[go: up one dir, main page]

CN112925853B - Trusted data exchange method and device based on block chain, terminal equipment and medium - Google Patents

Trusted data exchange method and device based on block chain, terminal equipment and medium Download PDF

Info

Publication number
CN112925853B
CN112925853B CN202110250756.1A CN202110250756A CN112925853B CN 112925853 B CN112925853 B CN 112925853B CN 202110250756 A CN202110250756 A CN 202110250756A CN 112925853 B CN112925853 B CN 112925853B
Authority
CN
China
Prior art keywords
terminal
data
polynomial
public key
target
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110250756.1A
Other languages
Chinese (zh)
Other versions
CN112925853A (en
Inventor
赵书鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Shenshentong Information Technology Co ltd
Original Assignee
Shandong Shenshentong Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Shenshentong Information Technology Co ltd filed Critical Shandong Shenshentong Information Technology Co ltd
Priority to CN202110250756.1A priority Critical patent/CN112925853B/en
Publication of CN112925853A publication Critical patent/CN112925853A/en
Application granted granted Critical
Publication of CN112925853B publication Critical patent/CN112925853B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2282Tablespace storage structures; Management thereof
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Databases & Information Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the disclosure discloses a block chain-based trusted data exchange method, a block chain-based trusted data exchange device, a terminal device and a medium. One embodiment of the method comprises: receiving a storage record table sent by a first terminal; sending the storage record table to a second terminal; receiving an access request sent by a second terminal; sending the access request to the first terminal; receiving ciphertext data and a public key set sent back by a first terminal; sending the ciphertext data and the public key set to a second terminal; deleting the ciphertext data; and updating the block chain. In this embodiment, the first terminal issues the storage record table to the block chain to satisfy the storage capacity requirement of the block chain. And the first terminal encrypts the target data and then sends the uplink. And the block chain transmits the encrypted data and the public key set to the second terminal and then destroys the ciphertext data on the chain, and the second terminal generates target encrypted data according to the encrypted data and the public key set. Only the first terminal has the target data in the data exchange process, so that the trusted data exchange level is improved.

Description

Trusted data exchange method and device based on block chain, terminal equipment and medium
Technical Field
Embodiments of the present disclosure relate to the field of block chaining, and in particular, to a trusted data exchange method, apparatus, terminal device, and computer readable medium.
Background
The block chain technology is an emerging technology emerging in the field of information technology and is a foundation for constructing a value internet. The system is an information technology formed by fusing a plurality of technologies such as distributed data storage, a point-to-point network, a cryptographic technology and the like, and has the characteristics of decentralization, openness, autonomy and the like. Its decentralized trusted nature provides a viable solution for us to achieve a fair exchange of data. Meanwhile, the distributed storage and the characteristic that data is not easy to be tampered are also very suitable for designing a safe sharing scheme of the data.
However, when data exchange sharing is performed based on a block chain, the following technical problems often exist:
first, the block chain has limited storage capacity, and when large-scale data exchange sharing is performed based on the block chain, data cannot be stored in the block chain but only can be stored off-chain. Data uplinks stored off-chain are exchanged directly, and the risk of exposure to all nodes on the chain exists, so that the data storage safety is influenced.
Second, the ciphertext encrypted using the conventional encryption method is sent to the user node via the blockchain, and the private key is not transmitted in the blockchain. At this time, the user node cannot decrypt with the public key, cannot acquire the original data, and cannot meet the requirement of subsequent data processing.
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Some embodiments of the present disclosure propose a block chain based trusted data exchange method, apparatus, terminal device and medium to solve one or more of the technical problems mentioned in the background section above.
In a first aspect, some embodiments of the present disclosure provide a method for trusted data exchange based on a blockchain, the method including: receiving a storage record table sent by a first terminal; sending the storage record table to a second terminal; receiving an access request sent by a second terminal; sending the access request to the first terminal; receiving ciphertext data and a public key set sent back by a first terminal; sending the ciphertext data and the public key set to a second terminal; deleting the ciphertext data; and updating the block chain.
In a second aspect, some embodiments of the present disclosure provide an apparatus for trusted data exchange based on a blockchain, the apparatus comprising: a first receiving unit configured to receive a storage record table sent by a first terminal; a first transmission unit configured to transmit the storage record table to the second terminal; a second receiving unit configured to receive an access request sent by a second terminal; a second transmitting unit configured to transmit the access request to the first terminal; the third receiving unit is configured to receive the ciphertext data and the public key set sent back by the first terminal; a third transmission unit configured to transmit the ciphertext data and the public key set to the second terminal; a first processing unit configured to delete the ciphertext data; a second processing unit configured to update a blockchain.
In a third aspect, some embodiments of the present disclosure provide a terminal device, including: one or more processors; a storage device having one or more programs stored thereon which, when executed by one or more processors, cause the one or more processors to implement a method as in any one of the first aspects.
In a fourth aspect, some embodiments of the disclosure provide a medium on which a computer program is stored, wherein the program, when executed by a processor, implements the method as in any one of the first aspect.
The above embodiments of the present disclosure have the following beneficial effects: according to the trusted data exchange method based on the block chain, the first terminal issues the storage record table to the block chain, and the storage capacity requirement of the block chain is met. And the first terminal encrypts the target data and then sends the uplink. And the block chain transmits the encrypted data and the public key set to the second terminal and then destroys the ciphertext data on the chain, and the second terminal generates target encrypted data according to the encrypted data and the public key set. Only the first terminal has the target data in the data exchange process, so that the trusted data exchange level is improved. In particular, the inventors have found that the reason for the low level of trusted data exchange in the current blockchain is that: the block chain has limited storage capacity and cannot meet the requirement of large-scale data uplink storage. In addition, in the data ownership and execution right set, the blockchain that has the execution right and transmits data has data ownership at the same time, and there is a risk that the data is exposed to all nodes in the blockchain. Based on this, first, the first terminal storing data in some embodiments of the present disclosure will only store the record table uplink. The storage record table is small in size and meets the storage capacity requirement of the block chain. And step two, the second terminal determines a target data storage address to be accessed according to the storage record table issued in the block chain and sends an access request. And thirdly, the block chain sends the access request to the first terminal. And fourthly, the first terminal searches the target data according to the access request. The first terminal performs homomorphic encryption processing on the target data and generates ciphertext data and a public key set after signing. The first terminal issues the ciphertext data and the public key set into the blockchain. And fifthly, the block chain sends the ciphertext data and the public key set to the second terminal. By utilizing the characteristic of the homomorphic encryption method, the second terminal can determine target encrypted data according to the ciphertext data and the public key set. And finally, deleting the ciphertext data and the public key set by the block chain. The block chain does not store data, the requirement of the block chain on the storage capacity can be met, and the data storage and exchange efficiency is improved. In addition, the target data is transmitted through the block chain after being encrypted, and the second terminal and all nodes on the block chain can only access the target encrypted data and cannot acquire the target data, so that the safety of the target data is ensured, and the level of trusted data exchange is improved.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and features are not necessarily drawn to scale.
FIG. 1 is an architectural diagram of an exemplary system in which some embodiments of the present disclosure may be applied;
FIG. 2 is a flow diagram of some embodiments of a block chain based trusted data exchange method according to the present disclosure;
figure 3 is a flow diagram of some embodiments of a block chain based trusted data exchange device according to the present disclosure;
fig. 4 is a schematic block diagram of a terminal device suitable for use in implementing some embodiments of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 illustrates an exemplary system architecture 100 to which embodiments of the block chain based trusted data exchange methods of the present disclosure may be applied.
As shown in fig. 1, the system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have installed thereon various communication client applications, such as a data exchange application, an information generation application, a data processing application, and the like.
The terminal apparatuses 101, 102, and 103 may be hardware or software. When the terminal devices 101, 102, 103 are hardware, they may be various terminal devices having a display screen, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like. When the terminal apparatuses 101, 102, 103 are software, they can be installed in the above-listed terminal apparatuses. It may be implemented as multiple software or software modules (e.g., to provide access request input, etc.), or as a single software or software module. And is not particularly limited herein.
The server 105 may be a server that provides various services, such as a server that stores access requests input by the terminal apparatuses 101, 102, 103, and the like. The server may process the received access request and feed back the processing result (e.g., the target encrypted data) to the terminal device.
It should be noted that the block chain based trusted data exchange method provided by the embodiment of the present disclosure may be executed by the server 105, or may be executed by the terminal device.
It should be noted that the local of the server 105 may also directly store the access request, and the server 105 may directly obtain the access request and obtain the target encrypted data after processing through the blockchain, in this case, the exemplary system architecture 100 may not include the terminal devices 101, 102, 103 and the network 104.
It should be noted that the terminal devices 101, 102, and 103 may also have a data exchange application installed therein, and in this case, the processing method may also be executed by the terminal devices 101, 102, and 103. At this point, the exemplary system architecture 100 may also not include the server 105 and the network 104.
The server 105 may be hardware or software. When the server 105 is hardware, it may be implemented as a distributed server cluster composed of a plurality of servers, or may be implemented as a single server. When the server is software, it may be implemented as a plurality of software or software modules (for example, for providing data exchange services), or as a single software or software module. And is not particularly limited herein.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continued reference to fig. 2, a flow 200 of some embodiments of a block chain based trusted data exchange method in accordance with the present disclosure is shown. The block chain-based trusted data exchange method comprises the following steps:
step 201, receiving a storage record table sent by a first terminal.
In some embodiments, an executing entity (e.g., the server shown in fig. 1) of the block chain-based trusted data exchange method receives the storage record table sent by the first terminal. Optionally, the storage record table includes a first number of storage records, and the storage records include data names and data storage addresses. Specifically, the storage address of the recording data in the recording table is stored, and no data is stored in the recording table.
Step 202, sending the storage record table to the second terminal.
In some embodiments, the execution body sends the storage record table to the second terminal. Specifically, the second terminal may check the storage condition of the data according to the storage log table.
Step 203, receiving an access request sent by the second terminal.
In some embodiments, the executing body of the block chain based trusted data exchange method receives an access request sent by the second terminal. And the second terminal determines the target data according to the storage record table. The access request includes a memory address of the target data. Specifically, the block link receives an access request for accessing the target data, and the second terminal sends the access request.
Step 204, sending the access request to the first terminal.
In some embodiments, the executing agent sends the access request to the first terminal.
Step 205, receiving the ciphertext data and the public key set sent back by the first terminal.
In some embodiments, the execution subject receives the ciphertext data and the public key set sent back by the first terminal. And the first terminal determines the ciphertext data and the public key set according to the access request.
Optionally, the first terminal determines the target data according to the access request. The access request includes a memory address of the target data. And the first terminal searches the target data according to the storage address of the target data.
Optionally, the first terminal generates the encrypted data and the public key set based on the target data. The first terminal determines security parameters. In particular, the security parameter may be an integer. The first terminal determines a private key based on the security parameters, wherein the length of the private key is a first number. In particular, the private key may be a randomly generated prime number of a first number in length. The first terminal generates a first integer polynomial using:
d(x)={a 0 +a 1 x+...+a n x n },
where n is an integer, x is a variable, and d (x) represents a first integer polynomial of order n with respect to x. a is a polynomial coefficient, a 0 A first coefficient representing d (x), a 1 Coefficient representing x, a n Denotes x n The coefficient of (a). The coefficient of each item of d (x) is a random integer, and the coefficient of each item of d (x) has a value range of [0, 2% γ /s]. Gamma is an arbitrary integer and s is the private key length.
The first terminal generates a second integer polynomial using:
r(x)={b 0 +b 1 x+...+b n x n },
where n is an integer, x is a variable, and r (x) represents a second integer polynomial of order n with respect to x. b is a polynomial coefficient, b 0 First coefficient representing r (x), b 1 Coefficient representing x, b n Represents x n The coefficient of (a). The coefficient of each term of r (x) is a random integer. The coefficient of each term of r (x) has a value range of [ -2 [) ρ ,2 ρ ]And rho is a safety parameter.
The first terminal generates a public key set using the following equation:
{k i (x);k i (x)=s·d i (x)+2r i (x)},
wherein k is i (x) Represents the ith public key in the public key set, and i is the count of the public keys in the public key set. There is a second number of public keys in the public key set, d i (x) Denotes the ith first integer polynomial, r i (x) Represents the ith second integer polynomial and s is the length of the private key.
The first terminal generates a target polynomial based on the target data. Specifically, the target data may be represented in a binary form. The binary form of the target data is from high order to low order, and the number of bits of each bit corresponds to the order of each of the highest order term to the lowest order term of the target polynomial, respectively. Wherein the value of each bit of the target data in binary form represents the coefficient of each of the highest-order term to the lowest-order term of the target polynomial, respectively. The target data is rewritten into the form of the target polynomial, and the target polynomial can be directly encrypted.
The first terminal generates encrypted data based on the public key set, the private key, and the target polynomial using the following equation:
Figure BDA0002965962270000071
where m (x) is the target polynomial and p is the private key. k is a radical of i (x) And (c) representing the ith public key, wherein i is the count of the public keys in the public key set, the public key set has a second number of public keys in common, and (x) represents the encrypted data.
Optionally, the first terminal generates ciphertext data based on the encrypted data. The first terminal determines the re-encryption key using the following equation:
r=z·s,
wherein z is any integer, s is the length of the private key, and r is the re-encryption key. The first terminal generates ciphertext data based on the encrypted data and the re-encryption key using the following equation:
c'(x)=c(x)mod r,
where c (x) represents encrypted data, r is a re-encryption key, mod is modulo processing, and c' (x) represents ciphertext data.
Optional contents in the above step 205, namely: the technical content of the ciphertext data generated by the first terminal is taken as an invention point of the embodiment of the disclosure, and the technical problem mentioned in the background art is solved, namely, the ciphertext encrypted by using the traditional encryption method is sent to the user node through the block chain, and the private key cannot be transmitted in the block chain. At this time, the user node cannot decrypt with the public key, cannot acquire the original data, and cannot meet the requirement of subsequent data processing. ". Factors that cause the ciphertext encrypted by the conventional method not to be effectively transmitted and utilized in the block chain are often as follows: after the node in the block chain acquires the ciphertext data subjected to the encryption processing, since the private key is not mastered, the decryption processing cannot be performed, and therefore the subsequent data processing cannot be performed. If the above factors are resolved, the problem of trusted exchange of encrypted data over the blockchain can be resolved. To achieve this, the present disclosure introduces a homomorphic encryption method and performs signature processing. First, the first terminal converts the target data into a target polynomial to meet the requirements of subsequent encryption processing. Then, the first terminal generates a first integer polynomial and a second integer polynomial. The first terminal then generates encrypted data and a set of public keys using a homomorphic encryption method. And finally, the first terminal signs the encrypted data to obtain ciphertext data. The first terminal issues the encrypted data and the public key set to the block chain, and nodes in the block chain can decrypt by using the encrypted data and the public key set and perform subsequent data processing by using the characteristic of homomorphic encryption. Homomorphic encryption is an algorithm which can enable anyone to perform any function operation on encrypted ciphertext data, and after the obtained result is decrypted, the homomorphic encryption is equivalent to performing equivalent operation on target data, so that the requirement of subsequent data processing can be met, and the technical problem two is solved.
And step 206, sending the ciphertext data and the public key set to the second terminal.
In some embodiments, the execution body transmits the ciphertext data and the public key set to the second terminal. Optionally, a smart contract is invoked. Wherein the intelligent contract comprises intelligent contract code, an instance, and execution data. In particular, an intelligent contract is a set of commitments defined in a digital form. The intelligent contract can control data in the block chain and appoint the rights and obligations of each participating terminal in the block chain. The smart contracts may be automatically executed by the computer system. In particular, the intelligent contract includes intelligent contract code, instances, and execution data. The intelligent contract code may be the source code of the intelligent contract. The intelligent contract code may be a piece of code that the computer system is capable of executing. An instance may be an actual service in a blockchain running an intelligent contract. The execution data may be data that remains in the blockchain after execution of an instance. Invoking the intelligent contract, running the intelligent contract code, generating an instance and executing data. The instance and the execution data are recorded in a blockchain.
And generating a search recording block. Specifically, the block chain includes at least one block. At least one tile includes a first transaction identification, a second transaction identification, a tile hash value, a tile content, and a set of tile information. Specifically, a block chain is a chain structure, and includes a head node (first block) and a tail node (last block) of the chain. A block is the primary data storage structure for a chain of blocks. And generating a block header, wherein the block header comprises a block hash value, a block pointer, a block generation time and a block information set. And determining the set of the ciphertext data and the public key set as the search record. The search record is determined as a block volume. A set of block headers and block volumes is determined as a search recording block.
And operating intelligent contract codes and storing the search record blocks in the block chain. The block chain finds the last block based on the block generation time. The block chain runs intelligent contract code, pointing the block pointer to the last block. Specifically, the block header includes a block generation time. And searching the blocks in the block chain, and determining the block with the latest block generation time as the last block.
Optionally, the ciphertext data and the public key set are sent to the second terminal. And the second terminal generates target encrypted data based on the ciphertext data and the public key set. The second terminal generates a target encryption polynomial based on the ciphertext data and the public key set using:
m'(x)=c'(x)mod tmod 2,
where mod is the modulo process, c' (x) represents the ciphertext data, and t is the second number. There is a second number of public keys in the set of public keys. m' (x) is the target encryption polynomial. The target encryption data is determined using the target encryption polynomial. Specifically, the order of each of the highest-order term to the lowest-order term of the target encryption polynomial may be made to correspond to the target encryption data in binary form. Wherein the value of each bit of the target encryption data in binary form represents the coefficient of each item from the highest-order item to the lowest-order item of the target encryption polynomial, respectively.
Step 207, the ciphertext data is deleted.
In some embodiments, the execution body deletes the ciphertext data. Specifically, the ciphertext data is deleted from the block chain. The block chain does not store data, the requirement of the block chain on the storage capacity can be met, and the data storage and exchange efficiency is improved.
In step 208, the block chain is updated.
In some embodiments, the updating the block chain is performed as described above.
One embodiment presented in fig. 2 has the following beneficial effects: receiving a storage record table sent by a first terminal; sending the storage record table to a second terminal; receiving an access request sent by a second terminal; sending the access request to the first terminal; receiving ciphertext data and a public key set sent back by a first terminal; sending the ciphertext data and the public key set to a second terminal; deleting the ciphertext data; and updating the block chain. In this embodiment, the first terminal issues the storage record table to the block chain to satisfy the storage capacity requirement of the block chain. And the first terminal encrypts the target data and then sends the uplink. And the block chain transmits the encrypted data and the public key set to the second terminal and then destroys the ciphertext data on the chain, and the second terminal generates target encrypted data according to the encrypted data and the public key set. Only the first terminal has the target data in the data exchange process, so that the trusted data exchange level is improved.
With further reference to fig. 3, as an implementation of the above method for the above figures, the present disclosure provides some embodiments of a block chain based trusted data exchange apparatus, which correspond to those of the above method embodiments of fig. 2, and which may be applied in various terminal devices.
As shown in fig. 3, the block chain based trusted data exchange apparatus 400 of some embodiments comprises: a first receiving unit 301, a first transmitting unit 302, a second receiving unit 303, a second transmitting unit 304, a third receiving unit 305, a third transmitting unit 306, a first processing unit 307, and a second processing unit 308. The first receiving unit 301 is configured to receive a storage record table sent by the first terminal. A first sending unit 302 configured to send the storage record table to the second terminal. A second receiving unit 303, configured to receive an access request sent by the second terminal. And the second terminal determines the target data according to the storage record table, and the access request comprises the storage address of the target data. A second sending unit 304 configured to send the access request to the first terminal. And a third receiving unit 305 configured to receive the ciphertext data and the public key set sent back by the first terminal. And the first terminal determines the ciphertext data and the public key set according to the access request. A third transmitting unit 306 configured to transmit the ciphertext data and the set of public keys to the second terminal. And the second terminal generates target data based on the ciphertext data and the public key set. The first processing unit 307 is configured to delete the ciphertext data. A second processing unit 308 configured to update the blockchain.
It will be understood that the units described in the apparatus 300 correspond to the various steps in the method described with reference to fig. 2. Thus, the operations, features and resulting advantages described above with respect to the method are also applicable to the apparatus 300 and the units included therein, and are not described herein again.
Referring now to FIG. 4, a block diagram of a computer system 400 suitable for use in implementing a server of an embodiment of the present disclosure is shown. The server shown in fig. 4 is only an example, and should not bring any limitation to the function and the scope of use of the embodiments of the present disclosure.
As shown in fig. 4, the computer system 400 includes a Central Processing Unit (CPU)401 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 402 or a program loaded from a storage section 408 into a Random Access Memory (RAM) 403. In the RAM 403, various programs and data necessary for the operation of the system 400 are also stored. The CPU 401, ROM 402, and RAM 403 are connected to each other via a bus 404. An Input/Output (I/O) interface 405 is also connected to the bus 404.
The following components are connected to the I/O interface 405: a storage section 406 including a hard disk and the like; and a communication section 407 including a Network interface card such as a LAN (Local Area Network) card, a modem, or the like. The communication section 407 performs communication processing via a network such as the internet. A drive 408 is also connected to the I/O interface 405 as needed. A removable medium 409 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted as necessary on the drive 408, so that a computer program read out therefrom is mounted as necessary in the storage section 406.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 407 and/or installed from the removable medium 409. The above-described functions defined in the method of the present disclosure are performed when the computer program is executed by a Central Processing Unit (CPU) 401. It should be noted that the computer readable medium in the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer-readable signal medium may include a propagated data signal with computer-readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the C language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is possible without departing from the inventive concept as defined above. For example, the above features and (but not limited to) the features disclosed in this disclosure having similar functions are replaced with each other to form the technical solution.

Claims (7)

1. A trusted data exchange method based on a block chain comprises the following steps:
receiving a storage record table sent by a first terminal;
sending the storage record table to a second terminal;
receiving an access request sent by the second terminal, wherein the second terminal determines target data according to the storage record table, and the access request comprises a storage address of the target data;
sending the access request to the first terminal;
receiving ciphertext data and a public key set sent back by the first terminal, wherein the ciphertext data and the public key set are determined by the first terminal according to the access request;
sending the ciphertext data and the public key set to the second terminal, wherein the second terminal generates target encryption data based on the ciphertext data and the public key set;
deleting the ciphertext data;
the block chain is updated by the update unit,
wherein, the determining, by the first terminal, the ciphertext data and the public key set according to the access request includes:
the first terminal determines target data according to the access request;
the first terminal generates encrypted data and the public key set based on the target data;
the first terminal generates the ciphertext data based on the encrypted data;
wherein the first terminal generates encrypted data and the public key set based on the target data, and includes:
the first terminal determines security parameters;
the first terminal determines a private key based on the security parameters, wherein the length of the private key is a first number;
the first terminal generates a first integer polynomial using:
Figure 626141DEST_PATH_IMAGE001
wherein n is an integer, x is a variable,
Figure 74440DEST_PATH_IMAGE002
denotes the first order of n with respect to xThe integer polynomial is a function of the number of the integer,
Figure 385335DEST_PATH_IMAGE003
is a polynomial coefficient, and the coefficient is,
Figure 577282DEST_PATH_IMAGE004
represent
Figure 922813DEST_PATH_IMAGE002
The first coefficient of (a) is,
Figure 479696DEST_PATH_IMAGE005
represent
Figure 543467DEST_PATH_IMAGE006
The coefficient of (a) is determined,
Figure 273526DEST_PATH_IMAGE007
to represent
Figure 676825DEST_PATH_IMAGE008
The coefficient of (a) is determined,
Figure 201347DEST_PATH_IMAGE002
the coefficients of each term of (a) are random integers,
Figure 752415DEST_PATH_IMAGE002
each term has a coefficient value range of
Figure 223847DEST_PATH_IMAGE009
Figure 278391DEST_PATH_IMAGE010
Is any integer, and s is the length of the private key;
the first terminal generates a second integer polynomial using:
Figure 504973DEST_PATH_IMAGE011
wherein n is an integer, x is a variable,
Figure 277757DEST_PATH_IMAGE012
representing a second integer polynomial of order n with respect to x,
Figure 287301DEST_PATH_IMAGE013
is a polynomial coefficient, and the coefficient is,
Figure 727510DEST_PATH_IMAGE014
represent
Figure 797097DEST_PATH_IMAGE012
The first coefficient of (a) is,
Figure 322756DEST_PATH_IMAGE015
to represent
Figure 135991DEST_PATH_IMAGE006
The coefficient of (a) is determined,
Figure 430706DEST_PATH_IMAGE016
to represent
Figure 936774DEST_PATH_IMAGE008
The coefficient of (a) is determined,
Figure 684150DEST_PATH_IMAGE012
the coefficients of each term of (a) are random integers,
Figure 301076DEST_PATH_IMAGE012
each term has a coefficient value range of
Figure 184719DEST_PATH_IMAGE017
Figure 924005DEST_PATH_IMAGE018
The safety parameter is the safety parameter;
the first terminal generates a public key set by using the following formula:
Figure 96360DEST_PATH_IMAGE019
wherein,
Figure 313715DEST_PATH_IMAGE020
representing the ith public key in the public key set, i being the count of public keys in the public key set, the public key set having a second number of public keys,
Figure 520705DEST_PATH_IMAGE021
represents the ith first integer polynomial,
Figure 430892DEST_PATH_IMAGE022
represents the ith second integer polynomial, s is the length of the private key;
the first terminal generates a target polynomial based on the target data;
the first terminal generates the encrypted data based on the set of public keys, the private key, and the target polynomial using the following equation:
Figure 90544DEST_PATH_IMAGE023
wherein,
Figure 111589DEST_PATH_IMAGE024
is the target polynomial, p is the private key,
Figure 173086DEST_PATH_IMAGE025
representing the ith public key, i being a count of public keys in a set of public keys, the set of public keys having a second number of public keys in common,
Figure 191858DEST_PATH_IMAGE026
representing the encrypted data;
wherein the generating of the ciphertext data by the first terminal based on the encrypted data comprises:
the first terminal determines a re-encryption key using the following equation:
Figure 401122DEST_PATH_IMAGE027
wherein z is any integer, s is the length of the private key, and r is the re-encryption key;
the first terminal generates the ciphertext data based on the encrypted data and the re-encryption key using:
Figure 163542DEST_PATH_IMAGE028
wherein,
Figure 141862DEST_PATH_IMAGE029
representing the encrypted data, r is the re-encryption key, mod is the modulo process,
Figure 65956DEST_PATH_IMAGE030
representing the ciphertext data.
2. The method of claim 1, wherein the table of storage records comprises a first number of storage records comprising a data name and a data storage address.
3. The method of claim 2, wherein the transmitting the ciphertext data and the set of public keys to the second terminal further comprises:
invoking an intelligent contract, wherein the intelligent contract comprises intelligent contract code, an instance, and execution data;
generating a search recording block;
running the intelligent contract code to store the search record block in the block chain;
and sending the ciphertext data and the public key set to the second terminal.
4. The method of claim 3, wherein the second terminal generates target encrypted data based on the ciphertext data and the set of public keys, further comprising:
the second terminal generates a target encryption polynomial based on the ciphertext data and the public key set using:
Figure 965779DEST_PATH_IMAGE031
wherein mod is the modulo process,
Figure 328627DEST_PATH_IMAGE032
representing the ciphertext data, t being a second number, there being a second number of public keys in the set of public keys,
Figure 364716DEST_PATH_IMAGE033
encrypting a polynomial for the target;
determining the target encryption data using the target encryption polynomial.
5. A block chain based trusted data exchange apparatus comprising:
a first receiving unit configured to receive a storage record table sent by a first terminal;
a first transmission unit configured to transmit the storage record table to a second terminal;
a second receiving unit, configured to receive an access request sent by the second terminal, where the second terminal determines target data according to the storage record table, and the access request includes a storage address of the target data;
a second transmitting unit configured to transmit the access request to the first terminal;
a third receiving unit, configured to receive ciphertext data and a public key set sent back by the first terminal, where the first terminal determines the ciphertext data and the public key set according to the access request;
a third transmitting unit configured to transmit the ciphertext data and the public key set to the second terminal, wherein the second terminal generates target encrypted data based on the ciphertext data and the public key set;
a first processing unit configured to delete the ciphertext data;
a second processing unit configured to update a blockchain;
wherein the third receiving unit is further configured to determine target data according to the access request by the first terminal; the first terminal generates encrypted data and the public key set based on the target data; the first terminal generates the ciphertext data based on the encrypted data;
wherein the third receiving unit is further configured to determine a security parameter by the first terminal; the first terminal determines a private key based on the security parameters, wherein the length of the private key is a first number; the first terminal generates a first integer polynomial using:
Figure 522028DEST_PATH_IMAGE001
wherein n is an integer, x is a variable,
Figure 643568DEST_PATH_IMAGE002
representing a first integer polynomial of order n with respect to x,
Figure 810107DEST_PATH_IMAGE003
is a polynomial coefficient, and the coefficient is,
Figure 700703DEST_PATH_IMAGE004
to represent
Figure 232178DEST_PATH_IMAGE002
The first coefficient of (a) is,
Figure 637752DEST_PATH_IMAGE005
to represent
Figure 545665DEST_PATH_IMAGE006
The coefficient of (a) is determined,
Figure 353084DEST_PATH_IMAGE007
to represent
Figure 321040DEST_PATH_IMAGE008
The coefficient of (a) is determined,
Figure 151593DEST_PATH_IMAGE002
the coefficients of each term of (a) are random integers,
Figure 659934DEST_PATH_IMAGE002
each term has a coefficient value range of
Figure 259543DEST_PATH_IMAGE009
Figure 195138DEST_PATH_IMAGE010
Is any integer, and s is the length of the private key; the first terminal generates a second integer polynomial using:
Figure 512987DEST_PATH_IMAGE034
wherein n is an integer, x is a variable,
Figure 559440DEST_PATH_IMAGE012
representing a second integer polynomial of order n with respect to x,
Figure 544714DEST_PATH_IMAGE013
is a polynomial coefficient, and the coefficient is,
Figure 588893DEST_PATH_IMAGE014
to represent
Figure 456355DEST_PATH_IMAGE012
The first coefficient of (a) is,
Figure 244182DEST_PATH_IMAGE035
to represent
Figure 880700DEST_PATH_IMAGE006
The coefficient of (a) is determined,
Figure 361360DEST_PATH_IMAGE016
to represent
Figure 388222DEST_PATH_IMAGE008
The coefficient of (a) is determined,
Figure 42057DEST_PATH_IMAGE012
the coefficients of each term of (a) are random integers,
Figure 470764DEST_PATH_IMAGE012
each term has a coefficient value range of
Figure 919063DEST_PATH_IMAGE017
Figure 698800DEST_PATH_IMAGE018
The safety parameter is the safety parameter; the first terminal generates a public key set by using the following formula:
Figure 890747DEST_PATH_IMAGE019
wherein
Figure 439540DEST_PATH_IMAGE020
representing the ith public key in the public key set, i being the count of public keys in the public key set, the public key set having a second number of public keys,
Figure 262003DEST_PATH_IMAGE021
represents the ith first integer polynomial,
Figure 325774DEST_PATH_IMAGE022
represents the ith second integer polynomial, s being the length of the private key; the first terminal generates a target polynomial based on the target data; the first terminal generates the encrypted data based on the set of public keys, the private key, and the target polynomial using the following equation:
Figure 259095DEST_PATH_IMAGE023
wherein
Figure 459132DEST_PATH_IMAGE024
is the target polynomial, p is the private key,
Figure 718075DEST_PATH_IMAGE025
representing the ith public key, i being a count of public keys in a set of public keys, the set of public keys having a second number of public keys in common,
Figure 206825DEST_PATH_IMAGE026
representing the encrypted data;
wherein the third receiving unit is further configured to determine a re-encryption key by the first terminal using the following equation:
Figure 740575DEST_PATH_IMAGE027
wherein z is any integer, s is the length of the private key, and r is the re-encryption key; the first terminal generates the ciphertext data based on the encrypted data and the re-encryption key using:
Figure 998381DEST_PATH_IMAGE036
wherein
Figure 224963DEST_PATH_IMAGE029
representing the encrypted data, r is the re-encryption key, mod is the modulo process,
Figure 935430DEST_PATH_IMAGE030
representing the ciphertext data.
6. A first terminal device comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-4.
7. A computer-readable storage medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method of any one of claims 1-4.
CN202110250756.1A 2021-03-08 2021-03-08 Trusted data exchange method and device based on block chain, terminal equipment and medium Active CN112925853B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110250756.1A CN112925853B (en) 2021-03-08 2021-03-08 Trusted data exchange method and device based on block chain, terminal equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110250756.1A CN112925853B (en) 2021-03-08 2021-03-08 Trusted data exchange method and device based on block chain, terminal equipment and medium

Publications (2)

Publication Number Publication Date
CN112925853A CN112925853A (en) 2021-06-08
CN112925853B true CN112925853B (en) 2022-08-02

Family

ID=76171840

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110250756.1A Active CN112925853B (en) 2021-03-08 2021-03-08 Trusted data exchange method and device based on block chain, terminal equipment and medium

Country Status (1)

Country Link
CN (1) CN112925853B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110008737A (en) * 2019-02-19 2019-07-12 阿里巴巴集团控股有限公司 Method, node and storage medium for implementing privacy protection in block chain
CN111431713A (en) * 2020-03-27 2020-07-17 财付通支付科技有限公司 Private key storage method and device and related equipment
CN111950030A (en) * 2020-09-01 2020-11-17 宁波富万信息科技有限公司 Data sharing storage method based on block chain, terminal equipment and storage medium
CN111950032A (en) * 2020-09-01 2020-11-17 宁波富万信息科技有限公司 Block chain-based data storage method, terminal device and storage medium
CN112182109A (en) * 2020-10-13 2021-01-05 宁波金狮科技有限公司 Distributed data coding storage method based on block chain and electronic equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110661610B (en) * 2018-06-29 2020-11-03 创新先进技术有限公司 Input acquisition method and device of secure multi-party computing protocol

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110008737A (en) * 2019-02-19 2019-07-12 阿里巴巴集团控股有限公司 Method, node and storage medium for implementing privacy protection in block chain
CN111431713A (en) * 2020-03-27 2020-07-17 财付通支付科技有限公司 Private key storage method and device and related equipment
CN111950030A (en) * 2020-09-01 2020-11-17 宁波富万信息科技有限公司 Data sharing storage method based on block chain, terminal equipment and storage medium
CN111950032A (en) * 2020-09-01 2020-11-17 宁波富万信息科技有限公司 Block chain-based data storage method, terminal device and storage medium
CN112182109A (en) * 2020-10-13 2021-01-05 宁波金狮科技有限公司 Distributed data coding storage method based on block chain and electronic equipment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Leakage-Resilient Certificateless Public Key Encryption∗;Kefei Chen et al.;《AsiaPKC "13: Proceedings of the first ACM workshop on Asia public-key cryptography》;20130508;第13-22页 *
基于可搜索加密的区块链数据隐私保护机制;刘格昌等;《计算机应用》;20191230;第140-146页 *

Also Published As

Publication number Publication date
CN112925853A (en) 2021-06-08

Similar Documents

Publication Publication Date Title
US11784801B2 (en) Key management method and related device
WO2020253234A1 (en) Data homomorphic encryption and decryption method and apparatus for implementing privacy protection
US10951394B2 (en) System and method for publication of private data using a blockchain network
CN110768787B (en) Data encryption and decryption method and device
US12273437B2 (en) Data processing method and apparatus for blockchain system
US10803075B2 (en) System and method for searching a database or data sharing system for the presence of data
US20030138105A1 (en) Storing keys in a cryptology device
CN111523133A (en) Block chain and cloud data collaborative sharing method
US10476663B1 (en) Layered encryption of short-lived data
CN111950030A (en) Data sharing storage method based on block chain, terminal equipment and storage medium
US20220216999A1 (en) Blockchain system for supporting change of plain text data included in transaction
CN115203749B (en) Data transaction method and system based on block chain
US20190238523A1 (en) Communication terminals, server devices, and programs
US20220173913A1 (en) Consent Management
CN111950032A (en) Block chain-based data storage method, terminal device and storage medium
WO2020149913A2 (en) Computing key rotation period for block cipher-based encryption schemes system and method
CN112182109A (en) Distributed data coding storage method based on block chain and electronic equipment
CN111931204A (en) Encryption and de-duplication storage method and terminal equipment for distributed system
CN112541775A (en) Transaction tracing method based on block chain, electronic device and computer storage medium
CN116383867A (en) Data query method, device, electronic equipment and computer readable medium
CN114006689B (en) Data processing method, device and medium based on federal learning
WO2022068235A1 (en) Information processing method and apparatus for generating random number on the basis of attribute of information, and device
KR20100003093A (en) Method of producing searchable keyword encryption based on public key for minimizing data size of searchable keyword encryption and method of searching data based on public key through that
CN111984615B (en) File sharing method, device and system
US11356254B1 (en) Encryption using indexed data from large data pads

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20220713

Address after: 277000 east side and second floor of building B3, Lunan big data center park, Zaozhuang high tech Zone, Zaozhuang City, Shandong Province

Applicant after: Shandong shenshentong Information Technology Co.,Ltd.

Address before: Room 135, auxiliary building, 38 Hengjie South Road, Hengjie Town, Haishu District, Ningbo City, Zhejiang Province

Applicant before: Ningbo Golden Lion Technology Co.,Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant