function sent by other nodes (node B) to act on the output value e of the original message M, and it can directly use e to calculate the public key; if the node does not receive the above output value e, but if the original message M is obtained, there are two cases to deal with: 1. The output value e can be calculated using the cryptographic hash function; 2. If the original message M conforms to the output format of the hash function, the original message M can also be Used as the output value e.
具体的,有限域逆运算算法及椭圆曲线的倍点算法可以参照现有技术中的方案,此处不做赘述。实际运用中椭圆曲线上横坐标为(r〞-e)的点可以有多个,具体运用中可以在算法参数中从多个横坐标为(r〞-e)的点中预先指定特定一个U点。Specifically, the finite field inverse calculation algorithm and the point doubling algorithm of the elliptic curve can refer to the solutions in the prior art, which will not be repeated here. In actual application, there can be multiple points with abscissa (r"-e) on the elliptic curve. In specific applications, a specific U can be pre-designated from multiple points with abscissa (r"-e) in the algorithm parameters. point.
本发明实施例中,区块链节点设备在进行数据同步的过程中,可以接收验证通过的目标签名数据及目标签名数据对应的消息原文参数,并根据目标签名数据、算法参数及消息原文参数计算目标用户的公钥,无需传输目标用户的公钥,节约了数据传输过程中网络带宽。尤其是在区块链节点数量巨大(数以百万级)的区块链网络中,大大节约了网络带宽资源。In the embodiment of the present invention, in the process of data synchronization, the blockchain node device can receive the verified target signature data and the original message parameters corresponding to the target signature data, and calculate according to the target signature data, algorithm parameters, and original message parameters The public key of the target user does not need to transmit the public key of the target user, which saves network bandwidth during data transmission. Especially in a blockchain network with a huge number of blockchain nodes (millions), network bandwidth resources are greatly saved.
可选的,作为一种可能的实施方式,为了保障数据的准确性,在计算目标用户的公钥P A'之前,还需要对接收到的数据进行校验,具体可以包括: Optionally, as a possible implementation manner, in order to ensure the accuracy of the data, before calculating the public key P A 'of the target user, the received data needs to be verified, which may specifically include:
校验目标签名数据(r〞,s〞)是否符合第一预设条件,若符合第一预设条件,则进行计算目标用户的公钥P A'的步骤;具体的,符合第一预设条件可以包括: Verifying that the signature target data (r ", s") corresponds to the first preset condition, if they meet a first predetermined condition, calculating the target user's public key P A 'steps are carried out; in particular, corresponds to the first predetermined Conditions can include:
r〞∈[1,n-1]成立,s〞∈[1,n-1]成立,(r〞+s〞)mod n=t的值不为零,[t -1]mod n的值不为零,(r〞-e)mod n的值不为零。 r"∈[1,n-1] is established, s"∈[1,n-1] is established, (r"+s") mod n=t is not zero, and the value of [t -1 ] mod n Not zero, the value of (r"-e)mod n is not zero.
本发明实施例在回推计算出目标用户的公钥之后,如果计算得到的目标用户的公钥能使得原签名验证通过,则可以说明在上述实施例中的计算步骤是正确。可选的,作为一种可能的实施方式,为了保障数据的准确性,在保存计算得到的目标用户的公钥在本地区块链节点设备之前,方法还包括:In the embodiment of the present invention, after the public key of the target user is calculated back, if the calculated public key of the target user can pass the original signature verification, it can be explained that the calculation steps in the foregoing embodiment are correct. Optionally, as a possible implementation manner, in order to ensure the accuracy of the data, before saving the calculated public key of the target user in the local blockchain node device, the method further includes:
校验目标用户的公钥P A'是否符合第二预设条件,若符合,则执行保存计算得到的目标用户的公钥在本地区块链节点设备的步骤; Check whether the public key P A 'of the target user meets the second preset condition, and if so, execute the step of saving the calculated public key of the target user in the local blockchain node device;
第二预设条件包括:等式([t -1]P A'+[s〞]G).x+e=r〞mod n成立。 The second predetermined condition comprises: the equation ([t -1] P A ' + [s "] G) .x + e = r" mod n holds.
根据国家密码管理局公布的SM2椭圆曲线公钥密码算法可知,签名验证算法中,([t -1]P A+[s]G).x+e={[t][t -1](U-[s]G)+[s]G}.x+e mod n According to the SM2 elliptic curve public key cryptographic algorithm published by the State Cryptography Administration, in the signature verification algorithm, ([t -1 ]P A +[s]G).x+e={[t][t -1 ]( U-[s]G)+[s]G}.x+e mod n
={(U+[s]G)-[s]G}.x+e mod n= {(U+[s]G)-[s]G}.x+e mod n
=U.x+emod n=r-e+emod n=r mod n=U.x+emod n=r-e+emod n=r mod n
因此,只需要验证等式([t -1]P A'+[s〞]G).x+e=r〞mod n是否成立,若成立,即可验证可以说明在上述实施例中的计算步骤是正确。 Therefore, it is only necessary to verify whether the equation ([t -1 ]P A ’+[s”]G). x+e=r” mod n is established, if it is established, it can be verified that the calculation in the above embodiment The steps are correct.
为了便于理解,下面将结合具体运用实例对本申请中的区块链网络中的数据处理方法进行说明。In order to facilitate understanding, the data processing method in the blockchain network in this application will be described below in conjunction with specific application examples.
用户A生成私钥及对应的公钥。私钥为自己的秘密,公钥P A公开。私钥可以用于生成签名,公钥可以用于验证签名。公钥P A生成以后会同步给需要对自己信息进行验证的用户B。当用户A使用私钥对自己的信息签名以后,会把信息原文及对应的签名(r,s)发送给用户B,用户B使用用户A的公钥对接收到的签名(r',s')进行验证。用户C只需要根据用户 B发送的验证通过的目标签名数据(r〞,s〞),SM2算法中使用的椭圆曲线的基点G及基点的阶数为n,以及密码杂凑函数作用于消息原文的输出值e或消息原文M回推计算出目标用户的公钥PA',具体计算过程如下: User A generates a private key and corresponding public key. For their own private key secret, the public key P A publicly. The private key can be used to generate the signature, and the public key can be used to verify the signature. P requires public synchronized to their own user authentication information A later generation B. When user A uses the private key to sign his own information, the original message and the corresponding signature (r, s) will be sent to user B, and user B uses user A’s public key to sign the received signature (r',s' )authenticating. User C only needs to verify the target signature data (r",s") sent by user B, the base point G of the elliptic curve and the order of the base point used in the SM2 algorithm are n, and the cryptographic hash function acts on the original message The output value e or the original message M is pushed back to calculate the public key PA' of the target user. The specific calculation process is as follows:
C1:检验r〞∈[1,n-1]是否成立,若不成立则退出运算;C1: Check whether r"∈[1, n-1] is established, if not, exit the operation;
C2:检验s〞∈[1,n-1]是否成立,若不成立则退出运算;C2: Check whether s"∈[1, n-1] is established, if not, then exit the operation;
C3:计算,若(r〞+s〞)mod n=t=0,则退出运算;C3: Calculation, if (r"+s") mod n=t=0, then exit the calculation;
C4:计算采用有限域逆运算算法计算参数t的逆元素t-1,并验证[t-1]mod n的值是否为零,若为零,则退出计算;C4: The calculation uses the finite field inverse algorithm to calculate the inverse element t-1 of the parameter t, and verify whether the value of [t-1]mod n is zero, if it is zero, exit the calculation;
C5:验证(r〞-e)mod n的值是否为零,若为零,则退出计算;C5: Verify whether the value of (r"-e)mod n is zero, if it is zero, then exit the calculation;
C6:找到椭圆曲线上的点U与U′,U与U′点的x坐标都等于(r〞-e),y坐标关于y轴对称,可以根据具体业务需求,通过额外参数的方式具体指定使用U与U′;C6: Find the points U and U′ on the elliptic curve. The x coordinates of U and U′ points are equal to (r〞-e), and the y coordinate is symmetrical about the y axis, which can be specified by additional parameters according to specific business requirements Use U and U′;
C7:计算椭圆曲线上的多倍点[s〞]G;C7: Calculate multiple points on the elliptic curve [s》]G;
C8:计算椭圆曲线上的点U-[s〞]G;C8: Calculate the point U-[s》]G on the elliptic curve;
C9:计算公钥PA'=[t-1](U-[s〞]G)。C9: Calculate the public key PA'=[t-1](U-[s》]G).
本发明实施例中,通过设计出可以根据已验证签名回推公钥算法极大的减少了通讯量,减少了带宽。尤其是在区块链场景下,每笔已经验证的交易均为一个签名,用户的钱包地址取决于公钥地址,在交易确认过程中,往往既需要对交易的确认又需要钱包地址。根据签名回推出公钥地址可以极大的减少通讯量,减少区块链的交易确认时间及网络带宽资源。In the embodiment of the present invention, by designing an algorithm that can push back the public key based on the verified signature, the communication volume is greatly reduced and the bandwidth is reduced. Especially in the blockchain scenario, each verified transaction is a signature, and the user's wallet address depends on the public key address. In the transaction confirmation process, both the confirmation of the transaction and the wallet address are often required. Introducing the public key address based on the signature can greatly reduce the amount of communication and reduce the transaction confirmation time and network bandwidth resources of the blockchain.
请参阅图2,在本实施例中还提供了一种区块链网络中的数据处理系统,其包括:Please refer to Fig. 2. In this embodiment, a data processing system in a blockchain network is also provided, which includes:
接收单元201,用于接收验证通过的目标签名数据并获取目标签名数据对应的消息原文参数,目标签名数据是采用目标用户的公钥对消息原文进行加密运算之后得到的数据;The receiving unit 201 is configured to receive the target signature data that has passed the verification and obtain the original message parameters corresponding to the target signature data. The target signature data is data obtained after the original message is encrypted using the public key of the target user;
获取单元202,用于获取目标用户的公钥对应的算法参数,算法参数用于指示目标用户的公钥计算过程中所采用的非对称加密算法及实现对应非对称加密算法所需的计算参数;The obtaining unit 202 is configured to obtain the algorithm parameters corresponding to the public key of the target user, and the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to realize the corresponding asymmetric encryption algorithm;
处理单元203,用于根据目标签名数据、算法参数及消息原文参数计 算目标用户的公钥,并保存计算得到的目标用户的公钥在本地区块链节点设备。The processing unit 203 is configured to calculate the public key of the target user according to the target signature data, algorithm parameters, and original message parameters, and save the calculated public key of the target user on the local blockchain node device.
可选的,作为一种可能的实施方式,若目标签名数据为(r〞,s〞),算法参数中包含SM2算法中使用的椭圆曲线的基点G及基点的阶数为n,消息原文参数为密码杂凑函数作用于消息原文的输出值e或消息原文M,处理单元包括:Optionally, as a possible implementation, if the target signature data is (r", s"), the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and the order of the base point is n, and the original message parameters In order for the cryptographic hash function to act on the output value e of the original message or M, the processing unit includes:
第一计算模块,用于将r〞与s〞转换为整数之后,根据公式计算参数t,其中t=(r〞+s〞)mod n;The first calculation module is used to calculate the parameter t according to the formula after converting r" and s" into integers, where t=(r"+s") mod n;
第二计算模块,用于采用有限域逆运算算法计算参数t的逆元素t -1The second calculation module is used to calculate the inverse element t -1 of the parameter t using a finite field inverse operation algorithm;
第三计算模块,用于计算基点G在椭圆曲线的s〞倍点[s〞]G;The third calculation module is used to calculate the s" multiple point [s"]G of the base point G on the elliptic curve;
第四计算模块,用于计算椭圆曲线上横坐标为(r〞-e)的点U;The fourth calculation module is used to calculate the point U with the abscissa (r"-e) on the elliptic curve;
第五计算模块,用于根据公式计算目标用户的公钥P A'=[t -1](U-[s〞]G)。 A fifth calculating means for calculating the target user's public key according to the formula P A '= [t -1] (U- [s "] G).
可选的,作为一种可能的实施方式,在计算目标用户的公钥P A'之前,该系统还包括: Optionally, as a possible implementation manner, before calculating the public key P A 'of the target user, the system further includes:
第一校验单元,用于校验目标签名数据(r〞,s〞)是否符合第一预设条件,若符合第一预设条件,则进行计算目标用户的公钥P A'的步骤; First check means for checking the signature target data (r ", s") meets a first predetermined condition, if they meet the first preset condition, the step of calculating the target user's public key P A 'is carried out;
符合第一预设条件包括:Meeting the first preset condition includes:
r〞∈[1,n-1]成立,s〞∈[1,n-1]成立,(r〞+s〞)mod n=t的值不为零,[t -1]mod n的值不为零,(r〞-e)mod n的值不为零。 r"∈[1,n-1] is established, s"∈[1,n-1] is established, (r"+s") mod n=t is not zero, and the value of [t -1 ] mod n Not zero, the value of (r"-e)mod n is not zero.
可选的,作为一种可能的实施方式,在保存计算得到的目标用户的公钥在本地区块链节点设备之前,该系统还包括:Optionally, as a possible implementation, before saving the calculated public key of the target user in the local blockchain node device, the system further includes:
第二校验单元,用于校验目标用户的公钥P A'是否符合第二预设条件,若符合,则执行保存计算得到的目标用户的公钥在本地区块链节点设备的步骤;符合第二预设条件包括:等式([t -1]P A'+[s〞]G).x+e=r〞mod n成立。 The second verification unit is used to verify whether the public key P A 'of the target user meets the second preset condition, and if so, execute the step of saving the calculated public key of the target user in the local blockchain node device; second preset condition is met comprises: equation ([t -1] P A ' + [s "] G) .x + e = r" mod n holds.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统,装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and conciseness of description, the specific working process of the above-described system, device, and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.
请参阅图3,在本实施例中还提供了一种区块链节点设备,区块链节点设备1可以是PC(Personal Computer,个人电脑),也可以是智能手机、平板电脑、掌上电脑、便携计算机、智能路由器、矿机、网络存储设备终端设备。Please refer to Figure 3. In this embodiment, a blockchain node device is also provided. The blockchain node device 1 can be a PC (Personal Computer), or a smart phone, a tablet, a handheld computer, Portable computers, smart routers, mining machines, network storage equipment terminal equipment.
该区块链节点设备1可以是组成CDN网络或者区块链网络的节点。The blockchain node device 1 may be a node forming a CDN network or a blockchain network.
该区块链节点设备1可以包括存储器11、处理器12和总线13。处理器11执行计算机程序时实现上述图1所示的基于区块链的区块链网络中的数据处理方法实施例中的步骤,例如图1所示的步骤101至103。或者,处理器执行计算机程序时实现上述各装置实施例中各模块或单元的功能。The blockchain node device 1 may include a memory 11, a processor 12, and a bus 13. When the processor 11 executes the computer program, the steps in the embodiment of the data processing method in the blockchain-based blockchain network shown in FIG. 1 are implemented, such as steps 101 to 103 shown in FIG. 1. Or, when the processor executes the computer program, the function of each module or unit in the foregoing device embodiments is realized.
本发明的一些实施例中,处理器具体用于实现如下步骤:In some embodiments of the present invention, the processor is specifically configured to implement the following steps:
接收验证通过的目标签名数据并获取目标签名数据对应的消息原文参数,目标签名数据是采用目标用户的公钥对消息原文进行加密运算之后得到的数据;Receive the verified target signature data and obtain the original message parameters corresponding to the target signature data. The target signature data is the data obtained after encrypting the original message with the public key of the target user;
获取目标用户的公钥对应的算法参数,算法参数用于指示目标用户的公钥计算过程中所采用的非对称加密算法及实现对应非对称加密算法所需的计算参数;Obtain the algorithm parameters corresponding to the public key of the target user, the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to implement the corresponding asymmetric encryption algorithm;
根据目标签名数据、算法参数及消息原文参数计算目标用户的公钥,并保存计算得到的目标用户的公钥在本地区块链节点设备。Calculate the target user's public key according to the target signature data, algorithm parameters and message original text parameters, and save the calculated target user's public key on the local blockchain node device.
若目标签名数据为(r〞,s〞),算法参数中包含SM2算法中使用的椭圆曲线的基点G及基点的阶数为n,消息原文参数为密码杂凑函数作用于消息原文的输出值e或消息原文M,可选的,本发明的一些实施例中,处理器还可以用于实现如下步骤:If the target signature data is (r",s"), the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and the order of the base point is n, and the original message parameter is the output value e of the cryptographic hash function applied to the original message Or the original message M. Optionally, in some embodiments of the present invention, the processor may also be used to implement the following steps:
将r〞与s〞转换为整数之后,根据公式计算参数t,其中t=(r〞+s〞)mod n;After converting r "and s" into integers, calculate the parameter t according to the formula, where t = (r "+ s ") mod n;
采用有限域逆运算算法计算参数t的逆元素t -1Calculate the inverse element t -1 of the parameter t using a finite field inverse algorithm;
计算基点G在椭圆曲线的s〞倍点[s〞]G;Calculate the base point G at the s" times point [s"]G of the elliptic curve;
计算椭圆曲线上横坐标为(r〞-e)的点U;Calculate the point U whose abscissa is (r"-e) on the elliptic curve;
根据公式计算目标用户的公钥P A'=[t -1](U-[s〞]G)。 According to the formula, calculate the target user's public key P A '=[t -1 ](U-[s》]G).
可选的,本发明的一些实施例中,处理器还可以用于实现如下步骤:Optionally, in some embodiments of the present invention, the processor may also be used to implement the following steps:
接收目标签名数据对应的消息原文M;Receive the original message M corresponding to the target signature data;
若消息原文M符合密码杂凑函数的输出格式,则将消息原文作为所述输出值e,否则利用密码杂凑函数和消息原文M计算得到所述输出值e。If the original message M conforms to the output format of the cryptographic hash function, the original message is used as the output value e; otherwise, the output value e is calculated by using the cryptographic hash function and the original message M.
可选的,本发明的一些实施例中,处理器还可以用于实现如下步骤:Optionally, in some embodiments of the present invention, the processor may also be used to implement the following steps:
校验目标签名数据(r〞,s〞)是否符合第一预设条件,若符合第一预设条件,则进行计算目标用户的公钥P A'的步骤; Verifying that the signature target data (r ", s") corresponds to the first preset condition, if they meet the first preset condition, the step of calculating the target user's public key P A 'is carried out;
第一预设条件包括:The first preset conditions include:
r〞∈[1,n-1]成立,s〞∈[1,n-1]成立,(r〞+s〞)mod n=t的值不为零,[t -1]mod n的值不为零,(r〞-e)mod n的值不为零。 r"∈[1,n-1] is established, s"∈[1,n-1] is established, (r"+s") mod n=t is not zero, and the value of [t -1 ] mod n Not zero, the value of (r"-e)mod n is not zero.
可选的,本发明的一些实施例中,处理器还可以用于实现如下步骤:Optionally, in some embodiments of the present invention, the processor may also be used to implement the following steps:
校验目标用户的公钥P A'是否符合第二预设条件,若符合,则执行保存计算得到的目标用户的公钥在本地区块链节点设备的步骤; Check whether the public key P A 'of the target user meets the second preset condition, and if so, execute the step of saving the calculated public key of the target user in the local blockchain node device;
第二预设条件包括:等式([t -1]P A'+[s〞]G).x+e=r〞mod n成立。 The second predetermined condition comprises: the equation ([t -1] P A ' + [s "] G) .x + e = r" mod n holds.
其中,存储器11至少包括一种类型的可读存储介质,可读存储介质包括闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、磁性存储器、磁盘、光盘等。存储器11在一些实施例中可以是区块链节点设备1的内部存储单元,例如该区块链节点设备1的硬盘。存储器11在另一些实施例中也可以是区块链节点设备1的外部存储设备,例如区块链节点设备1上配备的插接式硬盘,智能存储卡(Smart Media Card,SMC),安全数字(Secure Digital,SD)卡,闪存卡(Flash Card)等。进一步地,存储器11还可以既包括区块链节点设备1的内部存储单元也包括外部存储设备。存储器11不仅可以用于存储安装于区块链节点设备1的应用软件及各类数据,例如**程序01的代码等,还可以用于暂时地存储已经输出或者将要输出的数据。The memory 11 includes at least one type of readable storage medium, and the readable storage medium includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), magnetic memory, magnetic disk, optical disk, etc. The memory 11 may be an internal storage unit of the blockchain node device 1 in some embodiments, for example, the hard disk of the blockchain node device 1. In other embodiments, the memory 11 may also be an external storage device of the blockchain node device 1, such as a plug-in hard disk equipped on the blockchain node device 1, a smart media card (SMC), and a secure digital (Secure Digital, SD) card, Flash Card, etc. Further, the memory 11 may also include both an internal storage unit of the blockchain node device 1 and an external storage device. The memory 11 can be used not only to store application software and various data installed in the blockchain node device 1, such as the code of **program 01, etc., but also to temporarily store data that has been output or will be output.
处理器12在一些实施例中可以是一中央处理器(Central Processing Unit,CPU)、控制器、微控制器、微处理器或其他数据处理芯片,用于运行存储器11中存储的程序代码或处理数据,例如执行**程序01等。The processor 12 may be a central processing unit (CPU), controller, microcontroller, microprocessor or other data processing chip in some embodiments, and is used to run the program code or processing stored in the memory 11 Data, such as executing **program 01, etc.
该总线13可以是外设部件互连标准(peripheral component interconnect,简称PCI)总线或扩展工业标准结构(extended industry standard architecture, 简称EISA)总线等。该总线可以分为地址总线、数据总线、控制总线等。为便于表示,图10中仅用一条粗线表示,但并不表示仅有一根总线或一种类型的总线。The bus 13 may be a peripheral component interconnect (PCI) bus or an extended industry standard architecture (EISA) bus, etc. The bus can be divided into address bus, data bus, control bus, etc. For ease of representation, only one thick line is used to represent in FIG. 10, but it does not mean that there is only one bus or one type of bus.
进一步地,区块链节点设备还可以包括网络接口14,网络接口14可选的可以包括有线接口和/或无线接口(如WI-FI接口、蓝牙接口等),通常用于在该区块链节点设备1与其他电子设备之间建立通信连接。Further, the blockchain node device may also include a network interface 14. The network interface 14 may optionally include a wired interface and/or a wireless interface (such as a WI-FI interface, a Bluetooth interface, etc.), which is usually used in the blockchain The node device 1 establishes a communication connection with other electronic devices.
可选地,该区块链节点设备1还可以包括用户接口,用户接口可以包括显示器(Display)、输入单元比如键盘(Keyboard),可选的用户接口还可以包括标准的有线接口、无线接口。可选地,在一些实施例中,显示器可以是LED显示器、液晶显示器、触控式液晶显示器以及OLED(Organic Light-Emitting Diode,有机发光二极管)触摸器等。其中,显示器也可以适当的称为显示屏或显示单元,用于显示在区块链节点设备1中处理的信息以及用于显示可视化的用户界面。Optionally, the blockchain node device 1 may also include a user interface. The user interface may include a display (Display) and an input unit such as a keyboard (Keyboard). The optional user interface may also include a standard wired interface and a wireless interface. Optionally, in some embodiments, the display may be an LED display, a liquid crystal display, a touch-sensitive liquid crystal display, an OLED (Organic Light-Emitting Diode, organic light emitting diode) touch device, etc. Among them, the display can also be called a display screen or a display unit as appropriate, and is used to display the information processed in the blockchain node device 1 and to display a visualized user interface.
图3仅示出了具有组件11-14以及计算机程序01的区块链节点设备1,本领域技术人员可以理解的是,图1示出的结构并不构成对区块链节点设备1的限定,可以包括比图示更少或者更多的部件,或者组合某些部件,或者不同的部件布置。Figure 3 only shows the blockchain node device 1 with components 11-14 and the computer program 01. Those skilled in the art can understand that the structure shown in Figure 1 does not constitute a limitation on the blockchain node device 1. It may include fewer or more components than shown, or a combination of some components, or a different component arrangement.
本发明还提供了一种计算机可读存储介质,该计算机可读存储介质上存储有计算机程序,计算机程序被处理器执行时,可以实现如下步骤:The present invention also provides a computer-readable storage medium with a computer program stored on the computer-readable storage medium. When the computer program is executed by a processor, the following steps can be implemented:
接收验证通过的目标签名数据并获取目标签名数据对应的消息原文参数,目标签名数据是采用目标用户的公钥对消息原文进行加密运算之后得到的数据;Receive the verified target signature data and obtain the original message parameters corresponding to the target signature data. The target signature data is the data obtained after encrypting the original message with the public key of the target user;
获取目标用户的公钥对应的算法参数,算法参数用于指示目标用户的公钥计算过程中所采用的非对称加密算法及实现对应非对称加密算法所需的计算参数;Obtain the algorithm parameters corresponding to the public key of the target user, the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to implement the corresponding asymmetric encryption algorithm;
根据目标签名数据、算法参数及消息原文参数计算目标用户的公钥,并保存计算得到的目标用户的公钥在本地区块链节点设备。Calculate the target user's public key according to the target signature data, algorithm parameters and message original text parameters, and save the calculated target user's public key on the local blockchain node device.
若目标签名数据为(r〞,s〞),算法参数中包含SM2算法中使用的椭圆曲线的基点G及基点的阶数为n,消息原文参数为密码杂凑函数作用于 消息原文的输出值e或消息原文M,可选的,本发明的一些实施例中,处理器还可以用于实现如下步骤:If the target signature data is (r",s"), the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and the order of the base point is n, and the original message parameter is the output value e of the cryptographic hash function applied to the original message Or the original message M. Optionally, in some embodiments of the present invention, the processor may also be used to implement the following steps:
将r〞与s〞转换为整数之后,根据公式计算参数t,其中t=(r〞+s〞)mod n;After converting r "and s" into integers, calculate the parameter t according to the formula, where t = (r "+ s ") mod n;
采用有限域逆运算算法计算参数t的逆元素t -1Calculate the inverse element t -1 of the parameter t using a finite field inverse algorithm;
计算基点G在椭圆曲线的s〞倍点[s〞]G;Calculate the base point G at the s" times point [s"]G of the elliptic curve;
计算椭圆曲线上横坐标为(r〞-e)的点U;Calculate the point U whose abscissa is (r"-e) on the elliptic curve;
根据公式计算目标用户的公钥P A'=[t -1](U-[s〞]G)。 According to the formula, calculate the target user's public key P A '=[t -1 ](U-[s》]G).
可选的,本发明的一些实施例中,处理器还可以用于实现如下步骤:Optionally, in some embodiments of the present invention, the processor may also be used to implement the following steps:
接收目标签名数据对应的消息原文M;Receive the original message M corresponding to the target signature data;
若所述消息原文M符合密码杂凑函数的输出格式,则将所述消息原文作为所述输出值e,否则利用密码杂凑函数和消息原文M计算得到所述输出值e。If the original message M conforms to the output format of the cryptographic hash function, the original message is used as the output value e; otherwise, the output value e is calculated by using the cryptographic hash function and the original message M.
可选的,本发明的一些实施例中,处理器还可以用于实现如下步骤:Optionally, in some embodiments of the present invention, the processor may also be used to implement the following steps:
校验目标签名数据(r〞,s〞)是否符合第一预设条件,若符合第一预设条件,则进行计算目标用户的公钥P A'的步骤; Verifying that the signature target data (r ", s") corresponds to the first preset condition, if they meet the first preset condition, the step of calculating the target user's public key P A 'is carried out;
符合第一预设条件包括:Meeting the first preset condition includes:
r〞∈[1,n-1]成立,s〞∈[1,n-1]成立,(r〞+s〞)mod n=t的值不为零,[t -1]mod n的值不为零,(r〞-e)mod n的值不为零。 r"∈[1,n-1] is established, s"∈[1,n-1] is established, (r"+s") mod n=t is not zero, and the value of [t -1 ] mod n Not zero, the value of (r"-e)mod n is not zero.
可选的,本发明的一些实施例中,处理器还可以用于实现如下步骤:Optionally, in some embodiments of the present invention, the processor may also be used to implement the following steps:
校验目标用户的公钥P A'是否符合第二预设条件,若符合,则执行保存计算得到的目标用户的公钥在本地区块链节点设备的步骤; Check whether the public key P A 'of the target user meets the second preset condition, and if so, execute the step of saving the calculated public key of the target user in the local blockchain node device;
符合第二预设条件包括:等式([t -1]P A'+[s〞]G).x+e=r〞mod n成立。 Second preset condition is met comprises: Equation ([t -1] P A ' + [s "] G) .x + e = r" mod n holds.
本发明实施例还提供了一种计算机程序产品包括一个或多个计算机指令。在计算机上加载和执行计算机程序指令时,全部或部分地产生按照本发明实施例的流程或功能。计算机可以是通用计算机、专用计算机、计算机网络、或者其他可编程装置。计算机指令可以存储在计算机可读存储介质中,或者从一个计算机可读存储介质向另一计算机可读存储介质传输, 例如,计算机指令可以从一个网站站点、计算机、服务器或数据中心通过有线(例如同轴电缆、光纤、数字用户线(DSL))或无线(例如红外、无线、微波等)方式向另一个网站站点、计算机、服务器或数据中心进行传输。计算机可读存储介质可以是计算机能够存储的任何可用介质或者是包含一个或多个可用介质集成的服务器、数据中心等数据存储设备。可用介质可以是磁性介质,(例如,软盘、硬盘、磁带)、光介质(例如,DVD)、或者半导体介质(例如固态硬盘Solid State Disk(SSD))等The embodiment of the present invention also provides a computer program product including one or more computer instructions. When the computer program instructions are loaded and executed on the computer, the processes or functions according to the embodiments of the present invention are generated in whole or in part. The computer can be a general-purpose computer, a dedicated computer, a computer network, or other programmable devices. Computer instructions can be stored in a computer-readable storage medium, or transmitted from one computer-readable storage medium to another computer-readable storage medium. For example, computer instructions can be transmitted from a website, computer, server, or data center through a cable (such as Coaxial cable, optical fiber, digital subscriber line (DSL)) or wireless (such as infrared, wireless, microwave, etc.) to transmit to another website site, computer, server or data center. The computer-readable storage medium may be any available medium that can be stored by a computer or a data storage device such as a server or data center integrated with one or more available media. Available media can be magnetic media (for example, floppy disks, hard drives, tapes), optical media (for example, DVDs), or semiconductor media (for example, Solid State Disks (SSD)), etc.
在本申请所提供的几个实施例中,应该理解到,所揭露的系统,装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed system, device, and method may be implemented in other ways. For example, the device embodiments described above are merely illustrative, for example, the division of units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components can be combined or integrated. To another system, or some features can be ignored, or not implemented. In addition, the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical, mechanical or other forms.
作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, the functional units in each embodiment of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit. The above-mentioned integrated unit can be implemented in the form of hardware or software functional unit.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM, Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium. Based on this understanding, the technical solution of this application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including several instructions to make a computer device (which can be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the method described in each embodiment of the present application. The aforementioned storage media include: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program code .
需要说明的是,上述本发明实施例序号仅仅为了描述,不代表实施例的优劣。并且本文中的术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、装置、物品或者方法不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、装置、物品或者方法所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、装置、物品或者方法中还存在另外的相同要素。It should be noted that the sequence numbers of the above-mentioned embodiments of the present invention are only for description, and do not represent the advantages and disadvantages of the embodiments. And the terms "include", "include" or any other variants thereof in this article are intended to cover non-exclusive inclusion, so that a process, device, article or method including a series of elements not only includes those elements, but also includes The other elements listed may also include elements inherent to the process, device, article, or method. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other identical elements in the process, device, article or method that includes the element.
以上仅为本发明的优选实施例,并非因此限制本发明的专利范围,凡是利用本发明说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本发明的专利保护范围内。The above are only preferred embodiments of the present invention, and do not limit the scope of the present invention. Any equivalent structure or equivalent process transformation made by using the content of the description and drawings of the present invention, or directly or indirectly applied to other related technical fields , The same reason is included in the patent protection scope of the present invention.

Claims (10)

  1. 一种区块链网络中的数据处理方法,其特征在于,运用于区块链节点设备,所述方法包括:A data processing method in a blockchain network, characterized in that it is applied to a blockchain node device, and the method includes:
    接收验证通过的目标签名数据并获取所述目标签名数据对应的消息原文参数,所述目标签名数据是采用目标用户的公钥对消息原文进行加密运算之后得到的数据;Receiving the target signature data that has passed the verification and obtaining the original message parameters corresponding to the target signature data, where the target signature data is data obtained after the original message is encrypted using the public key of the target user;
    获取所述目标用户的公钥对应的算法参数,所述算法参数用于指示所述目标用户的公钥计算过程中所采用的非对称加密算法及实现对应非对称加密算法所需的计算参数;Acquiring algorithm parameters corresponding to the public key of the target user, where the algorithm parameters are used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the calculation parameters required to implement the corresponding asymmetric encryption algorithm;
    根据所述目标签名数据、所述算法参数及所述消息原文参数计算所述目标用户的公钥,并保存计算得到的所述目标用户的公钥在本地区块链节点设备。Calculate the public key of the target user according to the target signature data, the algorithm parameters, and the original message parameters, and save the calculated public key of the target user in a local blockchain node device.
  2. 如权利要求1所述的方法,其特征在于,若所述验证通过的目标签名数据为(r〞,s〞),所述算法参数中包含SM2算法中使用的椭圆曲线的基点G及所述基点的阶数为n,所述消息原文参数为密码杂凑函数作用于所述消息原文的输出值e,所述根据所述目标签名数据、算法参数及所述消息原文参数计算所述目标用户的公钥包括:The method of claim 1, wherein if the verified target signature data is (r",s"), the algorithm parameters include the base point G of the elliptic curve used in the SM2 algorithm and the The order of the base point is n, the original message parameter is the output value e of the cryptographic hash function acting on the original message, and the target user’s information is calculated based on the target signature data, algorithm parameters and the original message parameters The public key includes:
    将所述r〞与s〞转换为整数之后,根据公式计算参数t,其中t=(r〞+s〞)mod n;After converting the r" and s" into integers, calculate the parameter t according to the formula, where t=(r"+s") mod n;
    采用有限域逆运算算法计算参数t的逆元素t -1Calculate the inverse element t -1 of the parameter t using a finite field inverse algorithm;
    计算所述基点G在椭圆曲线的s〞倍点[s〞]G;Calculate the s" times point [s"]G of the base point G on the elliptic curve;
    计算椭圆曲线上横坐标为(r〞-e)的点U;Calculate the point U whose abscissa is (r"-e) on the elliptic curve;
    根据公式计算所述目标用户的公钥P A'=[t -1](U-[s〞]G)。 Calculating the target user's public key according to the formula P A '= [t -1] (U- [s "] G).
  3. 根据要求2所述的方法,其特征在于,所述获取所述目标签名数据对应的消息原文参数包括:The method according to claim 2, wherein said obtaining the original message parameters corresponding to the target signature data comprises:
    接收目标签名数据对应的消息原文M;Receive the original message M corresponding to the target signature data;
    若所述消息原文M符合密码杂凑函数的输出格式,则将所述消息原文作为所述输出值e,否则利用密码杂凑函数和消息原文M计算得到所述输出值e。If the original message M conforms to the output format of the cryptographic hash function, the original message is used as the output value e; otherwise, the output value e is calculated by using the cryptographic hash function and the original message M.
  4. 如权利要求2所述的方法,其特征在于,在计算所述目标用户的公钥P A'之前,所述方法还包括: The method according to claim 2, wherein, in calculating the target user's public key P A 'before, the method further comprising:
    校验所述目标签名数据(r〞,s〞)是否符合第一预设条件,若符合第一预设条件,则进行计算所述目标用户的公钥P A'的步骤; The step of checking said signature target data (r ", s") meets a first predetermined condition, if they meet a first predetermined condition, calculates the target user's public key P A 'is;
    所述第一预设条件包括下列条件中的至少一种:The first preset condition includes at least one of the following conditions:
    r〞∈[1,n-1]成立,s〞∈[1,n-1]成立,(r〞+s〞)mod n=t的值不为零,[t -1]mod n的值不为零,(r〞-e)mod n的值不为零。 r"∈[1,n-1] is established, s"∈[1,n-1] is established, (r"+s") mod n=t is not zero, and the value of [t -1 ] mod n Not zero, the value of (r"-e)mod n is not zero.
  5. 如权利要求2或3所述的方法,其特征在于,在保存计算得到的所述目标用户的公钥在本地区块链节点设备之前,所述方法还包括:The method according to claim 2 or 3, wherein before saving the calculated public key of the target user in the local blockchain node device, the method further comprises:
    校验所述目标用户的公钥P A'是否符合第二预设条件,若符合,则执行保存计算得到的所述目标用户的公钥在本地区块链节点设备的步骤; Check of the target user's public key P A 'meets a second preset condition, if they meet the step of the local node device block chain of the target user to save the calculated public key is performed;
    所述第二预设条件包括:等式([t -1]P A'+[s〞]G).x+e=r〞mod n成立。 Said second predetermined condition comprises: the equation ([t -1] P A ' + [s "] G) .x + e = r" mod n holds.
  6. 一种区块链网络中的数据处理系统,其特征在于,包括:A data processing system in a blockchain network is characterized in that it includes:
    接收单元,用于接收验证通过的目标签名数据并获取所述目标签名数据对应的消息原文参数,所述目标签名数据是采用目标用户的公钥对消息原文进行加密运算之后得到的数据;The receiving unit is configured to receive the target signature data that has passed the verification and obtain the original message parameters corresponding to the target signature data, where the target signature data is data obtained after the target user's public key is used to encrypt the original message;
    获取单元,用于获取所述目标用户的公钥对应的算法参数,所述算法参数用于指示所述目标用户的公钥计算过程中所采用的非对称加密算法及实现对应非对称加密算法所需的计算参数;The obtaining unit is used to obtain the algorithm parameter corresponding to the public key of the target user, and the algorithm parameter is used to indicate the asymmetric encryption algorithm used in the calculation of the public key of the target user and the corresponding asymmetric encryption algorithm. Required calculation parameters;
    处理单元,用于根据所述目标签名数据、算法参数及所述消息原文参数计算所述目标用户的公钥,并保存计算得到的所述目标用户的公钥在本地区块链节点设备。The processing unit is configured to calculate the public key of the target user according to the target signature data, algorithm parameters and the original message parameters, and save the calculated public key of the target user on the local blockchain node device.
  7. 一种区块链节点设备,其特征在于,所述区块链节点设备包括存储器和处理器,所述存储器上存储有可在所述处理器上运行的计算机程序,所述计算机程序被所述处理器执行时实现如权利要求1-5任一项所述的方法。A block chain node device, characterized in that the block chain node device includes a memory and a processor, the memory stores a computer program that can run on the processor, and the computer program is The processor implements the method according to any one of claims 1-5 when executed.
  8. 根据权利要求7所述的区块链节点设备,其特征在于,所述区块链节点设备为组成CDN网络或者区块链网络的节点。The blockchain node device according to claim 7, wherein the blockchain node device is a node forming a CDN network or a blockchain network.
  9. 一种计算机可读存储介质,其特征在于,所述计算机可读存储介质上存储有计算机程序,所述计算机程序可被一个或者多个处理器执行,以实现如权利要求1至5中任一项所述的区块链网络中的数据处理方法。A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, and the computer program can be executed by one or more processors to implement any one of claims 1 to 5 The data processing method in the blockchain network described in the item.
  10. 一种计算机程序产品,其特征在于,包括计算机指令,当其在计算机上运行时,使得计算机可以执行上述权利要求1至5中任一项所述的区块链网络中的数据处理方法。A computer program product, which is characterized by comprising computer instructions, which when running on a computer, enables the computer to execute the data processing method in the blockchain network according to any one of claims 1 to 5.
PCT/CN2019/094554 2019-05-17 2019-07-03 Data processing method and system in block chain network and related device WO2020232800A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910414781.1A CN110290108B (en) 2019-05-17 2019-05-17 Data processing method, system and related equipment in block chain network
CN201910414781.1 2019-05-17

Publications (1)

Publication Number Publication Date
WO2020232800A1 true WO2020232800A1 (en) 2020-11-26

Family

ID=68002081

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/094554 WO2020232800A1 (en) 2019-05-17 2019-07-03 Data processing method and system in block chain network and related device

Country Status (2)

Country Link
CN (1) CN110290108B (en)
WO (1) WO2020232800A1 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112948083A (en) * 2021-02-25 2021-06-11 北京金山云网络技术有限公司 Data processing method and device and electronic equipment
CN113672994A (en) * 2021-09-03 2021-11-19 中国联合网络通信集团有限公司 Cooking equipment data management method, device and system based on block chain
CN113904854A (en) * 2021-10-13 2022-01-07 筹远(上海)信息科技有限公司 Block chain data encryption method and device based on quotient secret algorithm
CN114666065A (en) * 2022-03-28 2022-06-24 深圳大学 Block chain based message encryption transmission method, device, equipment and medium
CN115842683A (en) * 2023-02-20 2023-03-24 中电装备山东电子有限公司 Signature generation method for communication of power consumption information acquisition system
CN116743505A (en) * 2023-08-14 2023-09-12 上海特高信息技术有限公司 Safety transmission encryption method based on national secret
CN116827554A (en) * 2023-07-24 2023-09-29 三未信安科技股份有限公司 Multi-channel cooperator strategy method and system based on block chain nodes

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111080292B (en) * 2019-11-25 2021-09-10 支付宝(杭州)信息技术有限公司 Method and device for acquiring block chain transaction signature data
CN111901102B (en) * 2020-06-28 2023-05-05 成都质数斯达克科技有限公司 Data transmission method, electronic device, and readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101017562A (en) * 2006-11-28 2007-08-15 南京大学 Method for generating electronic invoice and interactively using based on communication network
CN101697513A (en) * 2009-10-26 2010-04-21 深圳华为通信技术有限公司 Digital signature method, device and system as well as digital signature verification method
US20170078097A1 (en) * 2015-03-12 2017-03-16 Eyelock Llc Methods and systems for managing network activity using biometrics
CN106961336A (en) * 2017-04-18 2017-07-18 北京百旺信安科技有限公司 A kind of key components trustship method and system based on SM2 algorithms
CN108933651A (en) * 2017-05-27 2018-12-04 佛山芯珠微电子有限公司 The method of secret signalling and secret communication based on SOC
CN109347809A (en) * 2018-09-25 2019-02-15 北京计算机技术及应用研究所 A kind of application virtualization safety communicating method towards under autonomous controllable environment

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101860434B (en) * 2010-05-25 2012-05-02 北京握奇数据系统有限公司 Method and device for implementing digital signature
CN104393999B (en) * 2014-12-10 2017-12-12 暨南大学 Authentication method and system of a kind of main equipment to its slave
CN104484590B (en) * 2014-12-12 2017-07-11 上海象形通讯科技股份有限公司 CPU card read write line and system authentication method based on full dimension authentication public key
KR101841566B1 (en) * 2016-10-11 2018-05-04 주식회사 코인플러그 Method for issuing, using, refunding, settling and revocating electric voucher using updated status of balance database by respective blocks in blockchain, and server using the same
CN106850200B (en) * 2017-01-25 2019-10-22 中钞信用卡产业发展有限公司杭州区块链技术研究院 A kind of safety method, system and the terminal of digital cash of the use based on block chain
CN106878318B (en) * 2017-03-03 2020-01-07 上海唯链信息科技有限公司 Block chain real-time polling cloud system
CN107040383B (en) * 2017-04-24 2018-01-30 中山大学 A kind of blind Verifiable Encryptosystem endorsement method based on block chain
CN107301521A (en) * 2017-06-26 2017-10-27 深圳前海华深安信物联技术有限公司 Strengthen the method for warehouse receipt transaction security in a kind of warehouse receipt system based on block chain
CN107395574B (en) * 2017-06-30 2021-05-07 上海策赢网络科技有限公司 Information identification, information request and providing method and device, storage medium and equipment
US10505920B2 (en) * 2017-11-30 2019-12-10 Mocana Corporation System and method of device identification for enrollment and registration of a connected endpoint device, and blockchain service
CN109691013A (en) * 2018-08-16 2019-04-26 区链通网络有限公司 Block chain communication method between nodes, device and storage medium, block catenary system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101017562A (en) * 2006-11-28 2007-08-15 南京大学 Method for generating electronic invoice and interactively using based on communication network
CN101697513A (en) * 2009-10-26 2010-04-21 深圳华为通信技术有限公司 Digital signature method, device and system as well as digital signature verification method
US20170078097A1 (en) * 2015-03-12 2017-03-16 Eyelock Llc Methods and systems for managing network activity using biometrics
CN106961336A (en) * 2017-04-18 2017-07-18 北京百旺信安科技有限公司 A kind of key components trustship method and system based on SM2 algorithms
CN108933651A (en) * 2017-05-27 2018-12-04 佛山芯珠微电子有限公司 The method of secret signalling and secret communication based on SOC
CN109347809A (en) * 2018-09-25 2019-02-15 北京计算机技术及应用研究所 A kind of application virtualization safety communicating method towards under autonomous controllable environment

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112948083B (en) * 2021-02-25 2023-10-27 北京金山云网络技术有限公司 Data processing method and device and electronic equipment
CN112948083A (en) * 2021-02-25 2021-06-11 北京金山云网络技术有限公司 Data processing method and device and electronic equipment
CN113672994A (en) * 2021-09-03 2021-11-19 中国联合网络通信集团有限公司 Cooking equipment data management method, device and system based on block chain
CN113672994B (en) * 2021-09-03 2023-12-01 中国联合网络通信集团有限公司 Cooking equipment data management method, device and system based on blockchain
CN113904854A (en) * 2021-10-13 2022-01-07 筹远(上海)信息科技有限公司 Block chain data encryption method and device based on quotient secret algorithm
CN113904854B (en) * 2021-10-13 2024-01-02 筹远(上海)信息科技有限公司 Block chain data encryption method and device based on quotient algorithm
CN114666065A (en) * 2022-03-28 2022-06-24 深圳大学 Block chain based message encryption transmission method, device, equipment and medium
CN114666065B (en) * 2022-03-28 2023-05-30 深圳大学 Message encryption transmission method, device, equipment and medium based on block chain
CN115842683A (en) * 2023-02-20 2023-03-24 中电装备山东电子有限公司 Signature generation method for communication of power consumption information acquisition system
CN116827554A (en) * 2023-07-24 2023-09-29 三未信安科技股份有限公司 Multi-channel cooperator strategy method and system based on block chain nodes
CN116827554B (en) * 2023-07-24 2024-04-09 三未信安科技股份有限公司 Multi-channel cooperator strategy method and system based on block chain nodes
CN116743505B (en) * 2023-08-14 2023-10-20 上海特高信息技术有限公司 Safety transmission encryption method based on national secret
CN116743505A (en) * 2023-08-14 2023-09-12 上海特高信息技术有限公司 Safety transmission encryption method based on national secret

Also Published As

Publication number Publication date
CN110290108B (en) 2020-10-13
CN110290108A (en) 2019-09-27

Similar Documents

Publication Publication Date Title
WO2020232800A1 (en) Data processing method and system in block chain network and related device
CN109862041B (en) Digital identity authentication method, equipment, device, system and storage medium
WO2022252632A1 (en) Data encryption processing method and apparatus, computer device, and storage medium
CN107483212B (en) Method for generating digital signature by cooperation of two parties
US9819656B2 (en) Method for secure communication using asymmetric and symmetric encryption over insecure communications
EP4016920A1 (en) Confidential authentication and provisioning
CN111835511A (en) Data security transmission method and device, computer equipment and storage medium
WO2021012574A1 (en) Multisignature method, signature center, medium and electronic device
CN111130803B (en) Method, system and device for digital signature
CN109034796B (en) Alliance chain-based transaction supervision method, electronic device and readable storage medium
WO2021036086A1 (en) Transaction data processing method, apparatus and system, and computer-readable storage medium
EP3378190A1 (en) Method of performing keyed-hash message authentication code (hmac) using multi-party computation without boolean gates
CN110912920A (en) Data processing method, apparatus and medium
WO2022022009A1 (en) Message processing method and apparatus, device, and storage medium
CN112560091B (en) Digital signature method, signature information verification method, related device and electronic equipment
WO2021134898A1 (en) Blockchain transaction data proof supervision method and system, and related device
WO2015135398A1 (en) Negotiation key based data processing method
CN106161472A (en) A kind of method of data encryption, Apparatus and system
CN113221146A (en) Method and device for data transmission between block chain nodes
CN113630412B (en) Resource downloading method, resource downloading device, electronic equipment and storage medium
US8769301B2 (en) Product authentication based upon a hyperelliptic curve equation and a curve pairing function
CN106850219B (en) Data processing method and terminal
CN109510711B (en) Network communication method, server, client and system
CN110175471B (en) File storage method and system
WO2019242163A1 (en) Data security verification method, apparatus and system, and computer device and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19929628

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 01/03/2022)

122 Ep: pct application non-entry in european phase

Ref document number: 19929628

Country of ref document: EP

Kind code of ref document: A1