WO2022267314A1 - Data processing method and apparatus based on smart contract - Google Patents

Data processing method and apparatus based on smart contract Download PDF

Info

Publication number
WO2022267314A1
WO2022267314A1 PCT/CN2021/131302 CN2021131302W WO2022267314A1 WO 2022267314 A1 WO2022267314 A1 WO 2022267314A1 CN 2021131302 W CN2021131302 W CN 2021131302W WO 2022267314 A1 WO2022267314 A1 WO 2022267314A1
Authority
WO
WIPO (PCT)
Prior art keywords
ciphertext
blockchain
blockchain node
fragment
node
Prior art date
Application number
PCT/CN2021/131302
Other languages
French (fr)
Chinese (zh)
Inventor
李昊轩
严强
王朝阳
廖飞强
李辉忠
张开翔
范瑞彬
Original Assignee
深圳前海微众银行股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海微众银行股份有限公司 filed Critical 深圳前海微众银行股份有限公司
Publication of WO2022267314A1 publication Critical patent/WO2022267314A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • Embodiments of the present invention relate to the field of financial technology (Fintech), and in particular to a data processing method and device based on smart contracts.
  • Fetech financial technology
  • the existing scheme usually requires each participant to determine a pair of keys (that is, a public key and a private key) through mutual negotiation, that is, through key initialization The operation generates the same key, and then each participant uses the same key to encrypt and decrypt data.
  • a pair of keys that is, a public key and a private key
  • each participant uses the public key to encrypt the data, and uploads the encrypted data to the blockchain, and then each participant The party uses the private key to decrypt the encrypted data uploaded by other parties to determine whether the data received by other parties is the same as the data received by itself, and after all parties have successfully verified a consensus, the data will be Up chain operation.
  • each participant uses the same public and private keys for encryption and decryption operations, the privacy security of the data cannot be guaranteed, and each encryption and decryption operation needs to be re-initialized to generate public and private keys.
  • the process of encryption and decryption operations is cumbersome, and the cost of encryption and decryption operations increases.
  • the embodiment of the present invention provides a data processing method and device based on a smart contract to solve the problem in the prior art that all participants use the same public and private keys for encryption and decryption operations, resulting in that the privacy and security of data cannot be fully guaranteed The problem.
  • the embodiment of the present invention provides a data processing method based on a smart contract, which is suitable for an alliance chain with m blockchain nodes, and the method includes:
  • an index ciphertext is generated based on the public and private keys of the blockchain node;
  • the decryption timestamp is generated by the client is used to indicate the time to decrypt the encrypted information uploaded by the client to the smart contract;
  • the encrypted information includes the first ciphertext fragment and the second ciphertext fragment for each blockchain node ;
  • the first ciphertext fragment is generated by the client based on the public and private keys of the blockchain nodes;
  • the second ciphertext fragment is generated by the client based on the data to be encrypted;
  • the blockchain node determines from the encrypted information a first ciphertext fragment matching the index ciphertext and a second ciphertext fragment matching the index ciphertext;
  • the block chain node processes the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext through bilinear mapping to obtain the block The verification fragment of the chain node, and upload the verification fragment to the smart contract;
  • the blockchain node After verifying that the m verification fragments meet the set requirements, the blockchain node decrypts the second ciphertext fragment matching the index ciphertext to obtain the data to be encrypted.
  • the decryption operation can be started. That is, the index ciphertext is generated based on the public and private keys of the blockchain nodes, and based on the index ciphertext, the first ciphertext score that matches the index ciphertext can be determined in a timely and accurate manner from the encrypted information uploaded by the client to the smart contract. slice and a second ciphertext slice that matches the index ciphertext.
  • the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext are processed to obtain the verification fragment of the blockchain node, and verify After the m verification fragments meet the set requirements, the second ciphertext fragment matching the index ciphertext is decrypted to obtain the data to be encrypted.
  • the scheme does not require blockchain nodes to perform encryption operations on the data to be encrypted, and each blockchain node uses different public and private keys instead of using the same public and private keys, it can ensure the privacy and security of the data to be encrypted.
  • this scheme since this scheme does not need to re-initialize the key to generate public and private keys every time the decryption operation is performed, but always uses the public and private keys of each blockchain node, it can make the decryption process of the scheme simpler and more convenient , so that the cost of the decryption operation can be reduced.
  • the index ciphertext is generated based on the public and private keys of the blockchain nodes, including:
  • the block chain node splices the private key of the block chain node with the encryption index of the current round to generate an offset message
  • the blockchain node performs a hash operation on the offset message to generate an encrypted offset factor
  • the blockchain node generates the index ciphertext based on the encryption offset factor and the public key of the blockchain node.
  • the offset message is generated based on the private key of each blockchain node and the current round of encryption index
  • the index ciphertext is generated based on the offset message and the public key of each blockchain node, which can be
  • Each blockchain node timely and accurately determines the first ciphertext fragment and the second ciphertext fragment matching the index ciphertext of the blockchain node from the smart contract based on the index ciphertext generated by itself to provide support.
  • the blockchain node processes the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext through bilinear mapping, to obtain
  • the verification fragmentation of the blockchain node includes:
  • the blockchain node acquires the first commitment fragments of m blockchain nodes from the smart contract; the first commitment fragments are generated by the blockchain nodes based on their respective encryption offset factors;
  • the blockchain node uses the bilinear mapping to encrypt the offset factor of the blockchain node, the first ciphertext fragment matching the index ciphertext, and the first ciphertext fragment matching the index ciphertext.
  • the second ciphertext fragment, the first commitment fragment of the blockchain node, and the private key of the blockchain node are converted to generate a verification fragment of the blockchain node.
  • the encrypted offset factor of the blockchain node through bilinear mapping, the encrypted offset factor of the blockchain node, the first ciphertext fragment matching the index ciphertext, the second ciphertext fragment matching the index ciphertext, and the block
  • the first commitment fragment of the chain node and the private key of the blockchain node are converted to generate verification fragments in a timely and accurate manner.
  • the verification fragment can provide support for subsequent decryption of the data to be encrypted.
  • the blockchain node verifies that the m verification fragments meet the set requirements, including:
  • the block chain node determines whether the verification fragmentation of the block chain node is the same as the verification fragmentation of other block chain nodes except the block chain node;
  • the block chain node confirms that the verification of the m verification fragments is successful.
  • any blockchain node completes the consensus synchronization process for the verification fragment by determining whether its own verification fragment is the same as that of other blockchain nodes other than the blockchain node. And after confirming that each block chain node is successfully verified, it can be confirmed that each block chain node can obtain the same intermediate result (ie verification fragmentation) even if it uses a different private key to decrypt, without using the same block chain node. private key.
  • the block chain node After the block chain node confirms that the verification of the m verification fragments is successful, it also includes:
  • the blockchain node uploads the encrypted offset factor of the blockchain node to the smart contract
  • Decrypting the second ciphertext segment matching the index ciphertext to obtain the data to be encrypted including:
  • the blockchain node obtains the encrypted offset factors of the m blockchain nodes from the smart contract
  • the blockchain node decrypts the second ciphertext fragment matching the index ciphertext based on the encryption offset factors of the m blockchain nodes through the bilinear mapping, and obtains the Data to be encrypted.
  • each blockchain node uploads its own encryption offset factor to the smart contract, which can provide any blockchain node with the ability to decrypt the second ciphertext fragment matching the index ciphertext through bilinear mapping. Data support, so that the data to be encrypted can be decrypted in a timely and effective manner.
  • Each block chain node in other block chain nodes except the block chain node obtains the data to be encrypted decrypted by the block chain node and the encryption bias of the m block chain nodes from the smart contract shift factor; the data to be encrypted is uploaded to the smart contract by the block chain node;
  • Each block chain node in the other block chain nodes decrypts the data to be encrypted by the block chain nodes based on the encryption offset factors of the m block chain nodes through the bilinear mapping Verification is performed to determine the matching between the data to be encrypted and the verification segment, so as to determine whether the decrypted data to be encrypted is correct.
  • each blockchain node in other blockchain nodes except the blockchain node verifies the correctness of the decrypted data to be encrypted , so that after confirming that each blockchain node has reached a consensus on the decrypted data to be encrypted, it is confirmed that the decrypted data to be encrypted is correct, and the decrypted data to be encrypted is recorded in the blockchain.
  • the embodiment of the present invention provides a data processing method based on a smart contract, which is suitable for an alliance chain with m blockchain nodes, and the method includes:
  • the client obtains the first commitment fragment of the m blockchain nodes from the smart contract, and obtains the encrypted offset factors of the m blockchain nodes through a secret communication channel;
  • the first commitment fragment is a block Chain nodes are generated based on their respective encrypted offset factors;
  • the encrypted offset factors are generated by blockchain nodes based on their respective private keys;
  • the client For each block chain node, the client generates the first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the data to be encrypted and the The first commitment fragment of other blockchain nodes other than the blockchain node generates a second ciphertext fragment;
  • the client generates a decryption timestamp
  • the client uploads the decrypted timestamp and the first ciphertext fragment and the second ciphertext fragment of the m blockchain nodes to the smart contract; the decrypted timestamp is used to indicate any
  • the blockchain node decrypts the first ciphertext fragment and the second ciphertext fragment in the smart contract when determining that the local timestamp satisfies the decryption timestamp.
  • the first ciphertext fragment is generated based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the data to be encrypted and the
  • the second ciphertext fragments are generated from the first commitment fragments of other blockchain nodes other than the blockchain node. Then generate a decryption timestamp, and upload the decryption timestamp and the first ciphertext fragment and the second ciphertext fragment of the m blockchain nodes to the smart contract.
  • the scheme uses the client to encrypt the data to be encrypted based on the public and private keys of each blockchain node, and generates the first ciphertext fragment and the second ciphertext fragment without using the same public and private keys for each blockchain node Encryption processing is performed to ensure the privacy and security of the data to be encrypted.
  • this scheme does not require each blockchain node to re-initialize the key to generate a public-private key every time the encryption operation is performed, but always uses the public-private key of each blockchain node, so the encryption operation process of the scheme can be made more efficient. It is simple and convenient, so that the cost of the encryption operation can be reduced.
  • the first ciphertext fragment before generating the first ciphertext fragment, it also includes:
  • the client For each blockchain node, the client generates a second commitment fragment of the blockchain node based on the encryption offset factor of the blockchain node;
  • the client determines whether the first commitment fragments of the m blockchain nodes and the second commitment fragments of the m blockchain nodes are all corresponding to the same;
  • the client confirms that the verification of the first committed fragment of the m blockchain nodes is successful.
  • the client in order for the client to obtain accurate fragments of commitments of each blockchain node from the smart contract, in order to verify the accuracy of the commitments of each blockchain node, it is based on The encrypted offset factor of the blockchain node regenerates the commitment fragment of each blockchain node for verification, so as to ensure the security of the ciphertext fragment generated by encrypting the data to be encrypted based on the commitment fragment of each blockchain node and accuracy.
  • the embodiment of the present invention provides a data processing device based on a smart contract, which is suitable for a consortium chain with m blockchain nodes, and the device includes:
  • the generation unit is used to generate index ciphertext based on the public and private keys of the blockchain node when it is determined that the decryption timestamp in the smart contract is met for any blockchain node; the decryption timestamp is generated by the client Used to indicate the time to decrypt the encrypted information uploaded by the client to the smart contract; the encrypted information includes a first ciphertext fragment and a second ciphertext fragment for each blockchain node; The first ciphertext fragment is generated by the client based on the public and private keys of the blockchain nodes; the second ciphertext fragment is generated by the client based on the data to be encrypted;
  • a first processing unit configured to determine from the encrypted information a first ciphertext segment matching the index ciphertext and a second ciphertext segment matching the index ciphertext; through bilinear mapping , process the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext to obtain the verification fragment of the blockchain node, and the The verification fragments are uploaded to the smart contract; after verifying that the m verification fragments meet the set requirements, decrypt the second ciphertext fragments matching the index ciphertext to obtain the data to be encrypted.
  • the generating unit is specifically used for:
  • the index ciphertext is generated based on the encryption offset factor and the public key of the blockchain node.
  • the first processing unit is specifically configured to:
  • the first commitment shards of m blockchain nodes from the smart contract; the first commitment shards are generated by the blockchain nodes based on their respective encryption offset factors;
  • the encryption offset factor of the blockchain node the first ciphertext fragment matching the index ciphertext, and the second ciphertext fragment matching the index ciphertext , performing conversion processing on the first commitment fragment of the blockchain node and the private key of the blockchain node to generate a verification fragment of the blockchain node.
  • the first processing unit is specifically configured to:
  • the first processing unit is also used for:
  • the first processing unit is specifically used for:
  • the second ciphertext fragment matching the index ciphertext is decrypted to obtain the data to be encrypted.
  • the first processing unit is also used for:
  • the data to be encrypted After obtaining the data to be encrypted, obtain the data to be encrypted decrypted by the block chain node and the encryption offset factors of the m block chain nodes from the smart contract; the data to be encrypted is the area The block chain node uploads to the smart contract;
  • the embodiment of the present invention provides a data processing device based on a smart contract, which is suitable for a consortium chain with m blockchain nodes, and the device includes:
  • An acquisition unit configured to acquire the first commitment fragments of the m blockchain nodes from the smart contract, and acquire the encrypted offset factors of the m blockchain nodes through a secret communication channel; the first commitment fragments are generated by blockchain nodes based on their respective encrypted offset factors; the encrypted offset factors are generated by blockchain nodes based on their respective private keys;
  • the second processing unit is configured to, for each block chain node, generate a first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the Data and the first commitment fragments of other blockchain nodes except the blockchain node, generate a second ciphertext fragment; generate a decryption timestamp; combine the decryption timestamp and the m blockchain nodes
  • the first ciphertext fragment and the second ciphertext fragment of the node are uploaded to the smart contract; the decryption timestamp is used to indicate that any block chain node determines that the local timestamp satisfies the decryption timestamp
  • the first ciphertext fragment and the second ciphertext fragment in the smart contract are decrypted.
  • the second processing unit is also used for:
  • an embodiment of the present invention provides a computing device, including at least one processor and at least one memory, wherein the memory stores a computer program, and when the program is executed by the processor, the processing The device implements the smart contract-based data processing method described in any of the first or second aspects above.
  • an embodiment of the present invention provides a computer-readable storage medium, which stores a computer program executable by a computing device, and when the program runs on the computing device, the computing device executes the above-mentioned first
  • the smart contract-based data processing method described in any aspect or the second aspect is not limited to any aspect or the second aspect.
  • FIG. 1 is a schematic flow diagram of a data processing method based on a smart contract provided by an embodiment of the present invention
  • FIG. 2 is a schematic structural diagram of a data processing device based on a smart contract provided by an embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of another smart contract-based data processing device provided by an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of a computing device provided by an embodiment of the present invention.
  • Block It is the basic unit of the process blockchain, consisting of a block header containing metadata and a block body containing transaction data. Among them, the block header mainly includes the hash of the parent block.
  • a block in the blockchain consists of a block header and a block body.
  • the block header mainly includes the block height h, the hash of the previous block, etc.
  • the block body mainly stores transaction data.
  • Node Every participant in the network is a node, and the node participates in network formation and data exchange.
  • a node refers to a participant with a unique identity.
  • the node has a complete copy of the ledger and has the ability to participate in the blockchain network consensus and ledger maintenance.
  • Consortium chain refers to a blockchain that is jointly managed by several institutions or organizations, each of which runs one or more nodes, and the data in it only allows different institutions in the system to read and send transactions, and Co-record transaction data.
  • Each node of the consortium chain usually has a corresponding entity organization, which can only join and exit the network after authorization; each organization forms a stake-related alliance to jointly maintain the healthy operation of the blockchain.
  • a smart contract is a collection of code and data running on the blockchain system, in which the code is responsible for realizing the functions of the smart contract, the data is responsible for storing the state of the smart contract, and the smart contract can receive and send information.
  • FIG. 1 exemplarily shows the flow of a data processing method based on a smart contract provided by an embodiment of the present invention, and the flow can be executed by a data processing device based on a smart contract.
  • the smart contract-based data processing method is applicable to a consortium chain with m blockchain nodes.
  • the process specifically includes:
  • Step 101 for each blockchain node, the blockchain node generates a first commitment fragment based on its encrypted offset factor, and uploads the first commitment fragment to the smart contract.
  • Step 102 the client obtains the first committed fragments of the m blockchain nodes from the smart contract, and obtains the encrypted offset factors of the m blockchain nodes through a secret communication channel.
  • Step 103 for each block chain node, the client generates a first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the The data and the first commitment fragments of other blockchain nodes except the blockchain node generate second ciphertext fragments and decryption timestamps.
  • Step 104 the client uploads the decrypted timestamp and the first ciphertext fragment and the second ciphertext fragment of the m blockchain nodes to the smart contract.
  • Step 105 for any block chain node, when the block chain node determines that the decryption timestamp in the smart contract is satisfied, an index ciphertext is generated based on the public and private keys of the block chain node.
  • Step 106 the blockchain node determines from the encrypted information a first ciphertext segment matching the index ciphertext and a second ciphertext segment matching the index ciphertext.
  • Step 107 the block chain node processes the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext through bilinear mapping to obtain the The verification fragment of the blockchain node is uploaded to the smart contract.
  • Step 108 after verifying that the m verification fragments meet the set requirements, the blockchain node decrypts the second ciphertext fragment matching the index ciphertext to obtain the data to be encrypted.
  • the blockchain node splices its own private key and the offset factor of the current round of encryption, generates an offset message, and uses the message digest algorithm or secure hash Hash operation on the offset message by column algorithm to generate the encrypted offset factor of the blockchain node, and then generate the first commitment score of the blockchain node through the encrypted offset factor and the public point on the elliptic curve piece, and upload the first commitment piece to the smart contract, so that each blockchain node in the alliance chain uploads the first commitment piece generated by itself to the smart contract.
  • the blockchain node splices its own private key and the offset factor of the current round of encryption, generates an offset message, and uses the message digest algorithm or secure hash Hash operation on the offset message by column algorithm to generate the encrypted offset factor of the blockchain node, and then generate the first commitment score of the blockchain node through the encrypted offset factor and the public point on the elliptic curve piece, and upload the first commitment piece to the smart contract, so that each blockchain node in the alliance chain uploads the first commitment piece generated by itself to the smart
  • the blockchain Node 1 concatenates its own private key sk 1 with the current encryption index index to generate an offset message (sk 1
  • index). Then hash the offset message through a message digest algorithm or a secure hash algorithm to generate the encrypted offset factor of blockchain node 1, that is, the encrypted offset factor r 1 H(sk 1
  • index). Then, multiply its own encrypted offset factor r 1 with the public point G on the elliptic curve to generate the first commitment fragment of blockchain node 1, that is, the first commitment fragment R 1 r 1 *G.
  • step 102 when the user needs to encrypt the data to be encrypted, the user sends the first commitment fragment acquisition request to any blockchain node in the alliance chain through the client, and the first commitment fragment acquisition request is used to acquire m The first committed shard of a blockchain node.
  • the blockchain node After the blockchain node receives the request for obtaining the first commitment fragment, it reads the first commitment fragments of each blockchain node from the smart contract, and then sends the first commitment fragments of the m blockchain nodes to the client end.
  • the user uses the client to send an encrypted offset factor acquisition request to m blockchain nodes through a secret communication channel. Each blockchain node sends its encrypted offset factor to the client after receiving the encrypted offset factor acquisition request.
  • the client After the client receives the first committed fragment and encrypted offset factor of m blockchain nodes, for each blockchain node, the client generates the block based on the encrypted offset factor of the blockchain node
  • the second commitment fragment of the chain node that is, the encrypted offset factor of the blockchain node and the public point on the elliptic curve, generates the second commitment fragment of the blockchain node. Then, determine whether the first commitment fragments of the m blockchain nodes and the second commitment fragments of the m blockchain nodes are all corresponding to the same, if so, confirm the verification of the first commitment fragments of the m blockchain nodes success.
  • each blockchain node regenerates the commitment fragments of each blockchain node for verification, so as to ensure the security and accuracy of the ciphertext fragments generated by encrypting the data to be encrypted based on the commitment fragments of each blockchain node .
  • the client For each blockchain node, the client generates the first ciphertext fragment based on the encrypted offset factor of the blockchain node and the public key of the blockchain node, and based on the Encrypt the data and the first commitment fragment of other blockchain nodes except the blockchain node, generate the second ciphertext fragment, and generate the decryption timestamp, and then decrypt the timestamp and the first m blockchain nodes
  • the first ciphertext fragment and the second ciphertext fragment are uploaded to the smart contract.
  • the decryption timestamp is used to instruct any blockchain node to decrypt the first ciphertext fragment and the second ciphertext fragment in the smart contract when determining that the local timestamp satisfies the decryption timestamp.
  • step 105 and step 106 for any blockchain node, when the blockchain node determines that the local timestamp meets the decrypted timestamp in the smart contract, that is, the blockchain node determines that the local timestamp is greater than or equal to the smart
  • the decryption operation process starts. Specifically, the blockchain node splices the private key of the blockchain node with the encryption index of the current round to generate an offset message, and performs a hash operation on the offset message to generate an encrypted offset factor, and then based on the encrypted offset factor And the public key of the blockchain node to generate index ciphertext.
  • the blockchain node 1 compares its encryption offset factor r 1 with the public key pk 1 of the blockchain node 1
  • the block chain node determines the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext from the encrypted information.
  • the encrypted information includes a first ciphertext fragment and a second ciphertext fragment for each block chain node.
  • the blockchain node obtains the first commitment fragments of m blockchain nodes from the smart contract, and through bilinear mapping, the blockchain node The encrypted offset factor of , the first ciphertext fragment matching the index ciphertext, the second ciphertext fragment matching the index ciphertext, the first commitment shard of the blockchain node, and the private key of the blockchain node
  • the verification fragment of the blockchain node can be generated in a timely and accurate manner, and the verification fragment can be uploaded to the smart contract to provide support for subsequent decryption of the data to be encrypted.
  • any blockchain node completes the consensus synchronization process for the verification shard by determining whether its own verification shard is the same as that of other blockchain nodes except the blockchain node. And after confirming that each block chain node is successfully verified, it can be confirmed that each block chain node can obtain the same intermediate result (ie verification fragmentation) even if it uses a different private key to decrypt, without using the same block chain node.
  • the blockchain node After confirming that m verification fragments are successfully verified, the blockchain node uploads the encryption offset factor of the blockchain node to the smart contract, so that m blockchain nodes will upload their own encryption offset factors to the smart contract contract. Then, any blockchain node obtains the encrypted offset factors of m blockchain nodes from the smart contract, and through bilinear mapping, based on the encrypted offset factors of m blockchain nodes, the pair matches with the index ciphertext Decrypt the second ciphertext fragment to obtain the data to be encrypted, and upload the data to be encrypted to the smart contract.
  • the blockchain node 2 can traverse in sequence according to the value range of binary numbers from small to large or from large to small, and based on verification fragmentation, through double Linear mapping, to determine whether each traversed data m i satisfies Among them, the right side of the equation is a verification slice, which is also a value. If it is determined that a certain data m i satisfies, the data m i will be used as the decrypted data, and the decrypted data will be uploaded to the smart contract.
  • each blockchain node in other blockchain nodes except the blockchain node obtains the data to be encrypted decrypted by the blockchain node and m blockchain nodes from the smart contract
  • the encryption offset factor of and through bilinear mapping, based on the encryption offset factors of m blockchain nodes, verify the data to be encrypted decrypted by the blockchain node, and determine the matching between the data to be encrypted and the verification segment
  • verify whether the decrypted data to be encrypted is correct, so that after confirming that each blockchain node has reached a consensus on the decrypted data to be encrypted, it is confirmed that the decrypted data to be encrypted is correct, and the decrypted
  • the data to be encrypted is recorded to the blockchain.
  • other block chain nodes obtain the data m i to be encrypted decrypted by the block chain node 2 from the smart contract.
  • the blockchain node 1 obtains the decrypted data mi to be encrypted from the smart contract, and verifies the matching between the data mi decrypted by the blockchain node 1 and the verification slice through the bilinear mapping algorithm. That is, verify that If it is satisfied, the block chain node 1 confirms that the data mi to be encrypted decrypted by the block chain node 2 is correct.
  • other blockchain nodes can also verify whether the data mi to be encrypted decrypted by blockchain node 2 is correct in the same verification method as blockchain node 1, and details will not be repeated here.
  • Step1 Each blockchain node in the consortium chain generates its own offset commitment.
  • each blockchain node in the consortium chain will pre-generate its own offset commitment.
  • Step a For each blockchain node, the blockchain node generates an encryption offset factor for the blockchain node based on its own private key and the current round of encryption index.
  • the alliance chain is composed of four blockchain nodes, namely, blockchain node A, blockchain node B, blockchain node C, and blockchain node D.
  • Blockchain node A splices its own private key sk A with the current round of encrypted index index to generate an offset message (sk A
  • index). Then hash the offset message through the message digest algorithm or secure hash algorithm to generate the encryption offset factor of blockchain node A, that is, the encryption offset factor r A H(sk A
  • Blockchain node B splices its own private key sk B with the current round of encrypted index index to generate an offset message (sk B
  • Step b Each blockchain node generates an offset commitment for the blockchain node based on its encrypted offset factor and the public point on the elliptic curve.
  • the calculation result that is, the offset commitment obtained by multiplying the encrypted offset factor by the public point on the elliptic curve by each blockchain node is still a point on the elliptic curve.
  • Step c Each blockchain node uploads its offset commitment to the smart contract.
  • Blockchain node A uploads its own offset commitment R A to the smart contract E_Contract
  • blockchain node B uploads its own offset commitment R B uploads to the smart contract E_Contract
  • blockchain node C uploads its own offset commitment R C to the smart contract E_Contract
  • blockchain node D uploads its own offset commitment R D to the smart contract E_Contract.
  • each blockchain node in the consortium chain will also upload its own public key to the smart contract. That is, blockchain node A uploads its own public key pk A to the smart contract E_Contract; blockchain node B uploads its own public key pk B to the smart contract E_Contract; blockchain node C uploads its own public key pk C Upload to smart contract E_Contract; blockchain node D uploads its own public key pk D to smart contract E_Contract.
  • Step2 The user encrypts the data to be encrypted through the client, and uploads the encrypted data to the smart contract.
  • the user For each block chain node, the user generates the first ciphertext fragment based on the offset encryption factor and public key of the block chain node through the client, and generates the first ciphertext fragment based on other areas except the block chain node
  • the offset commitment of the block chain node processes the data to be encrypted and generates the second ciphertext fragment. Then, the user uploads the first ciphertext fragment and the second ciphertext fragment of each blockchain node to the smart contract through the client.
  • Step a The user sends an offset commitment acquisition request to any blockchain node in the consortium chain through the client.
  • the offset commitment acquisition request is used to acquire the offset commitment of each block chain node, and the client is loaded on a terminal device, which can be a terminal device such as a tablet computer, a mobile phone, a notebook computer or a desktop computer, and the implementation of the present invention
  • a terminal device such as a tablet computer, a mobile phone, a notebook computer or a desktop computer
  • the implementation of the present invention The example is not limited to this.
  • a user when a user needs to encrypt a certain data to be encrypted, he will first send an offset commitment acquisition request to any blockchain node.
  • the blockchain node After receiving the offset commitment acquisition request, the blockchain node will read the offset commitments of each blockchain node from the smart contract, and package the offset commitments of each blockchain node to form a data packet, and then Send that packet to the client.
  • the client parses and processes the data packet to obtain the offset commitment of each blockchain node.
  • the client parses and processes the data packet to obtain the offset commitment of each blockchain node.
  • the user sends an offset commitment acquisition request to blockchain node A through the client.
  • blockchain node A After blockchain node A receives the offset commitment acquisition request, it will read the offset commitments of blockchain node A, blockchain node B, blockchain node C, and blockchain node D from the smart contract. And package the offset commitments of these four blockchain nodes to form a data packet, and then send the data packet to the client.
  • the client After receiving the data packet, the client analyzes and processes the data packet, and obtains the offset commitment R A of the blockchain node A, the offset commitment R B of the blockchain node B, and the offset commitment R B of the blockchain node C.
  • the offset commitment R C and the offset commitment R D of the blockchain node D After receiving the data packet, the client analyzes and processes the data packet, and obtains the offset commitment R A of the blockchain node A, the offset commitment R B of the blockchain node B, and the offset commitment R B of the blockchain node C.
  • Step b The user sends an encrypted offset factor acquisition request to each blockchain node through the client.
  • the encryption offset factor acquisition request is used to acquire the encryption offset factor of each blockchain node.
  • the user sends an encrypted offset factor acquisition request to each blockchain node through a dedicated communication channel or a secret communication channel.
  • Each blockchain node sends its encrypted offset factor to the client after receiving the encrypted offset factor acquisition request.
  • the user sends an encrypted offset factor acquisition request to blockchain node A through a dedicated communication channel or a secret communication channel based on the client.
  • Blockchain node A sends its encrypted offset factor r A to the client after receiving the encrypted offset factor acquisition request.
  • the user sends an encrypted offset factor acquisition request to the blockchain node B through a dedicated communication channel or a secret communication channel.
  • blockchain node B After receiving the encryption offset factor acquisition request, blockchain node B sends its own encryption offset factor r B to the client.
  • Blockchain node C sends its encrypted offset factor r C to the client after receiving the encrypted offset factor acquisition request.
  • Blockchain node D sends its encrypted offset factor r D to the client after receiving the encryption offset factor acquisition request.
  • Step c For each blockchain node, the user generates an offset verification commitment through the client based on the encrypted offset factor of the blockchain node and the public point on the elliptic curve.
  • the user multiplies the encrypted offset factor of the blockchain node with the public point on the elliptic curve through the client to generate an offset verification commitment for the blockchain node .
  • the user uses the client to compare the encrypted offset factor r A of blockchain node A with the public data on the elliptic curve.
  • Step d For each blockchain node, the user verifies through the client whether the offset verification commitment of the blockchain node generated locally is equal to the offset commitment of the blockchain node obtained from the smart contract.
  • step e if it is verified that the offset verification commitment of each blockchain node generated locally is equal to the offset commitment of each blockchain node obtained from the smart contract, then perform step e; if verifying a locally generated blockchain The node's offset verification commitment is not equal to the offset commitment of the blockchain node obtained from the smart contract, or the offset verification commitment of multiple blockchain nodes generated locally is not equal to the multi-block chain node's offset commitment obtained from the smart contract. If the offset commitments of two blockchain nodes do not correspond to the same, it is determined that one or more blockchain nodes are doing evil, and the encryption process can be terminated.
  • the user verifies the locally generated blockchain node A's offset verification commitment R A ' and the block obtained from the smart contract through the client Whether the offset commitment R A of chain node A is equal; verify whether the offset verification commitment R B ′ of blockchain node B generated locally is equal to the offset commitment R B of blockchain node B obtained from the smart contract; Verify whether the offset verification commitment R C ′ of the locally generated blockchain node C is equal to the offset commitment R C of the blockchain node C obtained from the smart contract; and verify the offset of the locally generated blockchain node D Whether the offset verification commitment R D ′ is equal to the offset commitment R D of the blockchain node D obtained from the smart contract.
  • step e If it is determined that the verification of these four blockchain nodes is successful, then perform step e; if it is determined that at least one of the four blockchain nodes is unsuccessful in verification, for example, the verification of blockchain node A is unsuccessful, then If it is determined that blockchain node A is evil, the encryption process can be terminated. Or if the verification of blockchain node A and blockchain node B is unsuccessful, it is determined that blockchain node A and blockchain node B are evil, and the encryption process can be terminated.
  • Step e After confirming that the offset commitments of each blockchain node have been successfully verified, for each blockchain node, the user generates an encryption offset factor and public key for the block through the client through the client.
  • consortium chain consisting of four blockchain nodes as an example.
  • blockchain node A the user uses the client to compare the encryption offset factor r A of blockchain node A with blockchain node A
  • the user multiplies the encryption offset factor r C of blockchain node C with the public key pk C of blockchain node C through the client to generate the first
  • the user multiplies the encryption offset factor r D of the blockchain node D with the public key pk D of the blockchain node D through the client to generate the first key for the blockchain node D.
  • Step f For each blockchain node, the user generates the second ciphertext for the blockchain node through the client based on the data to be encrypted and the offset commitments of other blockchain nodes except the blockchain node Fragmentation.
  • consortium chain consisting of four blockchain nodes as an example
  • blockchain node A the user treats the encrypted data m and other blockchain nodes except blockchain node A through the client
  • Step g the user sets the decryption time stamps for decrypting the first ciphertext fragment and the second ciphertext fragment through the client.
  • the user sets a decryption timestamp Timestamp on the client, and the decryption timestamp is used to instruct any blockchain node to perform a decryption operation after determining that the local timestamp satisfies the decryption timestamp.
  • Step h the user uploads the decryption timestamp and the first ciphertext fragment and the second ciphertext fragment of each blockchain node to the smart contract through the client.
  • the user uploads (T A , Q A , T B , Q B , T C , Q C , T D , Q D , Timestamp) to the smart contract E_Contract through the client to complete the encryption of the data to be encrypted. cryptographic operations.
  • Step3 Each blockchain node decrypts the encrypted data and verifies the decrypted data.
  • the decryption operation is started; if the block chain node determines that the decryption condition is not satisfied, the decryption operation is not performed.
  • the decryption condition is that the local timestamp is greater than or equal to the decrypted timestamp in the smart contract.
  • Step a For the blockchain node that meets the decryption condition, the blockchain node that meets the decryption condition reads the local private key, and generates an encryption offset factor based on the local private key and the current round of encryption index.
  • the blockchain node when a blockchain node satisfies the decryption conditions, the blockchain node splices its own private key with the current round of encryption index to generate an offset message, and uses a message digest algorithm or a secure hash algorithm to verify the The offset message is hashed to generate an encrypted offset factor for the blockchain node.
  • a message digest algorithm or a secure hash algorithm to verify the The offset message is hashed to generate an encrypted offset factor for the blockchain node.
  • the blockchain node in order to prevent the encryption offset factor from being leaked by the blockchain node, there is a risk of data leakage. Therefore, in order to ensure the privacy and security of the data, the blockchain node will not store the encryption offset factor for a long time.
  • blockchain node A reads the local private key sk A , splices the local private key sk A with the current round of encryption index index, and generates an offset message ( sk A
  • index). Then hash the offset message through the message digest algorithm or secure hash algorithm to generate the encryption offset factor of blockchain node A, that is, the encryption offset factor r A H(sk A
  • other blockchain nodes that meet the decryption conditions can also generate encrypted offset factors in the same manner as blockchain node A generates encrypted offset factors.
  • Step b The blockchain node that satisfies the decryption condition reads the offset commitment of each blockchain node in the smart contract.
  • Blockchain node A that satisfies the decryption condition is taken as an example.
  • Blockchain node A reads the offset commitment of each blockchain node from the smart contract E_Contract.
  • the alliance chain has four blockchain nodes, namely Blockchain node A, blockchain node B, blockchain node C, and blockchain node D.
  • Blockchain node A reads the offset commitment R A of blockchain node A, the offset commitment R B of blockchain node B, the offset commitment R C of blockchain node C, and the block from the smart contract E_Contract Offset commitment RD of chain node D.
  • Step c The blockchain node that satisfies the decryption condition generates a third ciphertext fragment based on its encryption offset factor and public key, and determines from the smart contract based on the third ciphertext fragment.
  • the first ciphertext fragment that matches the text fragment and the second ciphertext fragment that matches the third ciphertext fragment are determined to match the first ciphertext fragment and the second ciphertext fragment through bilinear mapping.
  • Shards, private keys, and offset commitments are processed to generate verification shards of blockchain nodes.
  • the verification fragment E C for the block chain node C that satisfies the decryption condition which is:
  • the verification fragment E D for the block chain node D that satisfies the decryption condition which is:
  • Step d The blockchain nodes that meet the decryption conditions use their private keys to sign the verification fragments they generate, generate signatures for the verification fragments, and upload the verification fragments and the signatures of the verification fragments to the smart contract.
  • Step e After confirming that each blockchain node has uploaded its own verification fragment and signature of the verification fragment to the smart contract, for each blockchain node, the blockchain node verifies the verification fragments of other blockchain nodes.
  • Shard is the same as its own verification shard.
  • the blockchain node obtains the verification fragments of other blockchain nodes and the signatures of the verification fragments from the smart contract. Then, the blockchain node uses the public keys of other blockchain nodes to verify the signatures of the verification fragments of other blockchain nodes, and after confirming that the signature verification of the verification fragments of other blockchain nodes is successful, determine Whether the verification fragments of other blockchain nodes are the same as their own verification fragments.
  • blockchain node A uses the public key pk B of blockchain node B to verify the signature delta B of blockchain node B's fragment E B Verification, use the public key pk C of the blockchain node C to verify the signature delta C of the verification fragment E C of the blockchain node C, and use the public key pk D of the blockchain node D to verify the signature delta C of the blockchain node D
  • the signature delta D of the verification fragment E D of the blockchain node B is verified, and the signature delta B of the verification fragment E B of the blockchain node B, the signature delta C of the verification fragment E C of the blockchain node C, and the blockchain
  • the signature delta D of the verification fragment E D of node D is successfully verified, it is determined that its own verification fragment E A and the verification fragment E B of the blockchain node B and the verification fragment E C of the blockchain node C And whether the verification fragments E D of the blockchain node D are the same.
  • blockchain node B, blockchain node C, or blockchain node D will also verify the signatures of other blockchain nodes' verification fragments, and determine the signatures of other blockchain nodes' verification fragments. After the signature verification is successful, determine whether your own verification shard is the same as that of other blockchain nodes, which will not be repeated here.
  • Step f For each blockchain node, the blockchain node uploads its encrypted offset factor to the smart contract after determining that the verification fragments of other blockchain nodes are the same as its own verification fragments.
  • blockchain node A determines its own verification fragment E A and blockchain node B's verification fragment E B , and blockchain node C's After the verification fragment E C and the verification fragment E D of the blockchain node D are the same, upload their encrypted offset factor r A to the smart contract.
  • blockchain node B, blockchain node C, or blockchain node D confirms that their own verification fragments are the same as those of other blockchain nodes, they will also set their encryption offset factors Upload to the smart contract, so I won’t repeat it here.
  • index'); blockchain node B generates the next round of encryption offset factor r B ' H(sk B
  • index'); blockchain node C generates the next round of Encrypted offset factor r C ' H(sk C
  • index'); blockchain node D generates the encrypted offset factor r D ' H(sk D
  • index') for the next round. Among them, index' index+1.
  • Step g For each blockchain node, the blockchain node obtains the encryption offset factor of each blockchain node from the smart contract, and determines and verifies from the value range of the binary number through bilinear mapping The binary number matched by the slice is used as the decryption result.
  • the blockchain node sequentially traverses the binary numbers in the value range of the binary numbers, and based on the verification fragmentation, through bilinear mapping, determines the number that matches the verification fragmentation Binary number, and use the binary number as the decryption result.
  • the blockchain node sequentially traverses the binary numbers in the value range of the binary numbers, and based on the verification fragmentation, through bilinear mapping, determines the number that matches the verification fragmentation Binary number, and use the binary number as the decryption result.
  • the binary number into a decimal number
  • the blockchain node A can traverse in sequence according to the value range of the binary number from small to large or from large to small, and based on the verification fragmentation, through the two-line property mapping, to determine whether each traversed data m i satisfies Among them, the right side of the equation is a verification slice, which is also a value. If it is determined that a certain data m i satisfies, the data m i is used as the decrypted data, that is, the data m i is the data to be encrypted by the client.
  • the binary number of the number 10 is 1010, and the blockchain nodes can traverse sequentially from the binary number 0 until it reaches 1010. In this way, the data 1010 can be used as the decrypted data.
  • Step h other blockchain nodes perform consensus verification on the data to be encrypted decrypted by the blockchain node stored on the blockchain, and determine the data to be encrypted and the verification data decrypted by the blockchain node through bilinear mapping Shard matching.
  • block chain node A that decrypts the data to be encrypted
  • other block chain nodes obtain the to-be-encrypted data m i decrypted by the block chain node A from the smart contract.
  • blockchain node B obtains the decrypted data mi to be encrypted from the smart contract
  • blockchain node C obtains the decrypted data mi to be encrypted from the smart contract
  • blockchain node D obtains the decrypted data mi from the smart contract
  • the output to be encrypted data m i The blockchain node B verifies the matching between the encrypted data mi decrypted by the blockchain node A and the verification fragment through the bilinear mapping algorithm.
  • the blockchain node B confirms that the data mi to be encrypted decrypted by the blockchain node A is correct.
  • the blockchain node C will also verify the matching of the encrypted data mi decrypted by the blockchain node A and the verification fragment through the bilinear mapping algorithm. That is, verify that If it is satisfied, the blockchain node C confirms that the data mi to be encrypted decrypted by the blockchain node A is correct.
  • the blockchain node D will also verify the matching between the encrypted data mi decrypted by the blockchain node A and the verification fragment through the bilinear mapping algorithm. That is, verify that If it is satisfied, the blockchain node D confirms that the data mi to be encrypted decrypted by the blockchain node A is correct.
  • the decryption operation can be started. That is, the index ciphertext is generated based on the public and private keys of the blockchain nodes, and based on the index ciphertext, the first ciphertext score that matches the index ciphertext can be determined in a timely and accurate manner from the encrypted information uploaded by the client to the smart contract. slice and a second ciphertext slice that matches the index ciphertext.
  • the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext are processed to obtain the verification fragment of the blockchain node, and verify After the m verification fragments meet the set requirements, the second ciphertext fragment matching the index ciphertext is decrypted to obtain the data to be encrypted.
  • the scheme does not require blockchain nodes to perform encryption operations on the data to be encrypted, and each blockchain node uses different public and private keys instead of using the same public and private keys, it can ensure the privacy and security of the data to be encrypted.
  • this scheme since this scheme does not need to re-initialize the key to generate public and private keys every time the decryption operation is performed, but always uses the public and private keys of each blockchain node, it can make the decryption process of the scheme simpler and more convenient , so that the cost of the decryption operation can be reduced.
  • FIG. 2 exemplarily shows a data processing device based on a smart contract provided by an embodiment of the present invention, and the device can execute a flow of a data processing method based on a smart contract.
  • the smart contract-based data processing method is applicable to a consortium chain with m blockchain nodes.
  • the device includes:
  • the generation unit 201 is used to generate index ciphertext based on the public and private keys of the block chain node when it is determined that the decryption time stamp in the smart contract is met for any block chain node; the decryption time stamp is generated by the client is used to indicate the time to decrypt the encrypted information uploaded by the client to the smart contract; the encrypted information includes the first ciphertext fragment and the second ciphertext fragment for each blockchain node ; The first ciphertext fragment is generated by the client based on the public and private keys of the blockchain nodes; the second ciphertext fragment is generated by the client based on the data to be encrypted;
  • the first processing unit 202 is configured to determine from the encrypted information a first ciphertext segment matching the index ciphertext and a second ciphertext segment matching the index ciphertext; through bilinear Mapping, processing the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext, obtaining the verification fragment of the blockchain node, and converting the The verification fragments are uploaded to the smart contract; after verifying that the m verification fragments meet the set requirements, the second ciphertext fragments matching the index ciphertext are decrypted to obtain the data to be encrypted.
  • the generating unit 201 is specifically configured to:
  • the index ciphertext is generated based on the encryption offset factor and the public key of the blockchain node.
  • the first processing unit 202 is specifically configured to:
  • the first commitment fragments of m blockchain nodes from the smart contract; the first commitment fragments are generated by the blockchain nodes based on their respective encryption offset factors;
  • the encryption offset factor of the blockchain node the first ciphertext fragment matching the index ciphertext, and the second ciphertext fragment matching the index ciphertext , performing conversion processing on the first commitment fragment of the blockchain node and the private key of the blockchain node to generate a verification fragment of the blockchain node.
  • the first processing unit 202 is specifically configured to:
  • the first processing unit 202 is further configured to:
  • the first processing unit 202 is specifically used for:
  • the second ciphertext fragment matching the index ciphertext is decrypted to obtain the data to be encrypted.
  • the first processing unit 202 is further configured to:
  • the data to be encrypted After obtaining the data to be encrypted, obtain the data to be encrypted decrypted by the block chain node and the encryption offset factors of the m block chain nodes from the smart contract; the data to be encrypted is the area The block chain node uploads to the smart contract;
  • FIG. 3 exemplarily shows another smart contract-based data processing device provided by an embodiment of the present invention, and the device can execute the flow of the smart contract-based data processing method.
  • the smart contract-based data processing method is applicable to a consortium chain with m blockchain nodes.
  • the device includes:
  • the obtaining unit 301 is configured to obtain the first commitment fragments of the m blockchain nodes from the smart contract, and obtain the encrypted offset factors of the m blockchain nodes through a secret communication channel; the first commitment fragments Shards are generated by blockchain nodes based on their respective encrypted offset factors; the encrypted offset factors are generated by blockchain nodes based on their respective private keys;
  • the second processing unit 302 is configured to, for each block chain node, generate a first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the block chain node to be Encrypt data and the first commitment fragments of other blockchain nodes except the blockchain node, generate a second ciphertext fragment; generate a decryption timestamp; combine the decryption timestamp and the m blocks
  • the first ciphertext fragment and the second ciphertext fragment of the chain node are uploaded to the smart contract; the decryption timestamp is used to indicate that any block chain node determines that the local timestamp satisfies the decryption timestamp
  • the first ciphertext fragment and the second ciphertext fragment in the smart contract are decrypted.
  • the second processing unit 302 is further configured to:
  • the embodiment of the present invention also provides a computing device, as shown in FIG. 4 , including at least one processor 401 and a memory 402 connected to the at least one processor.
  • the specific connection medium between the processor 401 and the memory 402, the bus connection between the processor 401 and the memory 402 in FIG. 4 is taken as an example.
  • the bus can be divided into address bus, data bus, control bus and so on.
  • the memory 402 stores instructions that can be executed by at least one processor 401, and at least one processor 401 can execute the instructions included in the aforementioned smart contract-based data processing method by executing the instructions stored in the memory 402. step.
  • the processor 401 is the control center of the computing device, which can use various interfaces and lines to connect various parts of the computing device, by running or executing instructions stored in the memory 402 and calling data stored in the memory 402, thereby realizing data deal with.
  • the processor 401 may include one or more processing units, and the processor 401 may integrate an application processor and a modem processor.
  • the call processor mainly handles issuing instructions. It can be understood that the foregoing modem processor may not be integrated into the processor 401 .
  • the processor 401 and the memory 402 can be implemented on the same chip, and in some embodiments, they can also be implemented on independent chips.
  • the processor 401 can be a general processor, such as a central processing unit (CPU), a digital signal processor, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), a field programmable gate array or other programmable logic devices, discrete gates or transistors Logic devices and discrete hardware components can implement or execute the methods, steps and logic block diagrams disclosed in the embodiments of the present invention.
  • a general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the method disclosed in the embodiment of the smart contract-based data processing method can be directly implemented by a hardware processor, or implemented by a combination of hardware and software modules in the processor.
  • the memory 402 can be used to store non-volatile software programs, non-volatile computer-executable programs and modules.
  • Memory 402 can include at least one type of storage medium, for example, can include flash memory, hard disk, multimedia card, card memory, random access memory (Random Access Memory, RAM), static random access memory (Static Random Access Memory, SRAM), Programmable Read Only Memory (PROM), Read Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Magnetic Memory, Disk , CD, etc.
  • Memory 402 is, but is not limited to, any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
  • the memory 402 in the embodiment of the present invention may also be a circuit or any other device capable of implementing a storage function, and is used for storing program instructions and/or data.
  • an embodiment of the present invention also provides a computer-readable storage medium, which stores a computer program executable by a computing device, and when the program is run on the computing device, the computing device Execute the steps of the above smart contract-based data processing method.
  • the embodiments of the present invention may be provided as methods, systems, or computer program products. Accordingly, the present invention can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions
  • the device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

Abstract

Provided in the embodiments of the present invention are a data processing method and apparatus based on a smart contract. The method comprises: for any blockchain node, when it is determined that a decryption timestamp in a smart contract is satisfied, generating index ciphertext on the basis of public and private keys of the blockchain node; determining, from encrypted information, a first ciphertext fragment matching the index ciphertext and a second ciphertext fragment matching the index ciphertext; processing, by means of bilinear mapping, the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext, so as to obtain a verification fragment of the blockchain node, and uploading the verification fragment to the smart contract; and after it is verified that m verification fragments meet a set requirement, decrypting the second ciphertext fragment matching the index ciphertext, so as to obtain data to be encrypted. In this way, by means of the solution, since each blockchain node performs, by using different public and private keys instead of the same public and private keys, encryption and decryption operations on data to be encrypted, the privacy security of said data can be ensured.

Description

一种基于智能合约的数据处理方法及装置A data processing method and device based on smart contracts
相关申请的交叉引用Cross References to Related Applications
本申请要求在2021年06月22日提交中国专利局、申请号为202110692736.X、申请名称为“一种基于智能合约的数据处理方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application submitted to the China Patent Office on June 22, 2021, with the application number 202110692736.X and the application name "A Data Processing Method and Device Based on Smart Contract", the entire content of which is passed References are incorporated in this application.
技术领域technical field
本发明实施例涉及金融科技(Fintech)领域,尤其涉及一种基于智能合约的数据处理方法及装置。Embodiments of the present invention relate to the field of financial technology (Fintech), and in particular to a data processing method and device based on smart contracts.
背景技术Background technique
随着计算机技术的发展,越来越多的技术应用在金融领域,传统金融业正在逐步向金融科技转变,但由于金融行业的安全性、实时性要求,也对技术提出的更高的要求。在金融领域,为了防止金融业务数据中所包含的敏感信息被泄露,针对金融业务数据中敏感信息的安全性要求也会变高。在此基础上,对金融业务数据进行加解密在金融业务上的应用也变得广泛。因此,如何及时有效地对金融业务数据进行加解密,以满足金融业务数据的安全性需求就成为急需解决的问题。With the development of computer technology, more and more technologies are applied in the financial field, and the traditional financial industry is gradually transforming into financial technology. However, due to the security and real-time requirements of the financial industry, higher requirements are also placed on technology. In the financial field, in order to prevent sensitive information contained in financial business data from being leaked, the security requirements for sensitive information in financial business data will also become higher. On this basis, the application of encryption and decryption of financial business data in financial business has also become extensive. Therefore, how to encrypt and decrypt financial service data in a timely and effective manner to meet the security requirements of financial service data has become an urgent problem to be solved.
现有方案为了保证联盟链系统中各参与方加解密过程中的中间结果相同,通常需要各参与方通过共同协商确定一对密钥(即公钥和私钥),也即是通过密钥初始化操作生成相同的密钥,然后各参与方都使用该相同的密钥对数据进行加解密操作。具体地,在用户利用终端设备将数据上传至联盟链系统中各参与方后,各参与方分别使用公钥对该数据进行加密,并将加密后的数据上传至区块链,然后每个参与方使用私钥对其它参与方上传的加密后的数据进行解密,以确定其它参与方所接收的数据是否与自己接收的数据相同,并在各参与方都验证成功后达成共识,将该数据进行上链操作。然而,该方案由于各参与方使用相同的公私钥进行加解密操作,因此使得数据的隐私安全性并不能被保证,且,每次进行加解密操作都需要重新进行密钥初始化操作生成公私钥,导致加解密操作的过程繁琐,并使得加解密操作的成本增加。In order to ensure that the intermediate results of each participant in the alliance chain system are the same during the encryption and decryption process, the existing scheme usually requires each participant to determine a pair of keys (that is, a public key and a private key) through mutual negotiation, that is, through key initialization The operation generates the same key, and then each participant uses the same key to encrypt and decrypt data. Specifically, after the user uses the terminal device to upload the data to each participant in the alliance chain system, each participant uses the public key to encrypt the data, and uploads the encrypted data to the blockchain, and then each participant The party uses the private key to decrypt the encrypted data uploaded by other parties to determine whether the data received by other parties is the same as the data received by itself, and after all parties have successfully verified a consensus, the data will be Up chain operation. However, in this scheme, since each participant uses the same public and private keys for encryption and decryption operations, the privacy security of the data cannot be guaranteed, and each encryption and decryption operation needs to be re-initialized to generate public and private keys. The process of encryption and decryption operations is cumbersome, and the cost of encryption and decryption operations increases.
综上,目前亟需一种基于智能合约的数据处理方法,用以解决现有技术中存在各参与方都使用相同的公私钥进行加解密操作,导致数据的隐私安全性无法被保证的问题。To sum up, there is an urgent need for a data processing method based on smart contracts to solve the problem in the existing technology that all participants use the same public and private keys for encryption and decryption operations, resulting in data privacy security that cannot be guaranteed.
发明内容Contents of the invention
本发明实施例提供了一种基于智能合约的数据处理方法及装置,用以解决现有技术中存在各参与方都使用相同的公私钥进行加解密操作,导致数据的隐私安全性无法完全被保证的问题。The embodiment of the present invention provides a data processing method and device based on a smart contract to solve the problem in the prior art that all participants use the same public and private keys for encryption and decryption operations, resulting in that the privacy and security of data cannot be fully guaranteed The problem.
第一方面,本发明实施例提供了一种基于智能合约的数据处理方法,适用于具有m个区块链节点的联盟链,所述方法包括:In the first aspect, the embodiment of the present invention provides a data processing method based on a smart contract, which is suitable for an alliance chain with m blockchain nodes, and the method includes:
针对任一区块链节点,所述区块链节点在确定满足智能合约中的解密时间戳时,基于所述区块链节点的公私钥生成索引密文;所述解密时间戳是客户端生成的用于指示对所述客户端上传至所述智能合约中的加密信息进行解密的时间;所述加密信息包括针对每个区块链节点的第一密文分片和第二密文分片;第一密文分片是所述客户端基于区块链节点的公私钥生成的;第二密文分片是所述客户端基于待加密数据生成的;For any blockchain node, when the blockchain node determines that the decryption timestamp in the smart contract is met, an index ciphertext is generated based on the public and private keys of the blockchain node; the decryption timestamp is generated by the client is used to indicate the time to decrypt the encrypted information uploaded by the client to the smart contract; the encrypted information includes the first ciphertext fragment and the second ciphertext fragment for each blockchain node ; The first ciphertext fragment is generated by the client based on the public and private keys of the blockchain nodes; the second ciphertext fragment is generated by the client based on the data to be encrypted;
所述区块链节点从所述加密信息中确定出与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片;The blockchain node determines from the encrypted information a first ciphertext fragment matching the index ciphertext and a second ciphertext fragment matching the index ciphertext;
所述区块链节点通过双线性映射,对与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片进行处理,得到所述区块链节点的验证分片,并将所述验证分片上传至所述智能合约;The block chain node processes the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext through bilinear mapping to obtain the block The verification fragment of the chain node, and upload the verification fragment to the smart contract;
所述区块链节点在验证m个验证分片满足设定要求后,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。After verifying that the m verification fragments meet the set requirements, the blockchain node decrypts the second ciphertext fragment matching the index ciphertext to obtain the data to be encrypted.
上述技术方案中,针对任一区块链节点,在确定本地时间戳满足智能合约中的解密时间戳时,即可开始进行解密操作。即,基于区块链节点的公私钥生成索引密文,并基于索引密文,可以及时准确地从客户端上传至智能合约中的加密信息中确定出与索引密文匹配的第一密文分片以及与索引密文匹配的第二密文分片。然后,通过双线性映射,对与索引密文匹配的第一密文分片和与索引密文匹配的第二密文分片进行处理,得到区块链节点的验证分片,并在验证m个验证分片满足设定要求后,对与索引密文匹配的第二密文分片进行解密,得到待加密数据。如此,该方案由于无需区块链节点对待加密数据进行加密操作,而且各区块链节点都是使用不同的公私钥,而不是都使用相同的公私钥,从而可以确保待加密数据的隐私安全性。此外,该方案由于无需每次在进行解密操作时都重新进行密钥初始化生成公私钥,而是一直使用的是各区块链节点的公私钥,因此可以使得该方案解密操作的过程更为简单方便,从而能够使得解密操作的成本降低。In the above technical solution, for any blockchain node, when it is determined that the local time stamp meets the decryption time stamp in the smart contract, the decryption operation can be started. That is, the index ciphertext is generated based on the public and private keys of the blockchain nodes, and based on the index ciphertext, the first ciphertext score that matches the index ciphertext can be determined in a timely and accurate manner from the encrypted information uploaded by the client to the smart contract. slice and a second ciphertext slice that matches the index ciphertext. Then, through bilinear mapping, the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext are processed to obtain the verification fragment of the blockchain node, and verify After the m verification fragments meet the set requirements, the second ciphertext fragment matching the index ciphertext is decrypted to obtain the data to be encrypted. In this way, since the scheme does not require blockchain nodes to perform encryption operations on the data to be encrypted, and each blockchain node uses different public and private keys instead of using the same public and private keys, it can ensure the privacy and security of the data to be encrypted. In addition, since this scheme does not need to re-initialize the key to generate public and private keys every time the decryption operation is performed, but always uses the public and private keys of each blockchain node, it can make the decryption process of the scheme simpler and more convenient , so that the cost of the decryption operation can be reduced.
可选地,基于所述区块链节点的公私钥生成索引密文,包括:Optionally, the index ciphertext is generated based on the public and private keys of the blockchain nodes, including:
所述区块链节点将所述区块链节点的私钥与本轮加密索引进行拼接,生成偏移消息;The block chain node splices the private key of the block chain node with the encryption index of the current round to generate an offset message;
所述区块链节点对所述偏移消息进行哈希运算,生成加密偏移因子;The blockchain node performs a hash operation on the offset message to generate an encrypted offset factor;
所述区块链节点基于所述加密偏移因子以及所述区块链节点的公钥,生成所述索引密文。The blockchain node generates the index ciphertext based on the encryption offset factor and the public key of the blockchain node.
上述技术方案中,通过基于每个区块链节点的私钥与本轮加密索引来生成偏移消息,并基于偏移消息以及每个区块链节点的公钥来生成索引密文,可以为每个区块链节点及时准确地基于自己生成的索引密文从智能合约确定出与该区块链节点的索引密文匹配的第一密文分片和第二密文分片提供支持。In the above technical solution, the offset message is generated based on the private key of each blockchain node and the current round of encryption index, and the index ciphertext is generated based on the offset message and the public key of each blockchain node, which can be Each blockchain node timely and accurately determines the first ciphertext fragment and the second ciphertext fragment matching the index ciphertext of the blockchain node from the smart contract based on the index ciphertext generated by itself to provide support.
可选地,所述区块链节点通过双线性映射,对与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片进行处理,得到所述区块链节点的验证分片,包括:Optionally, the blockchain node processes the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext through bilinear mapping, to obtain The verification fragmentation of the blockchain node includes:
所述区块链节点从所述智能合约获取m个区块链节点的第一承诺分片;所述第一承诺分片是区块链节点基于各自的加密偏移因子生成的;The blockchain node acquires the first commitment fragments of m blockchain nodes from the smart contract; the first commitment fragments are generated by the blockchain nodes based on their respective encryption offset factors;
所述区块链节点通过所述双线性映射,将所述区块链节点的加密偏移因子、与所述索引密文匹配的第一密文分片、与所述索引密文匹配的第二密文分片、所述区块链节点的第一承诺分片以及所述区块链节点的私钥进行转换处理,生成所述区块链节点的验证分片。The blockchain node uses the bilinear mapping to encrypt the offset factor of the blockchain node, the first ciphertext fragment matching the index ciphertext, and the first ciphertext fragment matching the index ciphertext. The second ciphertext fragment, the first commitment fragment of the blockchain node, and the private key of the blockchain node are converted to generate a verification fragment of the blockchain node.
上述技术方案中,通过双线性映射,将区块链节点的加密偏移因子、与索引密文匹配 的第一密文分片、与索引密文匹配的第二密文分片、区块链节点的第一承诺分片以及区块链节点的私钥进行转换处理,可以及时准确地生成验证分片。该验证分片可以为后续解密出待加密数据提供支持。In the above technical solution, through bilinear mapping, the encrypted offset factor of the blockchain node, the first ciphertext fragment matching the index ciphertext, the second ciphertext fragment matching the index ciphertext, and the block The first commitment fragment of the chain node and the private key of the blockchain node are converted to generate verification fragments in a timely and accurate manner. The verification fragment can provide support for subsequent decryption of the data to be encrypted.
可选地,所述区块链节点验证m个验证分片满足设定要求,包括:Optionally, the blockchain node verifies that the m verification fragments meet the set requirements, including:
所述区块链节点确定所述区块链节点的验证分片与除所述区块链节点以外的其它区块链节点的验证分片是否相同;The block chain node determines whether the verification fragmentation of the block chain node is the same as the verification fragmentation of other block chain nodes except the block chain node;
若是,则所述区块链节点确认所述m个验证分片验证成功。If yes, the block chain node confirms that the verification of the m verification fragments is successful.
上述技术方案中,任一区块链节点通过确定自己的验证分片与除该区块链节点以外的其它区块链节点的验证分片是否相同来完成针对验证分片的共识同步过程。并确定各区块链节点均验证成功后,即可确认各区块链节点即使利用不同的私钥进行解密也能得到相同的中间结果(即验证分片),而无需各区块链节点都使用相同的私钥。In the above technical solution, any blockchain node completes the consensus synchronization process for the verification fragment by determining whether its own verification fragment is the same as that of other blockchain nodes other than the blockchain node. And after confirming that each block chain node is successfully verified, it can be confirmed that each block chain node can obtain the same intermediate result (ie verification fragmentation) even if it uses a different private key to decrypt, without using the same block chain node. private key.
可选地,在所述区块链节点确认所述m个验证分片验证成功之后,还包括:Optionally, after the block chain node confirms that the verification of the m verification fragments is successful, it also includes:
所述区块链节点将所述区块链节点的加密偏移因子上传至智能合约;The blockchain node uploads the encrypted offset factor of the blockchain node to the smart contract;
对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据,包括:Decrypting the second ciphertext segment matching the index ciphertext to obtain the data to be encrypted, including:
所述区块链节点从所述智能合约获取所述m个区块链节点的加密偏移因子;The blockchain node obtains the encrypted offset factors of the m blockchain nodes from the smart contract;
所述区块链节点通过所述双线性映射,基于所述m个区块链节点的加密偏移因子,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。The blockchain node decrypts the second ciphertext fragment matching the index ciphertext based on the encryption offset factors of the m blockchain nodes through the bilinear mapping, and obtains the Data to be encrypted.
上述技术方案中,各区块链节点都将自己的加密偏移因子上传至智能合约,可以为任一区块链节点可通过双线性映射解密与索引密文匹配的第二密文分片提供数据支持,以此能够及时有效地解密出待加密数据。In the above technical solution, each blockchain node uploads its own encryption offset factor to the smart contract, which can provide any blockchain node with the ability to decrypt the second ciphertext fragment matching the index ciphertext through bilinear mapping. Data support, so that the data to be encrypted can be decrypted in a timely and effective manner.
可选地,在得到所述待加密数据之后,还包括:Optionally, after obtaining the data to be encrypted, it also includes:
除所述区块链节点以外的其它区块链节点中每个区块链节点从智能合约上获取所述区块链节点解密出的待加密数据以及所述m个区块链节点的加密偏移因子;所述待加密数据是所述区块链节点上传至所述智能合约的;Each block chain node in other block chain nodes except the block chain node obtains the data to be encrypted decrypted by the block chain node and the encryption bias of the m block chain nodes from the smart contract shift factor; the data to be encrypted is uploaded to the smart contract by the block chain node;
所述其它区块链节点中每个区块链节点通过所述双线性映射,基于所述m个区块链节点的加密偏移因子,对所述区块链节点解密出的待加密数据进行验证,确定所述待加密数据与验证分片的匹配性,从而确定所述解密出的待加密数据是否正确。Each block chain node in the other block chain nodes decrypts the data to be encrypted by the block chain nodes based on the encryption offset factors of the m block chain nodes through the bilinear mapping Verification is performed to determine the matching between the data to be encrypted and the verification segment, so as to determine whether the decrypted data to be encrypted is correct.
上述技术方案中,任一区块链节点解密出待加密数据后,除该区块链节点以外的其它区块链节点中每个区块链节点都验证该解密出的待加密数据的正确性,以便在确认各区块链节点针对该解密出的待加密数据达成共识后,即确认解密出的待加密数据是正确的,将该解密出的待加密数据记录至区块链。In the above technical solution, after any blockchain node decrypts the data to be encrypted, each blockchain node in other blockchain nodes except the blockchain node verifies the correctness of the decrypted data to be encrypted , so that after confirming that each blockchain node has reached a consensus on the decrypted data to be encrypted, it is confirmed that the decrypted data to be encrypted is correct, and the decrypted data to be encrypted is recorded in the blockchain.
第二方面,本发明实施例提供了一种基于智能合约的数据处理方法,适用于具有m个区块链节点的联盟链,所述方法包括:In the second aspect, the embodiment of the present invention provides a data processing method based on a smart contract, which is suitable for an alliance chain with m blockchain nodes, and the method includes:
客户端从智能合约获取述m个区块链节点的第一承诺分片,并通过秘密通信通道获取所述m个区块链节点的加密偏移因子;所述第一承诺分片是区块链节点基于各自的加密偏移因子生成的;所述加密偏移因子是区块链节点基于各自的私钥生成的;The client obtains the first commitment fragment of the m blockchain nodes from the smart contract, and obtains the encrypted offset factors of the m blockchain nodes through a secret communication channel; the first commitment fragment is a block Chain nodes are generated based on their respective encrypted offset factors; the encrypted offset factors are generated by blockchain nodes based on their respective private keys;
针对每个区块链节点,所述客户端基于所述区块链节点的加密偏移因子以及所述区块链节点的公钥,生成第一密文分片,并基于待加密数据以及除所述区块链节点以外的其它区块链节点的第一承诺分片,生成第二密文分片;For each block chain node, the client generates the first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the data to be encrypted and the The first commitment fragment of other blockchain nodes other than the blockchain node generates a second ciphertext fragment;
所述客户端生成解密时间戳;The client generates a decryption timestamp;
所述客户端将所述解密时间戳以及所述m个区块链节点的第一密文分片、第二密文分片上传至所述智能合约;所述解密时间戳用于指示任一区块链节点在确定本地时间戳满足所述解密时间戳时对所述智能合约中的第一密文分片以及第二密文分片进行解密处理。The client uploads the decrypted timestamp and the first ciphertext fragment and the second ciphertext fragment of the m blockchain nodes to the smart contract; the decrypted timestamp is used to indicate any The blockchain node decrypts the first ciphertext fragment and the second ciphertext fragment in the smart contract when determining that the local timestamp satisfies the decryption timestamp.
上述技术方案中,针对每个区块链节点,通过基于该区块链节点的加密偏移因子以及该区块链节点的公钥,生成第一密文分片,并基于待加密数据以及除该区块链节点以外的其它区块链节点的第一承诺分片,生成第二密文分片。然后生成解密时间戳,并将解密时间戳以及m个区块链节点的第一密文分片、第二密文分片上传至智能合约。如此,该方案通过客户端基于各区块链节点的公私钥对待加密数据进行加密处理,生成第一密文分片和第二密文分片,而无需针对各区块链节点都使用相同的公私钥进行加密处理,从而可以确保待加密数据的隐私安全性。此外,该方案在每次进行加密操作时无需各区块链节点重新进行密钥初始化生成公私钥,而是一直使用的是各区块链节点的公私钥,因此可以使得该方案加密操作的过程更为简单方便,从而能够使得加密操作的成本降低。In the above technical solution, for each block chain node, the first ciphertext fragment is generated based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the data to be encrypted and the The second ciphertext fragments are generated from the first commitment fragments of other blockchain nodes other than the blockchain node. Then generate a decryption timestamp, and upload the decryption timestamp and the first ciphertext fragment and the second ciphertext fragment of the m blockchain nodes to the smart contract. In this way, the scheme uses the client to encrypt the data to be encrypted based on the public and private keys of each blockchain node, and generates the first ciphertext fragment and the second ciphertext fragment without using the same public and private keys for each blockchain node Encryption processing is performed to ensure the privacy and security of the data to be encrypted. In addition, this scheme does not require each blockchain node to re-initialize the key to generate a public-private key every time the encryption operation is performed, but always uses the public-private key of each blockchain node, so the encryption operation process of the scheme can be made more efficient. It is simple and convenient, so that the cost of the encryption operation can be reduced.
可选地,在生成第一密文分片之前,还包括:Optionally, before generating the first ciphertext fragment, it also includes:
针对每个区块链节点,所述客户端基于所述区块链节点的加密偏移因子,生成所述区块链节点的第二承诺分片;For each blockchain node, the client generates a second commitment fragment of the blockchain node based on the encryption offset factor of the blockchain node;
所述客户端确定所述m个区块链节点的第一承诺分片与所述m个区块链节点的第二承诺分片是否均对应相同;The client determines whether the first commitment fragments of the m blockchain nodes and the second commitment fragments of the m blockchain nodes are all corresponding to the same;
若是,则所述客户端确认所述m个区块链节点的第一承诺分片验证成功。If yes, the client confirms that the verification of the first committed fragment of the m blockchain nodes is successful.
上述技术方案中,为了客户端从智能合约中获取的各区块链节点的承诺分片是准确的,因此为了验证各区块链节点的承诺分片的准确性,就会基于通过秘密通道获取的各区块链节点的加密偏移因子重新生成各区块链节点的承诺分片来进行验证,以确保在基于各区块链节点的承诺分片对待加密数据进行加密处理所生成的密文分片的安全性和准确性。In the above technical solution, in order for the client to obtain accurate fragments of commitments of each blockchain node from the smart contract, in order to verify the accuracy of the commitments of each blockchain node, it is based on The encrypted offset factor of the blockchain node regenerates the commitment fragment of each blockchain node for verification, so as to ensure the security of the ciphertext fragment generated by encrypting the data to be encrypted based on the commitment fragment of each blockchain node and accuracy.
第三方面,本发明实施例提供了一种基于智能合约的数据处理装置,适用于具有m个区块链节点的联盟链,所述装置包括:In the third aspect, the embodiment of the present invention provides a data processing device based on a smart contract, which is suitable for a consortium chain with m blockchain nodes, and the device includes:
生成单元,用于针对任一区块链节点,在确定满足智能合约中的解密时间戳时,基于所述区块链节点的公私钥生成索引密文;所述解密时间戳是客户端生成的用于指示对所述客户端上传至所述智能合约中的加密信息进行解密的时间;所述加密信息包括针对每个区块链节点的第一密文分片和第二密文分片;第一密文分片是所述客户端基于区块链节点的公私钥生成的;第二密文分片是所述客户端基于待加密数据生成的;The generation unit is used to generate index ciphertext based on the public and private keys of the blockchain node when it is determined that the decryption timestamp in the smart contract is met for any blockchain node; the decryption timestamp is generated by the client Used to indicate the time to decrypt the encrypted information uploaded by the client to the smart contract; the encrypted information includes a first ciphertext fragment and a second ciphertext fragment for each blockchain node; The first ciphertext fragment is generated by the client based on the public and private keys of the blockchain nodes; the second ciphertext fragment is generated by the client based on the data to be encrypted;
第一处理单元,用于从所述加密信息中确定出与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片;通过双线性映射,对与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片进行处理,得到所述区块链节点的验证分片,并将所述验证分片上传至所述智能合约;在验证m个验证分片满足设定要求后,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。A first processing unit, configured to determine from the encrypted information a first ciphertext segment matching the index ciphertext and a second ciphertext segment matching the index ciphertext; through bilinear mapping , process the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext to obtain the verification fragment of the blockchain node, and the The verification fragments are uploaded to the smart contract; after verifying that the m verification fragments meet the set requirements, decrypt the second ciphertext fragments matching the index ciphertext to obtain the data to be encrypted.
可选地,所述生成单元具体用于:Optionally, the generating unit is specifically used for:
将所述区块链节点的私钥与本轮加密索引进行拼接,生成偏移消息;Splicing the private key of the blockchain node with the encryption index of the current round to generate an offset message;
对所述偏移消息进行哈希运算,生成加密偏移因子;performing a hash operation on the offset message to generate an encrypted offset factor;
基于所述加密偏移因子以及所述区块链节点的公钥,生成所述索引密文。The index ciphertext is generated based on the encryption offset factor and the public key of the blockchain node.
可选地,所述第一处理单元具体用于:Optionally, the first processing unit is specifically configured to:
从所述智能合约获取m个区块链节点的第一承诺分片;所述第一承诺分片是区块链节 点基于各自的加密偏移因子生成的;Obtain the first commitment shards of m blockchain nodes from the smart contract; the first commitment shards are generated by the blockchain nodes based on their respective encryption offset factors;
通过所述双线性映射,将所述区块链节点的加密偏移因子、与所述索引密文匹配的第一密文分片、与所述索引密文匹配的第二密文分片、所述区块链节点的第一承诺分片以及所述区块链节点的私钥进行转换处理,生成所述区块链节点的验证分片。Through the bilinear mapping, the encryption offset factor of the blockchain node, the first ciphertext fragment matching the index ciphertext, and the second ciphertext fragment matching the index ciphertext , performing conversion processing on the first commitment fragment of the blockchain node and the private key of the blockchain node to generate a verification fragment of the blockchain node.
可选地,所述第一处理单元具体用于:Optionally, the first processing unit is specifically configured to:
确定所述区块链节点的验证分片与除所述区块链节点以外的其它区块链节点的验证分片是否相同;Determine whether the verification fragmentation of the blockchain node is the same as the verification fragmentation of other blockchain nodes except the blockchain node;
若是,则确认所述m个验证分片验证成功。If yes, confirm that the m verification fragments are successfully verified.
可选地,所述第一处理单元还用于:Optionally, the first processing unit is also used for:
在确认所述m个验证分片验证成功之后,将所述区块链节点的加密偏移因子上传至智能合约;After confirming that the verification of the m verification fragments is successful, upload the encryption offset factor of the blockchain node to the smart contract;
所述第一处理单元具体用于:The first processing unit is specifically used for:
从所述智能合约获取所述m个区块链节点的加密偏移因子;Obtain the encrypted offset factors of the m blockchain nodes from the smart contract;
通过所述双线性映射,基于所述m个区块链节点的加密偏移因子,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。Through the bilinear mapping, based on the encryption offset factors of the m blockchain nodes, the second ciphertext fragment matching the index ciphertext is decrypted to obtain the data to be encrypted.
可选地,所述第一处理单元还用于:Optionally, the first processing unit is also used for:
在得到所述待加密数据之后,从智能合约上获取所述区块链节点解密出的待加密数据以及所述m个区块链节点的加密偏移因子;所述待加密数据是所述区块链节点上传至所述智能合约的;After obtaining the data to be encrypted, obtain the data to be encrypted decrypted by the block chain node and the encryption offset factors of the m block chain nodes from the smart contract; the data to be encrypted is the area The block chain node uploads to the smart contract;
通过所述双线性映射,基于所述m个区块链节点的加密偏移因子,对所述区块链节点解密出的待加密数据进行验证,确定所述待加密数据与验证分片的匹配性,从而确定所述解密出的待加密数据是否正确。Through the bilinear mapping, based on the encryption offset factors of the m blockchain nodes, verify the data to be encrypted decrypted by the blockchain nodes, and determine the relationship between the data to be encrypted and the verification segment matching, so as to determine whether the decrypted data to be encrypted is correct.
第四方面,本发明实施例提供了一种基于智能合约的数据处理装置,适用于具有m个区块链节点的联盟链,所述装置包括:In the fourth aspect, the embodiment of the present invention provides a data processing device based on a smart contract, which is suitable for a consortium chain with m blockchain nodes, and the device includes:
获取单元,用于从智能合约获取述m个区块链节点的第一承诺分片,并通过秘密通信通道获取所述m个区块链节点的加密偏移因子;所述第一承诺分片是区块链节点基于各自的加密偏移因子生成的;所述加密偏移因子是区块链节点基于各自的私钥生成的;An acquisition unit, configured to acquire the first commitment fragments of the m blockchain nodes from the smart contract, and acquire the encrypted offset factors of the m blockchain nodes through a secret communication channel; the first commitment fragments are generated by blockchain nodes based on their respective encrypted offset factors; the encrypted offset factors are generated by blockchain nodes based on their respective private keys;
第二处理单元,用于针对每个区块链节点,基于所述区块链节点的加密偏移因子以及所述区块链节点的公钥,生成第一密文分片,并基于待加密数据以及除所述区块链节点以外的其它区块链节点的第一承诺分片,生成第二密文分片;生成解密时间戳;将所述解密时间戳以及所述m个区块链节点的第一密文分片、第二密文分片上传至所述智能合约;所述解密时间戳用于指示任一区块链节点在确定本地时间戳满足所述解密时间戳时对所述智能合约中的第一密文分片以及第二密文分片进行解密处理。The second processing unit is configured to, for each block chain node, generate a first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the Data and the first commitment fragments of other blockchain nodes except the blockchain node, generate a second ciphertext fragment; generate a decryption timestamp; combine the decryption timestamp and the m blockchain nodes The first ciphertext fragment and the second ciphertext fragment of the node are uploaded to the smart contract; the decryption timestamp is used to indicate that any block chain node determines that the local timestamp satisfies the decryption timestamp The first ciphertext fragment and the second ciphertext fragment in the smart contract are decrypted.
可选地,所述第二处理单元还用于:Optionally, the second processing unit is also used for:
在生成第一密文分片之前,针对每个区块链节点,基于所述区块链节点的加密偏移因子,生成所述区块链节点的第二承诺分片;Before generating the first ciphertext fragment, for each blockchain node, based on the encryption offset factor of the blockchain node, generate the second commitment fragment of the blockchain node;
确定所述m个区块链节点的第一承诺分片与所述m个区块链节点的第二承诺分片是否均对应相同;Determine whether the first committed fragments of the m blockchain nodes and the second committed fragments of the m blockchain nodes are all corresponding to the same;
若是,则确认所述m个区块链节点的第一承诺分片验证成功。If yes, then confirm that the verification of the first committed shards of the m blockchain nodes is successful.
第五方面,本发明实施例提供一种计算设备,包括至少一个处理器以及至少一个存储 器,其中,所述存储器存储有计算机程序,当所述程序被所述处理器执行时,使得所述处理器执行上述第一方面或第二方面任意所述的基于智能合约的数据处理方法。In a fifth aspect, an embodiment of the present invention provides a computing device, including at least one processor and at least one memory, wherein the memory stores a computer program, and when the program is executed by the processor, the processing The device implements the smart contract-based data processing method described in any of the first or second aspects above.
第六方面,本发明实施例提供一种计算机可读存储介质,其存储有可由计算设备执行的计算机程序,当所述程序在所述计算设备上运行时,使得所述计算设备执行上述第一方面或第二方面任意所述的基于智能合约的数据处理方法。In a sixth aspect, an embodiment of the present invention provides a computer-readable storage medium, which stores a computer program executable by a computing device, and when the program runs on the computing device, the computing device executes the above-mentioned first The smart contract-based data processing method described in any aspect or the second aspect.
附图说明Description of drawings
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings that need to be used in the description of the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some embodiments of the present invention. For Those of ordinary skill in the art can also obtain other drawings based on these drawings without making creative efforts.
图1为本发明实施例提供的一种基于智能合约的数据处理方法的流程示意图;FIG. 1 is a schematic flow diagram of a data processing method based on a smart contract provided by an embodiment of the present invention;
图2为本发明实施例提供的一种基于智能合约的数据处理装置的结构示意图;FIG. 2 is a schematic structural diagram of a data processing device based on a smart contract provided by an embodiment of the present invention;
图3为本发明实施例提供的另一种基于智能合约的数据处理装置的结构示意图;FIG. 3 is a schematic structural diagram of another smart contract-based data processing device provided by an embodiment of the present invention;
图4为本发明实施例提供的一种计算设备的结构示意图。FIG. 4 is a schematic structural diagram of a computing device provided by an embodiment of the present invention.
具体实施方式detailed description
为了使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明作进一步地详细描述,显然,所描述的实施例仅仅是本发明的一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本发明保护的范围。In order to make the purpose, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings. Obviously, the described embodiments are only some of the embodiments of the present invention, rather than all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.
下面首先对本发明实施例中涉及的部分用语进行解释说明,以便于本领域技术人员进行理解。Part of the terms involved in the embodiments of the present invention will firstly be explained below, so as to facilitate the understanding of those skilled in the art.
(1)区块:是过程区块链的基本单元,由包含元数据的区块头和包含交易数据的区块体构成。其中,区块头主要包括父区块的哈希。(1) Block: It is the basic unit of the process blockchain, consisting of a block header containing metadata and a block body containing transaction data. Among them, the block header mainly includes the hash of the parent block.
(2)区块链:是由一系列区块组成的一条链,每个块上除了记录本块的数据还会记录上一块的Hash值,通过这种方式组成一条链。此外,区块链的核心理念有两个:一个是密码学技术,另一个是去中心化思想。基于这两个理念做到区块链上的历史信息无法被篡改。区块链中的一个区块由块头和块体组成。其中,块头主要包括该区块高度h、上一个区块的hash等,而块体主要存储交易数据。(2) Blockchain: It is a chain composed of a series of blocks. In addition to recording the data of this block, each block also records the Hash value of the previous block. In this way, a chain is formed. In addition, there are two core concepts of the blockchain: one is cryptography technology, and the other is the idea of decentralization. Based on these two concepts, the historical information on the blockchain cannot be tampered with. A block in the blockchain consists of a block header and a block body. Among them, the block header mainly includes the block height h, the hash of the previous block, etc., and the block body mainly stores transaction data.
(3)节点:网络中的每一个参与者就是一个节点,节点参与网络组建和数据交换。在区块链网络中,一个节点是指一个具有唯一身份的参与者,该节点具有一份完整的账本拷贝,具有参与区块链网络共识和账本维护的能力。(3) Node: Every participant in the network is a node, and the node participates in network formation and data exchange. In the blockchain network, a node refers to a participant with a unique identity. The node has a complete copy of the ledger and has the ability to participate in the blockchain network consensus and ledger maintenance.
(4)联盟链:是指有若干机构或组织共同参与管理的区块链,他们各自运行着一个或多个节点,之中的数据只允许系统内不同的机构进行读取和发送交易,并且共同记录交易数据。联盟链的各个节点通常有与之对应的实体机构组织,通过授权后才能加入与退出网络;各机构组织组成利益相关的联盟,共同维护区块链的健康运转。(4) Consortium chain: refers to a blockchain that is jointly managed by several institutions or organizations, each of which runs one or more nodes, and the data in it only allows different institutions in the system to read and send transactions, and Co-record transaction data. Each node of the consortium chain usually has a corresponding entity organization, which can only join and exit the network after authorization; each organization forms a stake-related alliance to jointly maintain the healthy operation of the blockchain.
(5)双线性映射:对于任意的a,b∈Z p *,e(aR,bS)=e(R,S) ab成立,R、S是G 1的任意点。假设G 1是生成元为P的加法循环群,阶为p,G 2是与G 1具有相同阶的乘法循环群,a,b是 Z p *(p阶素数循环群)中的元素。 (5) Bilinear mapping: For any a,b∈Z p * , e(aR,bS)=e(R,S) ab holds, and R and S are any points of G 1 . Assume that G 1 is an additive cyclic group with generator P and its order is p, G 2 is a multiplicative cyclic group with the same order as G 1 , and a, b are elements in Z p * (prime cyclic group of order p).
(6)智能合约:智能合约是运行在区块链系统之上的一份代码和数据的集合,其中代码负责实现智能合约的功能,数据负责存储智能合约状态,智能合约可以接收和发送信息。(6) Smart contract: A smart contract is a collection of code and data running on the blockchain system, in which the code is responsible for realizing the functions of the smart contract, the data is responsible for storing the state of the smart contract, and the smart contract can receive and send information.
如上介绍了本发明实施例中涉及的部分用语,下面对本发明实施例涉及的技术特征进行介绍。Part of the terms involved in the embodiments of the present invention have been introduced above, and the technical features involved in the embodiments of the present invention will be introduced below.
图1示例性的示出了本发明实施例提供的一种基于智能合约的数据处理方法的流程,该流程可以由基于智能合约的数据处理装置执行。其中,该基于智能合约的数据处理方法适用于具有m个区块链节点的联盟链。FIG. 1 exemplarily shows the flow of a data processing method based on a smart contract provided by an embodiment of the present invention, and the flow can be executed by a data processing device based on a smart contract. Wherein, the smart contract-based data processing method is applicable to a consortium chain with m blockchain nodes.
如图1所示,该流程具体包括:As shown in Figure 1, the process specifically includes:
步骤101,针对每个区块链节点,所述区块链节点基于自己的加密偏移因子生成第一承诺分片,并将第一承诺分片上传至智能合约。 Step 101, for each blockchain node, the blockchain node generates a first commitment fragment based on its encrypted offset factor, and uploads the first commitment fragment to the smart contract.
步骤102,客户端从智能合约获取述m个区块链节点的第一承诺分片,并通过秘密通信通道获取所述m个区块链节点的加密偏移因子。Step 102, the client obtains the first committed fragments of the m blockchain nodes from the smart contract, and obtains the encrypted offset factors of the m blockchain nodes through a secret communication channel.
步骤103,针对每个区块链节点,所述客户端基于所述区块链节点的加密偏移因子以及所述区块链节点的公钥,生成第一密文分片,并基于待加密数据以及除所述区块链节点以外的其它区块链节点的第一承诺分片,生成第二密文分片,以及生成解密时间戳。 Step 103, for each block chain node, the client generates a first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the The data and the first commitment fragments of other blockchain nodes except the blockchain node generate second ciphertext fragments and decryption timestamps.
步骤104,所述客户端将所述解密时间戳以及所述m个区块链节点的第一密文分片、第二密文分片上传至所述智能合约。Step 104, the client uploads the decrypted timestamp and the first ciphertext fragment and the second ciphertext fragment of the m blockchain nodes to the smart contract.
步骤105,针对任一区块链节点,所述区块链节点在确定满足智能合约中的解密时间戳时,基于所述区块链节点的公私钥生成索引密文。Step 105, for any block chain node, when the block chain node determines that the decryption timestamp in the smart contract is satisfied, an index ciphertext is generated based on the public and private keys of the block chain node.
步骤106,所述区块链节点从所述加密信息中确定出与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片。 Step 106, the blockchain node determines from the encrypted information a first ciphertext segment matching the index ciphertext and a second ciphertext segment matching the index ciphertext.
步骤107,所述区块链节点通过双线性映射,对与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片进行处理,得到所述区块链节点的验证分片,并将所述验证分片上传至智能合约。 Step 107, the block chain node processes the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext through bilinear mapping to obtain the The verification fragment of the blockchain node is uploaded to the smart contract.
步骤108,所述区块链节点在验证m个验证分片满足设定要求后,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。 Step 108, after verifying that the m verification fragments meet the set requirements, the blockchain node decrypts the second ciphertext fragment matching the index ciphertext to obtain the data to be encrypted.
上述步骤101中,针对联盟链中每个区块链节点,该区块链节点将自己的私钥和本轮加密偏移因子进行拼接处理,生成偏移消息,并通过消息摘要算法或安全散列算法等对偏移消息进行哈希运算,生成该区块链节点的加密偏移因子,再通过该加密偏移因子以及椭圆曲线上的公开点,生成该区块链节点的第一承诺分片,并将该第一承诺分片上传至智能合约,如此联盟链中各区块链节点都将自己生成的第一承诺分片上传至智能合约。示例性地,假设联盟链中有三个区块链节点,即区块链节点1、区块链节点2以及区块链节点3,以联盟链中的区块链节点1为例,区块链节点1将自己的私钥sk 1与本轮加密索引index进行拼接,生成偏移消息(sk 1|index)。再通过消息摘要算法或安全散列算法等对偏移消息进行哈希运算,生成区块链节点1的加密偏移因子,即加密偏移因子r 1=H(sk 1|index)。然后,将自己的加密偏移因子r 1与椭圆曲线上的公开点G进行相乘,生成区块链节点1的第一承诺分片,即第一承诺分片R 1=r 1*G。 In the above step 101, for each blockchain node in the consortium chain, the blockchain node splices its own private key and the offset factor of the current round of encryption, generates an offset message, and uses the message digest algorithm or secure hash Hash operation on the offset message by column algorithm to generate the encrypted offset factor of the blockchain node, and then generate the first commitment score of the blockchain node through the encrypted offset factor and the public point on the elliptic curve piece, and upload the first commitment piece to the smart contract, so that each blockchain node in the alliance chain uploads the first commitment piece generated by itself to the smart contract. Exemplarily, suppose there are three blockchain nodes in the alliance chain, namely, blockchain node 1, blockchain node 2, and blockchain node 3. Taking blockchain node 1 in the alliance chain as an example, the blockchain Node 1 concatenates its own private key sk 1 with the current encryption index index to generate an offset message (sk 1 |index). Then hash the offset message through a message digest algorithm or a secure hash algorithm to generate the encrypted offset factor of blockchain node 1, that is, the encrypted offset factor r 1 =H(sk 1 |index). Then, multiply its own encrypted offset factor r 1 with the public point G on the elliptic curve to generate the first commitment fragment of blockchain node 1, that is, the first commitment fragment R 1 =r 1 *G.
上述步骤102中,用户在需要对待加密数据进行加密时,通过客户端向联盟链中任一 区块链节点发送第一承诺分片获取请求,该第一承诺分片获取请求用于获取m个区块链节点的第一承诺分片。该区块链节点在接收到第一承诺分片获取请求后,从智能合约读取各区块链节点的第一承诺分片,然后将m个区块链节点的第一承诺分片发送给客户端。同时,用户利用客户端通过秘密通信通道向m个区块链节点的发送加密偏移因子获取请求。每个区块链节点在接收到加密偏移因子获取请求后,将自己的加密偏移因子发送给客户端。客户端在接收到m个区块链节点的第一承诺分片以及加密偏移因子后,针对每个区块链节点,客户端基于该区块链节点的加密偏移因子,生成该区块链节点的第二承诺分片,即该区块链节点的加密偏移因子以及椭圆曲线上的公开点,生成该区块链节点的第二承诺分片。然后,确定m个区块链节点的第一承诺分片与m个区块链节点的第二承诺分片是否均对应相同,若是,则确认m个区块链节点的第一承诺分片验证成功。如此,为了客户端从智能合约中获取的各区块链节点的承诺分片是准确的,因此为了验证各区块链节点的承诺分片的准确性,就会基于通过秘密通道获取的各区块链节点的加密偏移因子重新生成各区块链节点的承诺分片来进行验证,以确保在基于各区块链节点的承诺分片对待加密数据进行加密处理所生成的密文分片的安全性和准确性。示例性地,以联盟链中的区块链节点1为例,针对区块链节点1,用户通过客户端将区块链节点1的加密偏移因子r 1与椭圆曲线上的公开点G进行相乘,生成针对区块链节点1的偏移验证承诺R 1′=r 1*G。然后,用户通过客户端验证本地生成的区块链节点1的偏移验证承诺R 1′与从智能合约上获取的区块链节点1的偏移承诺R 1是否相等。 In the above step 102, when the user needs to encrypt the data to be encrypted, the user sends the first commitment fragment acquisition request to any blockchain node in the alliance chain through the client, and the first commitment fragment acquisition request is used to acquire m The first committed shard of a blockchain node. After the blockchain node receives the request for obtaining the first commitment fragment, it reads the first commitment fragments of each blockchain node from the smart contract, and then sends the first commitment fragments of the m blockchain nodes to the client end. At the same time, the user uses the client to send an encrypted offset factor acquisition request to m blockchain nodes through a secret communication channel. Each blockchain node sends its encrypted offset factor to the client after receiving the encrypted offset factor acquisition request. After the client receives the first committed fragment and encrypted offset factor of m blockchain nodes, for each blockchain node, the client generates the block based on the encrypted offset factor of the blockchain node The second commitment fragment of the chain node, that is, the encrypted offset factor of the blockchain node and the public point on the elliptic curve, generates the second commitment fragment of the blockchain node. Then, determine whether the first commitment fragments of the m blockchain nodes and the second commitment fragments of the m blockchain nodes are all corresponding to the same, if so, confirm the verification of the first commitment fragments of the m blockchain nodes success. In this way, in order for the client to obtain accurate fragments of the commitment of each blockchain node from the smart contract, in order to verify the accuracy of the commitment of each blockchain node, it will be based on the The encryption offset factor of each blockchain node regenerates the commitment fragments of each blockchain node for verification, so as to ensure the security and accuracy of the ciphertext fragments generated by encrypting the data to be encrypted based on the commitment fragments of each blockchain node . Exemplarily, taking blockchain node 1 in the consortium chain as an example, for blockchain node 1, the user compares the encryption offset factor r 1 of blockchain node 1 with the public point G on the elliptic curve through the client Multiplied together, an offset verification commitment R 1 ′=r 1 *G for blockchain node 1 is generated. Then, the user verifies whether the locally generated offset verification commitment R 1 ′ of the blockchain node 1 is equal to the offset commitment R 1 of the blockchain node 1 obtained from the smart contract through the client.
上述步骤103和步骤104中,针对每个区块链节点,客户端基于区块链节点的加密偏移因子以及所述区块链节点的公钥,生成第一密文分片,并基于待加密数据以及除区块链节点以外的其它区块链节点的第一承诺分片,生成第二密文分片,以及生成解密时间戳,然后将解密时间戳以及m个区块链节点的第一密文分片、第二密文分片上传至智能合约。其中,解密时间戳用于指示任一区块链节点在确定本地时间戳满足解密时间戳时对智能合约中的第一密文分片以及第二密文分片进行解密处理。示例性地,以联盟链中的区块链节点1为例,针对区块链节点1,用户通过客户端将区块链节点1的加密偏移因子r 1与区块链节点1的公钥pk 1进行相乘处理,生成针对区块链节点1的第一密文分片,即第一密文分片Q 1=r 1*pk 1。用户通过客户端对待加密数据m以及除区块链节点A以外的其它区块链节点的偏移承诺进行处理,生成针对区块链节点1的第二密文分片,即第二密文分片T 1=m*G+R 2+R 3In the above step 103 and step 104, for each blockchain node, the client generates the first ciphertext fragment based on the encrypted offset factor of the blockchain node and the public key of the blockchain node, and based on the Encrypt the data and the first commitment fragment of other blockchain nodes except the blockchain node, generate the second ciphertext fragment, and generate the decryption timestamp, and then decrypt the timestamp and the first m blockchain nodes The first ciphertext fragment and the second ciphertext fragment are uploaded to the smart contract. Wherein, the decryption timestamp is used to instruct any blockchain node to decrypt the first ciphertext fragment and the second ciphertext fragment in the smart contract when determining that the local timestamp satisfies the decryption timestamp. Exemplarily, taking the blockchain node 1 in the consortium chain as an example, for the blockchain node 1, the user uses the client to encrypt the encryption offset factor r 1 of the blockchain node 1 and the public key of the blockchain node 1 pk 1 is multiplied to generate the first ciphertext fragment for blockchain node 1, that is, the first ciphertext fragment Q 1 =r 1 *pk 1 . The user processes the encrypted data m and the offset commitments of other blockchain nodes except blockchain node A through the client, and generates the second ciphertext fragment for blockchain node 1, that is, the second ciphertext fragment Slice T 1 =m*G+R 2 +R 3 .
上述步骤105和步骤106中,针对任一区块链节点,该区块链节点在确定本地时间戳满足智能合约中的解密时间戳时,即,该区块链节点确定本地时间戳大于等于智能合约中的解密时间戳时,即开始执行解密操作过程。具体地,区块链节点将区块链节点的私钥与本轮加密索引进行拼接,生成偏移消息,并对偏移消息进行哈希运算,生成加密偏移因子,然后基于加密偏移因子以及区块链节点的公钥,生成索引密文。示例性地,以联盟链中的区块链节点1为例,针对区块链节点1,区块链节点1将自己的加密偏移因子r 1与区块链节点1的公钥pk 1进行相乘处理,生成针对区块链节点1的索引密文,即索引密文S 1=r 1*pk 1。如此,可以为每个区块链节点及时准确地基于自己生成的索引密文从智能合约确定出与该区块链节点的索引密文匹配的第一密文分片和第二密文分片提供支持。然后,该区块链节点基于自己生成的索引密文从加密信息中确定出与索引密文匹配的第一密文分片和与索引密文匹配的第二密文分片。其中,加密信息包括针对每个区块链节点的第 一密文分片和第二密文分片。 In the above step 105 and step 106, for any blockchain node, when the blockchain node determines that the local timestamp meets the decrypted timestamp in the smart contract, that is, the blockchain node determines that the local timestamp is greater than or equal to the smart When the decryption timestamp in the contract is entered, the decryption operation process starts. Specifically, the blockchain node splices the private key of the blockchain node with the encryption index of the current round to generate an offset message, and performs a hash operation on the offset message to generate an encrypted offset factor, and then based on the encrypted offset factor And the public key of the blockchain node to generate index ciphertext. Exemplarily, taking the blockchain node 1 in the consortium chain as an example, for the blockchain node 1, the blockchain node 1 compares its encryption offset factor r 1 with the public key pk 1 of the blockchain node 1 The multiplication process generates index ciphertext for blockchain node 1, that is, index ciphertext S 1 =r 1 *pk 1 . In this way, the first ciphertext fragment and the second ciphertext fragment matching the index ciphertext of the blockchain node can be determined from the smart contract for each blockchain node in a timely and accurate manner based on the index ciphertext generated by itself provide support. Then, based on the index ciphertext generated by itself, the block chain node determines the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext from the encrypted information. Wherein, the encrypted information includes a first ciphertext fragment and a second ciphertext fragment for each block chain node.
上述步骤107和步骤108中,针对任一区块链节点,该区块链节点从智能合约获取m个区块链节点的第一承诺分片,并通过双线性映射,将区块链节点的加密偏移因子、与索引密文匹配的第一密文分片、与索引密文匹配的第二密文分片、区块链节点的第一承诺分片以及区块链节点的私钥进行转换处理,可以及时准确地生成区块链节点的验证分片,并将该验证分片上传至智能合约,以便为后续解密出待加密数据提供支持。然后,在确定m个区块链节点都将自己生成的验证分片上传至智能合约后,确定该区块链节点的验证分片与除该区块链节点以外的其它区块链节点的验证分片是否相同,若是,则确认m个验证分片验证成功。如此,任一区块链节点通过确定自己的验证分片与除该区块链节点以外的其它区块链节点的验证分片是否相同来完成针对验证分片的共识同步过程。并确定各区块链节点均验证成功后,即可确认各区块链节点即使利用不同的私钥进行解密也能得到相同的中间结果(即验证分片),而无需各区块链节点都使用相同的私钥。在确认m个验证分片验证成功之后,该区块链节点将区块链节点的加密偏移因子上传至智能合约,如此,m个区块链节点都会将自己的加密偏移因子上传至智能合约。然后,任一区块链节点从智能合约获取m个区块链节点的加密偏移因子,并通过双线性映射,基于m个区块链节点的加密偏移因子,对与索引密文匹配的第二密文分片进行解密,得到待加密数据,并将该待加密数据上传至智能合约。In the above step 107 and step 108, for any blockchain node, the blockchain node obtains the first commitment fragments of m blockchain nodes from the smart contract, and through bilinear mapping, the blockchain node The encrypted offset factor of , the first ciphertext fragment matching the index ciphertext, the second ciphertext fragment matching the index ciphertext, the first commitment shard of the blockchain node, and the private key of the blockchain node Through the conversion process, the verification fragment of the blockchain node can be generated in a timely and accurate manner, and the verification fragment can be uploaded to the smart contract to provide support for subsequent decryption of the data to be encrypted. Then, after confirming that all m blockchain nodes have uploaded the verification fragments generated by themselves to the smart contract, it is determined that the verification fragments of the blockchain node and the verification fragments of other blockchain nodes except the blockchain node Whether the shards are the same, if so, confirm that m verification shards are successfully verified. In this way, any blockchain node completes the consensus synchronization process for the verification shard by determining whether its own verification shard is the same as that of other blockchain nodes except the blockchain node. And after confirming that each block chain node is successfully verified, it can be confirmed that each block chain node can obtain the same intermediate result (ie verification fragmentation) even if it uses a different private key to decrypt, without using the same block chain node. private key. After confirming that m verification fragments are successfully verified, the blockchain node uploads the encryption offset factor of the blockchain node to the smart contract, so that m blockchain nodes will upload their own encryption offset factors to the smart contract contract. Then, any blockchain node obtains the encrypted offset factors of m blockchain nodes from the smart contract, and through bilinear mapping, based on the encrypted offset factors of m blockchain nodes, the pair matches with the index ciphertext Decrypt the second ciphertext fragment to obtain the data to be encrypted, and upload the data to be encrypted to the smart contract.
示例性地,以满足解密条件的区块链节点2为例,区块链节点2可以按照二进制数的取值范围从小到大或从大到小依次进行遍历,并基于验证分片,通过双线性映射,确定每个被遍历的数据m i是否满足
Figure PCTCN2021131302-appb-000001
其中,该等式的右边是一个验证分片,也是一个数值。若确定某一数据m i满足,则将该数据m i作为解密出的数据,并将该解密出的数据上传至智能合约。 Exemplarily, taking the blockchain node 2 that satisfies the decryption condition as an example, the blockchain node 2 can traverse in sequence according to the value range of binary numbers from small to large or from large to small, and based on verification fragmentation, through double Linear mapping, to determine whether each traversed data m i satisfies
Figure PCTCN2021131302-appb-000001
Among them, the right side of the equation is a verification slice, which is also a value. If it is determined that a certain data m i satisfies, the data m i will be used as the decrypted data, and the decrypted data will be uploaded to the smart contract.
在得到所述待加密数据之后,除区块链节点以外的其它区块链节点中每个区块链节点从智能合约上获取区块链节点解密出的待加密数据以及m个区块链节点的加密偏移因子,并通过双线性映射,基于m个区块链节点的加密偏移因子,对区块链节点解密出的待加密数据进行验证,确定待加密数据与验证分片的匹配性,以此验证该解密出的待加密数据是否正确,从而便于在确认各区块链节点针对该解密出的待加密数据达成共识后,即确认解密出的待加密数据是正确的,将该解密出的待加密数据记录至区块链。After obtaining the data to be encrypted, each blockchain node in other blockchain nodes except the blockchain node obtains the data to be encrypted decrypted by the blockchain node and m blockchain nodes from the smart contract The encryption offset factor of , and through bilinear mapping, based on the encryption offset factors of m blockchain nodes, verify the data to be encrypted decrypted by the blockchain node, and determine the matching between the data to be encrypted and the verification segment In order to verify whether the decrypted data to be encrypted is correct, so that after confirming that each blockchain node has reached a consensus on the decrypted data to be encrypted, it is confirmed that the decrypted data to be encrypted is correct, and the decrypted The data to be encrypted is recorded to the blockchain.
示例性地,以解密出待加密数据的区块链节点2为例,其它区块链节点从智能合约上获取区块链节点2解密出的待加密数据m i。例如,区块链节点1从智能合约上获取解密出的待加密数据m i,通过双线性映射算法,验证区块链节点1解密出的待加密数据m i与验证分片的匹配性。即,验证是否满足
Figure PCTCN2021131302-appb-000002
若满足,则区块链节点1确认区块链节点2解密出的待加密数据m i是正确的。同理,其它区块链节点也可以按照与区块链节点1相同的验证方式进行验证区块链节点2解密出的待加密数据m i是否是正确的,在此不再赘述。 Exemplarily, taking the block chain node 2 that has decrypted the data to be encrypted as an example, other block chain nodes obtain the data m i to be encrypted decrypted by the block chain node 2 from the smart contract. For example, the blockchain node 1 obtains the decrypted data mi to be encrypted from the smart contract, and verifies the matching between the data mi decrypted by the blockchain node 1 and the verification slice through the bilinear mapping algorithm. That is, verify that
Figure PCTCN2021131302-appb-000002
If it is satisfied, the block chain node 1 confirms that the data mi to be encrypted decrypted by the block chain node 2 is correct. Similarly, other blockchain nodes can also verify whether the data mi to be encrypted decrypted by blockchain node 2 is correct in the same verification method as blockchain node 1, and details will not be repeated here.
基于此,下面以应用场景为联盟链为例,对本发明实施例中基于智能合约的数据处理方法的实施过程进行具体描述。Based on this, the implementation process of the smart contract-based data processing method in the embodiment of the present invention will be described in detail below by taking the application scenario as an alliance chain as an example.
Step1:联盟链中各区块链节点生成各自的偏移承诺。Step1: Each blockchain node in the consortium chain generates its own offset commitment.
具体地,在用户对待加密数据进行加密时,需要通过联盟链中任一区块链节点获取各区块链节点的偏移承诺用于加密待加密数据。基于此,在用户对待加密数据进行加密之前, 联盟链中各区块链节点会预先生成各自的偏移承诺。Specifically, when the user encrypts the data to be encrypted, it is necessary to obtain the offset commitment of each blockchain node through any blockchain node in the consortium chain to encrypt the data to be encrypted. Based on this, before the user encrypts the data to be encrypted, each blockchain node in the consortium chain will pre-generate its own offset commitment.
下面对每个区块链节点生成偏移承诺的具体实施过程进行描述。The specific implementation process of generating offset commitments for each blockchain node is described below.
步骤a、针对每个区块链节点,该区块链节点基于自己的私钥和本轮加密索引,生成该区块链节点的加密偏移因子。Step a. For each blockchain node, the blockchain node generates an encryption offset factor for the blockchain node based on its own private key and the current round of encryption index.
具体地,以联盟链由四个区块链节点组成为例,即区块链节点A、区块链节点B、区块链节点C以及区块链节点D。区块链节点A将自己的私钥sk A与本轮加密索引index进行拼接,生成偏移消息(sk A|index)。再通过消息摘要算法或安全散列算法等对偏移消息进行哈希运算,生成区块链节点A的加密偏移因子,即加密偏移因子r A=H(sk A|index)。区块链节点B将自己的私钥sk B与本轮加密索引index进行拼接,生成偏移消息(sk B|index)。再通过消息摘要算法或安全散列算法等对偏移消息进行哈希运算,生成区块链节点B的加密偏移因子,即加密偏移因子r B=H(sk B|index)。区块链节点C将自己的私钥sk C与本轮加密索引index进行拼接,生成偏移消息(sk C|index)。再通过消息摘要算法或安全散列算法等对偏移消息进行哈希运算,生成区块链节点C的加密偏移因子,即加密偏移因子r C=H(sk C|index)。区块链节点D将自己的私钥sk D与本轮加密索引index进行拼接,生成偏移消息(sk D|index)。再通过消息摘要算法或安全散列算法等对偏移消息进行哈希运算,生成区块链节点D的加密偏移因子,即加密偏移因子r D=H(sk D|index)。 Specifically, take the example that the alliance chain is composed of four blockchain nodes, namely, blockchain node A, blockchain node B, blockchain node C, and blockchain node D. Blockchain node A splices its own private key sk A with the current round of encrypted index index to generate an offset message (sk A | index). Then hash the offset message through the message digest algorithm or secure hash algorithm to generate the encryption offset factor of blockchain node A, that is, the encryption offset factor r A = H(sk A | index). Blockchain node B splices its own private key sk B with the current round of encrypted index index to generate an offset message (sk B |index). Then hash the offset message through a message digest algorithm or a secure hash algorithm to generate the encryption offset factor of the blockchain node B, that is, the encryption offset factor r B = H(sk B |index). Blockchain node C splices its own private key sk C with the current round of encrypted index index to generate an offset message (sk C |index). Then hash the offset message through the message digest algorithm or secure hash algorithm to generate the encryption offset factor of the blockchain node C, that is, the encryption offset factor r C =H(sk C |index). Blockchain node D splices its own private key sk D with the current round of encrypted index index to generate an offset message (sk D | index). Then hash the offset message through the message digest algorithm or secure hash algorithm to generate the encryption offset factor of the blockchain node D, that is, the encryption offset factor r D =H(sk D |index).
步骤b、每个区块链节点基于自己的加密偏移因子以及椭圆曲线上的公开点,生成该区块链节点的偏移承诺。Step b. Each blockchain node generates an offset commitment for the blockchain node based on its encrypted offset factor and the public point on the elliptic curve.
具体地,每个区块链节点将自己的加密偏移因子与椭圆曲线上的公开点G进行相乘,生成该区块链节点的偏移承诺,即偏移承诺R x=r x*G。继续以上述联盟链由四个区块链节点组成为例,区块链节点A将自己的加密偏移因子r A与椭圆曲线上的公开点G进行相乘,生成区块链节点A的偏移承诺,即偏移承诺R A=r A*G。区块链节点B将自己的加密偏移因子r B与椭圆曲线上的公开点G进行相乘,生成区块链节点B的偏移承诺,即偏移承诺R B=r B*G。区块链节点C将自己的加密偏移因子r C与椭圆曲线上的公开点G进行相乘,生成区块链节点C的偏移承诺,即偏移承诺R C=r C*G。区块链节点D将自己的加密偏移因子r D与椭圆曲线上的公开点G进行相乘,生成区块链节点D的偏移承诺,即偏移承诺R D=r D*G。其中,需要说明的是,各区块链节点将加密偏移因子与椭圆曲线上的公开点相乘所得到的运算结果(即偏移承诺)仍为椭圆曲线上的点。 Specifically, each blockchain node multiplies its encrypted offset factor with the public point G on the elliptic curve to generate the offset commitment of the blockchain node, that is, the offset commitment R x = r x *G . Continuing to take the above-mentioned consortium chain consisting of four blockchain nodes as an example, blockchain node A multiplies its encrypted offset factor r A with the public point G on the elliptic curve to generate the bias of blockchain node A shift commitment, that is, the shift commitment R A =r A *G. Blockchain node B multiplies its encryption offset factor r B with the public point G on the elliptic curve to generate an offset commitment of blockchain node B, that is, offset commitment R B =r B *G. Blockchain node C multiplies its encrypted offset factor r C with the public point G on the elliptic curve to generate an offset commitment of blockchain node C, that is, offset commitment R C =r C *G. The blockchain node D multiplies its encryption offset factor r D with the public point G on the elliptic curve to generate the offset commitment of the blockchain node D, that is, the offset commitment R D =r D *G. Among them, it should be noted that the calculation result (that is, the offset commitment) obtained by multiplying the encrypted offset factor by the public point on the elliptic curve by each blockchain node is still a point on the elliptic curve.
步骤c、每个区块链节点将自己的偏移承诺上传至智能合约。Step c. Each blockchain node uploads its offset commitment to the smart contract.
具体地,继续以上述联盟链由四个区块链节点组成为例,区块链节点A将自己的偏移承诺R A上传至智能合约E_Contract;区块链节点B将自己的偏移承诺R B上传至智能合约E_Contract;区块链节点C将自己的偏移承诺R C上传至智能合约E_Contract;区块链节点D将自己的偏移承诺R D上传至智能合约E_Contract。 Specifically, continue to take the above-mentioned consortium chain consisting of four blockchain nodes as an example. Blockchain node A uploads its own offset commitment R A to the smart contract E_Contract; blockchain node B uploads its own offset commitment R B uploads to the smart contract E_Contract; blockchain node C uploads its own offset commitment R C to the smart contract E_Contract; blockchain node D uploads its own offset commitment R D to the smart contract E_Contract.
此外,联盟链中各区块链节点也会将自己的公钥上传至智能合约。即,区块链节点A将自己的公钥pk A上传至智能合约E_Contract;区块链节点B将自己的公钥pk B上传至智能合约E_Contract;区块链节点C将自己的公钥pk C上传至智能合约E_Contract;区块链节点D将自己的公钥pk D上传至智能合约E_Contract。在智能合约E_Contract中形成一个pk list=[pk A,pk B,pk C,pk D]。倘若该联盟链中有新区块链节点加入时,会同步更新该pk list。其中,pk x=sk x*G,G为椭圆曲线上的公开点,例如pk A=sk A*G。 In addition, each blockchain node in the consortium chain will also upload its own public key to the smart contract. That is, blockchain node A uploads its own public key pk A to the smart contract E_Contract; blockchain node B uploads its own public key pk B to the smart contract E_Contract; blockchain node C uploads its own public key pk C Upload to smart contract E_Contract; blockchain node D uploads its own public key pk D to smart contract E_Contract. A pk list = [pk A ,pk B ,pk C ,pk D ] is formed in the smart contract E_Contract. If a new blockchain node joins the consortium chain, the pk list will be updated synchronously. Wherein, pk x =sk x *G, G is a public point on the elliptic curve, for example, pk A =sk A *G.
Step2:用户通过客户端对待加密数据进行加密处理,并将加密后的数据上传至智能合 约。Step2: The user encrypts the data to be encrypted through the client, and uploads the encrypted data to the smart contract.
具体地,针对每个区块链节点,用户通过客户端基于该区块链节点的偏移加密因子以及公钥,生成第一密文分片,并基于除该区块链节点以外的其它区块链节点的偏移承诺,对待加密数据进行处理,生成第二密文分片。然后,用户通过客户端将各区块链节点的第一密文分片、第二密文分片上传至智能合约。Specifically, for each block chain node, the user generates the first ciphertext fragment based on the offset encryption factor and public key of the block chain node through the client, and generates the first ciphertext fragment based on other areas except the block chain node The offset commitment of the block chain node processes the data to be encrypted and generates the second ciphertext fragment. Then, the user uploads the first ciphertext fragment and the second ciphertext fragment of each blockchain node to the smart contract through the client.
下面对用户通过客户端生成密文分片的具体实施过程进行描述。The following describes the specific implementation process for the user to generate ciphertext fragments through the client.
步骤a、用户通过客户端向联盟链中任一区块链节点发送偏移承诺获取请求。Step a. The user sends an offset commitment acquisition request to any blockchain node in the consortium chain through the client.
其中,该偏移承诺获取请求用于获取各区块链节点的偏移承诺,客户端装载于终端设备上,该终端设备可以是平板电脑、手机、笔记本电脑或台式电脑等终端设备,本发明实施例对此并不作限定。具体地,用户在需要对某一待加密数据进行加密时,首先会向任一区块链节点发送偏移承诺获取请求。该区块链节点在接收到偏移承诺获取请求后,会从智能合约中读取各区块链节点的偏移承诺,并对各区块链节点的偏移承诺进行打包处理,形成数据包,然后将该数据包发送给客户端。客户端在接收到该数据包后,对该数据包进行解析处理,得到各区块链节点的偏移承诺。示例性地,继续以上述联盟链由四个区块链节点组成为例,比如,用户通过客户端向区块链节点A发送偏移承诺获取请求。区块链节点A在接收到偏移承诺获取请求后,会从智能合约中读取区块链节点A、区块链节点B、区块链节点C以及区块链节点D的偏移承诺,并对这四个区块链节点的偏移承诺进行打包处理,形成数据包,然后将该数据包发送给客户端。客户端在接收到该数据包后,对该数据包进行解析处理,得到区块链节点A的偏移承诺R A、区块链节点B的偏移承诺R B、区块链节点C的偏移承诺R C以及区块链节点D的偏移承诺R DWherein, the offset commitment acquisition request is used to acquire the offset commitment of each block chain node, and the client is loaded on a terminal device, which can be a terminal device such as a tablet computer, a mobile phone, a notebook computer or a desktop computer, and the implementation of the present invention The example is not limited to this. Specifically, when a user needs to encrypt a certain data to be encrypted, he will first send an offset commitment acquisition request to any blockchain node. After receiving the offset commitment acquisition request, the blockchain node will read the offset commitments of each blockchain node from the smart contract, and package the offset commitments of each blockchain node to form a data packet, and then Send that packet to the client. After receiving the data packet, the client parses and processes the data packet to obtain the offset commitment of each blockchain node. Exemplarily, continue to take the above-mentioned consortium chain composed of four blockchain nodes as an example, for example, the user sends an offset commitment acquisition request to blockchain node A through the client. After blockchain node A receives the offset commitment acquisition request, it will read the offset commitments of blockchain node A, blockchain node B, blockchain node C, and blockchain node D from the smart contract. And package the offset commitments of these four blockchain nodes to form a data packet, and then send the data packet to the client. After receiving the data packet, the client analyzes and processes the data packet, and obtains the offset commitment R A of the blockchain node A, the offset commitment R B of the blockchain node B, and the offset commitment R B of the blockchain node C. The offset commitment R C and the offset commitment R D of the blockchain node D.
步骤b、用户通过客户端向各区块链节点发送加密偏移因子获取请求。Step b. The user sends an encrypted offset factor acquisition request to each blockchain node through the client.
其中,该加密偏移因子获取请求用于获取每个区块链节点的加密偏移因子。具体地,用户基于客户端通过专属通信通道或秘密通信通道分别向各区块链节点发送加密偏移因子获取请求。每个区块链节点在接收到该加密偏移因子获取请求后,将自己的加密偏移因子发送给客户端。示例性地,继续以上述联盟链由四个区块链节点组成为例,用户基于客户端通过专属通信通道或秘密通信通道向区块链节点A发送加密偏移因子获取请求。区块链节点A在接收到该加密偏移因子获取请求后,将自己的加密偏移因子r A发送给客户端。用户基于客户端通过专属通信通道或秘密通信通道向区块链节点B发送加密偏移因子获取请求。区块链节点B在接收到该加密偏移因子获取请求后,将自己的加密偏移因子r B发送给客户端。区块链节点C在接收到该加密偏移因子获取请求后,将自己的加密偏移因子r C发送给客户端。区块链节点D在接收到该加密偏移因子获取请求后,将自己的加密偏移因子r D发送给客户端。 Wherein, the encryption offset factor acquisition request is used to acquire the encryption offset factor of each blockchain node. Specifically, based on the client, the user sends an encrypted offset factor acquisition request to each blockchain node through a dedicated communication channel or a secret communication channel. Each blockchain node sends its encrypted offset factor to the client after receiving the encrypted offset factor acquisition request. Exemplarily, continuing to take the above-mentioned consortium chain composed of four blockchain nodes as an example, the user sends an encrypted offset factor acquisition request to blockchain node A through a dedicated communication channel or a secret communication channel based on the client. Blockchain node A sends its encrypted offset factor r A to the client after receiving the encrypted offset factor acquisition request. Based on the client, the user sends an encrypted offset factor acquisition request to the blockchain node B through a dedicated communication channel or a secret communication channel. After receiving the encryption offset factor acquisition request, blockchain node B sends its own encryption offset factor r B to the client. Blockchain node C sends its encrypted offset factor r C to the client after receiving the encrypted offset factor acquisition request. Blockchain node D sends its encrypted offset factor r D to the client after receiving the encryption offset factor acquisition request.
步骤c、针对每个区块链节点,用户通过客户端基于该区块链节点的加密偏移因子以及椭圆曲线上的公开点,生成偏移验证承诺。Step c. For each blockchain node, the user generates an offset verification commitment through the client based on the encrypted offset factor of the blockchain node and the public point on the elliptic curve.
具体地,针对每个区块链节点,用户通过客户端将该区块链节点的加密偏移因子与椭圆曲线上的公开点进行相乘处理,生成针对该区块链节点的偏移验证承诺。示例性地,继续以上述联盟链由四个区块链节点组成为例,针对区块链节点A,用户通过客户端将区块链节点A的加密偏移因子r A与椭圆曲线上的公开点G进行相乘,生成针对区块链节点A的偏移验证承诺R A′=r A*G。针对区块链节点B,用户通过客户端将区块链节点B的加密偏移因子r B与椭圆曲线上的公开点G进行相乘,生成针对区块链节点B的偏移验证承诺 R B′=r B*G。针对区块链节点C,用户通过客户端将区块链节点C的加密偏移因子r C与椭圆曲线上的公开点G进行相乘,生成针对区块链节点C的偏移验证承诺R C′=r C*G。针对区块链节点D,用户通过客户端将区块链节点D的加密偏移因子r D与椭圆曲线上的公开点G进行相乘,生成针对区块链节点D的偏移验证承诺R D′=r D*G。 Specifically, for each blockchain node, the user multiplies the encrypted offset factor of the blockchain node with the public point on the elliptic curve through the client to generate an offset verification commitment for the blockchain node . Exemplarily, continue to take the above-mentioned consortium chain consisting of four blockchain nodes as an example. For blockchain node A, the user uses the client to compare the encrypted offset factor r A of blockchain node A with the public data on the elliptic curve. Point G is multiplied to generate the offset verification commitment R A ′=r A *G for blockchain node A. For blockchain node B, the user multiplies the encrypted offset factor r B of blockchain node B with the public point G on the elliptic curve through the client to generate an offset verification commitment R B for blockchain node B '= rB *G. For blockchain node C, the user multiplies the encrypted offset factor r C of blockchain node C with the public point G on the elliptic curve through the client to generate an offset verification commitment R C for blockchain node C '=r C *G. For the blockchain node D, the user multiplies the encrypted offset factor r D of the blockchain node D with the public point G on the elliptic curve through the client to generate an offset verification commitment R D for the blockchain node D '= rD *G.
步骤d、针对每个区块链节点,用户通过客户端验证本地生成的该区块链节点的偏移验证承诺与从智能合约上获取的该区块链节点的偏移承诺是否相等。Step d. For each blockchain node, the user verifies through the client whether the offset verification commitment of the blockchain node generated locally is equal to the offset commitment of the blockchain node obtained from the smart contract.
具体地,若验证本地生成的各区块链节点的偏移验证承诺与从智能合约上获取的各区块链节点的偏移承诺均对应相等,则执行步骤e;若验证本地生成的一个区块链节点的偏移验证承诺与从智能合约上获取的该区块链节点的偏移承诺不相等,或者验证本地生成的多个区块链节点的偏移验证承诺与从智能合约上获取的该多个区块链节点的偏移承诺不对应相等,则确定存在一个或多个区块链节点作恶,即可终止本次加密流程。Specifically, if it is verified that the offset verification commitment of each blockchain node generated locally is equal to the offset commitment of each blockchain node obtained from the smart contract, then perform step e; if verifying a locally generated blockchain The node's offset verification commitment is not equal to the offset commitment of the blockchain node obtained from the smart contract, or the offset verification commitment of multiple blockchain nodes generated locally is not equal to the multi-block chain node's offset commitment obtained from the smart contract. If the offset commitments of two blockchain nodes do not correspond to the same, it is determined that one or more blockchain nodes are doing evil, and the encryption process can be terminated.
示例性地,继续以上述联盟链由四个区块链节点组成为例,用户通过客户端验证本地生成的区块链节点A的偏移验证承诺R A′与从智能合约上获取的区块链节点A的偏移承诺R A是否相等;验证本地生成的区块链节点B的偏移验证承诺R B′与从智能合约上获取的区块链节点B的偏移承诺R B是否相等;验证本地生成的区块链节点C的偏移验证承诺R C′与从智能合约上获取的区块链节点C的偏移承诺R C是否相等;以及验证本地生成的区块链节点D的偏移验证承诺R D′与从智能合约上获取的区块链节点D的偏移承诺R D是否相等。若确定这四个区块链节点均验证成功,则执行步骤e;若确定这四个区块链节点中出现至少一个区块链节点验证不成功,比如区块链节点A验证不成功,则确定区块链节点A作恶,即可终止本次加密流程。或者区块链节点A和区块链节点B验证都不成功,则确定区块链节点A和区块链节点B作恶,即可终止本次加密流程。 Exemplarily, continue to take the above-mentioned consortium chain consisting of four blockchain nodes as an example, the user verifies the locally generated blockchain node A's offset verification commitment R A ' and the block obtained from the smart contract through the client Whether the offset commitment R A of chain node A is equal; verify whether the offset verification commitment R B ′ of blockchain node B generated locally is equal to the offset commitment R B of blockchain node B obtained from the smart contract; Verify whether the offset verification commitment R C ′ of the locally generated blockchain node C is equal to the offset commitment R C of the blockchain node C obtained from the smart contract; and verify the offset of the locally generated blockchain node D Whether the offset verification commitment R D ′ is equal to the offset commitment R D of the blockchain node D obtained from the smart contract. If it is determined that the verification of these four blockchain nodes is successful, then perform step e; if it is determined that at least one of the four blockchain nodes is unsuccessful in verification, for example, the verification of blockchain node A is unsuccessful, then If it is determined that blockchain node A is evil, the encryption process can be terminated. Or if the verification of blockchain node A and blockchain node B is unsuccessful, it is determined that blockchain node A and blockchain node B are evil, and the encryption process can be terminated.
步骤e、在确定各区块链节点的偏移承诺均验证成功后,针对每个区块链节点,用户通过客户端基于该区块链节点的加密偏移因子以及公钥,生成针对该区块链节点的第一密文分片。Step e. After confirming that the offset commitments of each blockchain node have been successfully verified, for each blockchain node, the user generates an encryption offset factor and public key for the block through the client through the client. The first ciphertext fragment of the chain node.
示例性地,继续以上述联盟链由四个区块链节点组成为例,针对区块链节点A,用户通过客户端将区块链节点A的加密偏移因子r A与区块链节点A的公钥pk A进行相乘处理,生成针对区块链节点A的第一密文分片,即第一密文分片Q A=r A*pk A。针对区块链节点B,用户通过客户端将区块链节点B的加密偏移因子r B与区块链节点B的公钥pk B进行相乘处理,生成针对区块链节点B的第一密文分片,即第一密文分片Q B=r B*pk B。针对区块链节点C,用户通过客户端将区块链节点C的加密偏移因子r C与区块链节点C的公钥pk C进行相乘处理,生成针对区块链节点C的第一密文分片,即第一密文分片Q C=r C*pk C。针对区块链节点D,用户通过客户端将区块链节点D的加密偏移因子r D与区块链节点D的公钥pk D进行相乘处理,生成针对区块链节点D的第一密文分片,即第一密文分片Q D=r D*pk DExemplarily, continue to take the above-mentioned consortium chain consisting of four blockchain nodes as an example. For blockchain node A, the user uses the client to compare the encryption offset factor r A of blockchain node A with blockchain node A The public key pk A of public key pk A is multiplied to generate the first ciphertext fragment for blockchain node A, that is, the first ciphertext fragment Q A =r A *pk A . For blockchain node B, the user multiplies the encryption offset factor r B of blockchain node B with the public key pk B of blockchain node B through the client to generate the first The ciphertext fragmentation, that is, the first ciphertext fragmentation Q B =r B *pk B . For blockchain node C, the user multiplies the encryption offset factor r C of blockchain node C with the public key pk C of blockchain node C through the client to generate the first The ciphertext fragmentation, that is, the first ciphertext fragmentation Q C =r C *pk C . For the blockchain node D, the user multiplies the encryption offset factor r D of the blockchain node D with the public key pk D of the blockchain node D through the client to generate the first key for the blockchain node D. The ciphertext fragmentation, that is, the first ciphertext fragmentation Q D =r D *pk D .
步骤f、针对每个区块链节点,用户通过客户端基于待加密数据以及除该区块链节点以外的其它区块链节点的偏移承诺,生成针对该区块链节点的第二密文分片。Step f. For each blockchain node, the user generates the second ciphertext for the blockchain node through the client based on the data to be encrypted and the offset commitments of other blockchain nodes except the blockchain node Fragmentation.
示例性地,继续以上述联盟链由四个区块链节点组成为例,针对区块链节点A,用户通过客户端对待加密数据m以及除区块链节点A以外的其它区块链节点的偏移承诺进行处理,生成针对区块链节点A的第二密文分片,即第二密文分片T A=m*G+R B+R C+R D。针对区块链节点B,用户通过客户端对待加密数据m以及除区块链节点B以外的其它区块 链节点的偏移承诺进行处理,生成针对区块链节点B的第二密文分片,即第二密文分片T B=m*G+R A+R C+R D。针对区块链节点C,用户通过客户端对待加密数据m以及除区块链节点C以外的其它区块链节点的偏移承诺进行处理,生成针对区块链节点C的第二密文分片,即第二密文分片T C=m*G+R A+R B+R D。针对区块链节点D,用户通过客户端对待加密数据m以及除区块链节点D以外的其它区块链节点的偏移承诺进行处理,生成针对区块链节点D的第二密文分片,即第二密文分片T D=m*G+R A+R B+R CExemplarily, continue to take the above-mentioned consortium chain consisting of four blockchain nodes as an example, for blockchain node A, the user treats the encrypted data m and other blockchain nodes except blockchain node A through the client The offset commitment is processed to generate the second ciphertext fragment for blockchain node A, that is, the second ciphertext fragment T A =m*G+R B + RC + RD . For blockchain node B, the user processes the encrypted data m and the offset commitments of other blockchain nodes except blockchain node B through the client, and generates the second ciphertext fragment for blockchain node B , that is, the second ciphertext fragment T B =m*G+ RA +R C + RD . For blockchain node C, the user processes the encrypted data m and the offset commitments of other blockchain nodes except blockchain node C through the client, and generates the second ciphertext fragment for blockchain node C , that is, the second ciphertext fragment T C =m* G +RA +R B + RD . For blockchain node D, the user processes the encrypted data m and offset commitments of other blockchain nodes except blockchain node D through the client, and generates the second ciphertext fragment for blockchain node D , that is, the second ciphertext fragment T D =m*G+ RA + RB + RC .
步骤g、用户通过客户端设置用于解密第一密文分片和第二密文分片的解密时间戳。Step g, the user sets the decryption time stamps for decrypting the first ciphertext fragment and the second ciphertext fragment through the client.
具体地,用户在客户端设置一个解密时间戳Timestamp,该解密时间戳用于指示任一区块链节点在确定本地时间戳满足该解密时间戳后执行解密操作。Specifically, the user sets a decryption timestamp Timestamp on the client, and the decryption timestamp is used to instruct any blockchain node to perform a decryption operation after determining that the local timestamp satisfies the decryption timestamp.
步骤h、用户通过客户端将解密时间戳以及各区块链节点的第一密文分片、第二密文分片上传至智能合约。Step h, the user uploads the decryption timestamp and the first ciphertext fragment and the second ciphertext fragment of each blockchain node to the smart contract through the client.
示例性地,用户通过客户端将(T A,Q A,T B,Q B,T C,Q C,T D,Q D,Timestamp)上传至智能合约E_Contract,以此完成针对待加密数据的加密操作。 Exemplarily, the user uploads (T A , Q A , T B , Q B , T C , Q C , T D , Q D , Timestamp) to the smart contract E_Contract through the client to complete the encryption of the data to be encrypted. cryptographic operations.
Step3:每个区块链节点对加密后的数据进行解密处理,并针对解密后的数据进行验证。Step3: Each blockchain node decrypts the encrypted data and verifies the decrypted data.
具体地,针对每个区块链节点,若该区块链节点确定满足解密条件,则开始执行解密操作;若该区块链节点确定不满足解密条件,则不执行解密操作。其中,解密条件为本地时间戳大于等于智能合约中的解密时间戳。示例性地,以满足解密条件的区块链节点A为例,若区块链节点A确定本地时间戳大于等于智能合约中的解密时间戳,则开始执行解密操作;若区块链节点A确定本地时间戳小于智能合约中的解密时间戳,则不执行解密操作。Specifically, for each block chain node, if the block chain node determines that the decryption condition is satisfied, the decryption operation is started; if the block chain node determines that the decryption condition is not satisfied, the decryption operation is not performed. Among them, the decryption condition is that the local timestamp is greater than or equal to the decrypted timestamp in the smart contract. Exemplarily, take blockchain node A that satisfies the decryption condition as an example, if blockchain node A determines that the local timestamp is greater than or equal to the decryption timestamp in the smart contract, it starts to perform the decryption operation; if blockchain node A determines If the local timestamp is smaller than the decryption timestamp in the smart contract, the decryption operation will not be performed.
下面对满足解密条件的区块链节点的解密实施过程进行具体描述。The following is a specific description of the decryption implementation process of the blockchain nodes that meet the decryption conditions.
步骤a、针对满足解密条件的区块链节点,该满足解密条件的区块链节点读取本地私钥,并基于本地私钥和本轮加密索引,生成加密偏移因子。Step a. For the blockchain node that meets the decryption condition, the blockchain node that meets the decryption condition reads the local private key, and generates an encryption offset factor based on the local private key and the current round of encryption index.
具体地,在某一区块链节点满足解密条件时,该区块链节点将自己的私钥与本轮加密索引进行拼接,生成偏移消息,并通过消息摘要算法或安全散列算法等对偏移消息进行哈希运算,生成区块链节点的加密偏移因子。其中,由于区块链节点为了防止加密偏移因子泄露,导致数据存在泄露的风险,因此为了确保数据的隐私安全性,区块链节点并不会长期保存加密偏移因子。Specifically, when a blockchain node satisfies the decryption conditions, the blockchain node splices its own private key with the current round of encryption index to generate an offset message, and uses a message digest algorithm or a secure hash algorithm to verify the The offset message is hashed to generate an encrypted offset factor for the blockchain node. Among them, in order to prevent the encryption offset factor from being leaked by the blockchain node, there is a risk of data leakage. Therefore, in order to ensure the privacy and security of the data, the blockchain node will not store the encryption offset factor for a long time.
示例性地,以满足解密条件的区块链节点A为例,区块链节点A读取本地私钥sk A,将本地私钥sk A与本轮加密索引index进行拼接,生成偏移消息(sk A|index)。再通过消息摘要算法或安全散列算法等对偏移消息进行哈希运算,生成区块链节点A的加密偏移因子,即加密偏移因子r A=H(sk A|index)。同理,其它满足解密条件的区块链节点也可以按照与区块链节点A生成加密偏移因子相同的方式来生成加密偏移因子。 Exemplarily, taking blockchain node A that satisfies the decryption condition as an example, blockchain node A reads the local private key sk A , splices the local private key sk A with the current round of encryption index index, and generates an offset message ( sk A |index). Then hash the offset message through the message digest algorithm or secure hash algorithm to generate the encryption offset factor of blockchain node A, that is, the encryption offset factor r A = H(sk A | index). Similarly, other blockchain nodes that meet the decryption conditions can also generate encrypted offset factors in the same manner as blockchain node A generates encrypted offset factors.
步骤b、该满足解密条件的区块链节点读取智能合约中各区块链节点的偏移承诺。Step b. The blockchain node that satisfies the decryption condition reads the offset commitment of each blockchain node in the smart contract.
示例性地,以满足解密条件的区块链节点A为例,区块链节点A从智能合约E_Contract中读取各区块链节点的偏移承诺,比如联盟链有四个区块链节点,即区块链节点A、区块链节点B、区块链节点C以及区块链节点D。区块链节点A从智能合约E_Contract中读取区块链节点A的偏移承诺R A、区块链节点B的偏移承诺R B、区块链节点C的偏移承诺R C以及区块链节点D的偏移承诺R DExemplarily, blockchain node A that satisfies the decryption condition is taken as an example. Blockchain node A reads the offset commitment of each blockchain node from the smart contract E_Contract. For example, the alliance chain has four blockchain nodes, namely Blockchain node A, blockchain node B, blockchain node C, and blockchain node D. Blockchain node A reads the offset commitment R A of blockchain node A, the offset commitment R B of blockchain node B, the offset commitment R C of blockchain node C, and the block from the smart contract E_Contract Offset commitment RD of chain node D.
步骤c、满足解密条件的区块链节点基于自己的加密偏移因子以及公钥,生成第三密文分片,并基于该第三密文分片从智能合约中确定出与该第三密文分片匹配的第一密文分 片以及确定出与该第三密文分片匹配的第二密文分片,通过双线性映射,对第一密文分片、第二密文分片、私钥以及偏移承诺进行处理,生成区块链节点的验证分片。Step c. The blockchain node that satisfies the decryption condition generates a third ciphertext fragment based on its encryption offset factor and public key, and determines from the smart contract based on the third ciphertext fragment. The first ciphertext fragment that matches the text fragment and the second ciphertext fragment that matches the third ciphertext fragment are determined to match the first ciphertext fragment and the second ciphertext fragment through bilinear mapping. Shards, private keys, and offset commitments are processed to generate verification shards of blockchain nodes.
示例性地,以满足解密条件的区块链节点A为例,区块链节点A使用加密偏移因子r A以及公钥pk A,生成第三密文分片Q A′=r A*pk A。并基于该第三密文分片Q A′从智能合约中E_Contract中确定出与该第三密文分片Q A′匹配的第一密文分片Q A以及确定出与该第三密文分片Q A′匹配的第二密文分片T A。然后,通过双线性映射,对区块链节点A的偏移承诺、加密偏移因子、第一密文分片、第二密文分片以及私钥进行处理,生成针对区块链节点A的验证分片E AExemplarily, taking the blockchain node A that satisfies the decryption condition as an example, the blockchain node A uses the encryption offset factor r A and the public key pk A to generate the third ciphertext fragment Q A ′=r A *pk A. And based on the third ciphertext fragment Q A ′, determine the first ciphertext fragment Q A that matches the third ciphertext fragment Q A ′ from E_Contract in the smart contract and determine the third ciphertext fragment Q A Fragment Q A ' matches the second ciphertext fragment T A . Then, through the bilinear mapping, the offset commitment, encryption offset factor, first ciphertext fragmentation, second ciphertext fragmentation and private key of blockchain node A are processed to generate Validation shard E A .
即:which is:
Figure PCTCN2021131302-appb-000003
Figure PCTCN2021131302-appb-000003
同理,针对满足解密条件的区块链节点B的验证分片E B。即:
Figure PCTCN2021131302-appb-000004
Figure PCTCN2021131302-appb-000005
Similarly, for the verification fragment E B of the blockchain node B that satisfies the decryption condition. which is:
Figure PCTCN2021131302-appb-000004
Figure PCTCN2021131302-appb-000005
针对满足解密条件的区块链节点C的验证分片E C。即:
Figure PCTCN2021131302-appb-000006
Figure PCTCN2021131302-appb-000007
The verification fragment E C for the block chain node C that satisfies the decryption condition. which is:
Figure PCTCN2021131302-appb-000006
Figure PCTCN2021131302-appb-000007
针对满足解密条件的区块链节点D的验证分片E D。即:
Figure PCTCN2021131302-appb-000008
Figure PCTCN2021131302-appb-000009
The verification fragment E D for the block chain node D that satisfies the decryption condition. which is:
Figure PCTCN2021131302-appb-000008
Figure PCTCN2021131302-appb-000009
步骤d、满足解密条件的区块链节点使用私钥对自己生成的验证分片进行签名,生成验证分片的签名,并将验证分片以及验证分片的签名上传至智能合约。Step d. The blockchain nodes that meet the decryption conditions use their private keys to sign the verification fragments they generate, generate signatures for the verification fragments, and upload the verification fragments and the signatures of the verification fragments to the smart contract.
示例性地,以满足解密条件的区块链节点A为例,区块链节点A使用私钥sk A,对验证分片E A进行签名,生成验证分片E A的签名delta A=sign(E A,sk A),并将验证分片以及验证分片的签名(即E A和delta A)上传至智能合约。 Exemplarily, taking the block chain node A that satisfies the decryption condition as an example, the block chain node A uses the private key sk A to sign the verification segment E A , and generates the signature delta A = sign( E A , sk A ), and upload the verification fragment and the signature of the verification fragment (ie E A and delta A ) to the smart contract.
同理,针对区块链节点B,区块链节点B生成验证分片E B的签名delta B=sign(E B,sk B),并将E B和delta B上传至智能合约。针对区块链节点C,区块链节点C生成验证分片E C的签名delta C=sign(E C,sk C),并将E C和delta C上传至智能合约。针对区块链节点D,区块链 节点D生成验证分片E D的签名delta D=sign(E D,sk D),并将E D和delta D上传至智能合约。 Similarly, for the blockchain node B, the blockchain node B generates the signature delta B =sign(E B ,sk B ) for the verification segment E B , and uploads E B and delta B to the smart contract. For the blockchain node C, the blockchain node C generates the signature delta C =sign(EC , sk C ) of the verification fragment E C , and uploads E C and delta C to the smart contract. For the blockchain node D, the blockchain node D generates the signature delta D =sign(E D ,sk D ) of the verification segment E D , and uploads E D and delta D to the smart contract.
步骤e、在确定各区块链节点均将自己的验证分片以及验证分片的签名上传至智能合约后,针对每个区块链节点,该区块链节点验证其它区块链节点的验证分片与自己的验证分片是否相同。Step e. After confirming that each blockchain node has uploaded its own verification fragment and signature of the verification fragment to the smart contract, for each blockchain node, the blockchain node verifies the verification fragments of other blockchain nodes. Shard is the same as its own verification shard.
具体地,针对每个区块链节点,该区块链节点从智能合约上获取其它区块链节点的验证分片以及验证分片的签名。然后,该区块链节点使用其它区块链节点的公钥对其它区块链节点的验证分片的签名进行验证,并在确定其它区块链节点的验证分片的签名验证成功后,确定其它区块链节点的验证分片与自己的验证分片是否相同。Specifically, for each blockchain node, the blockchain node obtains the verification fragments of other blockchain nodes and the signatures of the verification fragments from the smart contract. Then, the blockchain node uses the public keys of other blockchain nodes to verify the signatures of the verification fragments of other blockchain nodes, and after confirming that the signature verification of the verification fragments of other blockchain nodes is successful, determine Whether the verification fragments of other blockchain nodes are the same as their own verification fragments.
示例性地,以满足解密条件的区块链节点A为例,区块链节点A使用区块链节点B的公钥pk B对区块链节点B的验证分片E B的签名delta B进行验证,使用区块链节点C的公钥pk C对区块链节点C的验证分片E C的签名delta C进行验证,以及使用区块链节点D的公钥pk D对区块链节点D的验证分片E D的签名delta D进行验证,在确定区块链节点B的验证分片E B的签名delta B、区块链节点C的验证分片E C的签名delta C以及区块链节点D的验证分片E D的签名delta D、均验证成功后,确定自己的验证分片E A与区块链节点B的验证分片E B、区块链节点C的验证分片E C以及区块链节点D的验证分片E D是否均相同。同理,区块链节点B、区块链节点C或区块链节点D也会对其它区块链节点的验证分片的签名进行验证,并在确定其它区块链节点的验证分片的签名验证成功后,确定自己的验证分片与其它区块链节点的验证分片是否相同,在此不再赘述。 Exemplarily, taking blockchain node A that satisfies the decryption condition as an example, blockchain node A uses the public key pk B of blockchain node B to verify the signature delta B of blockchain node B's fragment E B Verification, use the public key pk C of the blockchain node C to verify the signature delta C of the verification fragment E C of the blockchain node C, and use the public key pk D of the blockchain node D to verify the signature delta C of the blockchain node D The signature delta D of the verification fragment E D of the blockchain node B is verified, and the signature delta B of the verification fragment E B of the blockchain node B, the signature delta C of the verification fragment E C of the blockchain node C, and the blockchain After the signature delta D of the verification fragment E D of node D is successfully verified, it is determined that its own verification fragment E A and the verification fragment E B of the blockchain node B and the verification fragment E C of the blockchain node C And whether the verification fragments E D of the blockchain node D are the same. Similarly, blockchain node B, blockchain node C, or blockchain node D will also verify the signatures of other blockchain nodes' verification fragments, and determine the signatures of other blockchain nodes' verification fragments. After the signature verification is successful, determine whether your own verification shard is the same as that of other blockchain nodes, which will not be repeated here.
步骤f、针对每个区块链节点,该区块链节点在确定其它区块链节点的验证分片与自己的验证分片均相同后,将自己的加密偏移因子上传至智能合约。Step f. For each blockchain node, the blockchain node uploads its encrypted offset factor to the smart contract after determining that the verification fragments of other blockchain nodes are the same as its own verification fragments.
示例性地,以满足解密条件的区块链节点A为例,区块链节点A在确定自己的验证分片E A与区块链节点B的验证分片E B、区块链节点C的验证分片E C以及区块链节点D的验证分片E D均相同后,将自己的加密偏移因子r A上传至智能合约。同理,区块链节点B、区块链节点C或区块链节点D在确定自己的验证分片与其它区块链节点的验证分片均相同后,也会将自己的加密偏移因子上传至智能合约,在此不再赘述。然后,在各区块链节点将各自的加密偏移因子上传至智能合约后,各区块链节点会生成下一轮的加密偏移因子,即区块链节点A生成下一轮的加密偏移因子r A′=H(sk A|index′);区块链节点B生成下一轮的加密偏移因子r B′=H(sk B|index′);区块链节点C生成下一轮的加密偏移因子r C′=H(sk C|index′);区块链节点D生成下一轮的加密偏移因子r D′=H(sk D|index′)。其中,index′=index+1。 Exemplarily, taking blockchain node A that satisfies the decryption condition as an example, blockchain node A determines its own verification fragment E A and blockchain node B's verification fragment E B , and blockchain node C's After the verification fragment E C and the verification fragment E D of the blockchain node D are the same, upload their encrypted offset factor r A to the smart contract. Similarly, after blockchain node B, blockchain node C, or blockchain node D confirms that their own verification fragments are the same as those of other blockchain nodes, they will also set their encryption offset factors Upload to the smart contract, so I won’t repeat it here. Then, after each blockchain node uploads its encrypted offset factor to the smart contract, each blockchain node will generate the next round of encrypted offset factor, that is, blockchain node A will generate the next round of encrypted offset factor r A '=H(sk A |index'); blockchain node B generates the next round of encryption offset factor r B '=H(sk B |index'); blockchain node C generates the next round of Encrypted offset factor r C '=H(sk C |index'); blockchain node D generates the encrypted offset factor r D '=H(sk D |index') for the next round. Among them, index'=index+1.
步骤g、针对每个区块链节点,该区块链节点从智能合约上获取各区块链节点的加密偏移因子,并通过双线性映射,从二进制数的取值范围中确定出与验证分片匹配的二进制数作为解密结果。Step g. For each blockchain node, the blockchain node obtains the encryption offset factor of each blockchain node from the smart contract, and determines and verifies from the value range of the binary number through bilinear mapping The binary number matched by the slice is used as the decryption result.
具体地,针对每个区块链节点,该区块链节点依次遍历二进制数的取值范围中的各二进制数,并基于验证分片,通过双线性映射,确定出与验证分片匹配的二进制数,并将该二进制数作为解密结果。当然,将该二进制数转换为十进制数,即可得到客户端所加密的待加密数据。Specifically, for each blockchain node, the blockchain node sequentially traverses the binary numbers in the value range of the binary numbers, and based on the verification fragmentation, through bilinear mapping, determines the number that matches the verification fragmentation Binary number, and use the binary number as the decryption result. Of course, by converting the binary number into a decimal number, the data to be encrypted encrypted by the client can be obtained.
示例性地,满足解密条件的区块链节点A为例,区块链节点A可以按照二进制数的取值范围从小到大或从大到小依次进行遍历,并基于验证分片,通过双线性映射,确定每个被遍历的数据m i是否满足
Figure PCTCN2021131302-appb-000010
其中,该等式 的右边是一个验证分片,也是一个数值。若确定某一数据m i满足,则将该数据m i作为解密出的数据,也即该m i是客户端进行加密的待加密数据。例如,以待加密的数据为10为例进行描述,则该数字10的二进制为1010,则区块链节点可以从二进制数0开始依次进行遍历,直至遍历到1010,才满足
Figure PCTCN2021131302-appb-000011
如此,即可将数据1010作为解密出的数据。 Exemplarily, take the blockchain node A that satisfies the decryption condition as an example, the blockchain node A can traverse in sequence according to the value range of the binary number from small to large or from large to small, and based on the verification fragmentation, through the two-line property mapping, to determine whether each traversed data m i satisfies
Figure PCTCN2021131302-appb-000010
Among them, the right side of the equation is a verification slice, which is also a value. If it is determined that a certain data m i satisfies, the data m i is used as the decrypted data, that is, the data m i is the data to be encrypted by the client. For example, if the data to be encrypted is 10 as an example, then the binary number of the number 10 is 1010, and the blockchain nodes can traverse sequentially from the binary number 0 until it reaches 1010.
Figure PCTCN2021131302-appb-000011
In this way, the data 1010 can be used as the decrypted data.
步骤h、其它区块链节点对区块链上所存储的该区块链节点解密出的待加密数据进行共识验证,通过双线性映射确定该区块链节点解密出的待加密数据与验证分片的匹配性。Step h, other blockchain nodes perform consensus verification on the data to be encrypted decrypted by the blockchain node stored on the blockchain, and determine the data to be encrypted and the verification data decrypted by the blockchain node through bilinear mapping Shard matching.
示例性地,以解密出待加密数据的区块链节点A为例,其它区块链节点从智能合约上获取区块链节点A解密出的待加密数据m i。比如区块链节点B从智能合约上获取解密出的待加密数据m i,区块链节点C从智能合约上获取解密出的待加密数据m i,区块链节点D从智能合约上获取解密出的待加密数据m i。区块链节点B通过双线性映射算法,验证区块链节点A解密出的待加密数据m i与验证分片的匹配性。即,验证是否满足
Figure PCTCN2021131302-appb-000012
若满足,则区块链节点B确认区块链节点A解密出的待加密数据m i是正确的。同时,区块链节点C也会通过双线性映射算法,验证区块链节点A解密出的待加密数据m i与验证分片的匹配性。即,验证是否满足
Figure PCTCN2021131302-appb-000013
若满足,则区块链节点C确认区块链节点A解密出的待加密数据m i是正确的。以及区块链节点D也会通过双线性映射算法,验证区块链节点A解密出的待加密数据m i与验证分片的匹配性。即,验证是否满足
Figure PCTCN2021131302-appb-000014
若满足,则区块链节点D确认区块链节点A解密出的待加密数据m i是正确的。在确定区块链节点B、区块链节点C以及区块链节点D中有两个或两个以上区块链节点验证区块链节点A解密出的待加密数据m i与验证分片是匹配的,则将待加密数据m i记录至区块链,至此完成本次解密操作,否则本次解密操作失败。 Exemplarily, taking the block chain node A that decrypts the data to be encrypted as an example, other block chain nodes obtain the to-be-encrypted data m i decrypted by the block chain node A from the smart contract. For example, blockchain node B obtains the decrypted data mi to be encrypted from the smart contract, blockchain node C obtains the decrypted data mi to be encrypted from the smart contract, and blockchain node D obtains the decrypted data mi from the smart contract The output to be encrypted data m i . The blockchain node B verifies the matching between the encrypted data mi decrypted by the blockchain node A and the verification fragment through the bilinear mapping algorithm. That is, verify that
Figure PCTCN2021131302-appb-000012
If it is satisfied, the blockchain node B confirms that the data mi to be encrypted decrypted by the blockchain node A is correct. At the same time, the blockchain node C will also verify the matching of the encrypted data mi decrypted by the blockchain node A and the verification fragment through the bilinear mapping algorithm. That is, verify that
Figure PCTCN2021131302-appb-000013
If it is satisfied, the blockchain node C confirms that the data mi to be encrypted decrypted by the blockchain node A is correct. And the blockchain node D will also verify the matching between the encrypted data mi decrypted by the blockchain node A and the verification fragment through the bilinear mapping algorithm. That is, verify that
Figure PCTCN2021131302-appb-000014
If it is satisfied, the blockchain node D confirms that the data mi to be encrypted decrypted by the blockchain node A is correct. It is determined that there are two or more blockchain nodes in the blockchain node B, blockchain node C and blockchain node D to verify that the encrypted data m i and the verification fragment decrypted by the blockchain node A are If it matches, record the data mi to be encrypted to the blockchain , and complete the decryption operation; otherwise, the decryption operation fails.
上述实施例表明,针对任一区块链节点,在确定本地时间戳满足智能合约中的解密时间戳时,即可开始进行解密操作。即,基于区块链节点的公私钥生成索引密文,并基于索引密文,可以及时准确地从客户端上传至智能合约中的加密信息中确定出与索引密文匹配的第一密文分片以及与索引密文匹配的第二密文分片。然后,通过双线性映射,对与索引密文匹配的第一密文分片和与索引密文匹配的第二密文分片进行处理,得到区块链节点的验证分片,并在验证m个验证分片满足设定要求后,对与索引密文匹配的第二密文分片进行解密,得到待加密数据。如此,该方案由于无需区块链节点对待加密数据进行加密操作,而且各区块链节点都是使用不同的公私钥,而不是都使用相同的公私钥,从而可以确保待加密数据的隐私安全性。此外,该方案由于无需每次在进行解密操作时都重新进行密钥初始化生成公私钥,而是一直使用的是各区块链节点的公私钥,因此可以使得该方案解密操作的过程更为简单方便,从而能够使得解密操作的成本降低。The above embodiment shows that, for any blockchain node, when the local time stamp is determined to meet the decryption time stamp in the smart contract, the decryption operation can be started. That is, the index ciphertext is generated based on the public and private keys of the blockchain nodes, and based on the index ciphertext, the first ciphertext score that matches the index ciphertext can be determined in a timely and accurate manner from the encrypted information uploaded by the client to the smart contract. slice and a second ciphertext slice that matches the index ciphertext. Then, through bilinear mapping, the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext are processed to obtain the verification fragment of the blockchain node, and verify After the m verification fragments meet the set requirements, the second ciphertext fragment matching the index ciphertext is decrypted to obtain the data to be encrypted. In this way, since the scheme does not require blockchain nodes to perform encryption operations on the data to be encrypted, and each blockchain node uses different public and private keys instead of using the same public and private keys, it can ensure the privacy and security of the data to be encrypted. In addition, since this scheme does not need to re-initialize the key to generate public and private keys every time the decryption operation is performed, but always uses the public and private keys of each blockchain node, it can make the decryption process of the scheme simpler and more convenient , so that the cost of the decryption operation can be reduced.
基于相同的技术构思,图2示例性的示出了本发明实施例提供的一种基于智能合约的数据处理装置,该装置可以执行基于智能合约的数据处理方法的流程。其中,该基于智能合约的数据处理方法适用于具有m个区块链节点的联盟链。Based on the same technical concept, FIG. 2 exemplarily shows a data processing device based on a smart contract provided by an embodiment of the present invention, and the device can execute a flow of a data processing method based on a smart contract. Wherein, the smart contract-based data processing method is applicable to a consortium chain with m blockchain nodes.
如图2所示,该装置包括:As shown in Figure 2, the device includes:
生成单元201,用于针对任一区块链节点,在确定满足智能合约中的解密时间戳时,基于所述区块链节点的公私钥生成索引密文;所述解密时间戳是客户端生成的用于指示对 所述客户端上传至所述智能合约中的加密信息进行解密的时间;所述加密信息包括针对每个区块链节点的第一密文分片和第二密文分片;第一密文分片是所述客户端基于区块链节点的公私钥生成的;第二密文分片是所述客户端基于待加密数据生成的;The generation unit 201 is used to generate index ciphertext based on the public and private keys of the block chain node when it is determined that the decryption time stamp in the smart contract is met for any block chain node; the decryption time stamp is generated by the client is used to indicate the time to decrypt the encrypted information uploaded by the client to the smart contract; the encrypted information includes the first ciphertext fragment and the second ciphertext fragment for each blockchain node ; The first ciphertext fragment is generated by the client based on the public and private keys of the blockchain nodes; the second ciphertext fragment is generated by the client based on the data to be encrypted;
第一处理单元202,用于从所述加密信息中确定出与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片;通过双线性映射,对与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片进行处理,得到所述区块链节点的验证分片,并将所述验证分片上传至所述智能合约;在验证m个验证分片满足设定要求后,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。The first processing unit 202 is configured to determine from the encrypted information a first ciphertext segment matching the index ciphertext and a second ciphertext segment matching the index ciphertext; through bilinear Mapping, processing the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext, obtaining the verification fragment of the blockchain node, and converting the The verification fragments are uploaded to the smart contract; after verifying that the m verification fragments meet the set requirements, the second ciphertext fragments matching the index ciphertext are decrypted to obtain the data to be encrypted.
可选地,所述生成单元201具体用于:Optionally, the generating unit 201 is specifically configured to:
将所述区块链节点的私钥与本轮加密索引进行拼接,生成偏移消息;Splicing the private key of the blockchain node with the encryption index of the current round to generate an offset message;
对所述偏移消息进行哈希运算,生成加密偏移因子;performing a hash operation on the offset message to generate an encrypted offset factor;
基于所述加密偏移因子以及所述区块链节点的公钥,生成所述索引密文。The index ciphertext is generated based on the encryption offset factor and the public key of the blockchain node.
可选地,所述第一处理单元202具体用于:Optionally, the first processing unit 202 is specifically configured to:
从所述智能合约获取m个区块链节点的第一承诺分片;所述第一承诺分片是区块链节点基于各自的加密偏移因子生成的;Obtain the first commitment fragments of m blockchain nodes from the smart contract; the first commitment fragments are generated by the blockchain nodes based on their respective encryption offset factors;
通过所述双线性映射,将所述区块链节点的加密偏移因子、与所述索引密文匹配的第一密文分片、与所述索引密文匹配的第二密文分片、所述区块链节点的第一承诺分片以及所述区块链节点的私钥进行转换处理,生成所述区块链节点的验证分片。Through the bilinear mapping, the encryption offset factor of the blockchain node, the first ciphertext fragment matching the index ciphertext, and the second ciphertext fragment matching the index ciphertext , performing conversion processing on the first commitment fragment of the blockchain node and the private key of the blockchain node to generate a verification fragment of the blockchain node.
可选地,所述第一处理单元202具体用于:Optionally, the first processing unit 202 is specifically configured to:
确定所述区块链节点的验证分片与除所述区块链节点以外的其它区块链节点的验证分片是否相同;Determine whether the verification fragmentation of the blockchain node is the same as the verification fragmentation of other blockchain nodes except the blockchain node;
若是,则确认所述m个验证分片验证成功。If yes, confirm that the m verification fragments are verified successfully.
可选地,所述第一处理单元202还用于:Optionally, the first processing unit 202 is further configured to:
在确认所述m个验证分片验证成功之后,将所述区块链节点的加密偏移因子上传至智能合约;After confirming that the verification of the m verification fragments is successful, upload the encryption offset factor of the blockchain node to the smart contract;
所述第一处理单元202具体用于:The first processing unit 202 is specifically used for:
从所述智能合约获取所述m个区块链节点的加密偏移因子;Obtain the encrypted offset factors of the m blockchain nodes from the smart contract;
通过所述双线性映射,基于所述m个区块链节点的加密偏移因子,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。Through the bilinear mapping, based on the encryption offset factors of the m blockchain nodes, the second ciphertext fragment matching the index ciphertext is decrypted to obtain the data to be encrypted.
可选地,所述第一处理单元202还用于:Optionally, the first processing unit 202 is further configured to:
在得到所述待加密数据之后,从智能合约上获取所述区块链节点解密出的待加密数据以及所述m个区块链节点的加密偏移因子;所述待加密数据是所述区块链节点上传至所述智能合约的;After obtaining the data to be encrypted, obtain the data to be encrypted decrypted by the block chain node and the encryption offset factors of the m block chain nodes from the smart contract; the data to be encrypted is the area The block chain node uploads to the smart contract;
通过所述双线性映射,基于所述m个区块链节点的加密偏移因子,对所述区块链节点解密出的待加密数据进行验证,确定所述待加密数据与验证分片的匹配性,从而确定所述解密出的待加密数据是否正确。Through the bilinear mapping, based on the encryption offset factors of the m blockchain nodes, verify the data to be encrypted decrypted by the blockchain nodes, and determine the relationship between the data to be encrypted and the verification segment matching, so as to determine whether the decrypted data to be encrypted is correct.
基于相同的技术构思,图3示例性的示出了本发明实施例提供的另一种基于智能合约的数据处理装置,该装置可以执行基于智能合约的数据处理方法的流程。其中,该基于智能合约的数据处理方法适用于具有m个区块链节点的联盟链。Based on the same technical concept, FIG. 3 exemplarily shows another smart contract-based data processing device provided by an embodiment of the present invention, and the device can execute the flow of the smart contract-based data processing method. Wherein, the smart contract-based data processing method is applicable to a consortium chain with m blockchain nodes.
如图3所示,该装置包括:As shown in Figure 3, the device includes:
获取单元301,用于从智能合约获取述m个区块链节点的第一承诺分片,并通过秘密通信通道获取所述m个区块链节点的加密偏移因子;所述第一承诺分片是区块链节点基于各自的加密偏移因子生成的;所述加密偏移因子是区块链节点基于各自的私钥生成的;The obtaining unit 301 is configured to obtain the first commitment fragments of the m blockchain nodes from the smart contract, and obtain the encrypted offset factors of the m blockchain nodes through a secret communication channel; the first commitment fragments Shards are generated by blockchain nodes based on their respective encrypted offset factors; the encrypted offset factors are generated by blockchain nodes based on their respective private keys;
第二处理单元302,用于针对每个区块链节点,基于所述区块链节点的加密偏移因子以及所述区块链节点的公钥,生成第一密文分片,并基于待加密数据以及除所述区块链节点以外的其它区块链节点的第一承诺分片,生成第二密文分片;生成解密时间戳;将所述解密时间戳以及所述m个区块链节点的第一密文分片、第二密文分片上传至所述智能合约;所述解密时间戳用于指示任一区块链节点在确定本地时间戳满足所述解密时间戳时对所述智能合约中的第一密文分片以及第二密文分片进行解密处理。The second processing unit 302 is configured to, for each block chain node, generate a first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the block chain node to be Encrypt data and the first commitment fragments of other blockchain nodes except the blockchain node, generate a second ciphertext fragment; generate a decryption timestamp; combine the decryption timestamp and the m blocks The first ciphertext fragment and the second ciphertext fragment of the chain node are uploaded to the smart contract; the decryption timestamp is used to indicate that any block chain node determines that the local timestamp satisfies the decryption timestamp The first ciphertext fragment and the second ciphertext fragment in the smart contract are decrypted.
可选地,所述第二处理单元302还用于:Optionally, the second processing unit 302 is further configured to:
在生成第一密文分片之前,针对每个区块链节点,基于所述区块链节点的加密偏移因子,生成所述区块链节点的第二承诺分片;Before generating the first ciphertext fragment, for each blockchain node, based on the encryption offset factor of the blockchain node, generate the second commitment fragment of the blockchain node;
确定所述m个区块链节点的第一承诺分片与所述m个区块链节点的第二承诺分片是否均对应相同;Determine whether the first committed fragments of the m blockchain nodes and the second committed fragments of the m blockchain nodes are all corresponding to the same;
若是,则确认所述m个区块链节点的第一承诺分片验证成功。If yes, then confirm that the verification of the first committed shards of the m blockchain nodes is successful.
基于相同的技术构思,本发明实施例还提供了一种计算设备,如图4所示,包括至少一个处理器401,以及与至少一个处理器连接的存储器402,本发明实施例中不限定处理器401与存储器402之间的具体连接介质,图4中处理器401和存储器402之间通过总线连接为例。总线可以分为地址总线、数据总线、控制总线等。Based on the same technical concept, the embodiment of the present invention also provides a computing device, as shown in FIG. 4 , including at least one processor 401 and a memory 402 connected to the at least one processor. The specific connection medium between the processor 401 and the memory 402, the bus connection between the processor 401 and the memory 402 in FIG. 4 is taken as an example. The bus can be divided into address bus, data bus, control bus and so on.
在本发明实施例中,存储器402存储有可被至少一个处理器401执行的指令,至少一个处理器401通过执行存储器402存储的指令,可以执行前述的基于智能合约的数据处理方法中所包括的步骤。In the embodiment of the present invention, the memory 402 stores instructions that can be executed by at least one processor 401, and at least one processor 401 can execute the instructions included in the aforementioned smart contract-based data processing method by executing the instructions stored in the memory 402. step.
其中,处理器401是计算设备的控制中心,可以利用各种接口和线路连接计算设备的各个部分,通过运行或执行存储在存储器402内的指令以及调用存储在存储器402内的数据,从而实现数据处理。可选的,处理器401可包括一个或多个处理单元,处理器401可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理下发指令。可以理解的是,上述调制解调处理器也可以不集成到处理器401中。在一些实施例中,处理器401和存储器402可以在同一芯片上实现,在一些实施例中,它们也可以在独立的芯片上分别实现。Among them, the processor 401 is the control center of the computing device, which can use various interfaces and lines to connect various parts of the computing device, by running or executing instructions stored in the memory 402 and calling data stored in the memory 402, thereby realizing data deal with. Optionally, the processor 401 may include one or more processing units, and the processor 401 may integrate an application processor and a modem processor. The call processor mainly handles issuing instructions. It can be understood that the foregoing modem processor may not be integrated into the processor 401 . In some embodiments, the processor 401 and the memory 402 can be implemented on the same chip, and in some embodiments, they can also be implemented on independent chips.
处理器401可以是通用处理器,例如中央处理器(CPU)、数字信号处理器、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件,可以实现或者执行本发明实施例中公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者任何常规的处理器等。结合基于智能合约的数据处理方法实施例所公开的方法的步骤可以直接体现为硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。The processor 401 can be a general processor, such as a central processing unit (CPU), a digital signal processor, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), a field programmable gate array or other programmable logic devices, discrete gates or transistors Logic devices and discrete hardware components can implement or execute the methods, steps and logic block diagrams disclosed in the embodiments of the present invention. A general purpose processor may be a microprocessor or any conventional processor or the like. The steps of the method disclosed in the embodiment of the smart contract-based data processing method can be directly implemented by a hardware processor, or implemented by a combination of hardware and software modules in the processor.
存储器402作为一种非易失性计算机可读存储介质,可用于存储非易失性软件程序、非易失性计算机可执行程序以及模块。存储器402可以包括至少一种类型的存储介质,例如可以包括闪存、硬盘、多媒体卡、卡型存储器、随机访问存储器(Random Access Memory,RAM)、静态随机访问存储器(Static Random Access Memory,SRAM)、可编程只读存储器(Programmable Read Only Memory,PROM)、只读存储器(Read Only Memory,ROM)、 带电可擦除可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,EEPROM)、磁性存储器、磁盘、光盘等等。存储器402是能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。本发明实施例中的存储器402还可以是电路或者其它任意能够实现存储功能的装置,用于存储程序指令和/或数据。The memory 402, as a non-volatile computer-readable storage medium, can be used to store non-volatile software programs, non-volatile computer-executable programs and modules. Memory 402 can include at least one type of storage medium, for example, can include flash memory, hard disk, multimedia card, card memory, random access memory (Random Access Memory, RAM), static random access memory (Static Random Access Memory, SRAM), Programmable Read Only Memory (PROM), Read Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Magnetic Memory, Disk , CD, etc. Memory 402 is, but is not limited to, any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory 402 in the embodiment of the present invention may also be a circuit or any other device capable of implementing a storage function, and is used for storing program instructions and/or data.
基于相同的技术构思,本发明实施例还提供了一种计算机可读存储介质,其存储有可由计算设备执行的计算机程序,当所述程序在所述计算设备上运行时,使得所述计算设备执行上述基于智能合约的数据处理方法的步骤。Based on the same technical idea, an embodiment of the present invention also provides a computer-readable storage medium, which stores a computer program executable by a computing device, and when the program is run on the computing device, the computing device Execute the steps of the above smart contract-based data processing method.
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present invention may be provided as methods, systems, or computer program products. Accordingly, the present invention can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本发明是参照根据本发明的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the invention. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a An apparatus for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.
尽管已描述了本发明的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本发明范围的所有变更和修改。While preferred embodiments of the invention have been described, additional changes and modifications to these embodiments can be made by those skilled in the art once the basic inventive concept is appreciated. Therefore, it is intended that the appended claims be construed to cover the preferred embodiment as well as all changes and modifications which fall within the scope of the invention.
显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the present invention without departing from the spirit and scope of the present invention. Thus, if these modifications and variations of the present invention fall within the scope of the claims of this application and their equivalent technologies, the present invention also intends to include these modifications and variations.

Claims (10)

  1. 一种基于智能合约的数据处理方法,其特征在于,适用于具有m个区块链节点的联盟链,所述方法包括:A data processing method based on an intelligent contract is characterized in that it is applicable to a consortium chain having m blockchain nodes, and the method comprises:
    针对任一区块链节点,所述区块链节点在确定满足智能合约中的解密时间戳时,基于所述区块链节点的公私钥生成索引密文;所述解密时间戳是客户端生成的用于指示对所述客户端上传至所述智能合约中的加密信息进行解密的时间;所述加密信息包括针对每个区块链节点的第一密文分片和第二密文分片;第一密文分片是所述客户端基于区块链节点的公私钥生成的;第二密文分片是所述客户端基于待加密数据生成的;For any blockchain node, when the blockchain node determines that the decryption timestamp in the smart contract is met, an index ciphertext is generated based on the public and private keys of the blockchain node; the decryption timestamp is generated by the client is used to indicate the time to decrypt the encrypted information uploaded by the client to the smart contract; the encrypted information includes the first ciphertext fragment and the second ciphertext fragment for each blockchain node ; The first ciphertext fragment is generated by the client based on the public and private keys of the blockchain nodes; the second ciphertext fragment is generated by the client based on the data to be encrypted;
    所述区块链节点从所述加密信息中确定出与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片;The blockchain node determines from the encrypted information a first ciphertext fragment matching the index ciphertext and a second ciphertext fragment matching the index ciphertext;
    所述区块链节点通过双线性映射,对与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片进行处理,得到所述区块链节点的验证分片,并将所述验证分片上传至所述智能合约;The block chain node processes the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext through bilinear mapping to obtain the block The verification fragment of the chain node, and upload the verification fragment to the smart contract;
    所述区块链节点在验证m个验证分片满足设定要求后,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。After verifying that the m verification fragments meet the set requirements, the blockchain node decrypts the second ciphertext fragment matching the index ciphertext to obtain the data to be encrypted.
  2. 如权利要求1所述的方法,其特征在于,基于所述区块链节点的公私钥生成索引密文,包括:The method according to claim 1, wherein generating index ciphertext based on the public and private keys of the blockchain nodes comprises:
    所述区块链节点将所述区块链节点的私钥与本轮加密索引进行拼接,生成偏移消息;The block chain node splices the private key of the block chain node with the encryption index of the current round to generate an offset message;
    所述区块链节点对所述偏移消息进行哈希运算,生成加密偏移因子;The blockchain node performs a hash operation on the offset message to generate an encrypted offset factor;
    所述区块链节点基于所述加密偏移因子以及所述区块链节点的公钥,生成所述索引密文。The blockchain node generates the index ciphertext based on the encryption offset factor and the public key of the blockchain node.
  3. 如权利要求1所述的方法,其特征在于,所述区块链节点通过双线性映射,对与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片进行处理,得到所述区块链节点的验证分片,包括:The method according to claim 1, wherein the block chain node performs bilinear mapping on the first ciphertext fragment matching the index ciphertext and the second ciphertext matching matching the index ciphertext Two ciphertext fragments are processed to obtain the verification fragments of the blockchain nodes, including:
    所述区块链节点从所述智能合约获取m个区块链节点的第一承诺分片;所述第一承诺分片是区块链节点基于各自的加密偏移因子生成的;The blockchain node acquires the first commitment fragments of m blockchain nodes from the smart contract; the first commitment fragments are generated by the blockchain nodes based on their respective encryption offset factors;
    所述区块链节点通过所述双线性映射,将所述区块链节点的加密偏移因子、与所述索引密文匹配的第一密文分片、与所述索引密文匹配的第二密文分片、所述区块链节点的第一承诺分片以及所述区块链节点的私钥进行转换处理,生成所述区块链节点的验证分片。The blockchain node uses the bilinear mapping to encrypt the offset factor of the blockchain node, the first ciphertext fragment matching the index ciphertext, and the first ciphertext fragment matching the index ciphertext. The second ciphertext fragment, the first commitment fragment of the blockchain node, and the private key of the blockchain node are converted to generate a verification fragment of the blockchain node.
  4. 如权利要求1所述的方法,其特征在于,所述区块链节点验证m个验证分片满足设定要求,包括:The method according to claim 1, wherein the blockchain node verifies that the m verification fragments meet the set requirements, including:
    所述区块链节点确定所述区块链节点的验证分片与除所述区块链节点以外的其它区块链节点的验证分片是否相同;The block chain node determines whether the verification fragmentation of the block chain node is the same as the verification fragmentation of other block chain nodes except the block chain node;
    若是,则所述区块链节点确认所述m个验证分片验证成功。If yes, the block chain node confirms that the verification of the m verification fragments is successful.
  5. 如权利要求4所述的方法,其特征在于,在所述区块链节点确认所述m个验证分片验证成功之后,还包括:The method according to claim 4, wherein, after the block chain node confirms that the verification of the m verification fragments is successful, further comprising:
    所述区块链节点将所述区块链节点的加密偏移因子上传至智能合约;The blockchain node uploads the encrypted offset factor of the blockchain node to the smart contract;
    对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据,包括:Decrypting the second ciphertext segment matching the index ciphertext to obtain the data to be encrypted, including:
    所述区块链节点从所述智能合约获取所述m个区块链节点的加密偏移因子;The blockchain node obtains the encrypted offset factors of the m blockchain nodes from the smart contract;
    所述区块链节点通过所述双线性映射,基于所述m个区块链节点的加密偏移因子,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。The blockchain node decrypts the second ciphertext fragment matching the index ciphertext based on the encryption offset factors of the m blockchain nodes through the bilinear mapping, and obtains the Data to be encrypted.
  6. 如权利要求5所述的方法,其特征在于,在得到所述待加密数据之后,还包括:The method according to claim 5, further comprising: after obtaining the data to be encrypted:
    除所述区块链节点以外的其它区块链节点中每个区块链节点从智能合约上获取所述区块链节点解密出的待加密数据以及所述m个区块链节点的加密偏移因子;所述待加密数据是所述区块链节点上传至所述智能合约的;Each block chain node in other block chain nodes except the block chain node obtains the data to be encrypted decrypted by the block chain node and the encryption bias of the m block chain nodes from the smart contract shift factor; the data to be encrypted is uploaded to the smart contract by the block chain node;
    所述其它区块链节点中每个区块链节点通过所述双线性映射,基于所述m个区块链节点的加密偏移因子,对所述区块链节点解密出的待加密数据进行验证,确定所述待加密数据与验证分片的匹配性,从而确定所述解密出的待加密数据是否正确。Each block chain node in the other block chain nodes decrypts the data to be encrypted by the block chain nodes based on the encryption offset factors of the m block chain nodes through the bilinear mapping Verification is performed to determine the matching between the data to be encrypted and the verification segment, so as to determine whether the decrypted data to be encrypted is correct.
  7. 一种基于智能合约的数据处理方法,其特征在于,适用于具有m个区块链节点的联盟链,所述方法包括:A data processing method based on an intelligent contract is characterized in that it is applicable to a consortium chain having m blockchain nodes, and the method comprises:
    客户端从智能合约获取述m个区块链节点的第一承诺分片,并通过秘密通信通道获取所述m个区块链节点的加密偏移因子;所述第一承诺分片是区块链节点基于各自的加密偏移因子生成的;所述加密偏移因子是区块链节点基于各自的私钥生成的;The client obtains the first commitment fragment of the m blockchain nodes from the smart contract, and obtains the encrypted offset factors of the m blockchain nodes through a secret communication channel; the first commitment fragment is a block Chain nodes are generated based on their respective encrypted offset factors; the encrypted offset factors are generated by blockchain nodes based on their respective private keys;
    针对每个区块链节点,所述客户端基于所述区块链节点的加密偏移因子以及所述区块链节点的公钥,生成第一密文分片,并基于待加密数据以及除所述区块链节点以外的其它区块链节点的第一承诺分片,生成第二密文分片;For each block chain node, the client generates the first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the data to be encrypted and the The first commitment fragment of other blockchain nodes other than the blockchain node generates a second ciphertext fragment;
    所述客户端生成解密时间戳;The client generates a decryption timestamp;
    所述客户端将所述解密时间戳以及所述m个区块链节点的第一密文分片、第二密文分片上传至所述智能合约;所述解密时间戳用于指示任一区块链节点在确定本地时间戳满足所述解密时间戳时对所述智能合约中的第一密文分片以及第二密文分片进行解密处理。The client uploads the decrypted timestamp and the first ciphertext fragment and the second ciphertext fragment of the m blockchain nodes to the smart contract; the decrypted timestamp is used to indicate any The blockchain node decrypts the first ciphertext fragment and the second ciphertext fragment in the smart contract when determining that the local timestamp satisfies the decryption timestamp.
  8. 如权利要求7所述的方法,其特征在于,在生成第一密文分片之前,还包括:The method according to claim 7, wherein, before generating the first ciphertext fragment, further comprising:
    针对每个区块链节点,所述客户端基于所述区块链节点的加密偏移因子,生成所述区块链节点的第二承诺分片;For each blockchain node, the client generates a second commitment fragment of the blockchain node based on the encryption offset factor of the blockchain node;
    所述客户端确定所述m个区块链节点的第一承诺分片与所述m个区块链节点的第二承诺分片是否均对应相同;The client determines whether the first commitment fragments of the m blockchain nodes and the second commitment fragments of the m blockchain nodes are all corresponding to the same;
    若是,则所述客户端确认所述m个区块链节点的第一承诺分片验证成功。If yes, the client confirms that the verification of the first committed fragment of the m blockchain nodes is successful.
  9. 一种基于智能合约的数据处理装置,其特征在于,适用于具有m个区块链节点的联盟链,所述装置包括:A data processing device based on an intelligent contract is characterized in that it is suitable for an alliance chain with m blockchain nodes, and the device includes:
    生成单元,用于针对任一区块链节点,在确定满足智能合约中的解密时间戳时,基于所述区块链节点的公私钥生成索引密文;所述解密时间戳是客户端生成的用于指示对所述客户端上传至所述智能合约中的加密信息进行解密的时间;所述加密信息包括针对每个区块链节点的第一密文分片和第二密文分片;第一密文分片是所述客户端基于区块链节点的公私钥生成的;第二密文分片是所述客户端基于待加密数据生成的;The generation unit is used to generate index ciphertext based on the public and private keys of the blockchain node when it is determined that the decryption timestamp in the smart contract is met for any blockchain node; the decryption timestamp is generated by the client Used to indicate the time to decrypt the encrypted information uploaded by the client to the smart contract; the encrypted information includes a first ciphertext fragment and a second ciphertext fragment for each blockchain node; The first ciphertext fragment is generated by the client based on the public and private keys of the blockchain nodes; the second ciphertext fragment is generated by the client based on the data to be encrypted;
    第一处理单元,用于从所述加密信息中确定出与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片;通过双线性映射,对与所述索引密文匹配的第一密文分片和与所述索引密文匹配的第二密文分片进行处理,得到所述区块链节点的验证分片,并将所述验证分片上传至所述智能合约;在验证m个验证分片满足设定要求后,对与所述索引密文匹配的第二密文分片进行解密,得到所述待加密数据。A first processing unit, configured to determine from the encrypted information a first ciphertext segment matching the index ciphertext and a second ciphertext segment matching the index ciphertext; through bilinear mapping , process the first ciphertext fragment matching the index ciphertext and the second ciphertext fragment matching the index ciphertext to obtain the verification fragment of the blockchain node, and the The verification fragments are uploaded to the smart contract; after verifying that the m verification fragments meet the set requirements, decrypt the second ciphertext fragments matching the index ciphertext to obtain the data to be encrypted.
  10. 一种基于智能合约的数据处理装置,其特征在于,适用于具有m个区块链节点的 联盟链,所述装置包括:A data processing device based on an intelligent contract is characterized in that it is suitable for an alliance chain with m blockchain nodes, and the device includes:
    获取单元,用于从智能合约获取述m个区块链节点的第一承诺分片,并通过秘密通信通道获取所述m个区块链节点的加密偏移因子;所述第一承诺分片是区块链节点基于各自的加密偏移因子生成的;所述加密偏移因子是区块链节点基于各自的私钥生成的;An acquisition unit, configured to acquire the first commitment fragments of the m blockchain nodes from the smart contract, and acquire the encrypted offset factors of the m blockchain nodes through a secret communication channel; the first commitment fragments are generated by blockchain nodes based on their respective encrypted offset factors; the encrypted offset factors are generated by blockchain nodes based on their respective private keys;
    第二处理单元,用于针对每个区块链节点,基于所述区块链节点的加密偏移因子以及所述区块链节点的公钥,生成第一密文分片,并基于待加密数据以及除所述区块链节点以外的其它区块链节点的第一承诺分片,生成第二密文分片;生成解密时间戳;将所述解密时间戳以及所述m个区块链节点的第一密文分片、第二密文分片上传至所述智能合约;所述解密时间戳用于指示任一区块链节点在确定本地时间戳满足所述解密时间戳时对所述智能合约中的第一密文分片以及第二密文分片进行解密处理。The second processing unit is configured to, for each block chain node, generate a first ciphertext fragment based on the encryption offset factor of the block chain node and the public key of the block chain node, and based on the Data and the first commitment fragments of other blockchain nodes except the blockchain node, generate a second ciphertext fragment; generate a decryption timestamp; combine the decryption timestamp and the m blockchain nodes The first ciphertext fragment and the second ciphertext fragment of the node are uploaded to the smart contract; the decryption timestamp is used to instruct any block chain node to update the decryption timestamp when the local timestamp meets the decryption timestamp The first ciphertext fragment and the second ciphertext fragment in the smart contract are decrypted.
PCT/CN2021/131302 2021-06-22 2021-11-17 Data processing method and apparatus based on smart contract WO2022267314A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110692736.X 2021-06-22
CN202110692736.XA CN113326525B (en) 2021-06-22 2021-06-22 Data processing method and device based on intelligent contract

Publications (1)

Publication Number Publication Date
WO2022267314A1 true WO2022267314A1 (en) 2022-12-29

Family

ID=77424193

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/131302 WO2022267314A1 (en) 2021-06-22 2021-11-17 Data processing method and apparatus based on smart contract

Country Status (2)

Country Link
CN (1) CN113326525B (en)
WO (1) WO2022267314A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113326525B (en) * 2021-06-22 2024-01-16 深圳前海微众银行股份有限公司 Data processing method and device based on intelligent contract
CN113992325B (en) * 2021-10-09 2023-07-11 深圳前海微众银行股份有限公司 Private data sharing method and device
CN114430326B (en) * 2022-04-07 2022-08-05 中国工商银行股份有限公司 Block chain based information confirmation method and device, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170344988A1 (en) * 2016-05-24 2017-11-30 Ubs Ag System and method for facilitating blockchain-based validation
CN109495465A (en) * 2018-11-05 2019-03-19 河南师范大学 Privacy set intersection method based on intelligent contract
CN110930251A (en) * 2019-10-18 2020-03-27 如般量子科技有限公司 Anti-quantum computing cloud storage method and system based on alliance chain and implicit certificate
CN111723387A (en) * 2020-06-22 2020-09-29 深圳前海微众银行股份有限公司 Block chain-based data decryption method and device
CN112543187A (en) * 2020-11-26 2021-03-23 齐鲁工业大学 Industrial Internet of things safety data sharing method based on edge block chain
CN113326525A (en) * 2021-06-22 2021-08-31 深圳前海微众银行股份有限公司 Data processing method and device based on intelligent contract

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2555431A (en) * 2016-10-27 2018-05-02 Nokia Technologies Oy A method for analysing media content
CN109255247B (en) * 2018-08-14 2020-08-14 阿里巴巴集团控股有限公司 Multi-party security calculation method and device and electronic equipment
CN112910840B (en) * 2021-01-14 2022-04-05 重庆邮电大学 Medical data storage and sharing method and system based on alliance blockchain

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170344988A1 (en) * 2016-05-24 2017-11-30 Ubs Ag System and method for facilitating blockchain-based validation
CN109495465A (en) * 2018-11-05 2019-03-19 河南师范大学 Privacy set intersection method based on intelligent contract
CN110930251A (en) * 2019-10-18 2020-03-27 如般量子科技有限公司 Anti-quantum computing cloud storage method and system based on alliance chain and implicit certificate
CN111723387A (en) * 2020-06-22 2020-09-29 深圳前海微众银行股份有限公司 Block chain-based data decryption method and device
CN112543187A (en) * 2020-11-26 2021-03-23 齐鲁工业大学 Industrial Internet of things safety data sharing method based on edge block chain
CN113326525A (en) * 2021-06-22 2021-08-31 深圳前海微众银行股份有限公司 Data processing method and device based on intelligent contract

Also Published As

Publication number Publication date
CN113326525A (en) 2021-08-31
CN113326525B (en) 2024-01-16

Similar Documents

Publication Publication Date Title
US11349645B2 (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
CN109377198B (en) Signing system based on multi-party consensus of alliance chain
WO2022267314A1 (en) Data processing method and apparatus based on smart contract
US20200344070A1 (en) Methods and devices for validating transaction in blockchain system
US9819494B2 (en) Digital signature service system based on hash function and method thereof
US11341493B2 (en) Methods and devices for providing transaction data to blockchain system for processing
CN110601816B (en) Lightweight node control method and device in block chain system
US11375369B2 (en) Message authentication method and communication method of communication network system, and communication network system
US20150288527A1 (en) Verifiable Implicit Certificates
CN109861956B (en) Data verification system, method, device and equipment based on state channel
WO2022068356A1 (en) Blockchain-based information encryption method and apparatus, device and medium
WO2022068234A1 (en) Encryption method and apparatus based on shared root key, device and medium
WO2021109718A1 (en) Verification method and apparatus based on block chain system
US20220360429A1 (en) Location-key encryption system
CN117176353A (en) Method and device for processing data
US20220368527A1 (en) Location key search of encrypted files without decryption
WO2020258126A1 (en) Generation method and device for collaborative address, transaction signing method and device for collaborative address, and storage medium
TW202226023A (en) File encryption and decryption method, device , and electronic device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21946793

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE