CN114268447B - File transmission method and device, electronic equipment and computer readable medium - Google Patents
File transmission method and device, electronic equipment and computer readable medium Download PDFInfo
- Publication number
- CN114268447B CN114268447B CN202010975074.2A CN202010975074A CN114268447B CN 114268447 B CN114268447 B CN 114268447B CN 202010975074 A CN202010975074 A CN 202010975074A CN 114268447 B CN114268447 B CN 114268447B
- Authority
- CN
- China
- Prior art keywords
- file
- password
- public key
- file password
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a file transmission method, a file transmission device, electronic equipment and a computer readable medium, and belongs to the technical field of information transmission. The method comprises the following steps: generating a file password under the condition that a first public key of the first device is determined to exist in the blockchain system, wherein the file password is used for encrypting and decrypting a file; encrypting the file password through the first public key to generate a first identity certificate of the first device; uploading the first identity certificate and the target file encrypted by the file password to the blockchain system, so that the first device obtains the file password from the first identity certificate by using a first private key and decrypts the encrypted target file by using the file password, wherein the first private key and the first public key are a key pair of the first device. The file transmission method and the file transmission device improve the file transmission safety.
Description
Technical Field
The present application relates to the field of information transmission technologies, and in particular, to a file transmission method and apparatus, an electronic device, and a computer-readable medium.
Background
With the development of the internet, the electronic contract signing becomes a normal state, the electronic contract is an agreement which is achieved between two parties or multiple parties in an electronic form through an electronic information network, a contract initiator uploads the electronic contract to a server, a contract signing party downloads the electronic contract from the server and signs the electronic contract, if the electronic contract is not encrypted, once the server is invaded, information in all the electronic contracts in the server can be leaked, and the safety of information transmission is influenced.
Disclosure of Invention
An embodiment of the application aims to provide a file transmission method, a file transmission device, electronic equipment and a computer readable medium, so as to solve the problem of information leakage. The specific technical scheme is as follows:
in a first aspect, a file transfer method is provided, where the method includes:
generating a file password under the condition that a first public key of the first device is determined to exist in the blockchain system, wherein the file password is used for encrypting and decrypting a file;
encrypting the file password through the first public key to generate a first identity certificate of the first device;
uploading the first identity certificate and the target file encrypted by the file password to the blockchain system, so that the first device obtains the file password from the first identity certificate by using a first private key and decrypts the encrypted target file by using the file password, wherein the first private key and the first public key are a key pair of the first device.
Optionally, in the case that it is determined that the first public key of the first device exists in the blockchain system, the generating the file password includes:
under the condition that the first public key is determined to exist in the block chain system, acquiring a graph input by a user, and determining the current equipment time and the current memory allowance in the first equipment;
determining coordinate values of key points of the graph;
and generating the file password according to the coordinate value of the key point, the current equipment time and the current memory allowance.
Optionally, the generating the file password according to the coordinate value of the key point, the current device time and the current memory margin includes:
generating initial data according to the coordinate value of the key point, the current equipment time and the current memory allowance;
and carrying out length transformation on the initial data through a preset function, and taking the initial data with the changed length as the file password.
Optionally, the length-transforming the initial data through a preset function, and using the initial data with the changed length as the file password includes:
converting the initial data from decimal data to initial binary data;
and mapping the initial binary data into binary data with a preset length through the preset function, and taking the binary data with the preset length as the file password.
Optionally, in the case that it is determined that the first public key of the first device exists in the blockchain system, the generating the file password includes:
acquiring an identity verification result of the first equipment;
and generating a file password if the first public key exists in the blockchain system and the identity verification result represents that the file is verified.
Optionally, after generating the file password in the case that it is determined that the first public key of the first device exists in the blockchain system, the method further includes:
acquiring a second public key of the second device;
encrypting the file password through the second public key to generate a second identity certificate of the second device;
uploading the second identity credential to the blockchain system.
Optionally, after uploading the second identity credential and the encrypted target file to the blockchain system, the method further includes:
acquiring the second identity certificate from the blockchain system under the condition that the file password is required to be used;
and acquiring the file password from the second identity certificate by using a second private key and decrypting the encrypted target file by using the file password, wherein the second private key and the second public key are a key pair of the second device.
