CN117997550A - Block chain-based hidden communication method and device - Google Patents
Block chain-based hidden communication method and device Download PDFInfo
- Publication number
- CN117997550A CN117997550A CN202410397231.4A CN202410397231A CN117997550A CN 117997550 A CN117997550 A CN 117997550A CN 202410397231 A CN202410397231 A CN 202410397231A CN 117997550 A CN117997550 A CN 117997550A
- Authority
- CN
- China
- Prior art keywords
- data
- file
- transaction
- blockchain
- ipfs
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 74
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000012795 verification Methods 0.000 claims abstract description 29
- 230000003071 parasitic effect Effects 0.000 claims abstract description 23
- 239000000284 extract Substances 0.000 claims abstract description 4
- 230000001360 synchronised effect Effects 0.000 claims abstract description 3
- 206010010099 Combined immunodeficiency Diseases 0.000 claims description 33
- 238000004590 computer program Methods 0.000 claims description 22
- 238000001360 collision-induced dissociation Methods 0.000 claims description 4
- 230000011218 segmentation Effects 0.000 claims description 2
- 230000001502 supplementing effect Effects 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 description 11
- 238000012360 testing method Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 5
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013075 data extraction Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000006798 recombination Effects 0.000 description 1
- 238000005215 recombination Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a hidden communication method and a device based on a blockchain, wherein the method comprises the steps that an information sender encrypts and divides a file F signature into a plurality of subfiles, and the subfiles are respectively uploaded to IPFS to return identifiers CID corresponding to each file; splicing each identifier CID to obtain data M, encrypting the data M, and embedding the encrypted data M into ring signature verification data of the transaction; the information receiver synchronous blockchain network identifies parasitic transaction, acquires ring signature verification data and decrypts the ring signature verification data to obtain data M, then extracts an identifier CID of each file, acquires a corresponding encrypted file from the IPFS system, splices data of the corresponding file according to the position of the identifier CID in the data M, and verifies the data to complete communication. Compared with the related art, the block chain-based covert communication method and device provided by the invention can reduce the cost of covert communication and improve the throughput rate of covert communication.
Description
Technical Field
The present invention relates to the field of blockchains, and in particular to the field of communications where security for file transfer is required.
Background
At present, the hidden communication based on the blockchain network has the problems of incapability of transmitting large files, high communication cost and low communication throughput rate.
The patent application with the bulletin number of CN114493593B discloses a multi-block chain hidden communication method, and provides a method for using random numbers in a block chain signature as a carrier of hidden communication data, wherein the method has a good information hidden effect, but the signature random number is 32 bytes, namely, at most 32 bytes of data are transmitted in each block chain transaction, and if utf-8 coding is used, at most 10 Chinese characters are transmitted. Patent application publication No. CN112532613A discloses a hidden communication method based on a block chain address, and the encrypted data is embedded into public key hash, so that the method also has the problem of small transmission data volume.
Secondly, the current blockchain hidden communication is mostly based on a public chain main network mode, and the patent application with the bulletin number of CN112383526B discloses a hidden communication method under the blockchain realized by using an intelligent contract, and the public chain main network mode is used for transmitting data, so that not only is very high transaction cost required, but also the throughput rate is very low.
Therefore, there is a need to provide a new type of blockchain-based covert communication method and device to overcome the above-mentioned drawbacks.
Disclosure of Invention
The invention aims to provide a novel block chain-based covert communication method and device, which can reduce the cost of covert communication and improve the throughput rate of covert communication.
In order to achieve the above object, the present invention provides a block chain based covert communication method, comprising:
The two communication parties construct safety channel initialization communication information, an information sender encrypts a file F signature, divides the file F signature into a plurality of subfiles, uploads the subfiles to IPFS respectively, and IPFS returns an identifier CID corresponding to each file; splicing each identifier CID to obtain data M, encrypting the data M through parasitic transaction, embedding ring signature verification data of the transaction, and broadcasting in a blockchain network;
The information receiver synchronous block chain network identifies parasitic transaction, acquires ring signature verification data and decrypts the data to obtain data M; and then extracting the identifier CID of each file from the data M, acquiring the corresponding encrypted file from the IPFS system, splicing the data of the corresponding file according to the position of the identifier CID in the data M, and verifying the data to finish communication.
The invention also provides a block chain-based covert communication device, which comprises:
IPFS system for distributed storage file and returning corresponding identifier CID;
The encryption module is used for encrypting and decrypting the information uploaded by the IPFS system;
The ring signature module is used for constructing parasitic transaction and generating ring signature verification data;
The safety channel module is used for carrying out safety communication and exchanging keys by two communication parties;
and the blockchain network is used for broadcasting and storing parasitic transactions and ring signature verification data.
The present invention also provides a computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the blockchain-based covert communication method.
The invention also provides a computer terminal comprising a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the processor realizes the steps of the block chain-based covert communication method when executing the computer program.
Compared with the related art, the invention uses IPFS to store the target file, uses the ring signature verification data as a carrier of the target file identification data, embeds the file identification data into the ring signature verification data, and ensures the safe transmission of the file identification; the cost of the hidden communication is greatly reduced, the communication efficiency is improved, and the throughput rate of the hidden communication is improved; the ring signature can play a good role in information hiding.
Drawings
For a clearer description of the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments are briefly introduced below, the drawings in the following description are only some embodiments of the present invention, and other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art, wherein:
FIG. 1 is a flow chart of a blockchain-based covert communication method of the present invention;
FIG. 2 is a block chain based covert communication method of the present invention constructed and transmitted data flow diagram;
FIG. 3 is a flow chart of a target transaction created by the blockchain-based covert communication method of the present invention;
FIG. 4 is a block chain based covert communication method of the present invention for obtaining transaction data flow chart.
Detailed Description
The following description of the technical solutions in the embodiments of the present invention will be clear and complete, and it is obvious that the described embodiments are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Based on the unique ring signature algorithm (clsag) data structure of the blockchain, the transaction validity verification logic and the characteristics of IPFS distributed storage files, the invention designs a scheme for concealing transmission of big data, perfectly fuses the characteristics of IPFS distributed storage big data with concealing communication, and realizes file transmission with high concealing property and safety.
The information sender transmits the file F to the receiver through a blockchain network, the system communication flow is shown in fig. 1, and the communication steps are as follows:
after the information sender encrypts the F signature, the F signature is divided into a plurality of subfiles, and the subfiles are respectively uploaded to IPFS, and IPFS returns an identifier CID corresponding to each file;
The sender splices each CID according to the sequence of file segmentation to obtain data M; the sender constructs a parasitic transaction, M is encrypted and then is embedded into ring signature verification data of the transaction, and a receiver address agreed in advance is used as a target address in a constructed transaction function parameter;
The information sender broadcasts the parasitic transaction in the blockchain network;
the information receiver synchronizes the blockchain network and recognizes parasitic transaction by scanning the public key;
the information receiver acquires ring signature verification data from the transaction, then completes the extraction and recombination of information from the verification data, and decrypts the obtained data to obtain plaintext information M;
The receiver extracts CID of each file from M, acquires corresponding encrypted files from IPFS system, and splices data of the corresponding files according to the position of CID in M;
And finally, decrypting the data by using the agreed symmetric key, and verifying the data by using the public key of the sender, if the verification is passed, reading the data, otherwise, discarding the data.
The construction of the transmission data is shown in fig. 2. The detailed scheme is as follows:
1.1 initializing communication information
Firstly, the sender and the receiver need to establish a secure channel, then transmit their own public key to the other party via the secure channel, and the two parties need to agree on the key used for encrypting the information, such as the public key of the receiverSender's public keyAnd symmetric key/>, for information encryption。
1.2 Generation of embedded target data
After the initial information acquisition is completed, the file F to be transmitted by the sender is signed by using its own private key, so as to obtain Fs:
where S key is the sender private key.
The sender then uses the symmetric key obtained by the previous negotiationEncrypting Fs to obtain ciphertext Fc:
(1) Uploading the target file to IPFS:
For example, to further protect ciphertext information, ciphertext is divided into 4 shares and stored in different files, respectively:
After uploading the subfiles to the IPFS network, a unique identifier CID is generated for the uploaded target file, 46 bytes each. In the case of performing the covert communication using the ring signature, the transmission data amount is 210 bytes, so that the ciphertext is divided into four parts at most. Note that in this embodiment, the ciphertext is divided into 4 parts for explanation, but not limited to this. As described above, since each CID is 46 bytes here, the ciphertext is divided into four parts at maximum in view of the 210 bytes of transmission data amount in consideration of a single transaction, which is optionally but not limited to 2 parts, 3 parts, or 4 parts of this embodiment. Of course, if the ciphertext is divided into more shares, it is possible that only transmission through multiple transactions is required.
Uploading the generated four files to IPFS respectively to obtain corresponding CIDs, namely:
;
;
;
;
(2) CID data concatenation and encryption:
splicing the four CIDs to obtain M:
Then encrypt M using the recipient public key to obtain ciphertext C:
the negotiated symmetric key is not used in order to prevent the negotiated symmetric key from being leaked, resulting in full data leakage. Even though the efficiency of the asymmetric key encryption is low, the data amount of the encrypted data M is small, and the overall operation rate of the system is not affected basically.
(3) Assembling target data: creating a target transaction as shown in FIG. 3;
acquiring the Length of the encrypted data C, and hashing the Length to obtain a hash value :
The first byte after hashing the encrypted data length (used to identify the location of the embedded data, used in the data acquisition), the encrypted data length and the encrypted data are assembled into temporary data TmpData:
the ring signature stores up to 210 bytes of data, so the final TmpData should be less than 210 bytes in length. To match the coin data embedding format, if TmpData is less than 210 bytes in length, tmpData will be padded to 210 bytes using random data. Let the random data be The final uplink data is/>Then:
(4) Embedding data:
The data is passed into the blockchain system by modifying the create transaction interface, and then modifying the transaction build function. After the generation of the random number, the system will take the remainder of using a large prime number, the high order bits are lost, the low order bits (total 14 bytes) are reserved, and the low order 14 bytes will be used to hold the data. Dividing the target data DstData into n-1 parts (n is the total number of random numbers)
After each generation of random numbers and modulo, the target data segment is usedThe lower 14 bytes in the random number are replaced until the data is fully embedded. Wherein i is more than or equal to 0 and less than or equal to n-2,/>Representing the i+1st piece of target data. Exemplary,/>Representing a first piece of target data,/>Representing the n-2 th target data segment; /(I)To/>N-1 parts of the target data fragment are represented.
(5) And (3) transaction sending:
after information is embedded, the system automatically creates an original parasitic transaction, signs the original parasitic transaction, and finally issues the transaction to a blockchain test network.
1.3 Data extraction, and the flow chart of the receiving party obtaining the data is shown in fig. 4.
After broadcasting the parasitic transaction in the blockchain network, the information receiver synchronizes the transaction broadcasted in the network by accessing the blockchain network to form a transaction set. And then verifying the destination address fields of all transactions in the set by using the tracking key, and if the verification is passed, obtaining the target parasitic transaction.
After identifying the target transaction, the information receiver first extracts random data from the target parasitic transaction. The length of the data embedded in each random number is then hashed:
Notably, the With/>, as described aboveThe same value is only different for the user that calculated the value. The foregoing calculation/>Is the sender; here calculate/>Is the recipient. Determine its first byte/>FristByte in the data portion, if equal, storing the target data in the random number, and being the beginning position of the target data. Then, the first byte of the appended random data, the data length and the length hash are removed according to the data length, the target encrypted data C is obtained, and the key/>, agreed in advance, is usedDecrypting the ciphertext C to obtain target information M:
。
Where R key is the recipient private key.
M should be 184 bytes in data length (four CIDs are stored, each CID being 46 bytes), and if not, the data processing is ended. Divide M into four portions:
Wherein the method comprises the steps of Representing CID of file stored in IPFS system, receiver starts IPFS system and passes received CID/>Obtaining an encrypted file stored in IPFS:
;
;
;
;
According to Will/>Splicing the data of the four files to obtain a final encrypted file/>:
Using agreed symmetric keysDecrypting the Fc to obtain a target file containing the sender signature:
verifying the correctness of the signature using the sender public key:
If result is correct, the file is read Otherwise, the file is discarded.
In order to solve the problems of high transaction cost and low throughput based on public network hidden communication, the hidden communication uses a blockchain test network as a base network of the hidden communication. Because the hidden communication does not require long-term storage of data, normal operation of the hidden communication is not affected even if a test network is restarted; the amount of money consumed in the test network is small and can be basically ignored, so that the problem of high hidden communication cost is solved; the throughput in the test network is higher than that of the main network, so that the problem of low public link throughput is solved; the test network is also a block chain, and nodes around the world synchronize data, so that the requirement of transmitting files across areas is not affected.
Compared with the related art, the invention has the following beneficial effects: the invention provides that IPFS is used for storing the target file, the large data is hidden and shared, a sender can share any data to a receiver, and the size of the transmission data is not limited. And IPFS is a distributed database, the nodes are distributed around the world, and the transmission of the cross-regional data is not affected.
The block chain ring signature verification data is used as a carrier of target file identification data, the file identification data is embedded into the ring signature verification data, the data after the embedding and the data before the embedding are not essentially different, the generated transaction is effective, the verification can be normally passed, and the safe transmission of the file identification is ensured. Because the invention uses the test network as the bottom layer block chain network of the hidden communication, the test network has very high throughput and the transaction fee is basically negligible. The cost of the hidden communication is greatly reduced, and the practicability of the hidden communication is improved. The ring signature verification data is used as a data carrier, normal uplink and verification of transaction are not affected, and the target field after embedding cannot be distinguished, so that the ring signature verification data has no essential difference, and a good information hiding effect is achieved.
Finally, the invention cuts the data to be uploaded to IPFS into a plurality of files and respectively uploads the data to IPFS, and even if part of file data is cracked, the true data cannot be obtained. That is to say: the file uploaded to IPFS is different small files after the ciphertext is cut, so that on one hand, the risk of combining the ciphertext by an adversary can be reduced; on the other hand, the ciphertext of CID is transmitted in the blockchain, but not the plaintext, so that even if an adversary knows the embedded data in the transaction and knows the embedded scheme, the adversary cannot acquire the real data.
The task unloading device comprises IPFS system for distributing storage file and returning corresponding identifier CID;
The encryption module is used for encrypting and decrypting the information uploaded by the IPFS system;
The ring signature module is used for constructing parasitic transaction and generating ring signature verification data;
The safety channel module is used for carrying out safety communication and exchanging keys by two communication parties;
and the blockchain network is used for broadcasting and storing parasitic transactions and ring signature verification data.
In another aspect, the present invention also provides a computer readable storage medium storing a computer program which, when executed by a processor, implements the steps of the blockchain-based covert communication method described above.
An extension of another aspect of the present invention also provides a computer terminal including a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the blockchain-based covert communication method described above when the computer program is executed.
The processor, when executing the computer program, performs the functions of the modules/units in the above-described device embodiments. The computer program may be divided into one or more modules/units, which are stored in the memory and executed by the processor to accomplish the present invention, for example. The one or more modules/units may be a series of computer program instruction segments capable of performing the specified functions, which instruction segments are used for describing the execution of the computer program in the terminal device.
The computer terminal can be a desktop computer, a notebook computer, a palm computer, a cloud server and other computing devices. May include, but is not limited to, a processor, memory. More or fewer components may be included or certain components may be combined, or different components may be included, for example, in input and output devices, network access devices, buses, etc.
The Processor may be a central processing unit (Central Processing Unit, CPU), but may also be other general purpose processors, digital signal processors (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), off-the-shelf Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory may be an internal storage unit, such as a hard disk or a memory. The memory may also be an external storage device such as a plug-in hard disk, a smart memory card (SMART MEDIA CARD, SMC), a Secure Digital (SD) card, a flash memory card (FLASH CARD), or the like. Further, the memory may also include both internal storage units and external storage devices. The memory is used for storing the computer program and other programs and data. The memory may also be used to temporarily store data that has been output or is to be output.
It will be apparent to those skilled in the art that, for convenience and brevity of description, only the above-described division of the functional units and modules is illustrated, and in practical application, the above-described functional distribution may be performed by different functional units and modules according to needs, i.e. the internal structure of the apparatus is divided into different functional units or modules to perform all or part of the above-described functions. The functional units and modules in the embodiment may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit, where the integrated units may be implemented in a form of hardware or a form of a software functional unit. In addition, the specific names of the functional units and modules are only for distinguishing from each other, and are not used for limiting the protection scope of the present application. The specific working process of the units and modules in the above system may refer to the corresponding process in the foregoing method embodiment, which is not described herein again.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In the embodiments provided in the present invention, it should be understood that the disclosed apparatus/terminal device and method may be implemented in other manners. For example, the apparatus/terminal device embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical function division, and there may be additional divisions in actual implementation, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated modules/units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth. It should be noted that the computer readable medium contains content that can be appropriately scaled according to the requirements of jurisdictions in which such content is subject to legislation and patent practice, such as in certain jurisdictions in which such content is subject to legislation and patent practice, the computer readable medium does not include electrical carrier signals and telecommunication signals.
The foregoing description is only illustrative of the present invention and is not intended to limit the scope of the invention, and all equivalent structures or equivalent processes or direct or indirect application in other related technical fields are included in the scope of the present invention.
Claims (9)
1. A blockchain-based covert communication method, comprising:
The two communication parties construct safety channel initialization communication information, an information sender encrypts a file F signature, divides the file F signature into a plurality of subfiles, uploads the subfiles to IPFS respectively, and IPFS returns an identifier CID corresponding to each file; splicing each identifier CID to obtain data M, encrypting the data M through parasitic transaction, embedding ring signature verification data of the transaction, and broadcasting in a blockchain network;
The information receiver synchronous block chain network identifies parasitic transaction, acquires ring signature verification data and decrypts the data to obtain data M; and then extracting the identifier CID of each file from the data M, acquiring the corresponding encrypted file from the IPFS system, splicing the data of the corresponding file according to the position of the identifier CID in the data M, and verifying the data to finish communication.
2. The blockchain-based covert communication method of claim 1, wherein the constructing the secure channel initialization communication information by the two communication parties includes: the public keys of both parties of communication are transmitted to each other through a secure channel, and both parties agree on the key used for encrypting the information.
3. The blockchain-based covert communication method of claim 2, wherein the step of the information sender encrypting the file F signature, dividing the file F signature into a plurality of subfiles, uploading the subfiles to IPFS, and returning the identifier CID corresponding to each file IPFS includes:
The file F to be transmitted by the information sender is signed by using the private key of the information sender, so that Fs is obtained:
;
S key is a sender private key;
symmetric key using negotiation Encrypting Fs to obtain ciphertext Fc:
;
Uploading the target file to IPFS, dividing the ciphertext into alpha parts and respectively storing the alpha parts in different files, wherein the method comprises the following steps of:
;
after uploading the subfiles to IPFS network, a unique identifier CID is generated for the uploaded target file:
;
;
。
4. The blockchain-based covert communication method of claim 3, wherein the concatenating each identifier CID to obtain data M, then encrypting the data M by a parasitic transaction, embedding the transaction's ring signature verification data, and broadcasting in the blockchain network comprises:
splicing the alpha CIDs to obtain M:
;
Then encrypt M using the recipient public key to obtain ciphertext C:
;
acquiring the Length of the encrypted data C, and hashing the Length to obtain a hash value :
;
The first byte after the encrypted data length hash, the encrypted data length, and the encrypted data are assembled into temporary data TmpData:
;
Random data will be used And (3) supplementing TmpData to obtain uplink data as/>Then:
;
After the random number is generated, the system can take the remainder of using a large prime number, the high order is lost, the low order is reserved, and the target data DstData is divided into n-1 shares:
;
After each generation of random numbers and modulo, the target data segment is used Replacing low-order bytes in the random number until the data is completely embedded; i is more than or equal to 0 and less than or equal to n-2,/>Representing the (i+1) th target data segment;
Creating a parasitic transaction and signing, and publishing the transaction to the blockchain network.
5. The blockchain-based covert communication method of claim 4, wherein the information receiver synchronizing the blockchain network to identify the parasitic transaction, obtaining the ring signature verification data for data decryption to obtain the data M comprises:
The information receiver synchronizes the transactions broadcasted in the network by accessing the blockchain network to form a transaction set, and then verifies all the transactions in the set to identify a target transaction;
The information receiver extracts random data from the parasitic transaction, hashes the length of the data embedded in each random number:
;
Acquiring target encrypted data C and using a key Decrypting the ciphertext C to obtain data M:
;
Wherein R key is the information receiver private key.
6. The blockchain-based covert communication method of claim 5, wherein extracting the identifier CID of each file from the data M, and obtaining the corresponding encrypted file from the IPFS system, concatenating the data of the corresponding file according to the position of the identifier CID in the data M, and verifying the data to complete the communication comprises:
Segmentation of data M into α shares:
;
Wherein the method comprises the steps of Represents CID of file stored in IPFS system, information receiver receives the CID/>, through received CIDObtaining an encrypted file stored in IPFS:
;
;
;
According to Will/>Splicing the data of the alpha files to obtain an encrypted file/>:
;
Using symmetric keysDecrypting the Fc to obtain a target file containing the sender signature:
;
Verifying the correctness of the signature using the information sender public key:
。
7. an apparatus for applying the blockchain-based covert communication method of any of claims 1-6, the apparatus comprising:
IPFS system for distributed storage file and returning corresponding identifier CID;
The encryption module is used for encrypting and decrypting the information uploaded by the IPFS system;
The ring signature module is used for constructing parasitic transaction and generating ring signature verification data;
The safety channel module is used for carrying out safety communication and exchanging keys by two communication parties;
and the blockchain network is used for broadcasting and storing parasitic transactions and ring signature verification data.
8. A computer readable storage medium storing a computer program, wherein the computer program when executed by a processor implements the steps of the blockchain-based covert communication method of any of claims 1 to 6.
9. A computer terminal comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the blockchain-based covert communication method of any of claims 1 to 6 when the computer program is executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410397231.4A CN117997550B (en) | 2024-04-03 | 2024-04-03 | Block chain-based hidden communication method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410397231.4A CN117997550B (en) | 2024-04-03 | 2024-04-03 | Block chain-based hidden communication method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117997550A true CN117997550A (en) | 2024-05-07 |
| CN117997550B CN117997550B (en) | 2024-06-14 |
Family
ID=90889150
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410397231.4A Active CN117997550B (en) | 2024-04-03 | 2024-04-03 | Block chain-based hidden communication method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117997550B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112202564A (en) * | 2020-09-14 | 2021-01-08 | 成都质数斯达克科技有限公司 | Transaction transfer method and device, electronic equipment and readable storage medium |
| CN113438088A (en) * | 2021-06-28 | 2021-09-24 | 湖南天河国云科技有限公司 | Social network credit monitoring method and device based on block chain distributed identity |
| CN114462067A (en) * | 2022-03-07 | 2022-05-10 | 湖南天河国云科技有限公司 | Digital asset trusted exchange management method and device based on block chain |
| CN114493593A (en) * | 2022-01-26 | 2022-05-13 | 电子科技大学 | Multi-block chain covert communication method |
| CN114567427A (en) * | 2022-01-05 | 2022-05-31 | 北京理工大学 | Block chain concealed data segmented transmission method |
| CN114726538A (en) * | 2022-04-02 | 2022-07-08 | 湖南天河国云科技有限公司 | Covert communication method based on block link signature |
| CN115277000A (en) * | 2022-06-17 | 2022-11-01 | 湖南天河国云科技有限公司 | Information transmission method based on menuo currency |
| CN117478303A (en) * | 2023-12-28 | 2024-01-30 | 湖南天河国云科技有限公司 | Block chain hidden communication method, system and computer equipment |
| CN117640069A (en) * | 2023-10-27 | 2024-03-01 | 嵩山实验室 | Multi-party block chain hidden communication generation model based on Markov chain |
-
2024
- 2024-04-03 CN CN202410397231.4A patent/CN117997550B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112202564A (en) * | 2020-09-14 | 2021-01-08 | 成都质数斯达克科技有限公司 | Transaction transfer method and device, electronic equipment and readable storage medium |
| CN113438088A (en) * | 2021-06-28 | 2021-09-24 | 湖南天河国云科技有限公司 | Social network credit monitoring method and device based on block chain distributed identity |
| CN114567427A (en) * | 2022-01-05 | 2022-05-31 | 北京理工大学 | Block chain concealed data segmented transmission method |
| CN114493593A (en) * | 2022-01-26 | 2022-05-13 | 电子科技大学 | Multi-block chain covert communication method |
| CN114462067A (en) * | 2022-03-07 | 2022-05-10 | 湖南天河国云科技有限公司 | Digital asset trusted exchange management method and device based on block chain |
| CN114726538A (en) * | 2022-04-02 | 2022-07-08 | 湖南天河国云科技有限公司 | Covert communication method based on block link signature |
| CN115277000A (en) * | 2022-06-17 | 2022-11-01 | 湖南天河国云科技有限公司 | Information transmission method based on menuo currency |
| CN117640069A (en) * | 2023-10-27 | 2024-03-01 | 嵩山实验室 | Multi-party block chain hidden communication generation model based on Markov chain |
| CN117478303A (en) * | 2023-12-28 | 2024-01-30 | 湖南天河国云科技有限公司 | Block chain hidden communication method, system and computer equipment |
Non-Patent Citations (1)
| Title |
|---|
| 李佩丽;徐海霞;马添军;穆永恒;: "区块链技术在网络互助中的应用及用户隐私保护", 信息网络安全, no. 09, 10 September 2018 (2018-09-10) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117997550B (en) | 2024-06-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10091004B2 (en) | Large-scale simultaneous digital signature service system based on hash function and method thereof | |
| US9819494B2 (en) | Digital signature service system based on hash function and method thereof | |
| US5757913A (en) | Method and apparatus for data authentication in a data communication environment | |
| EP3761203A1 (en) | Information processing method, blockchain node, and electronic apparatus | |
| EP2302834A2 (en) | System and method for providing credentials | |
| CN112738051B (en) | Data information encryption method, system and computer readable storage medium | |
| CN110336779B (en) | Block chain construction method and device and electronic equipment | |
| CN115203749B (en) | Data transaction method and system based on block chain | |
| WO2019165175A1 (en) | System and method for securely transferring data | |
| CN107105324B (en) | Method and client for protecting bullet screen information | |
| WO2021036511A1 (en) | Method for data encryption, storage and reading, terminal device, and storage medium | |
| CN109936620B (en) | Block chain-based storage method, device, system and storage medium | |
| CN117640256B (en) | Data encryption method, recommendation device and storage medium of wireless network card | |
| CN112073196B (en) | Service data processing method and device, electronic equipment and storage medium | |
| CN111181920A (en) | Encryption and decryption method and device | |
| CN115001871A (en) | File encryption sharing method and system based on block chain technology | |
| CN113660725B (en) | Positioning anti-cheating method, device and system, computer equipment and storage medium | |
| CN114785524A (en) | Electronic seal generation method, device, equipment and medium | |
| CN109302425B (en) | Identity authentication method and terminal equipment | |
| US7574607B1 (en) | Secure pipeline processing | |
| CN113159767A (en) | Transfer processing method, device and system based on block chain | |
| CN117997550B (en) | Block chain-based hidden communication method and device | |
| CN112529550A (en) | Anonymous transfer method and device based on block chain and electronic equipment | |
| KR102689371B1 (en) | Dynamic merkle tree-based message stream generation apparatus, message streaming method and message streaming network system | |
| CN114143098A (en) | Data storage method and data storage device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |