WO2021109718A1 - 一种基于区块链系统的验证方法及装置 - Google Patents

一种基于区块链系统的验证方法及装置 Download PDF

Info

Publication number
WO2021109718A1
WO2021109718A1 PCT/CN2020/120923 CN2020120923W WO2021109718A1 WO 2021109718 A1 WO2021109718 A1 WO 2021109718A1 CN 2020120923 W CN2020120923 W CN 2020120923W WO 2021109718 A1 WO2021109718 A1 WO 2021109718A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
verified
verification
node
data
Prior art date
Application number
PCT/CN2020/120923
Other languages
English (en)
French (fr)
Inventor
王朝阳
严强
李昊轩
李辉忠
张开翔
范瑞彬
刘雪峰
裴庆祺
Original Assignee
深圳前海微众银行股份有限公司
西安电子科技大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海微众银行股份有限公司, 西安电子科技大学 filed Critical 深圳前海微众银行股份有限公司
Publication of WO2021109718A1 publication Critical patent/WO2021109718A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • the present invention relates to the technical field of financial technology (Fintech), in particular to a verification method and device based on a blockchain system.
  • the public key cryptosystem RSA is an asymmetric encryption algorithm commonly used in blockchain systems.
  • the key length generated by the RSA encryption algorithm is between 512 and 2048 bits.
  • the RSA encryption algorithm can ensure the security of the information to be verified, the longer key makes it more difficult for the node to verify the encrypted information, resulting in a decrease in the efficiency of verifying the information to be verified.
  • the invention discloses a verification method and a device based on a blockchain system, which are used to solve the technical problem of low verification efficiency caused by the prior art using an RSA encryption algorithm to encrypt information to be verified.
  • the present invention provides a verification method based on a blockchain system.
  • the method is suitable for a node to be verified in the blockchain system.
  • the method includes: the node to be verified first generates at least two nodes to be verified based on an elliptic curve encryption algorithm.
  • the data to be verified corresponding to the verification information is then sent to the verification node, so that the verification node determines the verification result of the data to be verified through the first information and the third information carried in the data to be verified.
  • the data to be verified includes first information and at least two pieces of second information.
  • the at least two pieces of second information respectively correspond to the at least two pieces of information to be verified, and the at least two pieces of second information are used by the verification node to determine the third information.
  • the elliptic curve encryption algorithm can use a shorter key to achieve security equivalent to or higher than that of the RSA encryption algorithm. Therefore, this method can improve the accuracy of verification on the basis of reducing the difficulty of verification.
  • the data to be verified in this solution is generated by two or more pieces of information to be verified. In this way, the verification node can verify two or more pieces of information to be verified in the node to be verified through a verification process. , Without having to verify each information to be verified, which can save unnecessary operation steps and improve the efficiency of verification.
  • the node to be verified generates at least two data to be verified corresponding to the information to be verified based on the elliptic curve encryption algorithm, including: the node to be verified sets a corresponding random blind key for each information to be verified, and Based on the random blind key corresponding to each information to be verified and the elliptic curve point corresponding to each information to be verified, the first information is obtained. For any information to be verified, the node to be verified is based on the information to be verified and the corresponding information to be verified. The random blind key and the first information generate the second information corresponding to the information to be verified, and then construct the data to be verified according to the first information and the second information corresponding to each information to be verified.
  • the elliptic curve point corresponding to each information to be verified is obtained through pre-negotiation between the node to be verified and the verification node.
  • each information to be verified is covered by using a random blind key, and the association relationship between the first information, each second information, each random blind key and each information to be verified is designed so that the verification node is waiting
  • the first information can be reconstructed based on the association relationship. In this way, the verification node can accurately verify two or more pieces of information to be verified.
  • Z 1 is the first information, a 1, a 2, ising , a n be n-pending verification key information corresponding to the randomized, blinded, G 1, G 2, ising , G n , respectively n
  • An elliptic curve point corresponding to the information to be verified, n is an integer greater than or equal to 2.
  • the successively added value of the discrete logarithm constructed by each random blind key is encrypted by using a hash algorithm, so that the verification node cannot decrypt the first information to obtain the random blind key corresponding to each information to be verified. Therefore, a non-interactive verification method can be realized between the node to be verified and the verification node, which helps to improve the security of each information to be verified.
  • any of the second to be authenticated information corresponding to satisfy the following form: Z 2i a i -Z 1 * r i.
  • Z 2i is the second information corresponding to the i-th information to be verified
  • a i is the random blind key corresponding to the i-th information to be verified
  • r i is the i-th information to be verified
  • i is greater than 0 and less than n Integer.
  • the present invention provides a verification method based on a blockchain system.
  • the method is suitable for verification nodes in the blockchain system.
  • the method includes: the verification node first receives the data to be verified sent by the node to be verified, and then according to For the first information and at least two second information in the data to be verified, the third information is calculated using the decryption algorithm corresponding to the elliptic curve encryption algorithm, and finally, according to the third information and the first information, it is determined whether the data to be verified is approved.
  • the data to be verified is obtained by encrypting at least two pieces of information to be verified by the node to be verified using an elliptic curve encryption algorithm, and the data to be verified includes first information and at least two pieces of second information, at least two pieces of second information and at least two pieces of information.
  • the information to be verified corresponds to each other one by one.
  • the verification node uses the decryption algorithm corresponding to the elliptic curve encryption algorithm to calculate the third information according to the first information and at least two second information in the data to be verified, including: the verification node first obtains each The elliptic curve points and verification points corresponding to the information to be verified are then obtained according to the first information, the second information corresponding to each information to be verified, and the elliptic curve points and verification points corresponding to each information to be verified. Wherein, the elliptic curve points and verification points corresponding to each information to be verified are obtained through pre-negotiation between the node to be verified and the verification node.
  • Z 3 is the third information
  • Z 21 , Z 22 , ..., Z 2n are the second information corresponding to n pieces of information to be verified respectively
  • G 1 , G 2 , ..., G n are respectively n pieces to be verified
  • Z 1 is the first information
  • Y is the verification point.
  • the present invention provides a verification device based on a blockchain system, the device including:
  • the generating module is configured to generate at least two data to be verified corresponding to the information to be verified based on the elliptic curve encryption algorithm.
  • the data to be verified includes first information and at least two pieces of second information, the at least two pieces of second information respectively correspond to at least two pieces of information to be verified, and the at least two pieces of second information are used by the verifying node to determine the third information;
  • the transceiver module is configured to send the data to be verified to the verification node, so that the verification node determines the verification result of the data to be verified through the first information and the third information.
  • the generating module is specifically configured to: set a corresponding random blind key for each information to be verified, based on the random blind key corresponding to each information to be verified and the elliptic curve point corresponding to each information to be verified , Obtain the first information, for any information to be verified, generate the second information corresponding to the information to be verified according to the information to be verified, the random blind key corresponding to the information to be verified, and the first information, and generate the second information corresponding to the information to be verified according to the first information and each information to be verified The second information corresponding to the information is constructed to obtain the data to be verified.
  • the elliptic curve point corresponding to each information to be verified is obtained through pre-negotiation between the node to be verified and the verification node.
  • Z 1 is the first information, a 1, a 2 ??, a n be n-pending verification key information corresponding to the randomized, blinded, G 1, G 2, ising , G n are n objects to be verified
  • the elliptic curve point corresponding to the information, n is an integer greater than or equal to 2.
  • any of the second to be authenticated information corresponding to satisfy the following form: Z 2i a i -Z 1 * r i.
  • Z 2i is the second information corresponding to the i-th information to be verified
  • a i is the random blind key corresponding to the i-th information to be verified
  • r i is the i-th information to be verified
  • i is greater than 0 and less than n Integer.
  • the present invention provides a verification device based on a blockchain system, the device including:
  • the transceiver module is used to receive the data to be verified sent by the node to be verified; the data to be verified is obtained by encrypting at least two pieces of information to be verified by the node to be verified using an elliptic curve encryption algorithm, and the data to be verified includes the first information and at least two pieces of information. Second information, at least two pieces of second information have a one-to-one correspondence with at least two pieces of information to be verified;
  • the processing module is configured to calculate the third information by using the decryption algorithm corresponding to the elliptic curve encryption algorithm according to the first information and the at least two second information in the data to be verified;
  • the verification module is used to determine whether the data to be verified passes the verification based on the third information and the first information.
  • the processing module is specifically configured to: obtain the elliptic curve points and verification points corresponding to each piece of information to be verified, according to the first information, the second information corresponding to each piece of information to be verified, and the piece corresponding to each piece of information to be verified.
  • the elliptic curve point and the verification point are used to obtain the third information.
  • the elliptic curve points and verification points corresponding to each information to be verified are obtained through pre-negotiation between the node to be verified and the verification node.
  • Z 3 is the third information
  • Z 21 , Z 22 , ..., Z 2n are the second information corresponding to n pieces of information to be verified respectively
  • G 1 , G 2 , ..., G n are respectively n pieces to be verified
  • Z 1 is the first information
  • Y is the verification point.
  • the present invention provides a computing device including at least one processor and at least one memory, where the memory may store a computer program, and when the computer program is executed by the processor, the processor may execute the first aspect or Any verification method based on the blockchain system described in the second aspect.
  • the present invention provides a computer-readable storage medium that stores a computer program that can be executed by a computing device.
  • the computing device can execute any of the first or second aspects described above.
  • the verification method based on the blockchain system.
  • FIG. 1 is a schematic diagram of the architecture of a blockchain system provided by an embodiment of the present invention
  • FIG. 2 is a schematic flowchart of a verification method based on a blockchain system provided by an embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of a verification device based on a blockchain system provided by an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of another verification device based on a blockchain system provided by an embodiment of the present invention.
  • Fig. 5 is a schematic structural diagram of a computing device provided by an embodiment of the present invention.
  • the field of financial technology usually involves a variety of transactions.
  • bank transactions can include card sales, deposit transactions, loan transactions, insurance transactions, wealth management transactions, etc.
  • the daily transaction volume of banks can reach thousands or even several. Thousands of pens.
  • the field of financial technology can also use blockchain technology to process transactions. For example, if multiple banks are involved in related transactions, multiple banks can set up a consortium chain to process various related transactions simultaneously, or they can also upload courts, customers, etc. to the chain at the same time to jointly maintain the consortium chain Security and stability.
  • the blockchain system may be a peer-to-peer (P2P) network composed of multiple nodes.
  • the P2P network is an application layer protocol running on the transmission control protocol (TCP).
  • TCP transmission control protocol
  • the nodes in the blockchain system can be equal to each other. There is no central node in the system, so each node can Randomly connect other nodes.
  • each node can be provided with a preset database, and each node jointly maintains the public ledger in the blockchain system through the preset database.
  • the preset database inside the node can store the block data in the blockchain system.
  • the block data includes block header and block body.
  • the block header includes the hash value of the previous block, the hash value of this block, the block height of this block, timestamp and other information
  • the block body includes transaction data.
  • the nodes in the blockchain system process the transaction data generated by the transaction to be processed in the process of consensus on the block.
  • FIG 1 is a schematic diagram of the architecture of a blockchain system provided by an embodiment of the present invention.
  • the blockchain system may include one or more nodes, such as node 101, node 102, node 103, and node 104 . Any two nodes of the node 101 to the node 104 can be connected in communication, so as to jointly maintain the blockchain system. Among them, any two nodes can be connected in a wired manner or in a wireless manner, which is not specifically limited.
  • the nodes in the blockchain system may have multiple functions, such as routing function, transaction function, blockchain function, consensus function, and so on.
  • the nodes in the blockchain system can transmit transaction data and other information sent by other nodes to more nodes to achieve communication between nodes.
  • the nodes in the blockchain system can be used to support users to conduct transactions.
  • the nodes in the blockchain system can be used to record all transactions in history.
  • nodes in the blockchain system can generate new blocks in the blockchain by verifying and recording transactions.
  • the routing function is a function that each node in the blockchain system must have, and other functions can be set by those skilled in the art according to actual needs.
  • a node in the blockchain system can refer to a physical machine (server), or can refer to a process or a series of processes running in the server.
  • the node 101 in the blockchain network may be a process running on a server, or it may refer to a server, which is not specifically limited.
  • the system architecture may also include a client 200.
  • the client 200 can connect to any node in the blockchain system by accessing the blockchain network.
  • the client 200 can send the transaction to any node in the blockchain system, and the node in the blockchain system can synchronize the transaction to other nodes in the blockchain system after receiving the transaction.
  • the node After the node synchronizes the transaction, it can also store the transaction in the transaction pool inside the node.
  • other nodes after receiving the transaction synchronized by the node, other nodes can also store the transaction in the internal transaction pool of the other node. In this way, if a node determines to process multiple transactions, the node can obtain multiple transactions from the internal transaction pool, and then perform subsequent transaction processing and block consensus.
  • the transaction can be stored in the transaction pool in the form of a stack. In this way, if a certain node determines to process multiple transactions, the node can obtain the earliest multiple transactions into the stack from the internal transaction pool for subsequent processing and consensus processes.
  • FIG. 2 is a schematic diagram of a process corresponding to a data processing method based on a blockchain system provided by an embodiment of the present invention.
  • the method is applied to any node in the blockchain system, for example, FIG. 1 indicates node 101, node 102, node 103, or node 104.
  • the method includes:
  • Step 201 The node to be verified generates at least two data to be verified corresponding to the information to be verified based on the elliptic curve encryption algorithm.
  • the data to be verified may include first information and at least two pieces of second information, and the at least two pieces of second information respectively correspond to the at least two pieces of information to be verified.
  • the node to be verified and the verification node can negotiate a verification format in advance, and the verification format is a format that at least two pieces of information to be verified need to meet.
  • the verification format is a format that at least two pieces of information to be verified need to meet.
  • the verification format can be set by those skilled in the art based on experience, and is not specifically limited.
  • the verification format may be determined based on an elliptic curve encryption algorithm.
  • it can be the continuous addition form of the discrete logarithm of the elliptic curve of at least two information to be verified, or it can be the continuous multiplication form of the discrete logarithm of the elliptic curve of at least two information to be verified, or it can be at least two
  • the mixed form of continuous addition and continuous multiplication of discrete logarithm of elliptic curve of information is not limited.
  • the node to be verified and the verification node can negotiate and set the elliptic curve in advance. Set to an elliptic curve whose degree is a large prime number (that is, greater than 2 256 ).
  • the node to be verified and the verification node can also pre-select elliptic curve points corresponding to each information to be verified from the set elliptic curve, and select verification points from the set elliptic curve.
  • the verification format can satisfy the following form:
  • r 1 , r 2 , ..., r n are n pieces of information to be verified, n is an integer greater than or equal to 2, Y is a verification point on an elliptic curve with a large prime q, G 1 , G 2 , ..., G n are elliptic curve points corresponding to the information to be verified r 1 , r 2 , ..., r n respectively.
  • the elliptic curve point corresponding to each information to be verified ie G 1 , G 2 , ..., G n
  • the verification point Y can be pre-registered by the blockchain system
  • Each node in the network is determined through negotiation.
  • each node to be verified can use the same elliptic curve to encrypt their respective information to be verified to obtain the data to be verified, and the verification node can use the same verification method to verify the data to be verified of each node to be verified, thereby ensuring that each node to be verified
  • the consistency of node verification improves the accuracy of verification.
  • node 1 can respectively obtain the data to be verified sent by node 2 and the data to be verified sent by node 3, based on the same elliptic curve points G 1 and G 2 ,..., G n , and the elliptic curve point Y verify the data to be verified sent by node 2 and the data to be verified by node 3. If both node 2 and node 3 are verified, node 1 can determine that the information to be verified by node 2 does exist in node 2, and the information to be verified by node 3 does exist in node 3. In this way, node 1 can be based on node The verification results of 2 and 3 perform subsequent operations.
  • node 1 can determine There is no information to be verified by node 2 in node 2, and node 2 has forged information.
  • the elliptic curve encryption algorithm is calculated based on the discrete logarithm of the elliptic curve, so it is called the elliptic curve encryption algorithm.
  • the elliptic curve encryption algorithm can be set by those skilled in the art based on experience. Not limited.
  • the node to be verified can construct the data to be verified in the following way:
  • Step 1 The node to be verified sets a corresponding random blind key for each message to be verified.
  • the random blind key corresponding to each information to be verified can be an integer with a larger value and less than the order of the set elliptic curve.
  • Step 2 The node to be verified obtains the first information based on the random blind key corresponding to each information to be verified and the elliptic curve point corresponding to each information to be verified.
  • Step 3 For any information to be verified, the node to be verified generates second information corresponding to the information to be verified according to the information to be verified, the random blind key corresponding to the information to be verified, and the first information.
  • Step 4 The node to be verified constructs the data to be verified corresponding to each information to be verified according to the first information and the second information corresponding to each information to be verified.
  • each operator in the above steps needs to modulate the order q of the elliptic curve.
  • the embodiment of the present invention no longer describes the operation of taking the modulus of the order q of the elliptic curve.
  • the first information may satisfy the following form:
  • Z 1 is the first information
  • a 1, a 2 ??, a n are the verification information to be r 1, r 2, ising, r n corresponding randomized, blinded key.
  • the second information corresponding to any information to be verified may satisfy the following form:
  • Z 2i is the second information corresponding to the i-th information to be verified
  • r i is the i-th information to be verified
  • i is an integer greater than 0 and less than n.
  • the verification node cannot decrypt the first information to obtain the random blind key corresponding to each information to be verified. Thereby, non-interactive verification can be realized between the node to be verified and the verification node, and the security of each information to be verified is guaranteed.
  • the following takes the first to-be-verified information r 1 and the second to-be-verified information r 2 as examples to describe the specific implementation process of obtaining the to-be-verified data corresponding to the two to-be-verified information.
  • the node to be verified can first randomly select integers a 1 and a 2 with larger values from integers smaller than q, use the integer a 1 as the random blind key corresponding to the first information to be verified r 1, and set a 2 a second integer to be used as the verification information corresponding to the r 2 randomized, blinded key, randomized, blinded and based on the first authentication information to be r 1 corresponding to key a 1, the first authentication information to be r 1 corresponding to an elliptic curve point as G 1 in , randomized, blinded second authentication information to be r 2 a 2 and a key corresponding to the second authentication information to be an elliptic curve point r 2 G 2 corresponding to the first information obtained construct Z 1:
  • the authentication information to be the first randomized, blinded r 1 corresponding to the first key information is a 1 and Z 1 generates a first authentication based on the first information to be r
  • the second authentication information to be r 2 two nodes may be authenticated, the second authentication information to be randomized, blinded r 2 a 2 and corresponding to the first key information to generate a second Z 1 according to the second authentication information to be r
  • the node to be verified can construct the data to be verified according to the first information Z 1 , the second information Z 21 corresponding to the first information to be verified r 1 , and the second information Z 22 corresponding to the second information to be verified r 2 , for example,
  • the node to be verified may use the vector obtained by splicing the first information Z 1 , the second information Z 21 corresponding to the first information to be verified r 1 and the second information Z 22 corresponding to the second information to be verified r 2 as the data to be verified, or It is also possible to use the first information Z 1 , the second information Z 21 corresponding to the first to-be-verified information r 1 and the second information Z 22 corresponding to the second to-be-verified information r 2 as the data to be verified.
  • the array can be three An array [Z 1 , Z 21 , Z 22 ] T with one row and one column can also be an array [Z 1 , Z 21 , Z 22 ] with three columns and one row, without limitation.
  • the node to be verified can also obtain the first information and the second information according to other methods, for example, it can also be set
  • Step 202 The node to be verified sends to the verification node the data to be verified corresponding to at least two pieces of information to be verified.
  • the node to be verified can broadcast the data to be verified to each node in the blockchain system. For each node in the blockchain system, the node determines whether the node is a node to be verified after receiving the data to be verified. The verification node corresponding to the verification node, if it is, can obtain the data to be verified, and if it is not, it may not be processed.
  • Step 203 After receiving the data to be verified, the verification node uses the decryption algorithm corresponding to the elliptic curve encryption algorithm to calculate the third information according to the first information and the at least two second information in the data to be verified.
  • the decryption algorithm corresponding to the elliptic curve encryption algorithm can be implemented based on the inverse solution process of the elliptic curve encryption algorithm.
  • the decryption algorithm corresponding to the elliptic curve encryption algorithm can be set by those skilled in the art based on experience, as long as the use of the algorithm can be guaranteed.
  • the third information calculated by the algorithm is consistent with the first information sent by the node to be verified.
  • the third information can be obtained by the following formula:
  • Z 3 is the third information
  • Z 21 , Z 22 , ..., Z 2n are the second information corresponding to the information to be verified r 1 , r 2 , ..., r n , G 1 , G 2 , ... , G n are the elliptic curve points corresponding to the information to be verified r 1 , r 2 , ..., r n , Z 1 is the first information
  • Y is the verification point.
  • the decryption algorithm corresponding to the elliptic curve encryption algorithm set in the above example can use the first information and each second information encrypted by the elliptic curve encryption algorithm to obtain third information consistent with the first information, so that the decryption algorithm It has a corresponding relationship with the elliptic curve encryption algorithm, which can ensure the accuracy of the verification process.
  • the verification node if it receives the data to be verified sent by the node to be verified, it can first obtain various information pre-negotiated with the node to be verified, such as the elliptic curve points and verification points corresponding to each information to be verified, and then follow the above
  • the formula in the example calculates the pre-negotiated information, the first information in the data to be verified, and each second information to obtain the third information.
  • step 204 the verification node determines whether the third information is the same as the first information, if they are the same, step 205 is executed, and if they are different, step 206 is executed.
  • Step 205 The verification node determines that the verification of the data to be verified is passed, and the at least two pieces of information to be verified do exist in the verification node.
  • Step 206 The verification node determines that the verification of the data to be verified is passed, and the at least two pieces of information to be verified do not exist in the verification node.
  • the third information can be compared with the first information. If the third information is the same as the first information, the data to be verified passes the verification, that is, the verification node does exist in the node to be verified. If the third information is different from the first information, the data to be verified fails the verification, that is, the at least two pieces of information to be verified do not exist in the node to be verified, and the node to be verified is falsified.
  • the verification node determines that the node to be verified is falsified, it can also give an alarm to the node to be verified, for example, generate alarm information based on the identification of the node to be verified, the comparison result of the third information and the first information, and pass the alarm information through nails. Tweets, WeChat, QQ, email, and SMS are pushed to the administrators of the blockchain system so that the administrators can maintain the security of the blockchain system.
  • the node to be verified in the blockchain system generates at least two data to be verified corresponding to the information to be verified based on the elliptic curve encryption algorithm, and sends the data to be verified to the verification node, and the verification node receives the data to be verified.
  • the third information is calculated using the decryption algorithm corresponding to the elliptic curve encryption algorithm, and the third information is determined according to the third information and the first information. Whether the data to be verified passes the verification.
  • the verification node can verify two or more pieces of information to be verified in the node to be verified through a verification process. , Without having to verify each information to be verified, which can save unnecessary operation steps and improve the efficiency of verification.
  • an embodiment of the present invention also provides a verification device based on a blockchain system, and the specific content of the device can be implemented with reference to the foregoing method.
  • Fig. 3 is a schematic structural diagram of a verification device based on a blockchain system provided by an embodiment of the present invention, including:
  • the generating module 301 is configured to generate at least two pieces of data to be verified corresponding to the information to be verified based on the elliptic curve encryption algorithm; wherein the data to be verified includes the first information and at least two pieces of second information, and the at least two pieces of second information are respectively associated with at least The two pieces of information to be verified have a one-to-one correspondence, and at least two pieces of second information are used by the verification node to determine the third information;
  • the transceiver module 302 is configured to send the data to be verified to the verification node, so that the verification node determines the verification result of the data to be verified through the first information and the third information.
  • the generating module 301 is specifically configured to: set a corresponding random blind key for each information to be verified, and obtain based on the random blind key corresponding to each information to be verified and the elliptic curve point corresponding to each information to be verified.
  • the first information for any information to be verified, generating second information corresponding to the information to be verified according to the information to be verified, a random blind key corresponding to the information to be verified, and the first information, According to the first information and the second information corresponding to each information to be verified, the data to be verified is constructed.
  • the elliptic curve point corresponding to each information to be verified is obtained through pre-negotiation between the node to be verified and the verification node.
  • the first information satisfies the following form:
  • Z 1 is the first information, a 1, a 2 ??, a n be n-pending verification key information corresponding to the randomized, blinded, G 1, G 2 ??, G n , respectively n pending The elliptic curve point corresponding to the verification information, where n is an integer greater than or equal to 2.
  • the second information corresponding to any information to be verified satisfies the following form:
  • Z 2i is the second information corresponding to the i-th information to be verified
  • a i is the random blind key corresponding to the i-th information to be verified
  • r i is the i-th information to be verified
  • i is greater than 0 and less than n Integer.
  • Fig. 4 is a schematic structural diagram of a verification device based on a blockchain system provided by an embodiment of the present invention, including:
  • the transceiver module 401 is configured to receive the data to be verified sent by the node to be verified; the data to be verified is obtained by encrypting at least two pieces of information to be verified by the node to be verified using an elliptic curve encryption algorithm, and the data to be verified includes the first information and at least two pieces of information. Second information, at least two pieces of second information are in one-to-one correspondence with at least two pieces of information to be verified;
  • the processing module 402 is configured to calculate the third information by using a decryption algorithm corresponding to the elliptic curve encryption algorithm according to the first information and the at least two second information in the data to be verified;
  • the verification module 403 is configured to determine whether the data to be verified passes the verification according to the third information and the first information.
  • the processing module 402 is specifically configured to: obtain the elliptic curve points and verification points corresponding to each information to be verified, according to the first information, the second information corresponding to each information to be verified, and the elliptic curve corresponding to each information to be verified. Point and verification point to get the third information.
  • the elliptic curve point corresponding to each information to be verified and the verification point are obtained through pre-negotiation between the node to be verified and the verification node.
  • the third information satisfies the following form:
  • Z 3 is the third information
  • Z 21 , Z 22 , ..., Z 2n are the second information corresponding to n pieces of information to be verified respectively
  • G 1 , G 2 , ..., G n are respectively n pieces to be verified
  • the elliptic curve point corresponding to the information Z 1 is the first information
  • Y is the verification point.
  • the node to be verified in the blockchain system generates at least two data to be verified corresponding to the information to be verified based on the elliptic curve encryption algorithm, and sends the data to be verified to the verification
  • the verification node uses the decryption algorithm corresponding to the elliptic curve encryption algorithm to calculate the third information according to the first information and at least two second information in the data to be verified. The information and the first information determine whether the data to be verified passes the verification.
  • the data to be verified is obtained by using the elliptic curve encryption algorithm, which can use a shorter key to achieve security equivalent to or higher than that of the RSA encryption algorithm, thereby helping to reduce the difficulty of verification. Improve the accuracy of verification.
  • the data to be verified in this solution is generated by two or more pieces of information to be verified. In this way, the verification node can verify two or more pieces of information to be verified in the node to be verified through a verification process. , Without having to verify each information to be verified, which can save unnecessary operation steps and improve the efficiency of verification.
  • an embodiment of the present invention also provides a computing device. As shown in FIG. 5, it includes at least one processor 501 and a memory 502 connected to the at least one processor.
  • the embodiment of the present invention does not limit the processor.
  • the connection between the processor 501 and the memory 502 in FIG. 5 is taken as an example.
  • the bus can be divided into address bus, data bus, control bus and so on.
  • the memory 502 stores instructions that can be executed by at least one processor 501.
  • the at least one processor 501 can execute the aforementioned verification method based on the blockchain system. A step of.
  • the processor 501 is the control center of the computing device, which can use various interfaces and lines to connect various parts of the computing device, and realize data by running or executing instructions stored in the memory 502 and calling data stored in the memory 502. deal with.
  • the processor 501 may include one or more processing units, and the processor 501 may integrate an application processor and a modem processor.
  • the application processor mainly processes the operating system, user interface, and application programs.
  • the adjustment processor mainly processes the instructions issued by the operation and maintenance personnel. It can be understood that the foregoing modem processor may not be integrated into the processor 501.
  • the processor 501 and the memory 502 may be implemented on the same chip, and in some embodiments, they may also be implemented on separate chips.
  • the processor 501 may be a general-purpose processor, such as a central processing unit (CPU), a digital signal processor, an application specific integrated circuit (ASIC), a field programmable gate array or other programmable logic devices, discrete gates or transistors Logic devices and discrete hardware components can implement or execute the methods, steps, and logic block diagrams disclosed in the embodiments of the present invention.
  • the general-purpose processor may be a microprocessor or any conventional processor or the like.
  • the steps of the method disclosed in combination with the verification embodiment based on the blockchain system can be directly embodied as executed by a hardware processor, or executed by a combination of hardware and software modules in the processor.
  • the memory 502 as a non-volatile computer-readable storage medium, can be used to store non-volatile software programs, non-volatile computer-executable programs, and modules.
  • the memory 502 may include at least one type of storage medium, such as flash memory, hard disk, multimedia card, card-type memory, random access memory (Random Access Memory, RAM), static random access memory (Static Random Access Memory, SRAM), Programmable Read Only Memory (PROM), Read Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), magnetic memory, disk , CD, etc.
  • the memory 502 is any other medium that can be used to carry or store desired program codes in the form of instructions or data structures and that can be accessed by a computer, but is not limited thereto.
  • the memory 502 in the embodiment of the present invention may also be a circuit or any other device capable of realizing a storage function for storing program instructions and/or data.
  • embodiments of the present invention also provide a computer-readable storage medium that stores a computer program executable by a computing device, and when the program runs on the computing device, the computing device executes Figure 2 Any verification method based on the blockchain system.
  • the embodiments of the present invention can be provided as a method or a computer program product. Therefore, the present invention may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, the present invention may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
  • a computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • These computer program instructions can also be stored in a computer-readable memory that can direct a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
  • the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
  • the instructions provide steps for implementing the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Accounting & Taxation (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Finance (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

一种基于区块链系统的验证方法及装置,用以提高验证效率。其中方法包括:待验证节点基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据,并发送给验证节点,验证节点使用椭圆曲线加密算法对应的解密算法对待验证数据中的第一信息和至少两个第二信息进行计算,得到第三信息,并根据第三信息与第一信息确定是否通过验证。通过椭圆曲线加密算法得到待验证数据,在降低验证的难度的同时,还能提高验证的准确性。且,由于待验证数据是由两个或两个以上的待验证信息生成的,因此验证节点通过一次验证过程即可完成对待验证节点中的两个或两个以上的待验证信息的验证,从而还有助于提高验证效率。

Description

一种基于区块链系统的验证方法及装置
相关申请的交叉引用
本申请要求在2019年12月05日提交中国专利局、申请号为201911235411.8、申请名称为“一种基于区块链系统的验证方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本发明涉及金融科技(Fintech)技术领域,尤其涉及一种基于区块链系统的验证方法及装置。
背景技术
随着计算机技术的发展,越来越多的技术应用在金融领域,传统金融业正在逐步向金融科技(Fintech)转变。然而,由于金融行业的安全性、实时性要求,金融科技也对技术提出了更高的要求。
现阶段,公开密钥密码体制RSA是一种在区块链系统中常用的非对称加密算法,RSA加密算法所产生的密钥长度位于512位至2048位之间。虽然RSA加密算法可以保证待验证信息的安全,但是,较长的密钥却加深了节点对被加密信息进行验证的难度,导致对待验证信息进行验证的效率降低。
综上,目前亟需一种基于区块链系统的验证方法,用以解决现有技术采用RSA加密算法加密待验证信息所导致的验证效率较低的技术问题。
发明内容
本发明公开一种基于区块链系统的验证方法及装置,用以解决现有技术采用RSA加密算法加密待验证信息所导致的验证效率较低的技术问题。
第一方面,本发明提供一种基于区块链系统的验证方法,该方法适用于区块链系统中的待验证节点,该方法包括:待验证节点先基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据,再将待验证数据发送给验证节点,以使验证节点通过待验证数据中携带的第一信息和第三信息确定待验证数据的验证结果。其中,待验证数据包括第一信息和至少两个第二信息,至少两个第二信息分别与至少两个待验证信息一一对应,至少两个第二信息用于验证节点确定第三信息。
在上述设计中,椭圆曲线加密算法能够使用更短的密钥来实现与RSA加密算法相当或更高的安全,因此该方法能够在降低验证的难度的基础上提高验证的准确性。且,本方案中的待验证数据是由两个或两个以上的待验证信息生成的,如此,验证节点可以通过一次验证过程对待验证节点中的两个或两个以上的待验证信息进行验证,而无需分别针对于每个待验证信息进行验证,从而可以节省不必要的操作步骤,提高验证的效率。
在一种可能的实现方式中,待验证节点基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据,包括:待验证节点为每个待验证信息设置对应的随机盲密钥,并基于各个待验证信息对应的随机盲密钥和各个待验证信息对应的椭圆曲线点,得到所述第一信息,针对于任一待验证信息,待验证节点根据待验证信息、待验证信息对应的随机盲密 钥和第一信息生成该待验证信息对应的第二信息,然后根据第一信息和各个待验证信息对应的第二信息,构建得到待验证数据。其中,各个待验证信息对应的椭圆曲线点为待验证节点与验证节点预先协商得到的。在上述实现方式中,通过使用随机盲密钥对各个待验证信息进行掩盖,并设计第一信息、各个第二信息、各个随机盲密钥与各个待验证信息的关联关系,使得验证节点在待验证节点未泄露各个待验证信息的情况下,能够基于该关联关系重构得到第一信息,如此,验证节点能够准确地实现对两个或两个以上待验证信息的验证。
在一种可能的实现方式中,第一信息可以满足如下形式:Z 1=Hash(a 1*G 1+a 2*G 2+……a n*G n)。其中,Z 1为所述第一信息,a 1、a 2、……、a n分别为n个待验证信息对应的随机盲密钥,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,n为大于或等于2的整数。在上述实现方式中,通过使用哈希算法对各个随机盲密钥构建得到的离散对数的连加值进行加密,使得验证节点无法基于第一信息解密得到各个待验证信息对应的随机盲密钥,从而待验证节点和验证节点之间能够实现非交互的验证方式,有助于提高各个待验证信息的安全性。
在一种可能的实现方式中,任一待验证信息对应的第二信息满足如下形式:Z 2i=a i-Z 1*r i。其中,Z 2i为第i个待验证信息对应的第二信息,a i为第i个待验证信息对应的随机盲密钥,r i为第i个待验证信息,i为大于0且小于n的整数。
第二方面,本发明提供一种基于区块链系统的验证方法,该方法适用于区块链系统中的验证节点,该方法包括:验证节点先接收待验证节点发送的待验证数据,再根据待验证数据中的第一信息和至少两个第二信息,使用所述椭圆曲线加密算法对应的解密算法计算得到第三信息,最后根据第三信息与所述第一信息,确定待验证数据是否通过验证。其中,待验证数据为待验证节点使用椭圆曲线加密算法对至少两个待验证信息进行加密得到的,待验证数据包括第一信息和至少两个第二信息,至少两个第二信息与至少两个待验证信息一一对应。
在一种可能的实现方式中,验证节点根据待验证数据中的第一信息和至少两个第二信息,使用椭圆曲线加密算法对应的解密算法计算得到第三信息,包括:验证节点先获取各个待验证信息对应的椭圆曲线点和验证点,再根据第一信息、各个待验证信息对应的第二信息、各个待验证信息对应的椭圆曲线点和验证点,得到第三信息。其中,各个待验证信息对应的椭圆曲线点和验证点为待验证节点与验证节点预先协商得到的。
在一种可能的实现方式中,第三信息可以满足如下形式:Z 3=Hash(Z 21*G 1+Z 22*G 2+……+Z 2n*G n+Z 1*Y)。其中,Z 3为第三信息,Z 21、Z 22、……、Z 2n分别为n个待验证信息对应的第二信息,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,Z 1为第一信息,Y为验证点。
第三方面,本发明提供一种基于区块链系统的验证装置,该装置包括:
生成模块,用于基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据。其中,待验证数据包括第一信息和至少两个第二信息,至少两个第二信息分别与至少两个待验证信息一一对应,至少两个第二信息用于验证节点确定第三信息;
收发模块,用于将待验证数据发送给所述验证节点,以使验证节点通过第一信息和第三信息确定待验证数据的验证结果。
在一种可能的实现方式中,生成模块具体用于:为每个待验证信息设置对应的随机盲 密钥,基于各个待验证信息对应的随机盲密钥和各个待验证信息对应的椭圆曲线点,得到第一信息,针对于任一待验证信息,根据待验证信息、待验证信息对应的随机盲密钥和第一信息生成待验证信息对应的第二信息,根据第一信息和各个待验证信息对应的第二信息,构建得到待验证数据。其中,各个待验证信息对应的椭圆曲线点为待验证节点与验证节点预先协商得到的。
在一种可能的实现方式中,第一信息满足如下形式:Z 1=Hash(a 1*G 1+a 2*G 2+……a n*G n)。其中,Z 1为第一信息,a 1、a 2……、a n分别为n个待验证信息对应的随机盲密钥,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,n为大于或等于2的整数。
在一种可能的实现方式中,任一待验证信息对应的第二信息满足如下形式:Z 2i=a i-Z 1*r i。其中,Z 2i为第i个待验证信息对应的第二信息,a i为第i个待验证信息对应的随机盲密钥,r i为第i个待验证信息,i为大于0且小于n的整数。
第四方面,本发明提供一种基于区块链系统的验证装置,该装置包括:
收发模块,用于接收待验证节点发送的待验证数据;待验证数据为待验证节点使用椭圆曲线加密算法对至少两个待验证信息进行加密得到的,待验证数据包括第一信息和至少两个第二信息,至少两个第二信息与至少两个待验证信息一一对应;
处理模块,用于根据待验证数据中的第一信息和至少两个第二信息,使用椭圆曲线加密算法对应的解密算法计算得到第三信息;
验证模块,用于根据第三信息与第一信息,确定待验证数据是否通过验证。
在一种可能的实现方式中,处理模块具体用于:获取各个待验证信息对应的椭圆曲线点和验证点,根据第一信息、各个待验证信息对应的第二信息、各个待验证信息对应的椭圆曲线点和验证点,得到第三信息。其中,各个待验证信息对应的椭圆曲线点和验证点为待验证节点与验证节点预先协商得到的。
在一种可能的实现方式中,第三信息满足如下形式:Z 3=Hash(Z 21*G 1+Z 22*G 2+……+Z 2n*G n+Z 1*Y)。其中,Z 3为第三信息,Z 21、Z 22、……、Z 2n分别为n个待验证信息对应的第二信息,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,Z 1为第一信息,Y为验证点。
第五方面,本发明提供一种计算设备,包括至少一个处理器以及至少一个存储器,其中,存储器可以存储有计算机程序,当该计算机程序被处理器执行时,处理器可以执行上述第一方面或第二方面任意所述的基于区块链系统的验证方法。
第六方面,本发明提供一种计算机可读存储介质,其存储有可由计算设备执行的计算机程序,当该计算机程序在计算设备上运行时,计算设备可以执行上述第一方面或第二方面任意的基于区块链系统的验证方法。
本发明的这些方面或其他方面在以下实施例的描述中会更加简明易懂。
附图说明
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。
图1为本发明实施例提供的一种区块链系统的架构示意图;
图2为本发明实施例提供的一种基于区块链系统的验证方法的流程示意图;
图3为本发明实施例提供的一种基于区块链系统的验证装置的结构示意图;
图4为本发明实施例提供的又一种基于区块链系统的验证装置的结构示意图;
图5为本发明实施例提供的一种计算设备的结构示意图。
具体实施方式
为了使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明作进一步地详细描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本发明保护的范围。
金融科技(Fintech)技术领域中通常涉及到多种交易,比如银行的交易可以包括售卡交易、存款交易、贷款交易、保险交易、理财交易等,银行每天的交易量可以达到数千笔甚至数万笔。随着区块链技术的逐步发展,金融科技领域也可以使用区块链技术来处理交易。举例来说,若多家银行之间涉及到相关交易,则多家银行可以通过设置联盟链来同步地处理各项相关交易,或者还可以将法院、客户等同时上链,以共同维护联盟链的安全和稳定。
区块链系统可以是由多个节点组成的点对点(peer to peer,P2P)网络。P2P网络是一种运行在传输控制协议(transmission control protocol,TCP)之上的应用层协议,在区块链系统中的节点可以彼此对等,系统中不存在中心节点,因此每个节点都可以随机地连接其它节点。在区块链系统中,每个节点内部都可以设置有预设数据库,各个节点通过预设数据库共同维护区块链系统中的公共账本。节点内部的预设数据库可以存储区块链系统中的区块数据。区块数据包括区块头和区块体,区块头包括上一区块的哈希值、本区块的哈希值、本区块的块高、时间戳等信息,区块体包括交易数据,比如区块链系统中的节点对该区块进行共识的过程中处理待处理交易所生成的交易数据。
图1为本发明实施例提供的一种区块链系统的架构示意图,如图1所示,区块链系统中可以包括一个或多个节点,比如节点101、节点102、节点103与节点104。节点101~节点104中的任意两个节点可以通信连接,从而共同维护区块链系统。其中,任意两个节点可以通过有线方式连接,也可以通过无线方式连接,具体不作限定。
本发明实施例中,区块链系统中的节点可以具有多种功能,比如路由功能、交易功能、区块链功能和共识功能等。具体地说,区块链系统中的节点可以把其他节点传送过来的交易数据等信息传送给更多的节点以实现节点之间的通信。或者,区块链系统中的节点可以用于支持用户进行交易。或者,区块链系统中的节点可以用于记录历史上的所有交易。或者,区块链系统中的节点可以通过验证和记录交易生成区块链中的新区块。在实际应用中,路由功能是区块链系统中的每个节点必须具有的功能,而其它功能可由本领域技术人员根据实际需要进行设置。
需要说明的是,区块链系统中的一个节点可以是指一台物理机(服务器),也可以是指服务器中运行的一个进程或者一系列进程。比如,区块链网络中的节点101可以为一个服务器上运行的一个进程,或者也可以为是指服务器,具体不作限定。
继续参照图1所示,该系统架构中还可以包括客户端200。客户端200可以通过接入 区块链网络与区块链系统中的任一节点连接。具体实施中,客户端200可以将交易发送给区块链系统中的任一节点,区块链系统中的该节点在接收到交易后,可以将交易同步给区块链系统中的其它节点。该节点在同步交易后,还可以将交易存储在节点内部的交易池中。相应地,其它节点在接收到该节点同步的交易后,也可以将交易存储在其它节点内部的交易池中。如此,若某一节点确定处理多条交易,则该节点可以从内部的交易池中获取多条交易,进而进行后续的交易处理及区块共识。其中,交易可以以栈的形式存储在交易池中。如此,若某一节点确定处理多条交易,则该节点可以从内部的交易池中获取最早入栈的多条交易进行后续的处理及共识过程。
基于图1所示意的系统架构,图2为本发明实施例提供的一种基于区块链系统的数据处理方法对应的流程示意图,该方法应用于区块链系统中的任一节点,例如图1所示意出的节点101、节点102、节点103或节点104。如图2所示,该方法包括:
步骤201,待验证节点基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据。
在上述步骤201中,待验证数据可以包括第一信息和至少两个第二信息,至少两个第二信息分别与至少两个待验证信息一一对应。
在区块链系统的验证领域,待验证节点和验证节点可以预先协商好验证格式,验证格式为至少两个待验证信息所需满足的格式。如此,若待验证节点想要向验证节点证明待验证节点中存在至少两个待验证信息,则待验证节点只要向验证节点证明待验证节点中的至少两个待验证信息满足验证格式,即可证明待验证节点中确实存在所述至少两个待验证信息。
本发明实施例中,验证格式可以由本领域技术人员根据经验进行设置,具体不作限定。示例性地,验证格式可以基于椭圆曲线加密算法来确定。比如可以为至少两个待验证信息的椭圆曲线离散对数的连加形式,或者也可以为至少两个待验证信息的椭圆曲线离散对数的连乘形式,或者还可以为至少两个待验证信息的椭圆曲线离散对数的连加与连乘的混合形式,不作限定。
以验证格式为至少两个待验证信息的椭圆曲线离散对数的连加形式为例,待验证节点和验证节点可以预先协商好设定椭圆曲线,为了保证验证的安全性,设定椭圆曲线可以设置为阶是大素数(即大于2 256)的椭圆曲线。相应地,待验证节点和验证节点还可以预先从设定椭圆曲线上选取各个待验证信息对应的椭圆曲线点,以及从设定椭圆曲线上选取验证点。
在一个示例中,验证格式可以满足为如下形式:
Y=r 1*G 1+r 2*G 2+……+r n*G n
其中,r 1、r 2、……、r n为n个待验证信息,n为大于或等于2的整数,Y为阶为大素数q的椭圆曲线上的验证点,G 1、G 2、……、G n为待验证信息r 1、r 2、……、r n分别对应的椭圆曲线点。
本发明实施例中,为了保证各个节点验证的一致性,每个待验证信息对应的椭圆曲线点(即G 1、G 2、……、G n)和验证点Y可以预先由区块链系统中的各个节点协商确定。如此,各个待验证节点可以使用同一椭圆曲线对各自的待验证信息进行加密得到待验证数据,且验证节点可以使用相同的验证方法对各个待验证节点的待验证数据进行验证,从而保证各个待验证节点验证的一致性,提高验证的准确性。
举例来说,若节点1需要同时验证节点2和节点3,则节点1可以分别获取节点2发送的待验证数据和节点3发送的待验证数据,并基于相同的椭圆曲线点G 1、G 2、……、G n,和椭圆曲线点Y对节点2发送的待验证数据和节点3的待验证数据进行验证。若节点2和节点3均验证通过,则节点1可以确定节点2中确实存在节点2所说的待验证信息,节点3中确实存在节点3所说的待验证信息,如此,节点1可以基于节点2和节点3的验证结果执行后续操作。比如基于节点2的待验证数据和节点3的待验证数据得到节点2中的待验证信息和节点3的待验证信息的和、差、乘积等,若节点2验证不通过,则节点1可以确定节点2中不存在节点2所说的待验证信息,节点2存在伪造信息的行为。
需要说明的是,本发明实施例中,椭圆曲线加密算法依托于椭圆曲线离散对数计算得到,因此将其称为椭圆曲线加密算法,椭圆曲线加密算法可以由本领域技术人员根据经验进行设置,具体不作限定。
在一种可能的实现方式中,待验证节点可以通过如下方式构造得到待验证数据:
步骤一,待验证节点为每个待验证信息设置对应的随机盲密钥。其中,每个待验证信息对应的随机盲密钥可以为数值较大的整数,且小于设定椭圆曲线的阶。
步骤二,待验证节点基于各个待验证信息对应的随机盲密钥和各个待验证信息对应的椭圆曲线点得到第一信息。
步骤三,针对于任一待验证信息,待验证节点根据该待验证信息、该待验证信息对应的随机盲密钥和第一信息生成该待验证信息对应的第二信息。
步骤四,待验证节点根据第一信息和各个待验证信息对应的第二信息,构建各个待验证信息对应的待验证数据。
需要说明的是,上述步骤中的每个运算符均需要对椭圆曲线的阶q取模,为了便于描述,本发明实施例不再描述对椭圆曲线的阶q取模的运算。
在一个示例中,第一信息可以满足如下形式:
Z 1=Hash(a 1*G 1+a 2*G 2+……a n*G n)
其中,Z 1为第一信息,a 1、a 2……、a n分别为待验证信息r 1、r 2、……、r n对应的随机盲密钥。
相应地,任一待验证信息对应的第二信息可以满足如下形式:
Z 2i=a i-Z 1*r i
其中,Z 2i为第i个待验证信息对应的第二信息,r i为第i个待验证信息,i为大于0且小于n的整数。
在该示例中,通过使用哈希算法对各个随机盲密钥构建得到的离散对数的连加值进行加密,使得验证节点无法基于第一信息解密得到各个待验证信息对应的随机盲密钥,从而使得待验证节点和验证节点之间能够实现非交互式验证,保证各个待验证信息的安全性。
为了便于理解,下面以第一待验证信息r 1和第二待验证信息r 2为例,描述得到两个待验证信息对应的待验证数据的具体实现过程。
具体实施中,待验证节点可以先从小于q的整数中随机选取数值较大的整数a 1和整数a 2,将整数a 1作为第一待验证信息r 1对应的随机盲密钥,并将整数a 2作为第二待验证信息r 2对应的随机盲密钥,然后基于第一待验证信息r 1对应的随机盲密钥a 1、第一待验证信息r 1对应的椭圆曲线点G 1、第二待验证信息r 2对应的随机盲密钥a 2和第二待验证信息r 2对应的椭圆曲线点G 2构建得到第一信息Z 1
Z 1=Hash(a 1*G 1+a 2*G 2)
进一步地,针对于第一待验证信息r 1,待验证节点可以根据第一待验证信息r 1、第一待验证信息r 1对应的随机盲密钥a 1和第一信息Z 1生成第一待验证信息r 1对应的第二信息Z 21
Z 21=a 1-Z 1*r 1
相应地,针对于第二待验证信息r 2,待验证节点可以根据第二待验证信息r 2、第二待验证信息r 2对应的随机盲密钥a 2和第一信息Z 1生成第二待验证信息r 2对应的第二信息Z 22
Z 22=a 2-Z 1*r 2
如此,待验证节点可以根据第一信息Z 1、第一待验证信息r 1对应的第二信息Z 21和第二待验证信息r 2对应的第二信息Z 22构建得到待验证数据,比如,待验证节点可以将第一信息Z 1、第一待验证信息r 1对应的第二信息Z 21和第二待验证信息r 2对应的第二信息Z 22拼接得到的向量作为待验证数据,或者也可以将第一信息Z 1、第一待验证信息r 1对应的第二信息Z 21和第二待验证信息r 2对应的第二信息Z 22构建的数组作为待验证数据,数组可以为三行一列的数组[Z 1,Z 21,Z 22] T,也可以为三列一行的数组[Z 1,Z 21,Z 22],不作限定。
需要说明的是,上述内容仅是一种示例性的简单说明,并不构成对本方案的限定,具体实施中,待验证节点也可以根据其它方式得到第一信息和第二信息,比如也可以设置第一信息为Z 1=K 1Hash(a 1*G1+a 2*G2+……a n*G n),或者设置第一信息为Z 1=K 1(a 1*G1+a 2*G2+……a n*G n),相应地,也可以设置第二信息为Z 2i=K 2a i-Z 1*r i,或者设置第二信息为Z 2i=a i-K 2Z 1*r i,K 1、K 2为常数。
步骤202,待验证节点将至少两个待验证信息对应的待验证数据发送给验证节点。
具体实施中,待验证节点可以向区块链系统中的各个节点广播待验证数据,针对于区块链系统中的每个节点,该节点在接收到待验证数据后,确定该节点是否为待验证节点对应的验证节点,若是,则可以获取待验证数据,若否,则可以不作处理。
步骤203,验证节点接收待验证数据后,根据所述待验证数据中的第一信息和至少两个第二信息,使用椭圆曲线加密算法对应的解密算法计算得到第三信息。
在上述步骤203中,椭圆曲线加密算法对应的解密算法可以基于椭圆曲线加密算法的逆解过程来实现,椭圆曲线加密算法对应的解密算法可以由本领域技术人员根据经验进行设置,只要能保证使用该算法计算得到的第三信息与待验证节点发送的第一信息一致即可。
在一个示例中,通过设置椭圆曲线加密算法对应的解密算法,第三信息可以通过如下公式得到:
Z 3=Hash(Z 21*G 1+Z 22*G 2+……+Z 2n*G n+Z 1*Y)
其中,Z 3为第三信息,Z 21、Z 22、……、Z 2n分别为待验证信息r 1、r 2、……、r n对应的第二信息,G 1、G 2、……、G n分别为待验证信息r 1、r 2、……、r n对应的椭圆曲线点,Z 1为第一信息,Y为验证点。
为了便于理解,下面给出第三信息与第一信息一致的验证过程:
Z 3=Hash(Z 21*G 1+Z 22*G 2+……+Z 2n*G n+Z 1*Y)
=Hash((a 1-Z 1*r 1)*G 1+(a 2-Z 1*r 2)*G 2+……+(a n-Z 1*r n)*G n+Z 1*(r 1*G 1+r 2*G 2+……+r n*G n))
=Hash(a 1*G 1-Z 1*r 1*G 1+a 2*G 2-Z 1*r 2*G 2+……+a n*G n-Z 1*r n*G n+Z 1*r 1*G 1+Z 1*r 2*G 2+……+Z 1*r n*G n)
=Hash(a 1*G 1+a 2*G 2+……+a n*G n)
=Z 1
显然地,上述示例中设置的椭圆曲线加密算法对应的解密算法,可以使用经过椭圆曲线加密算法加密后的第一信息和各个第二信息得到与第一信息一致的第三信息,从而该解密算法与椭圆曲线加密算法具有对应关系,能够保证验证过程的准确性。
具体实施中,验证节点若接收到待验证节点发送的待验证数据,则可以先获取与待验证节点预先协商好的各个信息,比如各个待验证信息对应的椭圆曲线点和验证点,然后按照上述示例中的公式对预先协商好的各个信息、待验证数据中的第一信息、各个第二信息进行计算,得到第三信息。
步骤204,验证节点确定第三信息与第一信息是否相同,若相同,则执行步骤205,若不同,则执行步骤206。
步骤205,验证节点确定所述待验证数据验证通过,待验证节点中确实存在所述至少两个待验证信息。
步骤206,验证节点确定所述待验证数据验证通过,待验证节点中不存在所述至少两个待验证信息。
具体实施中,当验证节点计算得到第三信息后,可以对比第三信息和第一信息,若第三信息与第一信息相同,则待验证数据通过验证,即待验证节点中确实存在所述的至少两个待验证信息,若第三信息与第一信息不相同,则待验证数据不通过验证,即待验证节点中不存在所述的至少两个待验证信息,待验证节点造假。
在一个示例中,若验证节点确定待验证节点造假,还可以对待验证节点进行告警,比如根据待验证节点的标识、第三信息和第一信息的对比结果生成告警信息,并将告警信息通过钉钉、微信、qq、邮箱和短信等推送给区块链系统的管理人员,以便于管理人员维护区块链系统的安全。
本发明的上述实施例中,区块链系统中的待验证节点基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据,并将待验证数据发送给验证节点,验证节点接收待验证节点发送的待验证数据后,根据待验证数据中的第一信息和至少两个第二信息,使用椭圆曲线加密算法对应的解密算法计算得到第三信息,根据第三信息与第一信息,确定待验证数据是否通过验证。本发明实施例中,通过使用椭圆曲线加密算法得到待验证数据,可以使用更短的密钥来实现与RSA加密算法相当或更高的安全,从而有助于在降低验证的难度的基础上提高验证的准确性。且,本方案中的待验证数据是由两个或两个以上的待验证信息生成的,如此,验证节点可以通过一次验证过程对待验证节点中的两个或两个以上的待验证信息进行验证,而无需分别针对于每个待验证信息进行验证,从而可以节省不必要的操作步骤,提高验证的效率。
针对上述方法流程,本发明实施例还提供一种基于区块链系统的验证装置,该装置的具体内容可以参照上述方法实施。
图3为本发明实施例提供的一种基于区块链系统的验证装置的结构示意图,包括:
生成模块301,用于基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据;其中,待验证数据包括第一信息和至少两个第二信息,至少两个第二信息分别与至少两个待验证信息一一对应,至少两个第二信息用于验证节点确定第三信息;
收发模块302,用于将待验证数据发送给所述验证节点,以使验证节点通过所述第一信息和第三信息确定待验证数据的验证结果。
可选地,所述生成模块301具体用于:为每个待验证信息设置对应的随机盲密钥,基于各个待验证信息对应的随机盲密钥和各个待验证信息对应的椭圆曲线点,得到所述第一信息,针对于任一待验证信息,根据所述待验证信息、所述待验证信息对应的随机盲密钥和所述第一信息生成所述待验证信息对应的第二信息,根据所述第一信息和各个待验证信息对应的第二信息,构建得到所述待验证数据。其中,各个待验证信息对应的椭圆曲线点为待验证节点与所述验证节点预先协商得到的。
可选地,所述第一信息满足如下形式:
Z 1=Hash(a 1*G 1+a 2*G 2+……a n*G n)
其中,Z 1为所述第一信息,a 1、a 2……、a n分别为n个待验证信息对应的随机盲密钥,G 1、G 2……、G n分别为n个待验证信息对应的椭圆曲线点,n为大于或等于2的整数。
可选地,任一待验证信息对应的第二信息满足如下形式:
Z 2i=a i-Z 1*r i
其中,Z 2i为第i个待验证信息对应的第二信息,a i为第i个待验证信息对应的随机盲密钥,r i为第i个待验证信息,i为大于0且小于n的整数。
图4为本发明实施例提供的一种基于区块链系统的验证装置的结构示意图,包括:
收发模块401,用于接收待验证节点发送的待验证数据;待验证数据为待验证节点使用椭圆曲线加密算法对至少两个待验证信息进行加密得到的,待验证数据包括第一信息和至少两个第二信息,至少两个第二信息与至少两个待验证信息一一对应;
处理模块402,用于根据待验证数据中的第一信息和至少两个第二信息,使用椭圆曲线加密算法对应的解密算法计算得到第三信息;
验证模块403,用于根据第三信息与第一信息,确定待验证数据是否通过验证。
可选地,所述处理模块402具体用于:获取各个待验证信息对应的椭圆曲线点和验证点,根据第一信息、各个待验证信息对应的第二信息、各个待验证信息对应的椭圆曲线点和验证点,得到第三信息。其中,各个待验证信息对应的椭圆曲线点和所述验证点为待验证节点与验证节点预先协商得到的。
可选地,所述第三信息满足如下形式:
Z 3=Hash(Z 21*G 1+Z 22*G 2+……+Z 2n*G n+Z 1*Y)
其中,Z 3为第三信息,Z 21、Z 22、……、Z 2n分别为n个待验证信息对应的第二信息,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,Z 1为第一信息,Y为验证点。
从上述内容可以看出:本发明的上述实施例中,区块链系统中的待验证节点基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据,并将待验证数据发送给验证节点,验证节点接收待验证节点发送的待验证数据后,根据待验证数据中的第一信息和至少两个第二信息,使用椭圆曲线加密算法对应的解密算法计算得到第三信息,根据第三信息与第一信息,确定待验证数据是否通过验证。本发明实施例中,通过使用椭圆曲线加密算法得到待验证数据,其可以使用更短的密钥来实现与RSA加密算法相当或更高的安全,从而有助于在降低验证的难度的基础上提高验证的准确性。且,本方案中的待验证数据是由两个或两个以上的待验证信息生成的,如此,验证节点可以通过一次验证过程对待验证节点中的两个或两个以上的待验证信息进行验证,而无需分别针对于每个待验证信息进行验证,从而可以节省不必要的操作步骤,提高验证的效率。
基于同一发明构思,本发明实施例还提供了一种计算设备,如图5所示,包括至少一 个处理器501,以及与至少一个处理器连接的存储器502,本发明实施例中不限定处理器501与存储器502之间的具体连接介质,图5中处理器501和存储器502之间通过总线连接为例。总线可以分为地址总线、数据总线、控制总线等。
在本发明实施例中,存储器502存储有可被至少一个处理器501执行的指令,至少一个处理器501通过执行存储器502存储的指令,可以执行前述的基于区块链系统的验证方法中所包括的步骤。
其中,处理器501是计算设备的控制中心,可以利用各种接口和线路连接计算设备的各个部分,通过运行或执行存储在存储器502内的指令以及调用存储在存储器502内的数据,从而实现数据处理。可选的,处理器501可包括一个或多个处理单元,处理器501可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理运维人员下发的指令。可以理解的是,上述调制解调处理器也可以不集成到处理器501中。在一些实施例中,处理器501和存储器502可以在同一芯片上实现,在一些实施例中,它们也可以在独立的芯片上分别实现。
处理器501可以是通用处理器,例如中央处理器(CPU)、数字信号处理器、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件,可以实现或者执行本发明实施例中公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者任何常规的处理器等。结合基于区块链系统的验证实施例所公开的方法的步骤可以直接体现为硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。
存储器502作为一种非易失性计算机可读存储介质,可用于存储非易失性软件程序、非易失性计算机可执行程序以及模块。存储器502可以包括至少一种类型的存储介质,例如可以包括闪存、硬盘、多媒体卡、卡型存储器、随机访问存储器(Random Access Memory,RAM)、静态随机访问存储器(Static Random Access Memory,SRAM)、可编程只读存储器(Programmable Read Only Memory,PROM)、只读存储器(Read Only Memory,ROM)、带电可擦除可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,EEPROM)、磁性存储器、磁盘、光盘等等。存储器502是能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。本发明实施例中的存储器502还可以是电路或者其它任意能够实现存储功能的装置,用于存储程序指令和/或数据。
基于同一发明构思,本发明实施例还提供了一种计算机可读存储介质,其存储有可由计算设备执行的计算机程序,当所述程序在所述计算设备上运行时,使得所述计算设备执行图2任意所述的基于区块链系统的验证方法。
本领域内的技术人员应明白,本发明的实施例可提供为方法、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机 程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。
尽管已描述了本发明的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本发明范围的所有变更和修改。
显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。

Claims (16)

  1. 一种基于区块链系统的验证方法,其特征在于,所述方法包括:
    所述区块链系统中的待验证节点基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据;
    其中,所述待验证数据包括第一信息和至少两个第二信息,所述至少两个第二信息分别与所述至少两个待验证信息一一对应,所述至少两个第二信息用于验证节点确定第三信息;
    所述待验证节点将所述待验证数据发送给所述验证节点,以使所述验证节点通过所述第一信息和所述第三信息确定所述待验证数据的验证结果。
  2. 根据权利要求1所述的方法,其特征在于,所述区块链系统中的待验证节点基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据,包括:
    所述待验证节点为每个待验证信息设置对应的随机盲密钥;
    所述待验证节点基于各个待验证信息对应的随机盲密钥和各个待验证信息对应的椭圆曲线点,得到所述第一信息;所述各个待验证信息对应的椭圆曲线点为所述待验证节点与所述验证节点预先协商得到的;
    针对于任一待验证信息,所述待验证节点根据所述待验证信息、所述待验证信息对应的随机盲密钥和所述第一信息生成所述待验证信息对应的第二信息;
    所述待验证节点根据所述第一信息和各个待验证信息对应的第二信息,构建得到所述待验证数据。
  3. 根据权利要求2所述的方法,其特征在于,所述第一信息满足如下形式:
    Z 1=Hash(a 1*G 1+a 2*G 2+……a n*G n)
    其中,Z 1为所述第一信息,a 1、a 2、……、a n分别为n个待验证信息对应的随机盲密钥,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,n为大于或等于2的整数。
  4. 根据权利要求3所述的方法,其特征在于,任一待验证信息对应的第二信息满足如下形式:
    Z 2i=a i-Z 1*r i
    其中,Z 2i为第i个待验证信息对应的第二信息,a i为第i个待验证信息对应的随机盲密钥,r i为第i个待验证信息,i为大于0且小于n的整数。
  5. 一种基于区块链系统的验证方法,其特征在于,所述方法包括:
    验证节点接收待验证节点发送的待验证数据;所述待验证数据为所述待验证节点使用椭圆曲线加密算法对至少两个待验证信息进行加密得到的,所述待验证数据包括第一信息和至少两个第二信息;所述至少两个第二信息与所述至少两个待验证信息一一对应;
    所述验证节点根据所述待验证数据中的所述第一信息和所述至少两个第二信息,使用所述椭圆曲线加密算法对应的解密算法计算得到第三信息;
    所述验证节点根据所述第三信息与所述第一信息,确定所述待验证数据是否通过验证。
  6. 根据权利要求5所述的方法,其特征在于,所述验证节点根据所述待验证数据中的所述第一信息和所述至少两个第二信息,使用所述椭圆曲线加密算法对应的解密算法计算得到第三信息,包括:
    所述验证节点获取各个待验证信息对应的椭圆曲线点和验证点;所述各个待验证信息 对应的椭圆曲线点和所述验证点为所述待验证节点与所述验证节点预先协商得到的;
    所述验证节点根据所述第一信息、各个待验证信息对应的第二信息、各个待验证信息对应的椭圆曲线点和验证点,得到所述第三信息。
  7. 根据权利要求6所述的方法,其特征在于,所述第三信息满足如下形式:
    Z 3=Hash(Z 21*G 1+Z 22*G 2+……+Z 2n*G n+Z 1*Y)
    其中,Z 3为第三信息,Z 21、Z 22、……、Z 2n分别为n个待验证信息对应的第二信息,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,Z 1为第一信息,Y为验证点。
  8. 一种基于区块链系统的验证装置,其特征在于,所述装置包括:
    生成模块,用于基于椭圆曲线加密算法生成至少两个待验证信息对应的待验证数据;其中,所述待验证数据包括第一信息和至少两个第二信息,所述至少两个第二信息分别与所述至少两个待验证信息一一对应,所述至少两个第二信息用于验证节点确定第三信息;
    收发模块,用于将所述待验证数据发送给所述验证节点,以使所述验证节点通过所述第一信息和所述第三信息确定所述待验证数据的验证结果。
  9. 根据权利要求8所述的装置,其特征在于,所述生成模块具体用于:
    为每个待验证信息设置对应的随机盲密钥;
    基于各个待验证信息对应的随机盲密钥和各个待验证信息对应的椭圆曲线点,得到所述第一信息;所述各个待验证信息对应的椭圆曲线点为待验证节点与所述验证节点预先协商得到的;
    针对于任一待验证信息,根据所述待验证信息、所述待验证信息对应的随机盲密钥和所述第一信息生成所述待验证信息对应的第二信息;
    根据所述第一信息和各个待验证信息对应的第二信息,构建得到所述待验证数据。
  10. 根据权利要求9所述的装置,其特征在于,所述第一信息满足如下形式:
    Z 1=Hash(a 1*G 1+a 2*G 2+……a n*G n)
    其中,Z 1为所述第一信息,a 1、a 2、……、a n分别为n个待验证信息对应的随机盲密钥,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,n为大于或等于2的整数。
  11. 根据权利要求10所述的装置,其特征在于,任一待验证信息对应的第二信息满足如下形式:
    Z 2i=a i-Z 1*r i
    其中,Z 2i为第i个待验证信息对应的第二信息,a i为第i个待验证信息对应的随机盲密钥,r i为第i个待验证信息,i为大于0且小于n的整数。
  12. 一种基于区块链系统的验证装置,其特征在于,所述装置包括:
    收发模块,用于接收待验证节点发送的待验证数据;所述待验证数据为所述待验证节点使用椭圆曲线加密算法对至少两个待验证信息进行加密得到的,所述待验证数据包括第一信息和至少两个第二信息;所述至少两个第二信息与所述至少两个待验证信息一一对应;
    处理模块,用于根据所述待验证数据中的所述第一信息和所述至少两个第二信息,使用所述椭圆曲线加密算法对应的解密算法计算得到第三信息;
    验证模块,用于根据所述第三信息与所述第一信息,确定所述待验证数据是否通过验证。
  13. 根据权利要求12所述的装置,其特征在于,所述处理模块具体用于:
    获取各个待验证信息对应的椭圆曲线点和验证点;所述各个待验证信息对应的椭圆曲 线点和所述验证点为所述待验证节点与验证节点预先协商得到的;
    根据所述第一信息、各个待验证信息对应的第二信息、各个待验证信息对应的椭圆曲线点和验证点,得到所述第三信息。
  14. 根据权利要求13所述的装置,其特征在于,所述第三信息满足如下形式:
    Z 3=Hash(Z 21*G 1+Z 22*G 2+……+Z 2n*G n+Z 1*Y)
    其中,Z 3为第三信息,Z 21、Z 22、……、Z 2n分别为n个待验证信息对应的第二信息,G 1、G 2、……、G n分别为n个待验证信息对应的椭圆曲线点,Z 1为第一信息,Y为验证点。
  15. 一种计算设备,其特征在于,包括至少一个处理器以及至少一个存储器,其中,所述存储器存储有计算机程序,当所述程序被所述处理器执行时,使得所述处理器执行权利要求1~4或5~7任一权利要求所述的方法。
  16. 一种计算机可读存储介质,其特征在于,其存储有可由计算设备执行的计算机程序,当所述程序在所述计算设备上运行时,使得所述计算设备执行权利要求1~4或5~7任一权利要求所述的方法。
PCT/CN2020/120923 2019-12-05 2020-10-14 一种基于区块链系统的验证方法及装置 WO2021109718A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911235411.8 2019-12-05
CN201911235411.8A CN111080296B (zh) 2019-12-05 2019-12-05 一种基于区块链系统的验证方法及装置

Publications (1)

Publication Number Publication Date
WO2021109718A1 true WO2021109718A1 (zh) 2021-06-10

Family

ID=70313139

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/120923 WO2021109718A1 (zh) 2019-12-05 2020-10-14 一种基于区块链系统的验证方法及装置

Country Status (2)

Country Link
CN (1) CN111080296B (zh)
WO (1) WO2021109718A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113656842A (zh) * 2021-08-10 2021-11-16 支付宝(杭州)信息技术有限公司 一种数据验证方法、装置及设备
CN113904869A (zh) * 2021-11-10 2022-01-07 深圳前海微众银行股份有限公司 一种区块链中恶意节点的检测方法及区块链

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111080296B (zh) * 2019-12-05 2023-12-01 深圳前海微众银行股份有限公司 一种基于区块链系统的验证方法及装置
CN113971597A (zh) * 2021-09-30 2022-01-25 西安电子科技大学 一种共享充电桩交易系统、方法、设备及终端

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160358135A1 (en) * 2015-06-05 2016-12-08 DiQi, Inc. Digital currency management method and digital currency node apparatus
WO2018175540A1 (en) * 2017-03-24 2018-09-27 Alibaba Group Holding Limited Method and apparatus for consensus verification
CN108737106A (zh) * 2018-05-09 2018-11-02 深圳壹账通智能科技有限公司 区块链系统上用户验证方法、装置、终端设备及存储介质
CN110059494A (zh) * 2019-04-17 2019-07-26 深圳市路云区链网络科技有限公司 一种区块链交易数据的隐私保护方法及区块链系统
CN110188550A (zh) * 2019-05-17 2019-08-30 深圳前海微众银行股份有限公司 一种区块链的数据验证方法和装置
CN110222538A (zh) * 2019-06-17 2019-09-10 北京艾摩瑞策科技有限公司 涉及区块链的验证方法及装置
CN111080296A (zh) * 2019-12-05 2020-04-28 深圳前海微众银行股份有限公司 一种基于区块链系统的验证方法及装置

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10116443B1 (en) * 2018-02-02 2018-10-30 ISARA Corporation Pairing verification in supersingular isogeny-based cryptographic protocols
CN109361508B (zh) * 2018-10-11 2022-11-18 联洋国融(北京)科技有限公司 数据传输方法、电子设备及计算机可读存储介质
CN110336673B (zh) * 2019-06-03 2022-03-08 江苏科技大学 一种基于隐私保护的区块链设计方法

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160358135A1 (en) * 2015-06-05 2016-12-08 DiQi, Inc. Digital currency management method and digital currency node apparatus
WO2018175540A1 (en) * 2017-03-24 2018-09-27 Alibaba Group Holding Limited Method and apparatus for consensus verification
CN108737106A (zh) * 2018-05-09 2018-11-02 深圳壹账通智能科技有限公司 区块链系统上用户验证方法、装置、终端设备及存储介质
CN110059494A (zh) * 2019-04-17 2019-07-26 深圳市路云区链网络科技有限公司 一种区块链交易数据的隐私保护方法及区块链系统
CN110188550A (zh) * 2019-05-17 2019-08-30 深圳前海微众银行股份有限公司 一种区块链的数据验证方法和装置
CN110222538A (zh) * 2019-06-17 2019-09-10 北京艾摩瑞策科技有限公司 涉及区块链的验证方法及装置
CN111080296A (zh) * 2019-12-05 2020-04-28 深圳前海微众银行股份有限公司 一种基于区块链系统的验证方法及装置

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113656842A (zh) * 2021-08-10 2021-11-16 支付宝(杭州)信息技术有限公司 一种数据验证方法、装置及设备
CN113656842B (zh) * 2021-08-10 2024-02-02 支付宝(杭州)信息技术有限公司 一种数据验证方法、装置及设备
CN113904869A (zh) * 2021-11-10 2022-01-07 深圳前海微众银行股份有限公司 一种区块链中恶意节点的检测方法及区块链
CN113904869B (zh) * 2021-11-10 2024-04-19 深圳前海微众银行股份有限公司 一种区块链中恶意节点的检测方法及区块链

Also Published As

Publication number Publication date
CN111080296B (zh) 2023-12-01
CN111080296A (zh) 2020-04-28

Similar Documents

Publication Publication Date Title
WO2021109718A1 (zh) 一种基于区块链系统的验证方法及装置
TWI727292B (zh) 區塊鏈交易方法及裝置、電子設備
US11438167B2 (en) Method and server for providing notary service for file and verifying file recorded by notary service
AU2019204725B2 (en) Retrieving access data for blockchain networks using highly available trusted execution environments
KR102322729B1 (ko) 블록체인 월드 스테이트 머클 패트리샤 트라이 서브트리의 업데이트
US10235538B2 (en) Method and server for providing notary service for file and verifying file recorded by notary service
US11341493B2 (en) Methods and devices for providing transaction data to blockchain system for processing
CN108768663B (zh) 一种区块链访问控制方法及其处理系统
US10951394B2 (en) System and method for publication of private data using a blockchain network
WO2021109720A1 (zh) 一种基于区块链网络的节点认证方法及装置
WO2022068237A1 (zh) 基于信息的属性生成密钥的信息处理方法、装置及设备
WO2022068360A1 (zh) 基于共享根密钥的信息处理方法、装置、设备及介质
WO2022267314A1 (zh) 一种基于智能合约的数据处理方法及装置
WO2022068362A1 (zh) 一种基于区块链的信息处理方法、装置、设备及介质
WO2022068356A1 (zh) 基于区块链的信息加密方法、装置、设备及介质
WO2023087760A1 (zh) 一种数据共享方法、装置、设备及存储介质
WO2021012841A1 (zh) 一种应用于区块链的验证方法及装置
WO2022068235A1 (zh) 基于信息的属性生成随机数的信息处理方法、装置及设备
CN113994324B (zh) 具有高效世界状态数据结构的区块链系统
CN114175011A (zh) 具有高效世界状态数据结构的区块链系统
CN114519191A (zh) 医疗数据管理方法及装置
Zhang et al. Multi-level caching and data verification based on ethereum blockchain
US11487713B1 (en) Distributed ledger regulatory auditing system and method
US11558374B2 (en) Systems, apparatus, and methods for verifying a password utilizing commitments
TWI769672B (zh) 資料共用授權方法、區塊鏈系統、共用裝置及查詢裝置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20897580

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 12/10/2022)

122 Ep: pct application non-entry in european phase

Ref document number: 20897580

Country of ref document: EP

Kind code of ref document: A1