In a second aspect, there is provided a file transfer apparatus, the apparatus comprising:
the device comprises a first generation module, a second generation module and a third generation module, wherein the first generation module is used for generating a file password under the condition that a first public key of first equipment is determined to exist in a blockchain system, and the file password is used for encrypting and decrypting a file;
the second generation module is used for encrypting the file password through the first public key to generate a first identity certificate of the first device;
and the uploading module is used for uploading the first identity certificate and the target file encrypted by the file password to the blockchain system, so that the first equipment acquires the file password from the first identity certificate by using a first private key and decrypts the encrypted target file by using the file password, wherein the first private key and the first public key are a key pair of the first equipment.
In a third aspect, an electronic device is provided, which includes a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete communication with each other through the communication bus;
a memory for storing a computer program;
a processor for implementing any of the method steps described herein when executing a program stored in the memory.
In a fourth aspect, a computer-readable storage medium is provided, in which a computer program is stored which, when being executed by a processor, carries out any of the method steps.
The embodiment of the application has the following beneficial effects:
the embodiment of the application provides a file transmission method, which comprises the following steps: the second device generates a file password under the condition that the first public key of the first device is determined to be in the blockchain system, then encrypts the file password through the first public key to generate a first identity certificate of the first device, and finally uploads the first identity certificate and the target file encrypted by the file password to the blockchain system, so that the first device obtains the file password from the first identity certificate by using the first private key and decrypts the encrypted target file by using the file password. According to the method and the device, the target file is encrypted and decrypted in an asymmetric encryption mode, it is guaranteed that only the first equipment can acquire the file password through the first private key and open the target file, and the third party cannot know the first private key and therefore cannot open the target file, and the safety in the file transmission process is improved.
Of course, not all of the above advantages need be achieved in the practice of any one product or method of the present application.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious for those skilled in the art to obtain other drawings without inventive labor.
Fig. 1 is a block diagram of a block chain system according to an embodiment of the present disclosure;
fig. 2 is a flowchart of a file transfer method according to an embodiment of the present application;
FIG. 3 is a flowchart of a method for generating a file password according to an embodiment of the present disclosure;
fig. 4 is a network structure diagram of file transmission provided in the embodiment of the present application;
fig. 5 is a schematic structural diagram of a file transfer device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the application provides a block chain system, as shown in fig. 1, the block chain system includes an authentication node 1, a first device node 2, and a second device node 3, where the second device obtains a first public key of the first device, and obtains an authentication result of a user to which the first device belongs from the authentication node 1 through the second device node 3, if the second device determines that the first public key of the first device exists in the block chain system, and the authentication result table passes authentication, the second device generates a file password, and then encrypts the file password through the first public key to obtain a first identity certificate, the second device uploads the first identity certificate and an encrypted target file to the block chain system through the second device node 3, the first device obtains the first identity certificate and the encrypted target file from the block chain system through the first device node 2, the first device obtains the file password in the first identity certificate through a first private key symmetrical to the first device node, and then decrypts the encrypted target file password through the file. The blockchain system may also incorporate a serving gateway node and an audit node.
The embodiment of the application also provides a file transmission method, which can be applied to the first equipment adopted by the initiator of the contract and is used for improving the security of file transmission.
A file transmission method provided in an embodiment of the present application will be described in detail below with reference to specific embodiments, as shown in fig. 2, the specific steps are as follows:
step 201: in an instance in which it is determined that the first public key of the first device is present in the blockchain system, a file password is generated.
The file password is used for encrypting and decrypting the file.
In the embodiment of the present application, two parties signing an electronic contract include an initiator and a signing party, in the embodiment of the present application, a block chain is used for signing an electronic contract, the electronic contract is a target file, a device used by the initiator is a second device, and a device used by the signing party is a first device, where the first device and the second device may be terminals such as a computer, a mobile phone, and an ipad.
The method comprises the steps that when an initiator and a signing party register information in a block chain, respective public keys are obtained, namely, an initiator registration block chain obtains a second public key, a signing party registration block chain obtains a first public key, before signing, the initiator and the signing party disclose a first public key of the initiator and the signing party, a first device discloses the first public key of the second device, the second device obtains the public key of the first device, whether the first public key of the first device exists in the block chain system is judged, and if the second device judges that the first public key of the first device does not exist in the block chain system, the signing party is indicated to not perform block chain registration or the first public key is an unreal public key; if the second device judges that the first public key of the first device exists in the blockchain system and indicates that the signing party is registered in the blockchain, the first public key is a real public key, and the second device can obtain a second identity certificate and an encrypted target file through the blockchain, the second device generates a file password which is used for encrypting and decrypting the electronic contract.
Step 202: and encrypting the file password through the first public key to generate a first identity certificate of the first device.
In the embodiment of the application, after the second device generates the file password, the file password is encrypted by the first public key through an encryption algorithm to generate the first identity certificate of the first device, wherein the first public key in the first identity certificate is the identity of the first device. The encryption algorithm may be RSA, elGamal, knapsack algorithm, or Rabin, and the encryption algorithm is not specifically limited in this application.
Step 203: and uploading the first identity certificate and the target file encrypted by the file password to a block chain system, so that the first equipment acquires the file password from the first identity certificate by using a first private key and decrypts the encrypted target file by using the file password.
The first private key and the first public key are a key pair of the first device.
In the embodiment of the application, after the second device generates the file password, the target file is encrypted by using the file password, then the second device uploads the first identity certificate and the target file encrypted by using the file password to the blockchain system, the first device determines that the target file is a file to be signed through a first public key in the first identity certificate, the first device decrypts the first identity certificate by using a first private key paired with the first public key to obtain the file password, and then decrypts the encrypted target file by using the file password to obtain the plaintext of the target file. The first private key and the first public key are a key pair of the first device. The second device may upload and save the encrypted target file in a file database in the blockchain system.
According to the method and the device, the target file is encrypted and decrypted in an asymmetric encryption mode, it is guaranteed that only the first equipment can acquire the file password through the first private key and open the target file, and the third party cannot know the first private key and therefore cannot open the target file, and the safety in the file transmission process is improved.
The decentralized block chain of the block chain is essentially a decentralized distributed ledger database, data of the block chain is stored on a plurality of nodes in a network in a decentralized mode, and the traditional data storage mode is stored on one or more large nodes in the network. The essence of centralization and decentralization is how many nodes store data. Therefore, the decentralization of the blockchain is relative. Data is centralized on only a few nodes, but if stored on a large number of nodes, they are de-centralized relative to a few nodes, only to a different degree. Meanwhile, centralization and decentralization are not contradictory and are not completely contradictory, because the word "decentralization" in decentralization is a process for weakening and eliminating centers, and is not absolutely free of centers, which is a completely contradictory concept. The decentralized block chain can improve the system safety, ensure the transaction safety, save resources and improve the information interaction efficiency.
As an alternative embodiment, as shown in fig. 3, in the case that it is determined that the first public key of the first device exists in the blockchain system, the generating the file password includes:
step 301: and under the condition that the first public key is determined to exist in the block chain system, acquiring a graph input by a user, and determining the current equipment time and the current memory allowance in the first equipment.
In this embodiment of the application, after determining that the first public key exists in the blockchain system, the second device determines a current device time in the first device and a current memory margin of the first device, and obtains a graph input by a user, where the graph may be a graph which is automatically popped up by the second device after determining that the first public key exists in the blockchain system, and is randomly input by the user in the drawing frame.
Step 302: and determining the coordinate values of the key points of the graph.
In the embodiment of the application, the graph is composed of lines, the second device acquires key points of the image, a plane coordinate system is arranged in the area where the image is located, and coordinates of the key points are acquired. The key points can be bending points, starting points, end points or intersection points of the graph lines, and the key points are not particularly limited in the application.
Step 303: and generating a file password according to the coordinate value of the key point, the current equipment time and the current memory allowance.
In the embodiment of the application, after acquiring three data, namely, the coordinate value of the key point, the current device time and the current memory allowance, the second device arranges the three data in sequence to obtain initial data, and then transforms the initial data through a preset function to obtain the file password.
In the application, the coordinate values of the key points, the current equipment time and the current memory allowance are all random data, so that the randomness and the complexity of the file password are improved, and the safety of file transmission is improved. In addition, each file obtains the file password by adopting the method, and because the graph input by a user, the equipment time and the equipment memory allowance are different when each file password is generated, the file password of each file is unique, and even if one file password is cracked, other files cannot be affected, so that the safety in the file transmission process is further improved.
As an optional implementation manner, generating a file password according to the coordinate value of the key point, the current device time, and the current memory margin includes: generating initial data according to the coordinate value of the key point, the current equipment time and the current memory allowance; and carrying out length transformation on the initial data through a preset function, and taking the initial data with the changed length as a file password.
In the embodiment of the application, the second device arranges the coordinate values of the key points, the current device time and the current memory allowance in sequence to obtain initial data, and then performs length transformation on the initial data through a preset function, where the length transformation may be to transform the initial data to obtain data of a preset length or to transform the initial data to obtain data of a random length, and the second device uses the initial data after the length transformation as a file password. The arrangement order may be a fixed arrangement order or a random arrangement order.
As an optional implementation manner, the length-transforming the initial data by a preset function, and using the initial data after the length-transformation as the file password, includes: converting the initial data from decimal data into initial binary data; and mapping the initial binary data into binary data with a preset length through a preset function, and taking the binary data with the preset length as a file password.
In this embodiment of the present application, the coordinate value of the key point, the current device time, and the current memory margin are all decimal data, the second device may convert the initial data from decimal data to initial binary data, then map the initial binary data to binary data of a preset length through a preset function, and use the binary data of the preset length as a file password, where the preset function may be a hash algorithm, and for example, the preset function may be an SM3 password hash algorithm or an SHA256 hash algorithm, and a file password with a data length of 256 bits may be obtained by using the SHA256 hash algorithm.
As an alternative embodiment, in the case that it is determined that the first public key of the first device exists in the blockchain system, generating the file password includes: acquiring an identity verification result of the first equipment; and generating a file password under the condition that the first public key exists in the blockchain system and the identity verification result indicates that the verification is passed.
In the embodiment of the present application, the authentication mechanism may authenticate the signer and generate a serial number capable of identifying the signer, and the authentication mechanism marks the serial number if it is determined that the authentication result of the signer indicates verification pass. The identity verification organization uploads the serial number of the signing party to the blockchain system, wherein the identity of the signing party can not be determined by a third party according to the serial number, so that the privacy and the security of personal information of the signing party in the blockchain are guaranteed. Through the intelligent contract, the serial number of the signing party and the first public key of the first equipment of the signing party are stored in the same account in the block chain system, and if the second equipment determines that the serial number is marked, the second equipment indicates that the identity verification result of the signing party shows that the verification is passed. The processor judges that the first public key exists in the blockchain system, the verification result of the signing party shows that the signing party is verified to be information registered in the blockchain system, and the identity of the signing party is confirmed by the identity verification organization, and then the second device generates the file password.
The identity authentication mechanism can be a credible mechanism which can authenticate personal identity information such as a bank, a public security organization and the like, and the identity authentication mechanism performs authenticity authentication on personal identity through names, identity card numbers, face images and the like.
According to the method and the system, the real identity of the user is endorsed through the identity authentication mechanism, and the block chain system does not contain the personal identity information of the user, so that the personal information of the user is protected, and the safety of the personal information is enhanced.
As an optional implementation manner, in the case that it is determined that the first public key of the first device exists in the blockchain system, after the file password is generated, the method further includes: acquiring a second public key of the second device; encrypting the file password through a second public key to generate a second identity certificate of the second device; and uploading the second identity certificate to the blockchain system.
In this embodiment, the second device does not save the file password after generating the file password. And if the second equipment needs to acquire the encrypted target file, the file password needs to be acquired. Therefore, the second device generates its own second identity credential and then obtains the file password from the second identity credential using the second private key. Specifically, after the file password is generated, the second device may obtain a second public key of the second device, encrypt the file password through the second public key, generate a second identity credential of the second device, and upload the second identity credential to the blockchain system.
The second equipment uploads the second identity voucher, can upload the second identity voucher to the blockchain system together with the first identity voucher and the encrypted file, and can upload the second identity voucher when the file needs to be checked.
As an optional implementation manner, after uploading the second identity credential and the encrypted target file to the blockchain system, the method further includes: under the condition that a file password needs to be used, acquiring a second identity certificate from the block chain system; and acquiring a file password from the second identity certificate by using a second private key and decrypting the encrypted target file by using the file password, wherein the second private key and the second public key are a key pair of the second device.
In the embodiment of the application, when the second device needs to use the file password, the second device obtains the second identity certificate from the block chain system, decrypts the second identity certificate by using a second private key symmetrical to the second public key to obtain the file password in the second identity certificate, and then decrypts the encrypted target file by using the file password to obtain the plaintext of the target file. And the second private key and the second public key are a key pair of the second device.
Fig. 4 is a network configuration diagram of file transfer. The second equipment generates a file password through the coordinate value of the graph key point, the current equipment time and the current memory allowance, then encrypts the file password through a first public key of a signing party to obtain a first identity certificate, encrypts the file through a second public key of an initiating party to obtain a second identity certificate, and uploads the file password, the first identity certificate and the second identity certificate to the block chain system.
Based on the same technical concept, an embodiment of the present application further provides a file transmission apparatus, as shown in fig. 5, the apparatus includes:
a first generating module 501, configured to generate a file password when it is determined that a first public key of a first device exists in a blockchain system, where the file password is used to encrypt and decrypt a file;
a second generating module 502, configured to encrypt the file password by using the first public key, and generate a first identity credential of the first device;
the first uploading module 503 is configured to upload the first identity credential and the target file encrypted by the file password to the blockchain system, so that the first device obtains the file password from the first identity credential by using the first private key and decrypts the encrypted target file by using the file password, where the first private key and the first public key are a key pair of the first device.
Optionally, the first generating module 501 includes:
the first determining unit is used for acquiring a graph input by a user and determining the current equipment time and the current memory allowance in the first equipment under the condition that the first public key is determined to be in the block chain system;
the second determining unit is used for determining the coordinate value of the key point of the graph;
and the first generating unit is used for generating the file password according to the coordinate value of the key point, the current equipment time and the current memory allowance.
Optionally, the first generating unit includes:
the generating subunit is used for generating initial data according to the coordinate value of the key point, the current equipment time and the current memory allowance;
and the transformation subunit is used for carrying out length transformation on the initial data through a preset function and taking the initial data with the changed length as a file password.
Optionally, the transformation subunit comprises:
a conversion submodule for converting the initial data from decimal data to initial binary data;
and the mapping submodule is used for mapping the initial binary data into binary data with a preset length through a preset function, and using the binary data with the preset length as a file password.
Optionally, the first generating module 501 includes:
an obtaining unit, configured to obtain an authentication result of the first device;
and the second generating unit is used for generating the file password under the condition that the first public key exists in the blockchain system and the identity verification result shows that the file password passes the verification.
Optionally, the apparatus further comprises:
the first obtaining module is used for obtaining a second public key of the second device;
the third generation module is used for encrypting the file password through a second public key to generate a second identity certificate of the second equipment;
a third uploading module, configured to upload the second identity credential to the blockchain system.
Optionally, the apparatus further comprises:
the second acquisition module is used for acquiring a second identity certificate from the blockchain system under the condition that the file password is required to be used;
and the decryption module is used for acquiring a file password from the second identity certificate by using a second private key and decrypting the encrypted target file by using the file password, wherein the second private key and the second public key are a key pair of the second device.
The embodiment of the application provides a file transmission method, which comprises the following steps: the second device generates a file password under the condition that the first public key of the first device is determined to be in the blockchain system, then encrypts the file password through the first public key to generate a first identity certificate of the first device, and finally uploads the first identity certificate and the target file encrypted by the file password to the blockchain system, so that the first device acquires the file password from the first identity certificate by using the first private key and decrypts the encrypted target file by using the file password. This application adopts the block chain system of decentralization, avoids the server to suffer destruction then all file information can be revealed, in addition, through asymmetric encryption's mode, has improved file transmission's security.
Based on the same technical concept, an embodiment of the present invention further provides an electronic device, as shown in fig. 6, including a processor 601, a communication interface 602, a memory 603, and a communication bus 604, where the processor 601, the communication interface 602, and the memory 603 complete mutual communication through the communication bus 604,
a memory 603 for storing a computer program;
the processor 601 is configured to implement the above steps when executing the program stored in the memory 603.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the electronic equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
In a further embodiment provided by the present invention, there is also provided a computer readable storage medium having stored therein a computer program which, when executed by a processor, implements the steps of any of the methods described above.
In a further embodiment provided by the present invention, there is also provided a computer program product containing instructions which, when run on a computer, cause the computer to perform any of the methods of the above embodiments.
In the above embodiments, the implementation may be wholly or partially realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to be performed in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that includes one or more available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), among others.
It is noted that, in this document, relational terms such as "first" and "second," and the like, are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The above description is merely exemplary of the present application and is presented to enable those skilled in the art to understand and practice the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (9)
1. A method for file transfer, the method comprising:
generating a file password under the condition that a first public key of the first device is determined to exist in the blockchain system, wherein the file password is used for encrypting and decrypting a file;
encrypting the file password through the first public key to generate a first identity certificate of the first device;
uploading the first identity certificate and the target file encrypted by the file password to the blockchain system, so that the first device acquires the file password from the first identity certificate by using a first private key and decrypts the encrypted target file by using the file password, wherein the first private key and the first public key are a key pair of the first device;
wherein the generating the file password in the case that it is determined that the first public key of the first device exists in the blockchain system comprises:
under the condition that the first public key is determined to exist in the block chain system, acquiring a graph input by a user, and determining the current equipment time and the current memory allowance in the first equipment;
determining coordinate values of key points of the graph;
and generating the file password according to the coordinate value of the key point, the current equipment time and the current memory allowance.
2. The method according to claim 1, wherein the generating the file password according to the coordinate value of the key point, the current device time and the current memory margin comprises:
generating initial data according to the coordinate value of the key point, the current equipment time and the current memory allowance;
and carrying out length transformation on the initial data through a preset function, and taking the initial data with the changed length as the file password.
3. The method according to claim 2, wherein the transforming the length of the initial data by a preset function, and using the initial data with the changed length as the file password comprises:
converting the initial data from decimal data to initial binary data;
and mapping the initial binary data into binary data with a preset length through the preset function, and taking the binary data with the preset length as the file password.
4. The method of claim 1, wherein generating the file password in the case that the first public key of the first device is determined to exist in the blockchain system comprises:
acquiring an identity verification result of the first equipment;
and generating a file password if the first public key exists in the blockchain system and the identity verification result represents that the file is verified.
5. The method of claim 1, wherein after generating the file cipher if it is determined that the first public key of the first device is present in the blockchain system, the method further comprises:
acquiring a second public key of the second device;
encrypting the file password through the second public key to generate a second identity certificate of the second device;
uploading the second identity credential to the blockchain system.
6. The method of claim 5, wherein after uploading the second identity credential and the encrypted target file to the blockchain system, the method further comprises:
acquiring the second identity certificate from the blockchain system under the condition that the file password is required to be used;
and acquiring the file password from the second identity certificate by using a second private key and decrypting the encrypted target file by using the file password, wherein the second private key and the second public key are a key pair of the second device.
7. A file transfer apparatus, characterized in that the apparatus comprises:
the device comprises a first generation module, a second generation module and a third generation module, wherein the first generation module is used for generating a file password under the condition that a first public key of first equipment is determined to exist in a blockchain system, and the file password is used for encrypting and decrypting a file;
the second generation module is used for encrypting the file password through the first public key to generate a first identity certificate of the first device;
the uploading module is used for uploading the first identity certificate and the target file encrypted by the file password to the blockchain system, so that the first equipment acquires the file password from the first identity certificate by using a first private key and decrypts the encrypted target file by using the file password, wherein the first private key and the first public key are a key pair of the first equipment;
wherein the first generating module is configured to:
under the condition that the first public key is determined to exist in the block chain system, acquiring a graph input by a user, and determining the current equipment time and the current memory allowance in the first equipment;
determining coordinate values of key points of the graph;
and generating the file password according to the coordinate value of the key point, the current equipment time and the current memory allowance.
8. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any of claims 1-6 when executing a program stored in the memory.
9. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, which computer program, when being executed by a processor, carries out the method steps of any one of claims 1 to 6.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010975074.2A CN114268447B (en) | 2020-09-16 | 2020-09-16 | File transmission method and device, electronic equipment and computer readable medium |
PCT/CN2021/112828 WO2022057545A1 (en) | 2020-09-16 | 2021-08-16 | File transfer method and apparatus, electronic device and computer-readable medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010975074.2A CN114268447B (en) | 2020-09-16 | 2020-09-16 | File transmission method and device, electronic equipment and computer readable medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114268447A CN114268447A (en) | 2022-04-01 |
CN114268447B true CN114268447B (en) | 2023-04-07 |
Family
ID=80777522
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010975074.2A Active CN114268447B (en) | 2020-09-16 | 2020-09-16 | File transmission method and device, electronic equipment and computer readable medium |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN114268447B (en) |
WO (1) | WO2022057545A1 (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115761649A (en) * | 2022-12-14 | 2023-03-07 | 北京数原数字化城市研究中心 | Information processing method and device, electronic equipment and readable storage medium |
CN116488931B (en) * | 2023-05-26 | 2024-02-06 | 深圳鹏程未来技术有限公司 | Information interaction method and device based on distributed networking equipment |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101030238A (en) * | 2007-04-11 | 2007-09-05 | 北京飞天诚信科技有限公司 | Method for inputting intelligent key safety information |
CN103218569A (en) * | 2011-10-28 | 2013-07-24 | 通用汽车环球科技运作有限责任公司 | Method to replace bootloader public key |
AU2013222020A1 (en) * | 2010-12-17 | 2013-09-19 | Google Llc | Local trusted services manager for a contactless smart card |
DE102013226780A1 (en) * | 2013-12-19 | 2015-06-25 | Siemens Aktiengesellschaft | Method and device for digitally signing a file |
CN106100840A (en) * | 2016-08-25 | 2016-11-09 | 广州唯品会信息科技有限公司 | The permission modification method and device of micro services |
US10154016B1 (en) * | 2017-06-12 | 2018-12-11 | Ironclad Encryption Corporation | Devices for transmitting and communicating randomized data utilizing sub-channels |
CN109361704A (en) * | 2018-12-12 | 2019-02-19 | 深圳市网心科技有限公司 | Cloud storage data encryption and transmission method, system, equipment and storage medium |
CN110611657A (en) * | 2019-08-16 | 2019-12-24 | 中国人民银行数字货币研究所 | File stream processing method, device and system based on block chain |
CN110830256A (en) * | 2018-08-14 | 2020-02-21 | 珠海金山办公软件有限公司 | File signature method and device, electronic equipment and readable storage medium |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101123495A (en) * | 2007-09-07 | 2008-02-13 | 农革 | A data encryption, decryption system and method |
CN101409618B (en) * | 2008-11-24 | 2011-01-26 | 农革 | Method for encrypting and deciphering multi-reader document |
US10637665B1 (en) * | 2016-07-29 | 2020-04-28 | Workday, Inc. | Blockchain-based digital identity management (DIM) system |
US10601585B1 (en) * | 2016-12-16 | 2020-03-24 | EMC IP Holding Company LLC | Methods and apparatus for blockchain encryption |
CN111506549B (en) * | 2020-04-16 | 2023-07-14 | 深圳市迅雷网络技术有限公司 | File processing system, method, equipment and storage medium based on block chain |
CN111541678A (en) * | 2020-04-17 | 2020-08-14 | 上海朝夕网络技术有限公司 | Block chain-based proxy re-encryption method, system and storage medium |
CN111224788B (en) * | 2020-04-21 | 2020-07-24 | 国网区块链科技(北京)有限公司 | Electronic contract management method, device and system based on block chain |
-
2020
- 2020-09-16 CN CN202010975074.2A patent/CN114268447B/en active Active
-
2021
- 2021-08-16 WO PCT/CN2021/112828 patent/WO2022057545A1/en active Application Filing
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101030238A (en) * | 2007-04-11 | 2007-09-05 | 北京飞天诚信科技有限公司 | Method for inputting intelligent key safety information |
AU2013222020A1 (en) * | 2010-12-17 | 2013-09-19 | Google Llc | Local trusted services manager for a contactless smart card |
CN103218569A (en) * | 2011-10-28 | 2013-07-24 | 通用汽车环球科技运作有限责任公司 | Method to replace bootloader public key |
DE102013226780A1 (en) * | 2013-12-19 | 2015-06-25 | Siemens Aktiengesellschaft | Method and device for digitally signing a file |
CN106100840A (en) * | 2016-08-25 | 2016-11-09 | 广州唯品会信息科技有限公司 | The permission modification method and device of micro services |
US10154016B1 (en) * | 2017-06-12 | 2018-12-11 | Ironclad Encryption Corporation | Devices for transmitting and communicating randomized data utilizing sub-channels |
CN110830256A (en) * | 2018-08-14 | 2020-02-21 | 珠海金山办公软件有限公司 | File signature method and device, electronic equipment and readable storage medium |
CN109361704A (en) * | 2018-12-12 | 2019-02-19 | 深圳市网心科技有限公司 | Cloud storage data encryption and transmission method, system, equipment and storage medium |
CN110611657A (en) * | 2019-08-16 | 2019-12-24 | 中国人民银行数字货币研究所 | File stream processing method, device and system based on block chain |
Non-Patent Citations (2)
Title |
---|
图文混沌加密在互联网传输的多格式处理与识别;杨红等;《计算机辅助设计与图形学学报》;20050120(第01期);全文 * |
基于SGX的虚拟机动态迁移安全增强方法;石源等;《通信学报》;20170925(第09期);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN114268447A (en) | 2022-04-01 |
WO2022057545A1 (en) | 2022-03-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP7181539B2 (en) | METHOD AND APPARATUS FOR MANAGING USER IDENTIFICATION AND AUTHENTICATION DATA | |
US11356280B2 (en) | Personal device security using cryptocurrency wallets | |
CN109951489B (en) | Digital identity authentication method, equipment, device, system and storage medium | |
US11349645B2 (en) | Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys | |
CN109862041B (en) | Digital identity authentication method, equipment, device, system and storage medium | |
WO2020073513A1 (en) | Blockchain-based user authentication method and terminal device | |
CN110188551B (en) | Policy encryption transmission method and system | |
CN108696518B (en) | Block chain user communication encryption method and device, terminal equipment and storage medium | |
WO2021190197A1 (en) | Method and apparatus for authenticating biometric payment device, computer device and storage medium | |
TW201911145A (en) | License management system and method using blockchain | |
CN114268447B (en) | File transmission method and device, electronic equipment and computer readable medium | |
WO2021098152A1 (en) | Blockchain-based data processing method, device, and computer apparatus | |
JP7250960B2 (en) | User authentication and signature device using user biometrics, and method thereof | |
CN113722749A (en) | Data processing method and device for block chain BAAS service based on encryption algorithm | |
CN117176353A (en) | Method and device for processing data | |
CN114238915A (en) | Digital certificate adding method and device, computer equipment and storage medium | |
US11343078B2 (en) | System and method for secure input at a remote service | |
US20210279348A1 (en) | Secure access control processes | |
Wang et al. | A three-factor two-way identity authentication scheme in mobile internet | |
CN115277074A (en) | Encryption and decryption method, device, equipment and storage medium | |
KR20210126944A (en) | Method for Sharing Secret Information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |