Nothing Special   »   [go: up one dir, main page]

CN111526167A - Data transmission method and device applied to block chain - Google Patents

Data transmission method and device applied to block chain Download PDF

Info

Publication number
CN111526167A
CN111526167A CN202010637770.2A CN202010637770A CN111526167A CN 111526167 A CN111526167 A CN 111526167A CN 202010637770 A CN202010637770 A CN 202010637770A CN 111526167 A CN111526167 A CN 111526167A
Authority
CN
China
Prior art keywords
attribute information
encryption
field
transaction
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010637770.2A
Other languages
Chinese (zh)
Inventor
石宁
许小明
甘子荣
杨昕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Trusted Blockchain And Algorithm Economics Research Institute Co ltd
Original Assignee
Nanjing Trusted Blockchain And Algorithm Economics Research Institute Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Trusted Blockchain And Algorithm Economics Research Institute Co ltd filed Critical Nanjing Trusted Blockchain And Algorithm Economics Research Institute Co ltd
Priority to CN202010637770.2A priority Critical patent/CN111526167A/en
Publication of CN111526167A publication Critical patent/CN111526167A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Finance (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Economics (AREA)
  • Technology Law (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Development Economics (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a data transmission method applied to a block chain, which comprises the steps that a sending node acquires transaction information, a first preset field is extracted from the transaction attribute information and encrypted, the encrypted first encrypted field replaces the position of the original first preset field to generate encrypted attribute information, and the encrypted attribute information is sent to a receiving node along with a public key and an index record; the receiving node decrypts the encrypted attribute information according to the index record in the data packet, restores the encrypted attribute information into the transaction attribute information before encryption, and stores the data packet in a pre-established database after decryption is successful for providing verification for the subsequently received data packet, so that the same transaction information can be decrypted only once at the same receiving node; by means of encrypting the random part in the transaction attribute information, the security of transaction is guaranteed, the bad influence of bad nodes is reduced, resources consumed by data encryption during transaction between the nodes can be reduced, and the efficiency of information transmission is improved.

Description

Data transmission method and device applied to block chain
Technical Field
The present application relates to the field of block chain technologies, and in particular, to a data transmission method and apparatus applied to a block chain.
Background
The blockchain technology is a decentralized systematic idea, and can create a relatively objective anti-repudiation digital environment in a public consensus mode. The blockchain technology can ensure that network information is not changeable once being released, for example, a transaction occurs in a blockchain network, nodes in the blockchain network record the content of the transaction in a generated block and broadcast the block data over the whole network, and other nodes in the network store the block data in a synchronous or asynchronous mode to form an unchangeable blockchain.
A federation chain is essentially a large-scale private chain that, unlike public chains, is somewhat owned only by members within the federation and is easily agreed upon. The alliance chain is composed of a plurality of limited nodes, information interaction among the nodes is usually carried out in an encryption mode to ensure the safety of the nodes, when a transaction is executed, a sending node usually encrypts the whole transaction information through a public key of the node and then sends the encrypted transaction information to a receiving node, then the receiving node decrypts the whole transaction information by adopting a private key corresponding to the public key, and finally the transaction process is completed according to a verification result of the transaction information.
However, in the prior art, when each node encrypts the transaction information, the encryption operation is performed on the whole message body containing the transaction information, and with the increase of the content of the message body and the increase of the number of nodes, the system operation amount is greatly increased, which leads to obvious reduction of the efficiency of the encryption process and large occupation of system operation resources, thereby greatly reducing the transaction rate.
Disclosure of Invention
The application provides a data transmission method applied to a block chain, which aims to solve the problems of low efficiency and large resource consumption in encryption and decryption processes in the prior art.
In a first aspect, the present application provides a data encryption method applied to a block chain, which is applied to a sending node, and includes:
acquiring transaction information, wherein the transaction information comprises an information identifier and transaction attribute information;
extracting a first preset field in the transaction attribute information, and encrypting the first preset field by using an SM2 algorithm through a public key of a node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the transaction attribute information;
replacing the position of the first preset field in the transaction attribute information with the first encryption field to obtain encryption attribute information;
and sending the information identifier, the encryption attribute information, the public key and the index record to a receiving node.
In some embodiments, the encryption attribute information further includes an encryption timestamp recording time information of the first encryption field in place of the first preset field.
In some embodiments, the transaction attribute information includes a number of sub-attribute information;
the step of obtaining the encryption attribute information includes:
respectively extracting a first preset field from each piece of sub-attribute information, and encrypting the first preset field by using an SM2 algorithm through a public key of a node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the sub-attribute information;
replacing the position of the first preset field in the sub-attribute information by the first encrypted field to obtain encrypted sub-attribute information;
and merging all the encrypted sub-attribute information to obtain the encrypted attribute information.
In some embodiments, the method for extracting the first preset field includes:
and intercepting a continuous character string with the character length from a first preset position to a second preset position as a first preset field.
In a second aspect, the present application provides a data decryption method applied to a blockchain, which is applied to a receiving node, and includes:
receiving a data packet which is sent by a sending node and contains encryption attribute information, a public key and an index record;
locking the position of a first encryption field in the encryption attribute information according to the index record;
decrypting the first encrypted field through a private key of the receiving node corresponding to the public key to obtain a first preset field;
and replacing the position of the first encryption field in the encryption attribute information by the first preset field to obtain the transaction attribute information.
In some embodiments, the method further comprises:
and storing the data packet to a database.
In some embodiments, before the step of locking the position of the first encryption field in the encryption attribute information according to the index record, the method further includes:
checking whether the data packet is unique, if so, executing the step of locking the position of a first encryption field in the encryption attribute information according to the index record; and if not, feeding back information for stopping data transmission to the sending node.
In some embodiments, said checking whether said data packet is unique comprises:
according to the data packet, inquiring whether a pre-stored data packet completely identical to the data packet containing information exists in a database, and if so, obtaining a non-unique verification result of the data packet; and if the data packet does not exist, obtaining a unique verification result of the data packet.
In a third aspect, the present application provides a data encryption apparatus applied to a blockchain, corresponding to the method provided in the first aspect, the apparatus includes:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring transaction information which comprises an information identifier and transaction attribute information;
the encryption unit is used for extracting a first preset field in the transaction attribute information, and encrypting the first preset field by using an SM2 algorithm through a public key of the node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the transaction attribute information; replacing the position of the first preset field in the transaction attribute information with the first encryption field to obtain encryption attribute information;
and the sending unit is used for sending the information identifier, the encryption attribute information, the public key and the index record to a receiving node.
In some embodiments, the encryption unit is further configured to generate an encryption timestamp recording time information of the first encrypted field in place of the first preset field.
In some embodiments, the transaction attribute information includes a number of sub-attribute information;
the encryption unit comprises a plurality of encryption subunits, the encryption subunits are used for respectively extracting a first preset field from each piece of sub-attribute information, and the first preset field is encrypted by a public key of the node by adopting an SM2 algorithm to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the sub-attribute information; replacing the position of the first preset field in the sub-attribute information by the first encrypted field to obtain encrypted sub-attribute information;
the encryption unit is further configured to merge all encrypted sub-attribute information to obtain encrypted attribute information.
In some embodiments, the encryption unit is configured to intercept a continuous string of characters having a character length from a first preset position to a second preset position as the first preset field.
In a fourth aspect, the present application provides a data decryption apparatus applied to a block chain, corresponding to the method provided in the second aspect, the apparatus includes:
the receiving unit is used for receiving a data packet which is sent by a sending node and contains encryption attribute information, a public key and an index record;
the decryption unit is used for locking the position of a first encryption field in the encryption attribute information according to the index record; decrypting the first encrypted field through a private key of the receiving node corresponding to the public key to obtain a first preset field; and replacing the position of the first encryption field in the encryption attribute information by the first preset field to obtain the transaction attribute information.
In some embodiments, the apparatus further comprises:
and the storage unit is used for storing the data packet to a database.
In some embodiments, the apparatus further comprises:
the verification unit is used for verifying whether the data packet is unique, and if the data packet is unique, the step of locking the position of a first encryption field in the encryption attribute information according to the index record is executed; and if not, feeding back information for stopping data transmission to the sending node.
In some embodiments, the verification unit is further configured to query, according to the data packet, whether a pre-stored data packet identical to the data packet in information exists in the database, and if the pre-stored data packet exists, obtain a verification result that the data packet is not unique; and if the data packet does not exist, obtaining a unique verification result of the data packet.
The method comprises the steps of firstly obtaining transaction information, then extracting a first preset field from the transaction attribute information for encryption, replacing the position of the original first preset field with the encrypted first encrypted field to generate encrypted attribute information, and sending the encrypted attribute information to a receiving node along with a public key and an index record; the receiving node decrypts the encrypted attribute information according to the index record in the data packet, restores the encrypted attribute information into the transaction attribute information before encryption, and stores the data packet in a pre-established database after decryption is successful for providing verification for the subsequently received data packet, so that the same transaction information can be decrypted only once at the same receiving node; by means of encrypting the random part in the transaction attribute information, the security of transaction is guaranteed, the bad influence of bad nodes is reduced, resources consumed by data encryption during transaction between the nodes can be reduced, and the efficiency of information transmission is improved.
Drawings
In order to more clearly explain the technical solution of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious to those skilled in the art that other drawings can be obtained according to the drawings without any creative effort.
FIG. 1 is a flow chart of a data encryption method applied to a blockchain according to the present application;
FIG. 2 is a flow chart of a data encryption method applied to a blockchain according to another embodiment of the present disclosure;
FIG. 3 is a flowchart of a data decryption method applied to a blockchain according to the present application;
FIG. 4 is a flow chart of data transmission provided herein;
fig. 5 is a block diagram of a data encryption apparatus applied to a block chain according to the present application;
fig. 6 is a block diagram of a data decryption apparatus according to the present application;
fig. 7 is a block diagram of a data decryption apparatus applied to a block chain according to another embodiment of the present invention.
Detailed Description
The method and the device provided by the application aim at encrypting, transmitting and decrypting transaction information in the transaction process between any two nodes in a block chain so as to ensure the efficiency and the safety of information transmission between the nodes. Any one of the nodes may be a sending node of the transaction information, and similarly, any one of the nodes may also be a receiving node of the transaction information. According to different execution ends, the method of the application can be explained from the encryption process of the sending node and the decryption process of the receiving node respectively, the two processes are in a reversible relation in nature, the same inventive concept is adopted, and the following explanations are respectively made.
Referring to fig. 1, a flowchart of a data encryption method applied to a blockchain according to the present application is shown.
As can be seen from fig. 1, a data encryption method applied to a blockchain provided in an embodiment of the present application is applied to a sending node, and includes:
s100: acquiring transaction information, wherein the transaction information comprises an information identifier and transaction attribute information;
in this embodiment, the transaction information refers to the sum of all possible message bodies to be sent in the transaction process, and the content of the transaction information is not limited to the transaction amount, the transaction time, the information of both parties of the transaction, the transaction object, the transaction type, and the like, so that the data structure forming the transaction information at least includes an information identifier and transaction attribute information, the information identifier is a unique identifier used for distinguishing the transaction information, for example, an ID number is established as the information identifier, so that when the transaction information is sent between nodes once, the transaction information has a unique identification number (ID), which is not only convenient for query, but also beneficial for verifying the uniqueness of the transaction information.
The transaction attribute information refers to data reflecting specific attributes of a transaction, for example, an intelligent contract, a transaction execution result, an entity for sending the transaction, and the like adopted in the transaction process, and the type and the size of the transaction attribute information are different according to different transactions.
S200: extracting a first preset field in the transaction attribute information, and encrypting the first preset field by using an SM2 algorithm through a public key of a node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the transaction attribute information;
in this embodiment, before the sending node sends the transaction information to the receiving node, in order to ensure the security of the information, it needs to perform encryption processing on the data as in the prior art, but unlike the prior art, a partial encryption method is adopted to extract a part of the transaction attribute information, namely, a first preset field, and perform encryption processing, so as to obtain a first encrypted field, where the first encrypted field may be formed by encrypting any part of the transaction attribute information, and therefore, the security is also high, and the part to be subjected to encryption operation is only a small part of field, and when the content of the transaction attribute information is large, the system resources consumed by the overall encryption are greatly reduced.
In the present embodiment, the SM2 algorithm used in the node public key encryption can adopt a known algorithm, and it should be understood that the existing encryption algorithm can be applied to the present method, and therefore, it is not described in detail here.
In addition, in order to make the receiving node know which part is encrypted when performing decryption, it is necessary to generate an index record corresponding to the first preset field simultaneously with encryption.
Specifically, the method adopted when extracting the first preset field may be:
intercepting a continuous character string with a character length from a first preset position to a second preset position as a first preset field, for example, p1 is a character string representing transaction attribute information, p1 is a character sequence of 0,1,2 … n, at this time, the intercepted character length value t1 and the intercepted segment position can be determined by selecting the first preset position and the second preset position, if t1 is set to 11, the selected first preset position may be 0, the corresponding second preset position is 10, i.e., the intercepted interval is (0, 10), and likewise, the intercepted interval may also be any interval such as (10, 20), (15, 25), and so on. For the selection of the character length value t1, when t1 is larger, encrypted data is increased, which is beneficial to increasing security but consumes system resources, whereas when t1 is smaller, the system consumption is small but the relative security is reduced, so the length of t1 needs to be correspondingly set according to actual conditions.
In this embodiment, on the premise of determining the character length value t1, the position of the intercepted character is usually selected randomly, which can increase the randomness of the encryption process and ensure the security in the encryption and transmission processes.
S300: replacing the position of the first preset field in the transaction attribute information with the first encryption field to obtain encryption attribute information;
in this embodiment, the encrypted first encrypted field is used to replace the original first preset field, and on the premise of not changing the character length, the form and length of the encrypted attribute information are consistent with those of the transaction attribute information, even if the encrypted attribute information is stolen, on the premise that the corresponding index record is unknown by the stealer during encryption, the complete transaction attribute information cannot be obtained, and further, the possibility of being stolen and leaked during information transmission is avoided.
Further, the encryption attribute information further includes an encryption timestamp, and the encryption timestamp records the time information of the first encryption field instead of the first preset field; the encryption time can be recorded by adopting the encryption time stamp, and a unique identifier is provided for encryption operation.
S400: and sending the information identifier, the encryption attribute information, the public key and the index record to a receiving node.
In this embodiment, the information identifier, the encryption attribute information, the public key, and the index record may be respectively sent to the receiving node, but in this manner, the step that needs to be added before the step S400 is executed is to establish association between the above-mentioned information in the same transaction process of the same node, that is, the same transaction information corresponds to the same set of information identifier, the encryption attribute information, the public key, and the index record, so that even if the above-mentioned information is not sent at the same time, the receiving node can still execute the decryption process after receiving the above-mentioned information in the first and second times.
In addition, the information can be packaged and then sent to the receiving node, specifically, the information identifier, the encryption attribute information, the public key and the index record can be generated into a data packet in an encryption or non-encryption mode, the data packet is sent to the receiving node, after the receiving node receives the data packet, the data packet is unpacked firstly, and then corresponding operations are executed on all parts.
Further, in step S200, since the transaction attribute information may include a plurality of kinds of information representing different attributes, in a feasible embodiment shown in fig. 2, when the transaction attribute information includes a plurality of sub-attribute information, the method includes:
s210: respectively extracting a first preset field from each piece of sub-attribute information, and encrypting the first preset field by using an SM2 algorithm through a public key of a node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the sub-attribute information;
s310: replacing the position of the first preset field in the sub-attribute information by the first encrypted field to obtain encrypted sub-attribute information;
s320: and merging all the encrypted sub-attribute information to obtain the encrypted attribute information.
The above steps can be exemplified as follows:
when the transaction information acquired by the sending node is M (ID, p1, p2, p 3), where ID is an information identifier, and p1, p2, and p3 respectively represent three different types of sub-attribute information (in this example, three types are taken as an example, and the number of types is not limited), at this time, a first preset field needs to be extracted for each piece of sub-attribute information, where, when each piece of sub-attribute information is extracted, different extraction positions and extraction rules may be respectively adopted, after the processing of extracting the first preset field is performed on all pieces of sub-attribute information, a first encrypted field corresponding to each piece of sub-attribute information is correspondingly obtained, and after the first preset field is replaced by the first encrypted field, the transaction information M becomes M ' (p 1 ', p2 ', p3 ', S), where p1 ' is a character string t1 obtained by intercepting the character length of p1 from the first preset position to the second preset position, and is encrypted as t2, and then t2 is used to replace t1 in p1, s is an encryption time stamp, and at the same time, information N (N1, N2, N3) containing index records is generated, where N1, N2, N3 are index records corresponding to replacement positions in the sub-attribute information, respectively.
According to the technical scheme, at the position of the sending node, the method provided by the application firstly obtains the transaction information, then extracts the first preset field from the transaction attribute information for encryption, replaces the position of the original first preset field with the encrypted first encrypted field to generate encrypted attribute information, and sends the encrypted attribute information to the receiving node along with the public key and the index record.
Referring to fig. 3, it is a flowchart of a data decryption method applied to a blockchain according to the present application;
as can be seen from fig. 3, in correspondence to the above data encryption method, the data decryption method of the method provided by the present application when applied to the receiving node includes:
s500: receiving a data packet which is sent by a sending node and contains encryption attribute information, a public key and an index record;
in this embodiment, the data packet received from the sending node in step S500 corresponds to the content sent in step S400, and if the sending node sends the encryption attribute information, the public key and the index record separately, the data packet in this location only represents the general name of the data, and if the sending node sends the data after packaging (compressing, encrypting, etc.) the data, the data packet in this location refers to the packaged data packet file.
Further, if the packed data packet file is received in this step, the receiving node may further complete unpacking of the packed file after receiving the data packet file, and specifically may execute an inverse process according to the packing process of the sending node to split the packed file into the encrypted attribute information, the public key, and the index record.
S600: locking the position of a first encryption field in the encryption attribute information according to the index record;
in this embodiment, it can be known which string is the first encrypted field after being replaced in the whole encryption attribute information through the index record, so that the string is extracted to be decrypted.
S700: decrypting the first encrypted field through a private key of the receiving node corresponding to the public key to obtain a first preset field;
the receiving node prestores a private key corresponding to the public key when the sending node encrypts, and is used for decrypting the first encrypted field, wherein the reverse operation process of the SM2 algorithm is also carried during decryption, which is not described herein again, this step is the reverse operation process of S200, and the obtained first preset field is completely the same as that before encryption.
S800: and replacing the position of the first encryption field in the encryption attribute information by the first preset field to obtain the transaction attribute information.
In this embodiment, if the receiving node can correctly decrypt the received data packet and the finally obtained transaction attribute information is the transaction information that the sending node wants to send, it is determined that the transmission of the transaction data is completed, therefore, steps S600 to S800 may be regarded as a verification process of the current receiving node for sending the transaction information to the sending node, and if the verification is successful, in one feasible embodiment, the method further includes:
s900: storing the data packet to a database;
the data packet refers to encrypted attribute information, a public key and an index record, that is, the above-mentioned M '(ID, p 1', p2 ', p 3', S), which are sent from a sending node and encrypted, and if the data packet is successfully decrypted by a certain receiving node, the data packet is stored in a pre-established database after the decryption is successful, and related information of the data packet, such as decrypted node information, decryption time and the like, is stored in the database. The data packet sent by the sending node can be prevented from being decrypted by one receiving node for multiple times by the arrangement, the same transaction information can be decrypted only once in the same node, and the safety is improved.
In this embodiment, the data packet after decryption is stored in the form of a database, which can reduce the storage capacity of the node and improve the processing capability of the node on the one hand, and is beneficial to the node to retrieve data and perform data processing and analysis control in the database on the other hand.
Correspondingly, in the data transmission flow chart shown in fig. 4, the method may add a checking step:
s510: checking whether the data packet is unique, if so, if not, executing the step of locking the position of the first encryption field in the encryption attribute information according to the index record; if the data packet is not unique, the data packet is decrypted by the receiving node and is not decrypted again, and then information for stopping data transmission is fed back to the sending node.
Specifically, the step of checking whether the data packet is unique includes:
s511: according to the data packet, inquiring whether a pre-stored data packet completely identical to the data packet containing information exists in a database, and if so, obtaining a non-unique verification result of the data packet; and if the data packet does not exist, obtaining a unique verification result of the data packet.
According to the technical scheme, at the position of a receiving node, the method provided by the application receives the data packet sent by the sending node, decrypts the encrypted attribute information according to the index record in the data packet, restores the encrypted attribute information into the transaction attribute information before encryption, stores the data packet in a pre-established database after decryption is successful, and is used for providing verification for the subsequently received data packet, so that the same transaction information can be decrypted only once at the same receiving node, the transaction safety is improved, in addition, the decryption also adopts a random part decryption mode, the resource consumed for data decryption during transaction between nodes can be reduced, and the information transmission efficiency is improved.
Referring to fig. 5, a block chain applied data encryption device according to the present invention is shown;
as can be seen from fig. 5, the present application provides a data encryption apparatus applied to a blockchain, corresponding to the data encryption method described above, including:
the system comprises an acquisition unit 10, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring transaction information which comprises an information identifier and transaction attribute information;
the encryption unit 20 is configured to extract a first preset field in the transaction attribute information, and encrypt the first preset field by using an SM2 algorithm through a public key of the node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the transaction attribute information; replacing the position of the first preset field in the transaction attribute information with the first encryption field to obtain encryption attribute information;
and a sending unit 30, configured to send the information identifier, the encryption attribute information, the public key, and the index record to a receiving node.
Further, the encryption unit is further configured to generate an encryption timestamp, where the encryption timestamp records time information of the first encryption field instead of the first preset field.
Further, the transaction attribute information comprises a plurality of pieces of sub-attribute information;
the encryption unit 20 comprises a plurality of encryption subunits 21, wherein the encryption subunits 21 are configured to extract a first preset field from each piece of sub-attribute information, and encrypt the first preset field by using an SM2 algorithm through a public key of a node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the sub-attribute information; replacing the position of the first preset field in the sub-attribute information by the first encrypted field to obtain encrypted sub-attribute information;
the encryption unit 20 is further configured to combine all encrypted sub-attribute information to obtain encrypted attribute information.
Further, the encryption unit 20 is further configured to intercept a continuous character string with a character length from a first preset position to a second preset position as the first preset field.
Referring to fig. 6, a block chain applied data decryption apparatus according to the present invention is shown;
as can be seen from fig. 6, corresponding to the above data decryption method, the present application provides a data decryption apparatus applied to a blockchain, including:
a receiving unit 40, configured to receive a data packet containing encryption attribute information, a public key, and an index record sent from a sending node;
a decryption unit 50, configured to lock a position of a first encrypted field in the encrypted attribute information according to the index record; decrypting the first encrypted field through a private key of the receiving node corresponding to the public key to obtain a first preset field; and replacing the position of the first encryption field in the encryption attribute information by the first preset field to obtain the transaction attribute information.
Further, in a possible embodiment shown in fig. 7, the apparatus further comprises:
and the storage unit 60 is used for storing the data packet to a database.
Further, the apparatus further comprises:
a checking unit 70, configured to check whether the data packet is unique, and if so, perform the step of locking the position of the first encryption field in the encryption attribute information according to the index record; and if not, feeding back information for stopping data transmission to the sending node.
Further, the checking unit 70 is further configured to query, according to the data packet, whether a pre-stored data packet identical to the data packet in information exists in the database, and if so, obtain a checking result that the data packet is not unique; and if the data packet does not exist, obtaining a unique verification result of the data packet.
For the functions of the apparatus in the above embodiment, the functional roles of the structural units in executing the above method are referred to the descriptions in the above method embodiments, and are not described herein again.
The steps of a method or algorithm described in this application may be embodied directly in hardware, in a software element executed by a processor, or in a combination of the two. The software cells may be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. For example, a storage medium may be coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an ASIC, which may be located in a UE. In the alternative, the processor and the storage medium may reside in different components in the UE.
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.
It will be understood that the invention is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

Claims (16)

1. A data encryption method applied to a blockchain, applied to a sending node, the method comprising:
acquiring transaction information, wherein the transaction information comprises an information identifier and transaction attribute information;
extracting a first preset field in the transaction attribute information, and encrypting the first preset field by using an SM2 algorithm through a public key of a node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the transaction attribute information;
replacing the position of the first preset field in the transaction attribute information with the first encryption field to obtain encryption attribute information;
and sending the information identifier, the encryption attribute information, the public key and the index record to a receiving node.
2. The data encryption method applied to the blockchain according to claim 1, wherein the encryption attribute information further includes an encryption time stamp recording time information of the first encryption field in place of the first preset field.
3. The data encryption method applied to the block chain according to claim 1, wherein the transaction attribute information includes a plurality of sub-attribute information;
the step of obtaining the encryption attribute information includes:
respectively extracting a first preset field from each piece of sub-attribute information, and encrypting the first preset field by using an SM2 algorithm through a public key of a node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the sub-attribute information;
replacing the position of the first preset field in the sub-attribute information by the first encrypted field to obtain encrypted sub-attribute information;
and merging all the encrypted sub-attribute information to obtain the encrypted attribute information.
4. The method according to claim 1 or 3, wherein the first predetermined field is extracted by:
and intercepting a continuous character string with the character length from a first preset position to a second preset position as a first preset field.
5. A data decryption method applied to a blockchain is applied to a receiving node, and is characterized in that the method comprises the following steps:
receiving a data packet which is sent by a sending node and contains encryption attribute information, a public key and an index record;
locking the position of a first encryption field in the encryption attribute information according to the index record;
decrypting the first encrypted field through a private key of the receiving node corresponding to the public key to obtain a first preset field;
and replacing the position of the first encryption field in the encryption attribute information by the first preset field to obtain the transaction attribute information.
6. The method for decrypting data of an application and a blockchain according to claim 5, wherein the method further comprises:
and storing the data packet to a database.
7. The method for decrypting data of an application and a blockchain according to claim 6, wherein before the step of locking the position of the first encryption field in the encryption attribute information according to the index record, the method further comprises:
checking whether the data packet is unique, if so, executing the step of locking the position of a first encryption field in the encryption attribute information according to the index record; and if not, feeding back information for stopping data transmission to the sending node.
8. The method according to claim 7, wherein the checking whether the data packet is unique comprises:
according to the data packet, inquiring whether a pre-stored data packet completely identical to the data packet containing information exists in a database, and if so, obtaining a non-unique verification result of the data packet; and if the data packet does not exist, obtaining a unique verification result of the data packet.
9. A data encryption apparatus, application and transmitting node, applied to a blockchain, the apparatus comprising:
the system comprises an acquisition unit, a processing unit and a processing unit, wherein the acquisition unit is used for acquiring transaction information which comprises an information identifier and transaction attribute information;
the encryption unit is used for extracting a first preset field in the transaction attribute information, and encrypting the first preset field by using an SM2 algorithm through a public key of the node to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the transaction attribute information; replacing the position of the first preset field in the transaction attribute information with the first encryption field to obtain encryption attribute information;
and the sending unit is used for sending the information identifier, the encryption attribute information, the public key and the index record to a receiving node.
10. The data encryption device applied to the blockchain according to claim 9,
the encryption unit is further configured to generate an encryption timestamp recording time information of the first encrypted field in place of the first preset field.
11. The data encryption device applied to the blockchain according to claim 9, wherein the transaction attribute information includes a plurality of sub-attribute information;
the encryption unit comprises a plurality of encryption subunits, the encryption subunits are used for respectively extracting a first preset field from each piece of sub-attribute information, and the first preset field is encrypted by a public key of the node by adopting an SM2 algorithm to obtain a first encrypted field; simultaneously generating an index record of the first preset field in the sub-attribute information; replacing the position of the first preset field in the sub-attribute information by the first encrypted field to obtain encrypted sub-attribute information;
the encryption unit is further configured to merge all encrypted sub-attribute information to obtain encrypted attribute information.
12. The data encryption device applied to the blockchain according to claim 9 or 11, wherein the encryption unit is configured to intercept a continuous character string having a character length from a first preset position to a second preset position as the first preset field.
13. A data decryption apparatus, an application node and a receiving node, applied to a blockchain, the apparatus comprising:
the receiving unit is used for receiving a data packet which is sent by a sending node and contains encryption attribute information, a public key and an index record;
the decryption unit is used for locking the position of a first encryption field in the encryption attribute information according to the index record; decrypting the first encrypted field through a private key of the receiving node corresponding to the public key to obtain a first preset field; and replacing the position of the first encryption field in the encryption attribute information by the first preset field to obtain the transaction attribute information.
14. The data decryption apparatus applied to the blockchain according to claim 13, wherein the apparatus further comprises:
and the storage unit is used for storing the data packet to a database.
15. The data decryption apparatus applied to the blockchain according to claim 13, wherein the apparatus further comprises:
the verification unit is used for verifying whether the data packet is unique, and if the data packet is unique, the step of locking the position of a first encryption field in the encryption attribute information according to the index record is executed; and if not, feeding back information for stopping data transmission to the sending node.
16. The data decryption device applied to the blockchain according to claim 15, wherein the check unit is further configured to query whether a pre-stored data packet identical to the data packet in information exists in the database according to the data packet, and if so, obtain a check result that the data packet is not unique; and if the data packet does not exist, obtaining a unique verification result of the data packet.
CN202010637770.2A 2020-07-06 2020-07-06 Data transmission method and device applied to block chain Pending CN111526167A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010637770.2A CN111526167A (en) 2020-07-06 2020-07-06 Data transmission method and device applied to block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010637770.2A CN111526167A (en) 2020-07-06 2020-07-06 Data transmission method and device applied to block chain

Publications (1)

Publication Number Publication Date
CN111526167A true CN111526167A (en) 2020-08-11

Family

ID=71910170

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010637770.2A Pending CN111526167A (en) 2020-07-06 2020-07-06 Data transmission method and device applied to block chain

Country Status (1)

Country Link
CN (1) CN111526167A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112073538A (en) * 2020-11-10 2020-12-11 南京可信区块链与算法经济研究院有限公司 Method and system for realizing multi-node transaction parallel execution in block chain
CN112910640A (en) * 2021-02-19 2021-06-04 区块动力(广州)科技有限公司 Key signature method based on block chain technology

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107078901A (en) * 2014-09-19 2017-08-18 古鲁洛吉克微系统公司 Encoder, decoder and the method encrypted using partial data
US20190172285A1 (en) * 2017-08-14 2019-06-06 Q & K International Group Limited Application Method of Bluetooth Low-energy Electronic Lock Based on Built-in Offline Pairing Passwords, Interactive Unlocking Method of a Bluetooth Electronic Lock and Electronic Lock System
CN110995757A (en) * 2019-12-19 2020-04-10 肖光昱 Encryption device, encryption system, and data encryption method
CN111008228A (en) * 2020-03-09 2020-04-14 支付宝(杭州)信息技术有限公司 Method and device for inquiring account privacy information in block chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107078901A (en) * 2014-09-19 2017-08-18 古鲁洛吉克微系统公司 Encoder, decoder and the method encrypted using partial data
US20190172285A1 (en) * 2017-08-14 2019-06-06 Q & K International Group Limited Application Method of Bluetooth Low-energy Electronic Lock Based on Built-in Offline Pairing Passwords, Interactive Unlocking Method of a Bluetooth Electronic Lock and Electronic Lock System
CN110995757A (en) * 2019-12-19 2020-04-10 肖光昱 Encryption device, encryption system, and data encryption method
CN111008228A (en) * 2020-03-09 2020-04-14 支付宝(杭州)信息技术有限公司 Method and device for inquiring account privacy information in block chain

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112073538A (en) * 2020-11-10 2020-12-11 南京可信区块链与算法经济研究院有限公司 Method and system for realizing multi-node transaction parallel execution in block chain
CN112910640A (en) * 2021-02-19 2021-06-04 区块动力(广州)科技有限公司 Key signature method based on block chain technology

Similar Documents

Publication Publication Date Title
CN111130757B (en) Multi-cloud CP-ABE access control method based on block chain
US9977918B2 (en) Method and system for verifiable searchable symmetric encryption
US10439804B2 (en) Data encrypting system with encryption service module and supporting infrastructure for transparently providing encryption services to encryption service consumer processes across encryption service state changes
US6118874A (en) Encrypted data recovery method using split storage key and system thereof
CN110334526B (en) Forward security searchable encryption storage system and method supporting verification
US6049612A (en) File encryption method and system
CN110881063B (en) Storage method, device, equipment and medium of private data
Garg et al. RITS-MHT: Relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing
US5604801A (en) Public key data communications system under control of a portable security device
CN109784931B (en) Query method of data query platform based on blockchain
CN109918925A (en) Date storage method, back end and storage medium
CN110289946B (en) Block chain wallet localized file generation method and block chain node point equipment
CN109547218B (en) Alliance link node key distribution and backup system for improving BIP (building information processing) protocol
Ananth et al. On the feasibility of unclonable encryption, and more
JP2005522775A (en) Information storage system
KR100563515B1 (en) Method and system for transient key digital time stamps
WO2022206453A1 (en) Method and apparatus for providing cross-chain private data
CN107995299A (en) The blind storage method of anti-access module leakage under a kind of cloud environment
CN108256354A (en) A kind of storage method and storage medium based on test data
CN111526167A (en) Data transmission method and device applied to block chain
EP2286610B1 (en) Techniques for peforming symmetric cryptography
CN116455572B (en) Data encryption method, device and equipment
CN115567200B (en) Http interface anti-brushing method, system and related equipment
CN115694921A (en) Data storage method, device and medium
Ali et al. Distributed File Sharing and Retrieval Model for Cloud Virtual Environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination