WO2020037654A1 - 区块链数据保护方法、装置、系统及计算机可读存储介质 - Google Patents
区块链数据保护方法、装置、系统及计算机可读存储介质 Download PDFInfo
- Publication number
- WO2020037654A1 WO2020037654A1 PCT/CN2018/102264 CN2018102264W WO2020037654A1 WO 2020037654 A1 WO2020037654 A1 WO 2020037654A1 CN 2018102264 W CN2018102264 W CN 2018102264W WO 2020037654 A1 WO2020037654 A1 WO 2020037654A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- encrypted
- data
- blockchain
- ciphertext
- blockchain node
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
Definitions
- This application relates to the field of blockchain technology, and in particular, this application relates to a method, device, system, and computer-readable storage medium for protecting blockchain data.
- Blockchain technologies such as Bitcoin and Ethereum provide the foundation for building a completely decentralized Internet application.
- the underlying technology of the blockchain builds a decentralized and trusted distributed network, all nodes maintain a shared database ledger, and all records are traceable and cannot be changed.
- this application proposes a method, a device, a system, and a computer-readable storage medium for protecting blockchain data to protect the blockchain data and improve the efficiency of the calculation and processing of the blockchain data.
- Embodiments of the present application provide a method for protecting blockchain data according to a first aspect, including:
- the first blockchain node performs homomorphic encryption on the encrypted data to obtain the encrypted ciphertext
- the second blockchain node obtains the request from the blockchain system
- the second blockchain node calculates the obtained encrypted ciphertext, and uploads the calculation result to the blockchain system.
- the embodiments of the present application also provide another method for protecting blockchain data, including:
- the embodiments of the present application also provide another method for protecting blockchain data, including:
- the calculation results are uploaded to the blockchain system.
- the embodiment of the present application further provides a blockchain data protection system according to the fourth aspect, including a first blockchain node and a second blockchain node;
- the first blockchain node is configured to perform homomorphic encryption on the encrypted data to obtain an encrypted ciphertext; upload a request for calculating the encrypted ciphertext to a blockchain system;
- the second blockchain node is configured to obtain the request from the blockchain system; obtain the encrypted ciphertext according to the request; calculate the obtained encrypted ciphertext, and upload the calculation result to the area Blockchain system.
- the embodiment of the present application further provides a blockchain data protection device according to a fifth aspect, including:
- An encryption module for homomorphically encrypting the encrypted data to obtain encrypted cipher text
- a request uploading module is configured to upload a request for calculating the encrypted ciphertext to a blockchain system, so that other blockchain nodes in the blockchain system perform the encryption ciphertext upon receiving the request. Calculation.
- the embodiments of the present application further provide another blockchain data protection device, including:
- a request obtaining module configured to obtain a request for calculating an encrypted ciphertext uploaded by a first blockchain node from a blockchain system; the encrypted ciphertext is obtained by homomorphic encryption of data to be encrypted;
- An encrypted ciphertext obtaining module configured to obtain the encrypted ciphertext according to the request
- An uploading module is configured to upload the calculation result to the blockchain system.
- the embodiments of the present application further provide a computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, the method for protecting a blockchain data according to any one of the foregoing is implemented. .
- the foregoing blockchain data protection method, device, system, and computer-readable storage medium perform homomorphic encryption on encrypted data, and uploads the obtained encrypted ciphertext to the blockchain system, thereby protecting the security of the blockchain data.
- Homomorphic encryption supports multiple operations (addition, multiplication) and high computational efficiency. Therefore, by introducing efficient homomorphic encryption with more abundant computing operation types, the efficiency of blockchain data calculation processing is improved.
- FIG. 1 is a schematic structural diagram of a communication system applicable to a blockchain data protection method according to an embodiment of the present application
- FIG. 2 is a schematic diagram of a blockchain data protection method according to an embodiment of the present application.
- FIG. 3 is a schematic diagram of a blockchain data protection method according to an embodiment of the present application.
- FIG. 4 is a schematic diagram of a blockchain data protection system according to an embodiment of the present application.
- FIG. 5 is a schematic diagram of a blockchain data protection method according to another embodiment of the present application.
- FIG. 6 is a schematic diagram of a blockchain data protection device according to an embodiment of the present application.
- FIG. 7 is a schematic diagram of a blockchain data protection method according to another embodiment of the present application.
- FIG. 8 is a schematic diagram of a blockchain data protection device according to another embodiment of the present application.
- FIG. 9 is a schematic diagram of a server according to an embodiment of the present application.
- first, second, and the like used in this application can be used herein to describe various elements, but these elements are not limited by these terms. These terms are only used to distinguish the first element from another element.
- a first blockchain node may be referred to as a second blockchain node, and similarly, a second blockchain node may be referred to as a first block Chain node.
- Both the first blockchain node and the second blockchain node are blockchain nodes, but they are not the same blockchain node.
- the blockchain data protection method provided in this application can be applied to the communication system shown in FIG. 1.
- the communication system includes: a blockchain network, a first blockchain node 11 and a second blockchain node 12.
- a blockchain network includes: a blockchain network, a first blockchain node 11 and a second blockchain node 12.
- This is for illustrative purposes only, and does not limit the specific number of blockchain nodes. It also does not limit the types of blockchain nodes.
- Blockchain nodes can specifically be smartphones, tablets, laptops, etc., and combinations thereof.
- the first blockchain node 11 is used to encrypt the data to be encrypted and upload a calculation request to the blockchain system
- the second blockchain node 12 is used to obtain the request and calculate the encrypted ciphertext performed in the request.
- a method for protecting blockchain data includes:
- the first blockchain node performs homomorphic encryption on the encrypted data to obtain encrypted ciphertext.
- Blockchain is a new application model of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithms.
- the so-called consensus mechanism is a mathematical algorithm for establishing trust and obtaining rights between different nodes in a blockchain system.
- Blockchain nodes refer to computers in the blockchain network, including mobile phones, miners, desktops, servers, etc.
- the person who operates a blockchain node can be an ordinary wallet user, a miner, and multiple people, etc. .
- Homomorphic encryption is a special kind of encryption that allows calculations (addition, multiplication) to be performed directly on the ciphertext, and after decryption, the result corresponding to the plaintext calculation is obtained.
- Homomorphic encryption is divided into full homomorphic encryption (supporting both addition and multiplication) and partial homomorphic encryption (addition or multiplication), which is an important research direction of current cryptography. Especially in terms of full homomorphic encryption, it has a wide range of application scenarios in terms of user privacy protection, such as implementing searchable encryption, and cloud platforms analyzing user encrypted data.
- the first fully homomorphic encryption scheme was based on lattice ciphers, which was proposed by Craig Gentry in 2009, and has led to a boom in research in this direction.
- Homomorphic encryption can use the existing encryption methods in the prior art, and it will be described below with reference to two examples.
- Nebula Genomics is committed to using blockchain technology to promote the research and development of genetic analysis. Eliminate middlemen in the gene market, so that users can control the buying and selling of their own genetic data, and scientific research institutions such as hospitals and universities can also purchase genetic data directly from individuals. In this process, users are inevitably required to send genetic data to the buyer, and the buyer then performs calculation analysis on the data.
- Nebula Genomics uses Intel Software Guard Extensions (SGX, Intel Software Protection Extensions) and some homomorphic encryption (addition), as shown in Figure 3.
- Enigma provides a more extensive privacy-protected computing platform. Applicable to secure multi-party computing, users can split the data to be processed into multiple copies and distribute them to different nodes for calculation, further improving the calculation processing speed.
- SPDZ is used to prevent attacks by malicious nodes and perform related homomorphic encryption operations on ciphertext.
- the homomorphic encryption algorithm selected and designed needs to support multiple operations (addition, multiplication) and high computational efficiency.
- the first blockchain node performs homomorphic encryption on the encrypted data to obtain encrypted ciphertext, including: the first blockchain node performs homomorphism on the encrypted data through a multi-key privacy protection outsourcing computing algorithm. Encrypt to get encrypted ciphertext.
- Multi-key privacy protection outsourcing calculation algorithms support addition (SAD), multiplication (SMD), and even division (SDIV) over integers, solving the greatest common factor (SGCD), maximum and minimum filtering (SMMS), and more.
- the blockchain platform integrates the addition and multiplication in the multi-key privacy protection outsourcing calculation algorithm, which can already meet almost all application requirements, such as counting employee salaries, performing machine neural network learning on user data samples, and other operations. Two operations are derived. In order to better understand the algorithm, we will use add homomorphism and multiplication homomorphism for illustration.
- the first blockchain node performs homomorphic encryption on the encrypted data by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext, including:
- the first blockchain node splits the data to be encrypted into a first part and a second part.
- each data in the data to be encrypted is classified according to attributes. There are two classes, each class is a part, and so on.
- the first blockchain node encrypts the sum of the first part and the first random number by a set first public key to obtain a first encrypted data; and the second public key sets the second public key.
- the sum of the partial and second random numbers is encrypted to obtain second encrypted data.
- This step is expressed as a formula:
- X is a first encrypted data
- pka of the first public key x is a first portion
- r a is a first random number
- [] pka a first public key pair [] is the number of encrypted
- pkb second Public key y is the second part
- r b is the second random number
- [] pkb is the second public key to encrypt the number in [].
- the first blockchain node decrypts the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain the first decrypted data; and using the first decryption algorithm and the The first private key decrypts the second encrypted data to obtain second decrypted data.
- This step is expressed as a formula:
- X ′ is the first decrypted data
- PDO is the first decrypted algorithm
- SK (1) is the first private key
- Y ′ is the second decrypted data.
- the first blockchain node decrypts the first encrypted data and the first decrypted data by using a preset second decryption algorithm and a set second private key to obtain third decrypted data.
- the second decryption algorithm and the second private key decrypt the second encrypted data and the second decrypted data to obtain fourth decrypted data.
- This step is expressed as a formula:
- X is the third decrypted data
- Y is the fourth decrypted data
- PDT is the second decryption algorithm
- SK (2) is the second private key.
- the first blockchain node encrypts the difference between the first sum value and the second sum value through a third public key to obtain an encrypted ciphertext of the data to be encrypted; the first sum value is the A sum of the third decrypted data and the fourth decrypted data, and the second sum value is a sum of the first random number and the second random number.
- This step is expressed as a formula:
- S is the first sum value
- R is the second sum value
- pkc is the third public key
- N is the size of the integer field.
- the ordinary homomorphic addition encryption algorithm only supports the calculation on the ciphertext encrypted under the same key, and SAD in this algorithm, given the ciphertext encrypted by different keys, [x] pka, [x] pkb, and the introduction
- the random numbers r a and r b can also obtain the ciphertext corresponding to the plaintext addition.
- the first blockchain node performs homomorphic encryption on the encrypted data by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext, including:
- the first blockchain node splits the data to be encrypted into a first part and a second part.
- each data in the data to be encrypted is classified according to attributes. There are two classes, each class is a part, and so on.
- the first blockchain node encrypts the first part and the first random number through a set first public key, and multiplies the two values obtained after encryption to obtain the first encrypted data. Encrypts the second part and the second random number with the second public key, and multiplies the two values obtained after encryption to obtain the second encrypted data; Encrypt the difference between the product of the second random number and the first part to obtain third encrypted data; use the second public key to pair the fourth random number with the product of the first random number and the second part The difference is encrypted, and the fourth encrypted data is obtained.
- This step is expressed as a formula:
- X is the first encrypted data
- Y is the second encrypted data
- S is the third encrypted data
- T is the fourth encrypted data
- pka is the first public key
- [] pka is the first public key pair [].
- Data is encrypted, x is the first part, r x is the first random number, y is the second part, r y is the second random number, [] pkb is the data in [] encrypted by the second public key, pkb is the second public key, R x is the third random number, and R y is the fourth random number.
- the first blockchain node decrypts the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data.
- the first private key decrypts the second encrypted data to obtain second decrypted data; and decrypts the third encrypted data through the first decryption algorithm and the first private key to obtain third decrypted data ; Decrypting the fourth encrypted data by using the first decryption algorithm and the first private key to obtain fourth decrypted data.
- This step is expressed as a formula:
- X 1 PDO SK (1) (X)
- Y 1 PDO SK (1) (Y)
- S 1 PDO SK (1) (S)
- T 1 PDO SK (1) (T)
- PDO is the first decryption algorithm
- SK (1) is the first private key
- X 1 , Y 1 , S 1 , and T 1 are the first decrypted data, the second decrypted data, the third decrypted data, and the fourth decrypted in this order. data.
- the first blockchain node decrypts the first decrypted data and the first encrypted data by using a preset second decryption algorithm and a set second private key, and using the second decryption algorithm and Decrypting the second decrypted data and the first encrypted data by the second private key, and multiplying the two values obtained after the decryption to obtain fifth decrypted data; by the second decryption algorithm and the The second private key decrypts the third decrypted data and the third encrypted data to obtain a sixth decrypted data; the fourth decrypted data and all the encrypted data are obtained through the second decryption algorithm and the second private key. Decrypt the fourth encrypted data to obtain the seventh decrypted data.
- This step is expressed as a formula:
- h is the fifth decrypted data
- PDT is the second decrypted algorithm
- SK (2) is the second private key
- S2 is the sixth decrypted data
- T2 is the seventh decrypted data.
- the first blockchain node encrypts the fifth decrypted data, the sixth decrypted data, and the seventh decrypted data by using a set third public key to obtain the fifth encrypted data and the sixth Encrypted data and seventh encrypted data; encrypting a product of the first random number and the second random number with the third public key, and calculating the (N-1) th power of the value obtained after the encryption, Obtain the eighth encrypted data; encrypt the third random number by the third public key, and calculate the (N-1) -th power of the encrypted value to obtain the ninth encrypted data; pass the third The public key encrypts the fourth random number, and calculates the (N-1) -th power of the value obtained after encryption to obtain tenth encrypted data; N represents the size of the integer field.
- This step is expressed as a formula:
- H, S3, T3, S4, S5, and S6 are the fifth decrypted data, the sixth decrypted data, the seventh decrypted data, the eighth encrypted data, the ninth encrypted data, and
- pkc is a third public key
- N represents a size of an integer domain.
- the first blockchain node sends the fifth encrypted data, the sixth encrypted data, the seventh encrypted data, the eighth encrypted data, the ninth encrypted data, and the tenth Multiply the encrypted data to obtain the encrypted ciphertext of the data to be encrypted.
- This step is expressed as a formula:
- the multiplication homomorphism (SMD) given the ciphertexts [x] pka, [x] pkb, and random numbers rx, ry encrypted with different keys can also obtain the ciphertext corresponding to the plaintext multiplication.
- the multi-key privacy protection outsourced computing algorithm can not only realize the encryption of the data to be encrypted, but also has higher computational efficiency than other homomorphic encryption algorithms.
- the data to be encrypted is data that needs to be protected, such as transaction data.
- multi-key privacy protection outsourcing computing algorithm to encrypt the encrypted data, the encrypted ciphertext can be obtained.
- the first blockchain node uploads a request for computing the encrypted ciphertext to a blockchain system.
- the request for calculating the encrypted cipher text may be specifically determined according to service requirements, such as calculating an average value or a variance of the encrypted cipher text.
- the first blockchain node can upload a request to calculate encrypted ciphertext through a smart contract or op_return.
- Smart contract is a computer protocol designed to spread, verify or execute contracts in an information-based manner. Smart contracts allow trusted transactions to be performed without a third party. These transactions are traceable and irreversible.
- OP_RETURN can realize the broadcasting and recording of data in the blockchain, omitting the calculation steps, thus achieving the purpose of saving time and computing power.
- the uploading, by the first blockchain node to the blockchain system, a request to calculate the encrypted ciphertext includes:
- the first blockchain node uploads the encrypted ciphertext to a distributed file system, and obtains a file hash value of the encrypted ciphertext.
- Distributed file system refers to the physical storage resources managed by the file system are not necessarily directly connected to the local node, but connected to the node through a computer network.
- the distributed file system may be an IPFS file system (InterPlanetary File System, Interstellar File System).
- IPFS is a peer-to-peer distributed file system. It attempts to connect the same file system for all computing devices (IPFS miners).
- the first blockchain node uploads the encrypted ciphertext to the distributed file system.
- the file hash value (file hash) can be calculated before uploading the encrypted ciphertext, or the hash value of the file can be returned when uploading IPFS.
- the first blockchain node stores a correspondence between the file hash value and the encrypted cipher text in the distributed file system into a pre-created distributed hash table.
- the first blockchain node creates a distributed hash-table (DHT, distributed hash table) in advance, and the DHT is accessed through the blockchain (Ethereum smart contract or Bitcoin op_return, etc.).
- DHT stores file hash indexes.
- Other blockchain nodes can obtain specific encrypted cipher text in the distributed file system through hash indexes.
- the first blockchain node uploads a request for calculating the encrypted ciphertext to a blockchain system; the request includes a file hash value of the encrypted ciphertext.
- the request for calculating the encrypted ciphertext uploaded by the first blockchain node may include the file hash value of the encrypted ciphertext.
- the second blockchain node obtains the request from the blockchain system.
- the second blockchain node can obtain the request from the blockchain system. If the request includes a file hash value of the encrypted ciphertext, the second blockchain node obtains the file hash value of the encrypted ciphertext.
- the second blockchain node obtains the encrypted ciphertext according to the request.
- the second blockchain node needs to obtain the corresponding encrypted ciphertext according to the request for calculation.
- the obtaining, by the second blockchain node, the encrypted ciphertext according to the request includes:
- the second blockchain node accesses the distributed hash table through the blockchain system.
- the distributed hash table stores the correspondence between the file hash value and the encrypted cipher text in the distributed file system.
- the second blockchain node needs to access the distributed hash table through the blockchain system.
- the second blockchain node searches the distributed file system for the encrypted ciphertext corresponding to the file hash value in the request according to the distributed hash table.
- the request contains a file hash value.
- the encrypted cipher text in the distributed file system corresponding to the file hash value can be determined, and then the encrypted cipher text is obtained from the distributed file system.
- the second blockchain node calculates the obtained encrypted ciphertext, and uploads the calculation result to the blockchain system.
- the second blockchain node can directly perform calculations on the encrypted ciphertext, such as averaging or variance, to obtain the calculation result, and upload the calculation result to the blockchain system. Since the multi-key privacy protection outsourcing calculation algorithm is adopted, not only the encryption of the blockchain data is realized, but also the efficiency of the calculation of the blockchain data is improved.
- the second blockchain node calculates the obtained encrypted ciphertext, uploads the calculation result to the blockchain system, and then further includes: the blockchain system verifies the calculation. When the result is valid, a token reward is issued to the second blockchain node. The blockchain system verifies whether the calculation result uploaded by the second blockchain node is accurate. If it is accurate, it will issue token rewards to the second blockchain node that calculates accurately, such as a certain amount of bitcoin, etc. No token reward will be issued to the second blockchain node that uploads the calculation results.
- the present application also provides a blockchain data protection system, including a first blockchain node 41 and a second blockchain node 42;
- the first blockchain node 41 is configured to perform homomorphic encryption on the encrypted data to obtain an encrypted ciphertext; upload a request for computing the encrypted ciphertext to a blockchain system;
- the second blockchain node 42 is configured to obtain the request from the blockchain system; obtain the encrypted ciphertext according to the request; perform calculation on the obtained encrypted ciphertext, and upload the calculation result to the Blockchain system.
- the first blockchain node 41 performs homomorphic encryption on the encrypted data by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext.
- the first blockchain node 41 obtains the encrypted ciphertext through the following operations:
- the first blockchain node splits the data to be encrypted into a first part and a second part
- the first blockchain node encrypts the sum of the first part and the first random number by a set first public key to obtain the first encrypted data; and sets the second part and the second part by a set second public key. Encrypt the sum of the second random number to obtain second encrypted data;
- the first blockchain node decrypts the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data; and using the first decryption algorithm and the first A private key decrypting the second encrypted data to obtain second decrypted data;
- the first blockchain node decrypts the first encrypted data and the first decrypted data by using a preset second decryption algorithm and a set second private key to obtain third decrypted data; through the first Two decryption algorithms and the second private key decrypt the second encrypted data and the second decrypted data to obtain fourth decrypted data;
- the first blockchain node encrypts the difference between the first sum value and the second sum value through a third public key to obtain an encrypted ciphertext of the data to be encrypted; the first sum value is the third The sum of the decrypted data and the fourth decrypted data, and the second sum is a sum of the first random number and the second random number.
- the first blockchain node 41 obtains the encrypted ciphertext through the following operations:
- the first blockchain node splits the data to be encrypted into a first part and a second part
- the first blockchain node encrypts the first part and the first random number respectively through a first public key that is set, and multiplies the two values obtained after encryption to obtain the first encrypted data.
- Two public keys respectively encrypt the second part and the second random number, and multiply the two values obtained after encryption to obtain the second encrypted data; the third random number and the third random number are obtained by the first public key Encrypt the difference between the second random number and the first partial product to obtain third encrypted data; perform the difference between the fourth random number and the first random number and the second partial product by using the second public key; Encrypt to obtain the fourth encrypted data;
- the first blockchain node decrypts the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data; and using the first decryption algorithm and the first A private key decrypts the second encrypted data to obtain second decrypted data; decrypts the third encrypted data through the first decryption algorithm and the first private key to obtain third decrypted data; Decrypting the fourth encrypted data by the first decryption algorithm and the first private key to obtain fourth decrypted data;
- the first blockchain node decrypts the first decrypted data and the first encrypted data by using a preset second decryption algorithm and a set second private key, and by using the second decryption algorithm and the The second private key decrypts the second decrypted data and the first encrypted data, and multiplies the two values obtained after decryption to obtain a fifth decrypted data; the second decryption algorithm and the second decrypted data are obtained.
- a private key decrypts the third decrypted data and the third encrypted data to obtain a sixth decrypted data; the fourth decrypted data and the first decrypted data are obtained through the second decryption algorithm and the second private key.
- Four encrypted data are decrypted to obtain seventh decrypted data;
- the first blockchain node encrypts the fifth decrypted data, the sixth decrypted data, and the seventh decrypted data by using a set third public key to obtain the fifth encrypted data and the sixth encrypted data.
- the seventh encrypted data encrypt the product of the first random number and the second random number with the third public key, and calculate the (N-1) -th power of the value obtained after encryption to obtain the first Eight encrypted data;
- the third random number is encrypted by the third public key, and the (N-1) -th power of the value obtained after the encryption is calculated, to obtain the ninth encrypted data; by the third public key Encrypt the fourth random number, and calculate the (N-1) th power of the value obtained after encryption to obtain tenth encrypted data;
- N represents the size of the integer field;
- the first blockchain node sends the fifth encrypted data, the sixth encrypted data, the seventh encrypted data, the eighth encrypted data, the ninth encrypted data, and the tenth encrypted data. Multiply to obtain the encrypted ciphertext of the data to be encrypted.
- the first blockchain node 41 uploads the encrypted ciphertext to a distributed file system, and obtains a file hash value of the encrypted ciphertext;
- the correspondence between the encrypted ciphertext in the distributed file system is stored in a pre-created distributed hash table; a request to calculate the encrypted ciphertext is uploaded to a blockchain system; the request includes the encrypted ciphertext File hash.
- the second blockchain node 42 accesses the distributed hash table through the blockchain system; according to the distributed hash table, looks up all the addresses in the distributed file system.
- a token reward is issued to the second blockchain node.
- the blockchain system verifies whether the calculation result uploaded by the second blockchain node is accurate. If it is accurate, it will issue token rewards to the second blockchain node that calculates accurately, such as a certain amount of bitcoin, etc. No token reward will be issued to the second blockchain node that uploads the calculation results.
- a method for protecting blockchain data includes:
- Blockchain is a new application model of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithms.
- the so-called consensus mechanism is a mathematical algorithm for establishing trust and obtaining rights between different nodes in a blockchain system.
- Blockchain nodes refer to computers in the blockchain network, including mobile phones, miners, desktops, servers, etc.
- the person who operates a blockchain node can be an ordinary wallet user, a miner, and multiple people, etc. .
- Homomorphic encryption is a special kind of encryption that allows calculations (addition, multiplication) to be performed directly on the ciphertext, and after decryption, the result corresponding to the plaintext calculation is obtained.
- Homomorphic encryption is further divided into full homomorphic encryption (supporting both addition and multiplication) and partial homomorphic encryption (addition or multiplication), which is an important research direction of current cryptography. Especially in terms of full homomorphic encryption, it has a wide range of application scenarios in terms of user privacy protection, such as implementing searchable encryption, and cloud platforms analyzing user encrypted data.
- performing homomorphic encryption on the encrypted data to obtain the encrypted ciphertext includes: performing homomorphic encryption on the encrypted data through a multi-key privacy protection outsourcing computing algorithm to obtain the encrypted ciphertext.
- Multi-key privacy protection outsourcing calculation algorithms support addition (SAD), multiplication (SMD), and even division (SDIV) over integers, solving the greatest common factor (SGCD), maximum and minimum filtering (SMMS), and more.
- the blockchain platform will integrate the addition and multiplication in the multi-key privacy protection outsourcing calculation algorithm. This can already meet almost all application requirements, such as counting employee salaries, performing machine neural network learning on user data samples, etc. Other operations can Derived on these two operations. In order to better understand the algorithm, we will use add homomorphism and multiplication homomorphism for illustration.
- the encrypted data is homomorphically encrypted by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted cipher text, including:
- each data in the data to be encrypted is classified according to attributes. There are two classes, each class is a part, and so on.
- S512 Encrypt the sum of the first part and the first random number by using the set first public key to obtain the first encrypted data; sum the sum of the second part and the second random number by using the set second public key. Encrypt to obtain the second encrypted data.
- This step is expressed as a formula:
- X is a first encrypted data
- pka of the first public key x is a first portion
- r a is a first random number
- [] pka a first public key pair [] is the number of encrypted
- pkb second Public key y is the second part
- r b is the second random number
- [] pkb is the second public key to encrypt the number in [].
- This step is expressed as a formula:
- X ′ is the first decrypted data
- PDO is the first decrypted algorithm
- SK (1) is the first private key
- Y ′ is the second decrypted data.
- This step is expressed as a formula:
- X is the third decrypted data
- Y is the fourth decrypted data
- PDT is the second decryption algorithm
- SK (2) is the second private key.
- This step is expressed as a formula:
- S is the first sum value
- R is the second sum value
- pkc is the third public key
- N is the size of the integer field.
- the ordinary homomorphic addition encryption algorithm only supports the calculation on the ciphertext encrypted under the same key, and SAD in this algorithm, given the ciphertext encrypted by different keys, [x] pka, [x] pkb, and the introduction
- the random numbers r a and r b can also obtain the ciphertext corresponding to the plaintext addition.
- the encrypted data is homomorphically encrypted by using a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext, including:
- each data in the data to be encrypted is classified according to attributes. There are two classes, each class is a part, and so on.
- S51b Encrypt the first part and the first random number respectively by using a set first public key, and multiply the two values obtained by encryption to obtain the first encrypted data; and separately set the second public key to each The second part and the second random number are encrypted, and the two encrypted values are multiplied to obtain the second encrypted data; the third random number and the second random number are summed by the first public key. Encrypt the difference of the first partial product to obtain third encrypted data; encrypt the difference between the fourth random number and the first random number and the second partial product by the second public key to obtain a fourth encryption data.
- This step is expressed as a formula:
- X is the first encrypted data
- Y is the second encrypted data
- S is the third encrypted data
- T is the fourth encrypted data
- pka is the first public key
- [] pka is the first public key pair [].
- Data is encrypted, x is the first part, r x is the first random number, y is the second part, r y is the second random number, [] pkb is the data in [] encrypted by the second public key, pkb is the second public key, R x is the third random number, and R y is the fourth random number.
- S51c Decrypt the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data; and use the first decryption algorithm and the first private key to decrypt the first encrypted data.
- Decrypt the second encrypted data to obtain the second decrypted data; decrypt the third encrypted data by the first decryption algorithm and the first private key to obtain third decrypted data; and pass the first decryption algorithm Decrypt the fourth encrypted data with the first private key to obtain fourth decrypted data.
- This step is expressed as a formula:
- X 1 PDO SK (1) (X)
- Y 1 PDO SK (1) (Y)
- S 1 PDO SK (1) (S)
- T 1 PDO SK (1) (T)
- PDO is the first decryption algorithm
- SK (1) is the first private key
- X 1 , Y 1 , S 1 , and T 1 are the first decrypted data, the second decrypted data, the third decrypted data, and the fourth decrypted in this order. data.
- S51d Decrypt the first decrypted data and the first encrypted data by using a preset second decryption algorithm and a set second private key, and perform decryption by using the second decryption algorithm and the second private key.
- the second decrypted data and the first encrypted data are decrypted, and the two values obtained after decryption are multiplied to obtain a fifth decrypted data; the second decrypted algorithm and the second private key are used to pair the first Decrypt the three decrypted data and the third encrypted data to obtain a sixth decrypted data; and decrypt the fourth decrypted data and the fourth encrypted data by using the second decryption algorithm and the second private key, Get the seventh decrypted data.
- This step is expressed as a formula:
- h is the fifth decrypted data
- PDT is the second decrypted algorithm
- SK (2) is the second private key
- S2 is the sixth decrypted data
- T2 is the seventh decrypted data.
- This step is expressed as a formula:
- H, S3, T3, S4, S5, and S6 are the fifth decrypted data, the sixth decrypted data, the seventh decrypted data, the eighth encrypted data, the ninth encrypted data, and
- pkc is a third public key
- N represents a size of an integer domain.
- S51f Multiply the fifth encrypted data, the sixth encrypted data, the seventh encrypted data, the eighth encrypted data, the ninth encrypted data, and the tenth encrypted data to obtain the The encrypted cipher text of the data to be encrypted.
- This step is expressed as a formula:
- the multiplication homomorphism (SMD) given the ciphertexts [x] pka, [x] pkb, and random numbers rx, ry encrypted with different keys can also obtain the ciphertext corresponding to the plaintext multiplication.
- the multi-key privacy protection outsourced computing algorithm can not only realize the encryption of the data to be encrypted, but also has higher computational efficiency than other homomorphic encryption algorithms.
- the data to be encrypted is data that needs to be protected, such as transaction data.
- multi-key privacy protection outsourcing computing algorithm to encrypt the encrypted data, the encrypted ciphertext can be obtained.
- the request for calculating the encrypted cipher text may be specifically determined according to service requirements, such as calculating an average value or a variance of the encrypted cipher text.
- the first blockchain node can upload a request to calculate encrypted ciphertext through a smart contract or op_return.
- Smart contract is a computer protocol designed to spread, verify or execute contracts in an information-based manner. Smart contracts allow trusted transactions to be performed without a third party. These transactions are traceable and irreversible.
- OP_RETURN can realize the broadcasting and recording of data in the blockchain, omitting the calculation steps, thus achieving the purpose of saving time and computing power.
- the uploading a request for computing the encrypted ciphertext to a blockchain system includes:
- Distributed file system refers to the physical storage resources managed by the file system are not necessarily directly connected to the local node, but connected to the node through a computer network.
- the distributed file system may be an IPFS file system (InterPlanetary File System).
- IPFS is a peer-to-peer distributed file system. It attempts to connect the same file system for all computing devices (IPFS miners).
- the first blockchain node uploads the encrypted ciphertext to the distributed file system.
- the file hash value (file hash) can be calculated before uploading the encrypted ciphertext, or the hash value of the file can be returned when uploading IPFS.
- the first blockchain node creates a distributed hash-table (DHT, distributed hash table) in advance, and the DHT is accessed through the blockchain (Ethereum smart contract or Bitcoin op_return, etc.).
- DHT stores file hash indexes.
- Other blockchain nodes can obtain specific encrypted cipher text in the distributed file system through hash indexes.
- the request for calculating the encrypted ciphertext uploaded by the first blockchain node may include the file hash value of the encrypted ciphertext.
- the second blockchain node can obtain the request from the blockchain, obtain the encrypted ciphertext according to the request, and obtain the The encrypted ciphertext is calculated.
- the present application also provides a blockchain data protection device 60, as shown in FIG. 6, including:
- An encryption module 61 configured to perform homomorphic encryption on the encrypted data to obtain encrypted cipher text
- the request uploading module 62 is configured to upload a request for calculating the encrypted ciphertext to a blockchain system, so that other blockchain nodes in the blockchain system may receive the request for the encrypted ciphertext when receiving the request. Calculation.
- the encryption module 61 performs homomorphic encryption on the encrypted data by using a multi-key privacy protection outsourcing computing algorithm to obtain the encrypted ciphertext.
- the encryption module 61 obtains the encrypted ciphertext through the following operations:
- Decrypt the first encrypted data by using a preset first decryption algorithm and a set first private key to obtain first decrypted data; and use the first decryption algorithm and the first private key to decrypt the second encrypted data Decrypt the encrypted data to obtain the second decrypted data;
- the difference between the first sum value and the second sum value is encrypted by a third public key to obtain an encrypted ciphertext of the data to be encrypted; the first sum value is the third decrypted data and the fourth decryption The sum of data, the second sum value is the sum of the first random number and the second random number.
- the encryption module 61 obtains the encrypted ciphertext through the following operations:
- the first part and the first random number are respectively encrypted by the set first public key, and the two encrypted values are multiplied to obtain the first encrypted data.
- the second public key is set to the first public key, respectively.
- the second part and the second random number are encrypted, and the two values obtained after encryption are multiplied to obtain a second encrypted data;
- the third random number is paired with the second random number and the first random number through the first public key. Encrypting a difference of a part of the product to obtain third encrypted data; encrypting a difference of the fourth random number with the first random number and the second part of the product by the second public key to obtain fourth encrypted data;
- Decrypting the first decrypted data and the first encrypted data by a preset second decryption algorithm and a set second private key, and using the second decryption algorithm and the second private key to decrypt the first decrypted data and the first encrypted data Decrypt the second decrypted data and the first encrypted data, and multiply the two values obtained after decryption to obtain the fifth decrypted data; and decrypt the third by the second decryption algorithm and the second private key Decrypt the data and the third encrypted data to obtain a sixth decrypted data; decrypt the fourth decrypted data and the fourth encrypted data by the second decryption algorithm and the second private key to obtain a first Seven decrypted data;
- the third public key encrypts a product of the first random number and the second random number, and calculates the (N-1) -th power of the value obtained after encryption to obtain eighth encrypted data; through the first Three public keys encrypt the third random number, and calculate the (N-1) th power of the value obtained after encryption to obtain the ninth encrypted data;
- the fourth random number is performed by the third public key Encrypt and calculate the (N-1) power of the value obtained after encryption to obtain the tenth encrypted data;
- N represents the size of the integer field;
- the request uploading module 62 includes: an encrypted ciphertext uploading unit 621, configured to upload the encrypted ciphertext to a distributed file system, and obtain a file hash value of the encrypted ciphertext;
- the correspondence relationship storage unit 622 is configured to store a correspondence relationship between the file hash value and the encrypted cipher text in the distributed file system into a pre-created distributed hash table; and a request upload unit 623, configured to: Upload a request to the blockchain system to calculate the encrypted ciphertext; the request includes a file hash value of the encrypted ciphertext.
- a method for protecting blockchain data includes:
- Blockchain is a new application model of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithms.
- the so-called consensus mechanism is a mathematical algorithm for establishing trust and obtaining rights between different nodes in a blockchain system.
- Blockchain nodes refer to computers in the blockchain network, including mobile phones, miners, desktops, servers, etc.
- the person who operates a blockchain node can be an ordinary wallet user, a miner, and multiple people, etc. .
- the encrypted ciphertext is obtained through a multi-key privacy protection outsourcing calculation algorithm for homomorphic encryption of encrypted data.
- the multi-key privacy protection outsourcing calculation algorithm supports addition (SAD), multiplication (SMD), etc. This kind of operation can not only realize the encryption of the data to be encrypted, but also has higher calculation efficiency than other homomorphic encryption algorithms.
- the data to be encrypted is data that needs to be protected, such as transaction data.
- multi-key privacy protection outsourcing computing algorithm to encrypt the encrypted data the encrypted ciphertext can be obtained.
- the first blockchain node uploads a request for computing the encrypted ciphertext to a blockchain system.
- the second blockchain node obtains the request from the blockchain system. If the request includes a file hash value of the encrypted ciphertext, the second blockchain node obtains the file hash value of the encrypted ciphertext.
- the second blockchain node needs to obtain the corresponding encrypted ciphertext according to the request for calculation.
- the encrypted ciphertext is stored in a distributed file system; the request includes a file hash value of the encrypted ciphertext; and the obtaining the encrypted ciphertext according to the request includes:
- the distributed hash table created in advance by the first blockchain node through the blockchain system; the distributed hash table stores a file hash value of the encrypted ciphertext and the distribution Corresponding relationship of the encrypted cipher text in the file system.
- the distributed hash table stores the correspondence between the file hash value and the encrypted cipher text in the distributed file system.
- the second blockchain node needs to access the distributed hash table through the blockchain system.
- the request contains a file hash value.
- the encrypted cipher text in the distributed file system corresponding to the file hash value can be determined, and then the encrypted cipher text is obtained from the distributed file system.
- the second blockchain node can directly perform calculations on the encrypted ciphertext, such as averaging or variance. Since the multi-key privacy protection outsourcing calculation algorithm is adopted, not only the encryption of the blockchain data is realized, but also the efficiency of the calculation of the blockchain data is improved.
- the second blockchain node calculates the encrypted ciphertext to obtain the calculation result, and uploads the calculation result to the blockchain system.
- the blockchain system verifies whether the calculation result uploaded by the second blockchain node is accurate. If it is accurate, it will issue token rewards to the second blockchain node that calculates accurately, such as a certain amount of bitcoin, etc. No token reward will be issued to the second blockchain node that uploads the calculation results.
- this application also provides a blockchain data protection device, as shown in FIG. 8, including:
- a request obtaining module 81 is configured to obtain a request for calculating an encrypted ciphertext uploaded by a first blockchain node from a blockchain system; the encrypted ciphertext is obtained by homomorphic encryption of data to be encrypted;
- An encrypted ciphertext obtaining module 82 configured to obtain the encrypted ciphertext according to the request
- a calculation module 83 configured to calculate the obtained encrypted cipher text
- the uploading module 84 is configured to upload the calculation result to the blockchain system.
- the encrypted ciphertext is stored in a distributed file system; the request includes a file hash value of the encrypted ciphertext; the encrypted ciphertext acquisition module 82 is configured to pass the blockchain
- the system accesses a distributed hash table created in advance by the first blockchain node; the distributed hash table stores a file hash value of the encrypted ciphertext and the encrypted password in the distributed file system Correspondence between texts; according to the distributed hash table, look up the encrypted ciphertext corresponding to the file hash value in the request in the distributed file system.
- An embodiment of the present application further provides a computer-readable storage medium on which a computer program is stored.
- the storage medium includes, but is not limited to, any type of disk (including a floppy disk, a hard disk, an optical disk, a CD-ROM, and a magneto-optical disk), a ROM (Read-Only Memory, read-only memory), and a RAM (RandomAcceSS Memory, immediately (Memory), EPROM (EraSable Programmable Read-Only Memory, Erasable Programmable Read-Only Memory), EEPROM (Electrically EraSable Programmable Read-Only Memory, Electrically Erasable Programmable Read-Only Memory), flash memory, magnetic card or optical card. That is, the storage medium includes any medium that stores or transfers information in a readable form by a device (for example, a computer). It can be read-only memory, magnetic disk or optical disk, etc.
- Each blockchain node (including the first blockchain node and the second blockchain node) in FIG. 1 is equivalent to a server.
- FIG. 9 it is a schematic structural diagram of a server according to an embodiment of the present application, including a processor 92 and a storage device 93.
- the storage device 93 may be used to store an application program 91 and various functional modules.
- the processor 92 runs the application program 91 stored in the storage device 93 to execute various functional applications and data processing of the device.
- the storage device 93 may be an internal memory or an external memory, or include both an internal memory and an external memory.
- the internal memory may include a read-only memory, a programmable ROM (PROM), an electrically programmable ROM (EPROM), an electrically erasable programmable ROM (EEPROM), a flash memory, or a random access memory.
- External storage may include hard disks, floppy disks, ZIP disks, U disks, magnetic tapes, and so on.
- the storage devices disclosed in this application include, but are not limited to, these types of storage devices.
- the storage device 93 disclosed in the present application is only an example and not a limitation.
- the processor 92 is a control center of the server, and uses various interfaces and lines to connect various parts of the entire computer. By running or executing software programs and / or modules stored in the storage device 93, and calling data stored in the storage device, Perform various functions and process data. If the server is the server of the first blockchain node, the processor 92 encrypts the encrypted data through a multi-key privacy protection outsourcing computing algorithm to obtain encrypted ciphertext, and uploads the encrypted ciphertext to the blockchain system to calculate the encrypted ciphertext. request. If the server is a server of a second blockchain node, the processor 92 obtains the request from the blockchain system, obtains the encrypted ciphertext according to the request, and calculates the obtained encrypted ciphertext.
- steps in the flowchart of the drawings are sequentially displayed in accordance with the directions of the arrows, these steps are not necessarily performed in the order indicated by the arrows. Unless explicitly stated herein, the execution of these steps is not strictly limited, and they can be performed in other orders. Moreover, at least a part of the steps in the flowchart of the drawing may include multiple sub-steps or multiple stages. These sub-steps or stages are not necessarily performed at the same time, but may be performed at different times. The execution order is also It is not necessarily performed sequentially, but may be performed in turn or alternately with other steps or at least a part of the sub-steps or stages of other steps.
Landscapes
- Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
本申请提供一种区块链数据保护方法、装置、系统及计算机可读存储介质,应用于区块链技术领域。所述的方法包括:第一区块链节点对待加密数据进行同态加密,获得加密密文;所述第一区块链节点向区块链系统上传计算所述加密密文的请求;第二区块链节点从所述区块链系统获取所述请求;所述第二区块链节点根据所述请求获取所述加密密文;所述第二区块链节点对获取的加密密文进行计算,将计算结果上传到所述区块链系统。本申请实施例能够保护区块链数据并提高区块链数据计算处理的效率。
Description
本申请涉及区块链技术领域,具体而言,本申请涉及一种区块链数据保护方法、装置、系统及计算机可读存储介质。
过去20年间,我们见证了互联网的快速发展,给我们带来了极大的生活便利。然而互联网应用却越来越集中化,资源大多被大型企业所掌控(如Google,Facebook,Twitter等)。为了使用这些应用,用户须将自己的隐私信息交给企业管理,对他们给与完全信任。目前的互联网充斥着身份盗用、垃圾邮件、广告和黑客等等。
比特币以太坊等区块链技术则提供了构建一个完全去中心化的互联网应用的基础。区块链底层技术构建了一个去中心化的可信任的分布式网络,所有节点维护一个共享的数据库账本,且所有记录可追溯,不可更改。
然而,用区块链去构造一个大型的互联网应用还有很多问题需要解决。现代的互联网应用往往需要在用户的隐私数据上进行大量的分析和计算。而区块链的公开可追溯可验证属性,导致目前区块链上的数据都是公开可见的(如比特币,所有交易记录均可查),如果用户上传隐私数据到区块链上,那么所有节点都可见。另外区块链也不适合计算繁重的应用,区块链上的计算资源主要用来记录数据库账本的变更、交易验证以及达成共识等,并不适合在大量数据上进行分析。
因此,为了能够在区块链上搭建更加现代互联网应用,需要解决区块链数据隐私和计算效率的问题。
发明内容
本申请针对现有方式的缺点,提出一种区块链数据保护方法、装置、系统及计算机可读存储介质,以保护区块链数据并提高区块链数据计算处理的效率。
本申请的实施例根据第一个方面,提供了一种区块链数据保护方法,包括:
第一区块链节点对待加密数据进行同态加密,获得加密密文;
所述第一区块链节点向区块链系统上传计算所述加密密文的请求;
第二区块链节点从所述区块链系统获取所述请求;
所述第二区块链节点根据所述请求获取所述加密密文;
所述第二区块链节点对获取的加密密文进行计算,将计算结果上传到所述区块链系统。
本申请的实施例根据第二个方面,还提供了另一种区块链数据保护方法,包括:
对待加密数据进行同态加密,获得加密密文;
向区块链系统上传计算所述加密密文的请求,以使所述区块链系统中的其它区块链节点在接收到所述请求时对所述加密密文进行计算。
本申请的实施例根据第三个方面,还提供了另一种区块链数据保护方法,包括:
从区块链系统中获取第一区块链节点上传的计算加密密文的请求;所述加密密文通过对待加密数据同态加密获得;
根据所述请求获取所述加密密文;
对获取的加密密文进行计算;
将计算结果上传到所述区块链系统。
本申请的实施例根据第四个方面,还提供了一种区块链数据保护系统,包括第一区块链节点和第二区块链节点;
所述第一区块链节点用于对待加密数据进行同态加密,获得加密密文;向区块链系统上传计算所述加密密文的请求;
所述第二区块链节点用于从所述区块链系统获取所述请求;根据所述请求获取所述加密密文;对获取的加密密文进行计算,将计算结果上传到所述区块链系统。
本申请的实施例根据第五个方面,还提供了一种区块链数据保护装置,包括:
加密模块,用于对待加密数据进行同态加密,获得加密密文;
请求上传模块,用于向区块链系统上传计算所述加密密文的请求,以使所述区块链系统中的其它区块链节点在接收到所述请求时对所述加密密文进行计算。
本申请的实施例根据第六个方面,还提供了另一种区块链数据保护装置,包括:
请求获取模块,用于从区块链系统中获取第一区块链节点上传的计算加密密文的请求;所述加密密文通过对待加密数据同态加密获得;
加密密文获取模块,用于根据所述请求获取所述加密密文;
计算模块,用于对获取的加密密文进行计算;
上传模块,用于将计算结果上传到所述区块链系统。
本申请的实施例根据第七个方面,还提供了一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现上述任意一项所述的区块链数据保护方法。
上述的区块链数据保护方法、装置、系统及计算机可读存储介质,对待加密数据进行同态加密,将得到的加密密文上传到区块链系统中,从而保护了区块链数据的安全;同态加密支持多个运算(加法,乘法)以及计算上的高效率,因此通过引进高效、计算操作类型更加丰富的同态加密,提高了区块链数据计算处理的效率。
本申请附加的方面和优点将在下面的描述中部分给出,这些将从下面的描述中变得明显,或通过本申请的实践了解到。
本申请上述的和/或附加的方面和优点从下面结合附图对实施例的描述中将变得明显和容易理解,其中:
图1为本申请一个实施例的区块链数据保护方法所适用通信系统的结构示意图;
图2为本申请一个实施例的区块链数据保护方法的示意图;
图3为本申请一个实施例的区块链数据保护方式的示意图;
图4为本申请一个实施例的区块链数据保护系统的示意图;
图5为本申请另一个实施例的区块链数据保护方法的示意图;
图6为本申请一个实施例的区块链数据保护装置的示意图;
图7为本申请另一个实施例的区块链数据保护方法的示意图;
图8为本申请另一个实施例的区块链数据保护装置的示意图;
图9为本申请一个实施例的服务器的示意图。
下面详细描述本申请的实施例,所述实施例的示例在附图中示出,其中自始至 终相同或类似的标号表示相同或类似的元件或具有相同或类似功能的元件。下面通过参考附图描述的实施例是示例性的,仅用于解释本申请,而不能解释为对本申请的限制。
本技术领域技术人员可以理解,除非特意声明,这里使用的单数形式“一”、“一个”、“所述”和“该”也可包括复数形式。应该进一步理解的是,本申请的说明书中使用的措辞“包括”是指存在所述特征、整数、步骤、操作、元件和/或组件,但是并不排除存在或添加一个或多个其他特征、整数、步骤、操作、元件、组件和/或它们的组。
可以理解,本申请所使用的术语“第一”、“第二”等可在本文中用于描述各种元件,但这些元件不受这些术语限制。这些术语仅用于将第一个元件与另一个元件区分。举例来说,在不脱离本申请的范围的情况下,可以将第一区块链节点称为第二区块链节点,且类似地,可将第二区块链节点称为第一区块链节点。第一区块链节点和第二区块链节点两者都是区块链节点,但其不是同一个区块链节点。
本技术领域技术人员可以理解,除非另外定义,这里使用的所有术语(包括技术术语和科学术语),具有与本申请所属领域中的普通技术人员的一般理解相同的意义。还应该理解的是,诸如通用字典中定义的那些术语,应该被理解为具有与现有技术的上下文中的意义一致的意义,并且除非像这里一样被特定定义,否则不会用理想化或过于正式的含义来解释。
本申请提供的区块链数据保护方法,可以适用于图1所示的通信系统。如图1所示,该通信系统包括:区块链网络、第一区块链节点11和第二区块链节点12,此处只是示意性说明,并不限定区块链节点的具体个数,也不限定区块链节点的类型。区块链节点具体可以是智能手机、平板电脑、膝上型电脑等及其组合。第一区块链节点11用于对待加密数据进行加密并向区块链系统上传计算请求,第二区块链节点12用于获取请求,对请求中所执行的加密密文进行计算。
首先从整个系统的角度出发,对本申请区块链数据保护方法和系统进行详细介绍。
如图2所示,在一个实施例中,一种区块链数据保护方法,包括:
S21、第一区块链节点对待加密数据进行同态加密,获得加密密文。
区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。所谓共识机制是区块链系统中实现不同节点之间建立信任、获取权益的数学算法。区块链节点,指的是区块链网络中的计算机,包括手机、矿机、台式机和服务器等等,操作一个区块链节点的人可以是普通的钱包用户、矿工和多个人协作等。
隐私保护在区块链上是一大热门的方向,包括主打隐私的区块链的ZCash(大零币),Monero(门罗币),Dash(达世币),XVG(加密货币Verge)。其中ZCash使用的ZkSnark(zero-knowledge succint non-interactive arguments of knowledge,零知识下简明的非交互知识论证)使用了零知识证明等隐藏交易信息。而目前基于区块链平台应用的开发也越来越注重用户数据的隐私保护,这其中同态加密发挥了重要的作用。
同态加密是一种较为特殊的加密,它允许在密文上直接进行计算(加法,乘法),解密之后,得到对应明文计算后的结果。同态加密又分为全同态加密(同时支持加法 和乘法)以及部分同态加密(加或乘),它是目前密码学的一个重要研究方向。尤其是全同态加密方面,它在用户隐私保护方面应用场景非常广泛,如实现可搜索加密,云平台分析用户加密数据等。第一个全同态加密方案基于格密码,由Craig Gentry在2009年提出,并由此引发了此方向的研究热潮。
同态加密可以采用现有技术中已有的加密方式,下面结合两个例子进行说明。
如Nebula Genomics,致力于使用区块链技术来促进基因分析的研究发展。消除基因市场的中间商,使用户能够掌握自己基因数据的买卖,医院和大学等科研机构也能直接从个人购买基因数据。而这个过程中就不可避免地需要用户将基因数据发送给买方,买方再对数据进行计算分析。为了保护用户的隐私,Nebula Genomics使用了Intel Software Guard Extensions(SGX,英特尔软件保护扩展)和部分同态加密(加法),如图3所示。
Enigma则提供了一个适用范围更加广泛的隐私保护计算平台。适用安全的多方计算,用户可以将需要处理的数据拆成多份分发给不同的节点进行计算,进一步地提高了计算处理速度。此外,使用SPDZ来防止恶意节点的攻击,以及对密文进行相关的同态加密运算。
但是,本申请的申请人经研究发现,目前这些应用都受限于同态加密计算的效率问题。比如Nebula就只能先使用加同态加密处理数据,计算繁重的任务则还是放在SGX中解密后进行计算。Enigma中的同态计算也主要是加同态,乘同态需要构造一个三元组<a,b,c>,满足c=ab,那么s=s1*s2可由如下计算:
s=c+e*b+f*a+e*f
e=s1-a,f=s2-b。
三元组的构造需要大量计算,而且,SPDZ防恶意节点还需要进行数据重拆分,又增加了通信方面的开销。
因此,要在区块链上支持真正的同态加密计算,保护用户隐私,还需要进一步优化计算效率。为了能够更加方便地支持同态加密在区块链上的使用,选择和设计的同态加密算法需要支持多个运算(加法,乘法)以及计算上的高效率。在一个实施例中,所述第一区块链节点对待加密数据进行同态加密,获得加密密文,包括:第一区块链节点通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文。多密钥隐私保护外包计算算法支持整数上的加法(SAD),乘法(SMD),甚至除法(SDIV),求解最大公因子(SGCD),最大最小值筛选(SMMS)等等。
区块链平台整合多密钥隐私保护外包计算算法中的加法,乘法,已经能够满足几乎所有应用要求,如统计员工工资,在用户数据样本上进行机器神经网络学习等等,其他运算可以在这两个运算上推导而来。为了更好理解该算法,以加同态和乘同态进行说明。
在一个实施例中,所述第一区块链节点通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文,包括:
S211、第一区块链节点将待加密数据拆分为第一部分和第二部分。
将待加密数据拆分成两部分的方式有很多种,例如,按照从前到后的顺序,将待加密数据进行拆分成两部分,又例如,将待加密数据中的各个数据按照属性进行归为两类,每一类为一部分,等等。
S212、所述第一区块链节点通过设置的第一公钥对所述第一部分和第一随机数 的和进行加密,获得第一加密数据;通过设置的第二公钥对所述第二部分和第二随机数的和进行加密,获得第二加密数据。
该步骤采用公式表述为:
X=[x]
pka*[r
a]
pka=[x+r
a]
pka、Y=[y]
pkb*[r
b]
pkb=[y+r
b]
pkb
其中,X为第一加密数据,
pka为第一公钥,x为第一部分,r
a为第一随机数,[]
pka为第一公钥对[]中的数进行加密,
pkb为第二公钥,y为第二部分,r
b为第二随机数,[]
pkb为第二公钥对[]中的数进行加密。
S213、所述第一区块链节点通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据。
该步骤采用公式表述为:
X’=PDO
SK
(1)(X)、Y’=PDO
SK
(1)(Y)
其中,X’为第一解密数据,PDO为第一解密算法,
SK
(1)为第一私钥,Y’为第二解密数据。
S214、所述第一区块链节点通过预设的第二解密算法和设置的第二私钥对所述第一加密数据和所述第一解密数据进行解密,得到第三解密数据;通过所述第二解密算法和所述第二私钥对所述第二加密数据和所述第二解密数据进行解密,得到第四解密数据。
该步骤采用公式表述为:
X”=PDT
SK
(2)(X;X’)、Y”=PDT
SK
(2)(Y;Y’)
其中,X”为第三解密数据,Y”为第四解密数据,PDT为第二解密算法,
SK
(2)为第二私钥。
S215、所述第一区块链节点通过第三公钥对第一和值和第二和值的差进行加密,获得所述待加密数据的加密密文;所述第一和值为所述第三解密数据和所述第四解密数据的和,所述第二和值为所述第一随机数和所述第二随机数的和。
该步骤采用公式表述为:
S=X”+Y”,R=r
a+r
b
那么,[S]
pkc·([R]
pkc)
N-1=[S-R]
pkc=[x+y]
pkc
其中,S为第一和值,R为第二和值,
pkc为第三公钥,N表示整数域的大小。
普通的同态加法加密算法,只支持相同密钥下加密的密文上的计算,而该算法中的SAD,给定不同密钥加密的密文[x]pka、[x]pkb,以及引入随机数r
a和r
b也可以得到对应明文加法后的密文。
在另一个实施例中,所述第一区块链节点通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文,包括:
S21a、第一区块链节点将待加密数据拆分为第一部分和第二部分。
将待加密数据拆分成两部分的方式有很多种,例如,按照从前到后的顺序,将待加密数据进行拆分成两部分,又例如,将待加密数据中的各个数据按照属性进行归为两类,每一类为一部分,等等。
S21b、所述第一区块链节点通过设置的第一公钥分别对所述第一部分和第一随机数进行加密,将加密后得到的两个数值相乘,获得第一加密数据;通过设置的第二公钥分别对所述第二部分和第二随机数进行加密,将加密后得到的两个数值相乘, 获得第二加密数据;通过所述第一公钥对第三随机数与所述第二随机数和所述第一部分乘积的差进行加密,获得第三加密数据;通过所述第二公钥对第四随机数与所述第一随机数和所述第二部分乘积的差进行加密,获得第四加密数据。
该步骤采用公式表述为:
X=[x]
pka*[r
x]
pka、Y=[y]
pkb*[r
y]
pkb
S=[R
x]
pka·([x]
pka)
N-r
y=[R
x-r
y·x]
pka
T=[R
y]
pkb·([y]
pkb)
N-r
x=[R
y-r
x·y]
pkb
其中,X为第一加密数据,Y为第二加密数据,S为第三加密数据,T为第四加密数据,
pka为第一公钥,[]
pka为采用第一公钥对[]中的数据进行加密,x为第一部分,r
x为第一随机数,y为第二部分,r
y为第二随机数,[]
pkb为采用第二公钥对[]中的数据进行加密,
pkb为第二公钥,R
x为第三随机数,R
y为第四随机数。
S21c、所述第一区块链节点通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据;通过所述第一解密算法和所述第一私钥对所述第三加密数据进行解密,获得第三解密数据;通过所述第一解密算法和所述第一私钥对所述第四加密数据进行解密,获得第四解密数据。
该步骤采用公式表述为:
X
1=PDO
SK
(1)(X)、Y
1=PDO
SK
(1)(Y)S
1=PDO
SK
(1)(S)、T
1=PDO
SK
(1)(T)
其中,PDO为第一解密算法,
SK
(1)为第一私钥,X
1、Y
1、S
1、T
1依次为第一解密数据、第二解密数据、第三解密数据和第四解密数据。
S21d、所述第一区块链节点通过预设的第二解密算法和设置的第二私钥对所述第一解密数据和所述第一加密数据进行解密,通过所述第二解密算法和所述第二私钥对所述第二解密数据和所述第一加密数据进行解密,将解密后得到的两个数值相乘,获得第五解密数据;通过所述第二解密算法和所述第二私钥对所述第三解密数据和所述第三加密数据进行解密,获得第六解密数据;通过所述第二解密算法和所述第二私钥对所述第四解密数据和所述第四加密数据进行解密,获得第七解密数据。
该步骤采用公式表述为:
h=PDT
SK
(2)(X1;X)·PDT
SK
(2)(Y1;X),
S2=PDT
SK
(2)(S1;S),T2=PDT
SK
(2)(T1;T).
其中,h为第五解密数据,PDT为第二解密算法,
SK
(2)为第二私钥,S2为第六解密数据,T2为第七解密数据。
S21e、所述第一区块链节点通过设置的第三公钥分别对所述第五解密数据、所述第六解密数据和所述第七解密数据进行加密,获得第五加密数据、第六加密数据和第七加密数据;通过所述第三公钥对所述第一随机数和所述第二随机数的乘积进行加密,并计算加密后得到的值的(N-1)次方,获得第八加密数据;通过所述第三公钥对所述第三随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第九加密数据;通过所述第三公钥对所述第四随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第十加密数据;N表示整数域的大小。
该步骤采用公式表述为:
H=[h]
pkc,S3=[S2]
pkc,T3=[T2]
pkc
S4=([r
x·r
y]
pkc)
N-1,S5=([Rx]
pkc)
N-1,S6=([Ry]
pkc)
N-1,
其中,H、S3、T3、S4、S5和S6依次为所述第五解密数据、所述第六解密数 据、所述第七解密数据、所述第八加密数据、所述第九加密数据和所述第十加密数据,pkc为第三公钥,N表示整数域的大小。
S21f、所述第一区块链节点将所述第五加密数据、所述第六加密数据、所述第七加密数据、所述第八加密数据、所述第九加密数据和所述第十加密数据相乘,获得所述待加密数据的加密密文。
该步骤采用公式表述为:
H·T3·S3·S4·S5·S6=[(h+(Rx-ry·x)+(Ry-rx·y)-rx·ry-Rx-Ry)]pkc=[x·y]
pkc
上述乘同态(SMD)给定不同密钥加密的密文[x]pka、[x]pkb,随机数rx,ry,也可以得到对应明文乘法后的密文。
经测试1024bit(比特)整数,80bit安全级别,8核3.6GHZ(千兆赫兹)的PC(personal computer,个人计算机)上,SAD的时间消耗约为185ms,SMD的效率为480ms,大大提高了区块链数据计算效率。
因此,多密钥隐私保护外包计算算法不仅可以实现对待加密数据的加密,而且相较于其他同态加密算法,计算效率较高。待加密数据为需要进行隐私保护的数据,例如交易数据等等。采用多密钥隐私保护外包计算算法对待加密数据进行加密,就可以获得加密密文。
S22、所述第一区块链节点向区块链系统上传计算所述加密密文的请求。
计算加密密文的请求具体可以根据业务要求确定,比如计算加密密文的平均值或者方差等等。第一区块链节点可以通过智能合约或者op_return等上传计算加密密文的请求。智能合约(Smart contract)是一种旨在以信息化方式传播、验证或执行合同的计算机协议,智能合约允许在没有第三方的情况下进行可信交易,这些交易可追踪且不可逆转。OP_RETURN能够实现数据在区块链中的广播和记录,省略了计算的步骤,因此达到了节省时间和算力的目的。
在一个实施例中,所述第一区块链节点向区块链系统上传计算所述加密密文的请求,包括:
S221、所述第一区块链节点将所述加密密文上传至分布式文件系统,并获取所述加密密文的文件哈希值。
分布式文件系统(Distributed File System)是指文件系统管理的物理存储资源不一定直接连接在本地节点上,而是通过计算机网络与节点相连。为了更适合区块链应用开发,可选的,分布式文件系统可以为IPFS文件系统(InterPlanetary FileSystem,星际文件系统)。IPFS是一个对等的分布式文件系统,它尝试为所有计算设备(IPFS矿机)连接同一个文件系统。
第一区块链节点将加密密文上传到分布式文件系统。文件哈希值(文件hash)可以在上传加密密文之前计算出,也可以上传IPFS的时候返回文件的hash值。
S222、所述第一区块链节点将所述文件哈希值与所述分布式文件系统中所述加密密文的对应关系存入预先创建的分布式哈希表中。
第一区块链节点预先创建distributed hash-table(DHT,分布式哈希表),DHT通过区块链访问(以太坊智能合约或者比特币op_return等)。DHT存储文件哈希索引,其他区块链节点可以通过哈希索引在分布式文件系统中获取具体加密密文。
S223、所述第一区块链节点向区块链系统上传计算所述加密密文的请求;所述请求包括所述加密密文的文件哈希值。
为了便于其它区块链节点查找到所要计算的加密密文,第一区块链节点上传的计算加密密文的请求中可以包括加密密文的文件哈希值。
S23、第二区块链节点从所述区块链系统获取所述请求。
第一区块链节点向区块链系统上传计算所述加密密文的请求后,第二区块链节点可以从区块链系统中获取该请求。如果请求中包括加密密文的文件哈希值,则第二区块链节点获取到加密密文的文件哈希值。
S24、所述第二区块链节点根据所述请求获取所述加密密文。
第二区块链节点需要根据请求获取对应的加密密文,以进行计算。在一个实施例中,所述第二区块链节点根据所述请求获取所述加密密文,包括:
S241、所述第二区块链节点通过所述区块链系统访问所述分布式哈希表。
分布式哈希表中存储有文件哈希值与分布式文件系统中的加密密文的对应关系。第二区块链节点需要通过区块链系统访问该分布式哈希表。
S242、所述第二区块链节点根据所述分布式哈希表,在所述分布式文件系统中查找所述请求中文件哈希值对应的加密密文。
请求中包含文件哈希值,根据分布式哈希表可以确定该文件哈希值对应的分布式文件系统中的加密密文,然后从分布式文件系统中获取该加密密文。
S25、所述第二区块链节点对获取的加密密文进行计算,将计算结果上传到所述区块链系统。
获取到加密密文后,第二区块链节点就可以直接在该加密密文上进行计算,例如求平均值或者方差等,得到计算结果,将该计算结果上传到区块链系统中。由于采用了多密钥隐私保护外包计算算法,因此不仅实现了区块链数据的加密,而且还提高了区块链数据计算的效率。
在一个实施例中,所述第二区块链节点对获取的加密密文进行计算,将计算结果上传到所述区块链系统,之后,还包括:所述区块链系统验证所述计算结果有效时,向所述第二区块链节点发放代币奖励。区块链系统验证第二区块链节点上传的计算结果是否准确,如果准确,则向计算准确的第二区块链节点发放代币奖励,例如一定数量的比特币等等,如果不准确,则不向上传计算结果的第二区块链节点发放代币奖励。
基于同一发明构思,本申请还提供一种区块链数据保护系统,包括第一区块链节点41和第二区块链节点42;
所述第一区块链节点41用于对待加密数据进行同态加密,获得加密密文;向区块链系统上传计算所述加密密文的请求;
所述第二区块链节点42用于从所述区块链系统获取所述请求;根据所述请求获取所述加密密文;对获取的加密密文进行计算,将计算结果上传到所述区块链系统。
在一个实施例中,第一区块链节点41通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文。
在一个实施例中,第一区块链节点41通过以下操作获得加密密文:
第一区块链节点将待加密数据拆分为第一部分和第二部分;
所述第一区块链节点通过设置的第一公钥对所述第一部分和第一随机数的和进行加密,获得第一加密数据;通过设置的第二公钥对所述第二部分和第二随机数 的和进行加密,获得第二加密数据;
所述第一区块链节点通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据;
所述第一区块链节点通过预设的第二解密算法和设置的第二私钥对所述第一加密数据和所述第一解密数据进行解密,得到第三解密数据;通过所述第二解密算法和所述第二私钥对所述第二加密数据和所述第二解密数据进行解密,得到第四解密数据;
所述第一区块链节点通过第三公钥对第一和值和第二和值的差进行加密,获得所述待加密数据的加密密文;所述第一和值为所述第三解密数据和所述第四解密数据的和,所述第二和值为所述第一随机数和所述第二随机数的和。
在另一个实施例中,第一区块链节点41通过以下操作获得加密密文:
第一区块链节点将待加密数据拆分为第一部分和第二部分;
所述第一区块链节点通过设置的第一公钥分别对所述第一部分和第一随机数进行加密,将加密后得到的两个数值相乘,获得第一加密数据;通过设置的第二公钥分别对所述第二部分和第二随机数进行加密,将加密后得到的两个数值相乘,获得第二加密数据;通过所述第一公钥对第三随机数与所述第二随机数和所述第一部分乘积的差进行加密,获得第三加密数据;通过所述第二公钥对第四随机数与所述第一随机数和所述第二部分乘积的差进行加密,获得第四加密数据;
所述第一区块链节点通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据;通过所述第一解密算法和所述第一私钥对所述第三加密数据进行解密,获得第三解密数据;通过所述第一解密算法和所述第一私钥对所述第四加密数据进行解密,获得第四解密数据;
所述第一区块链节点通过预设的第二解密算法和设置的第二私钥对所述第一解密数据和所述第一加密数据进行解密,通过所述第二解密算法和所述第二私钥对所述第二解密数据和所述第一加密数据进行解密,将解密后得到的两个数值相乘,获得第五解密数据;通过所述第二解密算法和所述第二私钥对所述第三解密数据和所述第三加密数据进行解密,获得第六解密数据;通过所述第二解密算法和所述第二私钥对所述第四解密数据和所述第四加密数据进行解密,获得第七解密数据;
所述第一区块链节点通过设置的第三公钥分别对所述第五解密数据、所述第六解密数据和所述第七解密数据进行加密,获得第五加密数据、第六加密数据和第七加密数据;通过所述第三公钥对所述第一随机数和所述第二随机数的乘积进行加密,并计算加密后得到的值的(N-1)次方,获得第八加密数据;通过所述第三公钥对所述第三随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第九加密数据;通过所述第三公钥对所述第四随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第十加密数据;N表示整数域的大小;
所述第一区块链节点将所述第五加密数据、所述第六加密数据、所述第七加密数据、所述第八加密数据、所述第九加密数据和所述第十加密数据相乘,获得所述待加密数据的加密密文。
在一个实施例中,所述第一区块链节点41将所述加密密文上传至分布式文件 系统,并获取所述加密密文的文件哈希值;将所述文件哈希值与所述分布式文件系统中所述加密密文的对应关系存入预先创建的分布式哈希表中;向区块链系统上传计算所述加密密文的请求;所述请求包括所述加密密文的文件哈希值。
在一个实施例中,所述第二区块链节点42通过所述区块链系统访问所述分布式哈希表;根据所述分布式哈希表,在所述分布式文件系统中查找所述请求中文件哈希值对应的加密密文。
在一个实施例中,所述区块链系统验证所述计算结果有效时,向所述第二区块链节点发放代币奖励。区块链系统验证第二区块链节点上传的计算结果是否准确,如果准确,则向计算准确的第二区块链节点发放代币奖励,例如一定数量的比特币等等,如果不准确,则不向上传计算结果的第二区块链节点发放代币奖励。
上述区块链数据保护系统的其它技术特征与上述区块链保护方法的技术特征相同,在此不予赘述。
下面从第一区块链节点的角度出发,对本申请区块链数据保护方法和装置的具体实施方式进行详细介绍。
如图5所示,在一个实施例中,一种区块链数据保护方法,包括:
S51、对待加密数据进行同态加密,获得加密密文。
区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。所谓共识机制是区块链系统中实现不同节点之间建立信任、获取权益的数学算法。区块链节点,指的是区块链网络中的计算机,包括手机、矿机、台式机和服务器等等,操作一个区块链节点的人可以是普通的钱包用户、矿工和多个人协作等。
同态加密是一种较为特殊的加密,它允许在密文上直接进行计算(加法,乘法),解密之后,得到对应明文计算后的结果。同态加密又分为全同态加密(同时支持加法和乘法)以及部分同态加密(加或乘),它是目前密码学的一个重要研究方向。尤其是全同态加密方面,它在用户隐私保护方面应用场景非常广泛,如实现可搜索加密,云平台分析用户加密数据等。
但是,普通的同态加密计算存在效率问题。要在区块链上支持真正的同态加密计算,保护用户隐私,还需要进一步优化计算效率。
为了能够更加方便地支持同态加密在区块链上的使用,选择和设计的同态加密算法需要支持多个运算(加法,乘法)以及计算上的高效率。在一个实施例中,对待加密数据进行同态加密,获得加密密文,包括:通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文。多密钥隐私保护外包计算算法支持整数上的加法(SAD),乘法(SMD),甚至除法(SDIV),求解最大公因子(SGCD),最大最小值筛选(SMMS)等等。
区块链平台将整合多密钥隐私保护外包计算算法中的加法,乘法,这个已经能够满足几乎所有应用要求,如统计员工工资,在用户数据样本上进行机器神经网络学习等等,其他运算可以在这两个运算上推导而来。为了更好理解该算法,以加同态和乘同态进行说明。
在一个实施例中,通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文,包括:
S511、将待加密数据拆分为第一部分和第二部分。
将待加密数据拆分成两部分的方式有很多种,例如,按照从前到后的顺序,将待加密数据进行拆分成两部分,又例如,将待加密数据中的各个数据按照属性进行归为两类,每一类为一部分,等等。
S512、通过设置的第一公钥对所述第一部分和第一随机数的和进行加密,获得第一加密数据;通过设置的第二公钥对所述第二部分和第二随机数的和进行加密,获得第二加密数据。
该步骤采用公式表述为:
X=[x]
pka*[r
a]
pka=[x+r
a]
pka、Y=[y]
pkb*[r
b]
pkb=[y+r
b]
pkb
其中,X为第一加密数据,
pka为第一公钥,x为第一部分,r
a为第一随机数,[]
pka为第一公钥对[]中的数进行加密,
pkb为第二公钥,y为第二部分,r
b为第二随机数,[]
pkb为第二公钥对[]中的数进行加密。
S513、通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据。
该步骤采用公式表述为:
X’=PDO
SK
(1)(X)、Y’=PDO
SK
(1)(Y)
其中,X’为第一解密数据,PDO为第一解密算法,
SK
(1)为第一私钥,Y’为第二解密数据。
S514、通过预设的第二解密算法和设置的第二私钥对所述第一加密数据和所述第一解密数据进行解密,得到第三解密数据;通过所述第二解密算法和所述第二私钥对所述第二加密数据和所述第二解密数据进行解密,得到第四解密数据。
该步骤采用公式表述为:
X”=PDT
SK
(2)(X;X’)、Y”=PDT
SK
(2)(Y;Y’)
其中,X”为第三解密数据,Y”为第四解密数据,PDT为第二解密算法,
SK
(2)为第二私钥。
S515、通过第三公钥对第一和值和第二和值的差进行加密,获得所述待加密数据的加密密文;所述第一和值为所述第三解密数据和所述第四解密数据的和,所述第二和值为所述第一随机数和所述第二随机数的和。
该步骤采用公式表述为:
S=X”+Y”,R=r
a+r
b
那么,[S]
pkc·([R]
pkc)
N-1=[S-R]
pkc=[x+y]
pkc
其中,S为第一和值,R为第二和值,
pkc为第三公钥,N为整数域的大小。
普通的同态加法加密算法,只支持相同密钥下加密的密文上的计算,而该算法中的SAD,给定不同密钥加密的密文[x]pka、[x]pkb,以及引入随机数r
a和r
b也可以得到对应明文加法后的密文。
在另一个实施例中,通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文,包括:
S51a、将待加密数据拆分为第一部分和第二部分。
将待加密数据拆分成两部分的方式有很多种,例如,按照从前到后的顺序,将待加密数据进行拆分成两部分,又例如,将待加密数据中的各个数据按照属性进行 归为两类,每一类为一部分,等等。
S51b、通过设置的第一公钥分别对所述第一部分和第一随机数进行加密,将加密后得到的两个数值相乘,获得第一加密数据;通过设置的第二公钥分别对所述第二部分和第二随机数进行加密,将加密后得到的两个数值相乘,获得第二加密数据;通过所述第一公钥对第三随机数与所述第二随机数和所述第一部分乘积的差进行加密,获得第三加密数据;通过所述第二公钥对第四随机数与所述第一随机数和所述第二部分乘积的差进行加密,获得第四加密数据。
该步骤采用公式表述为:
X=[x]
pka*[r
x]
pka、Y=[y]
pkb*[r
y]
pkb
S=[R
x]
pka·([x]
pka)
N-r
y=[R
x-r
y·x]
pka
T=[R
y]
pkb·([y]
pkb)
N-r
x=[R
y-r
x·y]
pkb
其中,X为第一加密数据,Y为第二加密数据,S为第三加密数据,T为第四加密数据,
pka为第一公钥,[]
pka为采用第一公钥对[]中的数据进行加密,x为第一部分,r
x为第一随机数,y为第二部分,r
y为第二随机数,[]
pkb为采用第二公钥对[]中的数据进行加密,
pkb为第二公钥,R
x为第三随机数,R
y为第四随机数。
S51c、通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据;通过所述第一解密算法和所述第一私钥对所述第三加密数据进行解密,获得第三解密数据;通过所述第一解密算法和所述第一私钥对所述第四加密数据进行解密,获得第四解密数据。
该步骤采用公式表述为:
X
1=PDO
SK
(1)(X)、Y
1=PDO
SK
(1)(Y)S
1=PDO
SK
(1)(S)、T
1=PDO
SK
(1)(T)
其中,PDO为第一解密算法,
SK
(1)为第一私钥,X
1、Y
1、S
1、T
1依次为第一解密数据、第二解密数据、第三解密数据和第四解密数据。
S51d、通过预设的第二解密算法和设置的第二私钥对所述第一解密数据和所述第一加密数据进行解密,通过所述第二解密算法和所述第二私钥对所述第二解密数据和所述第一加密数据进行解密,将解密后得到的两个数值相乘,获得第五解密数据;通过所述第二解密算法和所述第二私钥对所述第三解密数据和所述第三加密数据进行解密,获得第六解密数据;通过所述第二解密算法和所述第二私钥对所述第四解密数据和所述第四加密数据进行解密,获得第七解密数据。
该步骤采用公式表述为:
h=PDT
SK
(2)(X1;X)·PDT
SK
(2)(Y1;X),
S2=PDT
SK
(2)(S1;S),T2=PDT
SK
(2)(T1;T).
其中,h为第五解密数据,PDT为第二解密算法,
SK
(2)为第二私钥,S2为第六解密数据,T2为第七解密数据。
S51e、通过设置的第三公钥分别对所述第五解密数据、所述第六解密数据和所述第七解密数据进行加密,获得第五加密数据、第六加密数据和第七加密数据;通过所述第三公钥对所述第一随机数和所述第二随机数的乘积进行加密,并计算加密后得到的值的(N-1)次方,获得第八加密数据;通过所述第三公钥对所述第三随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第九加密数据;通过所述第三公钥对所述第四随机数进行加密,并计算加密后得到的值的(N-1)次方, 获得第十加密数据;N表示整数域的大小。
该步骤采用公式表述为:
H=[h]
pkc,S3=[S2]
pkc,T3=[T2]
pkc
S4=([r
x·r
y]
pkc)
N-1,S5=([Rx]
pkc)
N-1,S6=([Ry]
pkc)
N-1,
其中,H、S3、T3、S4、S5和S6依次为所述第五解密数据、所述第六解密数据、所述第七解密数据、所述第八加密数据、所述第九加密数据和所述第十加密数据,pkc为第三公钥,N表示整数域的大小。
S51f、将所述第五加密数据、所述第六加密数据、所述第七加密数据、所述第八加密数据、所述第九加密数据和所述第十加密数据相乘,获得所述待加密数据的加密密文。
该步骤采用公式表述为:
H·T3·S3·S4·S5·S6=[(h+(Rx-ry·x)+(Ry-rx·y)-rx·ry-Rx-Ry)]pkc=[x·y]
pkc
上述乘同态(SMD)给定不同密钥加密的密文[x]pka、[x]pkb,随机数rx,ry,也可以得到对应明文乘法后的密文。
经测试1024bit(比特)整数,80bit安全级别,8核3.6GHZ(千兆赫兹)的PC(personal computer,个人计算机)上,SAD的时间消耗约为185ms,SMD的效率为480ms,大大提高了区块链数据计算效率。
因此,多密钥隐私保护外包计算算法不仅可以实现对待加密数据的加密,而且相较于其他同态加密算法,计算效率较高。待加密数据为需要进行隐私保护的数据,例如交易数据等等。采用多密钥隐私保护外包计算算法对待加密数据进行加密,就可以获得加密密文。
S52、向区块链系统上传计算所述加密密文的请求,以使所述区块链系统中的其它区块链节点在接收到所述请求时对所述加密密文进行计算。
计算加密密文的请求具体可以根据业务要求确定,比如计算加密密文的平均值或者方差等等。第一区块链节点可以通过智能合约或者op_return等上传计算加密密文的请求。智能合约(Smart contract)是一种旨在以信息化方式传播、验证或执行合同的计算机协议,智能合约允许在没有第三方的情况下进行可信交易,这些交易可追踪且不可逆转。OP_RETURN能够实现数据在区块链中的广播和记录,省略了计算的步骤,因此达到了节省时间和算力的目的。
在一个实施例中,所述向区块链系统上传计算所述加密密文的请求,包括:
S521、将所述加密密文上传至分布式文件系统,并获取所述加密密文的文件哈希值。
分布式文件系统(Distributed File System)是指文件系统管理的物理存储资源不一定直接连接在本地节点上,而是通过计算机网络与节点相连。为了更适合区块链应用开发,可选的,分布式文件系统可以为IPFS文件系统(InterPlanetary File System,星际文件系统)。IPFS是一个对等的分布式文件系统,它尝试为所有计算设备(IPFS矿机)连接同一个文件系统。
第一区块链节点将加密密文上传到分布式文件系统。文件哈希值(文件hash)可以在上传加密密文之前计算出,也可以上传IPFS的时候返回文件的hash值。
S522、将所述文件哈希值与所述分布式文件系统中所述加密密文的对应关系存入预先创建的分布式哈希表中。
第一区块链节点预先创建distributed hash-table(DHT,分布式哈希表),DHT通过区块链访问(以太坊智能合约或者比特币op_return等)。DHT存储文件哈希索引,其他区块链节点可以通过哈希索引在分布式文件系统中获取具体加密密文。
S523、向区块链系统上传计算所述加密密文的请求;所述请求包括所述加密密文的文件哈希值。
为了便于其它区块链节点查找到所要计算的加密密文,第一区块链节点上传的计算加密密文的请求中可以包括加密密文的文件哈希值。
第一区块链节点向区块链上传计算所述加密密文的请求后,第二区块链节点可以从区块链中获取该请求,根据所述请求获取所述加密密文,对获取的加密密文进行计算。
基于同一发明构思,本申请还提供一种区块链数据保护装置60,如图6所示,包括:
加密模块61,用于对待加密数据进行同态加密,获得加密密文;
请求上传模块62,用于向区块链系统上传计算所述加密密文的请求,以使所述区块链系统中的其它区块链节点在接收到所述请求时对所述加密密文进行计算。
在一个实施例中,加密模块61通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文。
在一个实施例中,加密模块61通过以下操作获得加密密文:
将待加密数据拆分为第一部分和第二部分;
通过设置的第一公钥对所述第一部分和第一随机数的和进行加密,获得第一加密数据;通过设置的第二公钥对所述第二部分和第二随机数的和进行加密,获得第二加密数据;
通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据;
通过预设的第二解密算法和设置的第二私钥对所述第一加密数据和所述第一解密数据进行解密,得到第三解密数据;通过所述第二解密算法和所述第二私钥对所述第二加密数据和所述第二解密数据进行解密,得到第四解密数据;
通过第三公钥对第一和值和第二和值的差进行加密,获得所述待加密数据的加密密文;所述第一和值为所述第三解密数据和所述第四解密数据的和,所述第二和值为所述第一随机数和所述第二随机数的和。
在另一个实施例中,加密模块61通过以下操作获得加密密文:
将待加密数据拆分为第一部分和第二部分;
通过设置的第一公钥分别对所述第一部分和第一随机数进行加密,将加密后得到的两个数值相乘,获得第一加密数据;通过设置的第二公钥分别对所述第二部分和第二随机数进行加密,将加密后得到的两个数值相乘,获得第二加密数据;通过所述第一公钥对第三随机数与所述第二随机数和所述第一部分乘积的差进行加密,获得第三加密数据;通过所述第二公钥对第四随机数与所述第一随机数和所述第二部分乘积的差进行加密,获得第四加密数据;
通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行 解密,获得第二解密数据;通过所述第一解密算法和所述第一私钥对所述第三加密数据进行解密,获得第三解密数据;通过所述第一解密算法和所述第一私钥对所述第四加密数据进行解密,获得第四解密数据;
通过预设的第二解密算法和设置的第二私钥对所述第一解密数据和所述第一加密数据进行解密,通过所述第二解密算法和所述第二私钥对所述第二解密数据和所述第一加密数据进行解密,将解密后得到的两个数值相乘,获得第五解密数据;通过所述第二解密算法和所述第二私钥对所述第三解密数据和所述第三加密数据进行解密,获得第六解密数据;通过所述第二解密算法和所述第二私钥对所述第四解密数据和所述第四加密数据进行解密,获得第七解密数据;
通过设置的第三公钥分别对所述第五解密数据、所述第六解密数据和所述第七解密数据进行加密,获得第五加密数据、第六加密数据和第七加密数据;通过所述第三公钥对所述第一随机数和所述第二随机数的乘积进行加密,并计算加密后得到的值的(N-1)次方,获得第八加密数据;通过所述第三公钥对所述第三随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第九加密数据;通过所述第三公钥对所述第四随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第十加密数据;N表示整数域的大小;
将所述第五加密数据、所述第六加密数据、所述第七加密数据、所述第八加密数据、所述第九加密数据和所述第十加密数据相乘,获得所述待加密数据的加密密文。
在一个实施例中,所述请求上传模块62,包括:加密密文上传单元621,用于将所述加密密文上传至分布式文件系统,并获取所述加密密文的文件哈希值;对应关系存储单元622,用于将所述文件哈希值与所述分布式文件系统中所述加密密文的对应关系存入预先创建的分布式哈希表中;请求上传单元623,用于向区块链系统上传计算所述加密密文的请求;所述请求包括所述加密密文的文件哈希值。
上述从第一区块链节点描述的区块链数据保护装置的其它技术特征与上述从第一区块链节点描述的区块链数据保护方法的技术特征相同,在此不予赘述。
下面从第二区块链节点的角度出发,对本申请区块链数据保护方法和装置的具体实施方式进行详细介绍。
如图7所示,在一个实施例中,一种区块链数据保护方法,包括:
S71、从区块链系统中获取第一区块链节点上传的计算加密密文的请求;所述加密密文通过对待加密数据同态加密获得。
区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。所谓共识机制是区块链系统中实现不同节点之间建立信任、获取权益的数学算法。区块链节点,指的是区块链网络中的计算机,包括手机、矿机、台式机和服务器等等,操作一个区块链节点的人可以是普通的钱包用户、矿工和多个人协作等。
为了提高计算效率,所述加密密文通过多密钥隐私保护外包计算算法对待加密数据同态加密获得,多密钥隐私保护外包计算算法支持整数上的加法(SAD),乘法(SMD)等多种运算,不仅可以实现对待加密数据的加密,而且相较于其他同态加密算法,计算效率较高。待加密数据为需要进行隐私保护的数据,例如交易数据等等。采用多密钥隐私保护外包计算算法对待加密数据进行加密,就可以获得加密密 文。
所述第一区块链节点向区块链系统上传计算所述加密密文的请求。第二区块链节点从所述区块链系统获取所述请求。如果请求中包括加密密文的文件哈希值,则第二区块链节点获取到加密密文的文件哈希值。
S72、根据所述请求获取所述加密密文。
第二区块链节点需要根据请求获取对应的加密密文,以进行计算。在一个实施例中,所述加密密文存储在分布式文件系统中;所述请求包括所述加密密文的文件哈希值;所述根据所述请求获取所述加密密文,包括:
S721、通过所述区块链系统访问所述第一区块链节点预先创建的分布式哈希表;所述分布式哈希表存储有所述加密密文的文件哈希值与所述分布式文件系统中所述加密密文的对应关系。
分布式哈希表中存储有文件哈希值与分布式文件系统中的加密密文的对应关系。第二区块链节点需要通过区块链系统访问该分布式哈希表。
S722、根据所述分布式哈希表,在所述分布式文件系统中查找所述请求中文件哈希值对应的加密密文。
请求中包含文件哈希值,根据分布式哈希表可以确定该文件哈希值对应的分布式文件系统中的加密密文,然后从分布式文件系统中获取该加密密文。
S73、对获取的加密密文进行计算。
获取到加密密文后,第二区块链节点就可以直接在该加密密文上进行计算,例如求平均值或者方差等。由于采用了多密钥隐私保护外包计算算法,因此不仅实现了区块链数据的加密,而且还提高了区块链数据计算的效率。
S74、将计算结果上传到所述区块链系统。
为了提高区块链节点的工作积极性,第二区块链节点对加密密文计算,得到计算结果,将该计算结果上传到区块链系统中。区块链系统验证第二区块链节点上传的计算结果是否准确,如果准确,则向计算准确的第二区块链节点发放代币奖励,例如一定数量的比特币等等,如果不准确,则不向上传计算结果的第二区块链节点发放代币奖励。
基于同一发明构思,本申请还提供一种区块链数据保护装置,如图8所示,包括:
请求获取模块81,用于从区块链系统中获取第一区块链节点上传的计算加密密文的请求;所述加密密文通过对待加密数据同态加密获得;
加密密文获取模块82,用于根据所述请求获取所述加密密文;
计算模块83,用于对获取的加密密文进行计算;
上传模块84,用于将计算结果上传到所述区块链系统。
在一个实施例中,所述加密密文存储在分布式文件系统中;所述请求包括所述加密密文的文件哈希值;所述加密密文获取模块82用于通过所述区块链系统访问所述第一区块链节点预先创建的分布式哈希表;所述分布式哈希表存储有所述加密密文的文件哈希值与所述分布式文件系统中所述加密密文的对应关系;根据所述分布式哈希表,在所述分布式文件系统中查找所述请求中文件哈希值对应的加密密文。
上述从第二区块链节点描述的区块链数据保护装置的其它技术特征与上述从第二区块链节点描述的区块链数据保护方法的技术特征相同,在此不予赘述。
本申请实施例还提供一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现上述任意一项所述的区块链数据保护方法。其中,所述存储介质包括但不限于任何类型的盘(包括软盘、硬盘、光盘、CD-ROM、和磁光盘)、ROM(Read-Only Memory,只读存储器)、RAM(Random AcceSS Memory,随即存储器)、EPROM(EraSable Programmable Read-Only Memory,可擦写可编程只读存储器)、EEPROM(Electrically EraSable Programmable Read-Only Memory,电可擦可编程只读存储器)、闪存、磁性卡片或光线卡片。也就是,存储介质包括由设备(例如,计算机)以能够读的形式存储或传输信息的任何介质。可以是只读存储器,磁盘或光盘等。
图1中的每一个区块链节点(包括第一区块链节点和第二区块链节点)相当于一个服务器。如图9所示,为本申请一实施例提供的服务器的结构示意图,包括处理器92、存储装置93等器件。本领域技术人员可以理解,图9示出的结构器件并不构成对所有服务器的限定,可以包括比图示更多或更少的部件,或者组合某些部件。存储装置93可用于存储应用程序91以及各功能模块,处理器92运行存储在存储装置93的应用程序91,从而执行设备的各种功能应用以及数据处理。存储装置93可以是内存储器或外存储器,或者包括内存储器和外存储器两者。内存储器可以包括只读存储器、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦写可编程ROM(EEPROM)、快闪存储器、或者随机存储器。外存储器可以包括硬盘、软盘、ZIP盘、U盘、磁带等。本申请所公开的存储装置包括但不限于这些类型的存储装置。本申请所公开的存储装置93只作为例子而非作为限定。
处理器92是服务器的控制中心,利用各种接口和线路连接整个电脑的各个部分,通过运行或执行存储在存储装置93内的软件程序和/或模块,以及调用存储在存储装置内的数据,执行各种功能和处理数据。如果服务器为第一区块链节点的服务器,则该处理器92通过多密钥隐私保护外包计算算法对待加密数据进行加密,获得加密密文,向区块链系统上传计算所述加密密文的请求。如果服务器为第二区块链节点的服务器,则该处理器92从所述区块链系统获取所述请求,根据所述请求获取所述加密密文,对获取的加密密文进行计算。
应该理解的是,虽然附图的流程图中的各个步骤按照箭头的指示依次显示,但是这些步骤并不是必然按照箭头指示的顺序依次执行。除非本文中有明确的说明,这些步骤的执行并没有严格的顺序限制,其可以以其他的顺序执行。而且,附图的流程图中的至少一部分步骤可以包括多个子步骤或者多个阶段,这些子步骤或者阶段并不必然是在同一时刻执行完成,而是可以在不同的时刻执行,其执行顺序也不必然是依次进行,而是可以与其他步骤或者其他步骤的子步骤或者阶段的至少一部分轮流或者交替地执行。
应该理解的是,在本申请各实施例中的各功能单元可集成在一个处理模块中,也可以各个单元单独物理存在,也可以两个或两个以上单元集成于一个模块中。上述集成的模块既可以采用硬件的形式实现,也可以采用软件功能模块的形式实现。
以上所述仅是本申请的部分实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本申请原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视为本申请的保护范围。
Claims (15)
- 一种区块链数据保护方法,其特征在于,包括:第一区块链节点对待加密数据进行同态加密,获得加密密文;所述第一区块链节点向区块链系统上传计算所述加密密文的请求;第二区块链节点从所述区块链系统获取所述请求;所述第二区块链节点根据所述请求获取所述加密密文;所述第二区块链节点对获取的加密密文进行计算,将计算结果上传到所述区块链系统。
- 根据权利要求1所述的区块链数据保护方法,其特征在于,所述第一区块链节点对待加密数据进行同态加密,获得加密密文,包括:第一区块链节点通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文。
- 根据权利要求2所述的区块链数据保护方法,其特征在于,所述第一区块链节点通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文,包括:第一区块链节点将待加密数据拆分为第一部分和第二部分;所述第一区块链节点通过设置的第一公钥对所述第一部分和第一随机数的和进行加密,获得第一加密数据;通过设置的第二公钥对所述第二部分和第二随机数的和进行加密,获得第二加密数据;所述第一区块链节点通过预设的第一解密算法和设置的第一私钥对所述第一加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据;所述第一区块链节点通过预设的第二解密算法和设置的第二私钥对所述第一加密数据和所述第一解密数据进行解密,得到第三解密数据;通过所述第二解密算法和所述第二私钥对所述第二加密数据和所述第二解密数据进行解密,得到第四解密数据;所述第一区块链节点通过第三公钥对第一和值和第二和值的差进行加密,获得所述待加密数据的加密密文;所述第一和值为所述第三解密数据和所述第四解密数据的和,所述第二和值为所述第一随机数和所述第二随机数的和。
- 根据权利要求2所述的区块链数据保护方法,其特征在于,所述第一区块链节点通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文,包括:第一区块链节点将待加密数据拆分为第一部分和第二部分;所述第一区块链节点通过设置的第一公钥分别对所述第一部分和第一随机数进行加密,将加密后得到的两个数值相乘,获得第一加密数据;通过设置的第二公钥分别对所述第二部分和第二随机数进行加密,将加密后得到的两个数值相乘,获得第二加密数据;通过所述第一公钥对第三随机数与所述第二随机数和所述第一部分乘积的差进行加密,获得第三加密数据;通过所述第二公钥对第四随机数与所述第一随机数和所述第二部分乘积的差进行加密,获得第四加密数据;所述第一区块链节点通过预设的第一解密算法和设置的第一私钥对所述第一 加密数据进行解密,获得第一解密数据;通过所述第一解密算法和所述第一私钥对所述第二加密数据进行解密,获得第二解密数据;通过所述第一解密算法和所述第一私钥对所述第三加密数据进行解密,获得第三解密数据;通过所述第一解密算法和所述第一私钥对所述第四加密数据进行解密,获得第四解密数据;所述第一区块链节点通过预设的第二解密算法和设置的第二私钥对所述第一解密数据和所述第一加密数据进行解密,通过所述第二解密算法和所述第二私钥对所述第二解密数据和所述第一加密数据进行解密,将解密后得到的两个数值相乘,获得第五解密数据;通过所述第二解密算法和所述第二私钥对所述第三解密数据和所述第三加密数据进行解密,获得第六解密数据;通过所述第二解密算法和所述第二私钥对所述第四解密数据和所述第四加密数据进行解密,获得第七解密数据;所述第一区块链节点通过设置的第三公钥分别对所述第五解密数据、所述第六解密数据和所述第七解密数据进行加密,获得第五加密数据、第六加密数据和第七加密数据;通过所述第三公钥对所述第一随机数和所述第二随机数的乘积进行加密,并计算加密后得到的值的(N-1)次方,获得第八加密数据;通过所述第三公钥对所述第三随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第九加密数据;通过所述第三公钥对所述第四随机数进行加密,并计算加密后得到的值的(N-1)次方,获得第十加密数据;N表示整数域的大小;所述第一区块链节点将所述第五加密数据、所述第六加密数据、所述第七加密数据、所述第八加密数据、所述第九加密数据和所述第十加密数据相乘,获得所述待加密数据的加密密文。
- 根据权利要求1所述的区块链数据保护方法,其特征在于,所述第一区块链节点向区块链系统上传计算所述加密密文的请求,包括:所述第一区块链节点将所述加密密文上传至分布式文件系统,并获取所述加密密文的文件哈希值;所述第一区块链节点将所述文件哈希值与所述分布式文件系统中所述加密密文的对应关系存入预先创建的分布式哈希表中;所述第一区块链节点向区块链系统上传计算所述加密密文的请求;所述请求包括所述加密密文的文件哈希值。
- 根据权利要求5所述的区块链数据保护方法,其特征在于,所述第二区块链节点根据所述请求获取所述加密密文,包括:所述第二区块链节点通过所述区块链系统访问所述分布式哈希表;所述第二区块链节点根据所述分布式哈希表,在所述分布式文件系统中查找所述请求中文件哈希值对应的加密密文。
- 根据权利要求1至6任意一项所述的区块链数据保护方法,其特征在于,所述第二区块链节点对获取的加密密文进行计算,将计算结果上传到所述区块链系统,之后,还包括:所述区块链系统验证所述计算结果有效时,向所述第二区块链节点发放代币奖励。
- 一种区块链数据保护方法,其特征在于,包括:对待加密数据进行同态加密,获得加密密文;向区块链系统上传计算所述加密密文的请求,以使所述区块链系统中的其它区 块链节点在接收到所述请求时对所述加密密文进行计算。
- 根据权利要求8所述的区块链数据保护方法,其特征在于,所述对待加密数据进行同态加密,获得加密密文,包括:通过多密钥隐私保护外包计算算法对待加密数据进行同态加密,获得加密密文。
- 一种区块链数据保护方法,其特征在于,包括:从区块链系统中获取第一区块链节点上传的计算加密密文的请求;所述加密密文通过对待加密数据同态加密获得;根据所述请求获取所述加密密文;对获取的加密密文进行计算;将计算结果上传到所述区块链系统。
- 根据权利要求10所述的区块链数据保护方法,其特征在于,所述加密密文存储在分布式文件系统中;所述请求包括所述加密密文的文件哈希值;所述根据所述请求获取所述加密密文,包括:通过所述区块链系统访问所述第一区块链节点预先创建的分布式哈希表;所述分布式哈希表存储有所述加密密文的文件哈希值与所述分布式文件系统中所述加密密文的对应关系;根据所述分布式哈希表,在所述分布式文件系统中查找所述请求中文件哈希值对应的加密密文。
- 一种区块链数据保护系统,其特征在于,包括第一区块链节点和第二区块链节点;所述第一区块链节点用于对待加密数据进行同态加密,获得加密密文;向区块链系统上传计算所述加密密文的请求;所述第二区块链节点用于从所述区块链系统获取所述请求;根据所述请求获取所述加密密文;对获取的加密密文进行计算,将计算结果上传到所述区块链系统。
- 一种区块链数据保护装置,其特征在于,包括:加密模块,用于对待加密数据进行同态加密,获得加密密文;请求上传模块,用于向区块链系统上传计算所述加密密文的请求,以使所述区块链系统中的其它区块链节点在接收到所述请求时对所述加密密文进行计算。
- 一种区块链数据保护装置,其特征在于,包括:请求获取模块,用于从区块链系统中获取第一区块链节点上传的计算加密密文的请求;所述加密密文通过对待加密数据同态加密获得;加密密文获取模块,用于根据所述请求获取所述加密密文;计算模块,用于对获取的加密密文进行计算;上传模块,用于将计算结果上传到所述区块链系统。
- 一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行时实现如权利要求1至11中任意一项所述的区块链数据保护方法。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2018/102264 WO2020037654A1 (zh) | 2018-08-24 | 2018-08-24 | 区块链数据保护方法、装置、系统及计算机可读存储介质 |
CN201880002220.4A CN109690551B (zh) | 2018-08-24 | 2018-08-24 | 区块链数据保护方法、装置、系统及计算机可读存储介质 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2018/102264 WO2020037654A1 (zh) | 2018-08-24 | 2018-08-24 | 区块链数据保护方法、装置、系统及计算机可读存储介质 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020037654A1 true WO2020037654A1 (zh) | 2020-02-27 |
Family
ID=66191851
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2018/102264 WO2020037654A1 (zh) | 2018-08-24 | 2018-08-24 | 区块链数据保护方法、装置、系统及计算机可读存储介质 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN109690551B (zh) |
WO (1) | WO2020037654A1 (zh) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111683071A (zh) * | 2020-05-29 | 2020-09-18 | 百度在线网络技术(北京)有限公司 | 区块链的隐私数据处理方法、装置、设备以及存储介质 |
CN112000962A (zh) * | 2020-07-13 | 2020-11-27 | 广发银行股份有限公司 | 基于区块链的数据加密处理方法、装置和系统 |
CN112749165A (zh) * | 2021-01-06 | 2021-05-04 | 上海能链众合科技有限公司 | 一种基于区块链的电子数据交换方法 |
CN112765649A (zh) * | 2020-12-31 | 2021-05-07 | 平安资产管理有限责任公司 | 基于区块链的多方数据分析方法、装置、设备和存储介质 |
CN113656829A (zh) * | 2021-07-22 | 2021-11-16 | 北京理工大学 | 一种基于格密码与联盟链的医疗数据安全共享方法 |
Families Citing this family (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110188550B (zh) * | 2019-05-17 | 2024-05-24 | 深圳前海微众银行股份有限公司 | 一种区块链的数据验证方法和装置 |
CN110197081B (zh) * | 2019-05-30 | 2021-01-15 | 北京理工大学 | 一种基于区块链的云数据共享隐私保护方法 |
US10778410B2 (en) | 2019-06-18 | 2020-09-15 | Alibaba Group Holding Limited | Homomorphic data encryption method and apparatus for implementing privacy protection |
CN110348231B (zh) * | 2019-06-18 | 2020-08-14 | 阿里巴巴集团控股有限公司 | 实现隐私保护的数据同态加解密方法及装置 |
CN110245193A (zh) * | 2019-06-24 | 2019-09-17 | 中云(广州)区块链科技有限公司 | 基于区块链的数据分布式存入和数据检索方法 |
CN110445851A (zh) * | 2019-07-26 | 2019-11-12 | 达闼科技成都有限公司 | 基于分布式网络的通信方法、装置、存储介质和电子设备 |
CN110765473A (zh) * | 2019-10-11 | 2020-02-07 | 矩阵元技术(深圳)有限公司 | 数据处理方法、装置、计算机设备和存储介质 |
CN111373402B (zh) | 2019-11-08 | 2022-03-25 | 支付宝(杭州)信息技术有限公司 | 轻量去中心化应用平台 |
CA3098240A1 (en) | 2019-11-08 | 2020-02-20 | Alipay (Hangzhou) Information Technology Co., Ltd. | System and method for blockchain-based decentralized application development |
CN111162912B (zh) * | 2019-12-30 | 2021-06-15 | 深圳前海微众银行股份有限公司 | 一种适用于区块链的验证方法、装置及存储介质 |
JP7448191B2 (ja) * | 2020-02-14 | 2024-03-12 | シスナ株式会社 | データ管理システム |
CN111538782B (zh) * | 2020-04-14 | 2023-08-08 | 浙江浙燃能源有限公司 | 基于区块链的能源大数据管理系统 |
CN111556147A (zh) * | 2020-04-27 | 2020-08-18 | 中国银行股份有限公司 | 一种基于区块链的计算方法及装置 |
CN111371544B (zh) * | 2020-05-27 | 2020-09-08 | 支付宝(杭州)信息技术有限公司 | 基于同态加密的预测方法、装置、电子设备及存储介质 |
CN111885107B (zh) * | 2020-06-17 | 2023-07-18 | 万高信息技术(珠海)有限公司 | 一种基于区块链的可信伪中心存储系统 |
CN111835500B (zh) * | 2020-07-08 | 2022-07-26 | 浙江工商大学 | 基于同态加密与区块链的可搜索加密数据安全共享方法 |
CN112328699B (zh) * | 2020-11-20 | 2023-07-28 | 中山大学 | 一种基于区块链的全同态加密算法的安全外包方法及系统 |
CN112269790B (zh) * | 2020-11-26 | 2024-02-02 | 阿拉拇 | 区块链大数据安全处理系统及方法 |
CN112685767B (zh) * | 2020-12-25 | 2024-03-26 | 联想(北京)有限公司 | 一种基于区块链的数据处理方法及系统 |
CN113079162B (zh) * | 2021-04-02 | 2022-08-30 | 浙江永旗区块链科技有限公司 | 一种基于区块链的分布式存储网络及其实现方法 |
CN113949591B (zh) * | 2021-12-21 | 2022-07-05 | 北京中科金财科技股份有限公司 | 一种基于区块链的数据加密保护方法及系统 |
CN114900348B (zh) * | 2022-04-28 | 2024-01-30 | 福建福链科技有限公司 | 一种区块链传感器数据验证的方法及终端 |
CN115051799B (zh) * | 2022-06-13 | 2022-11-25 | 北京天华星航科技有限公司 | 一种基于区块链的数字信息处理系统 |
CN115396091A (zh) * | 2022-08-25 | 2022-11-25 | 太保科技有限公司 | 一种基于sgx技术的安全计算方法及装置 |
CN116401718A (zh) * | 2023-06-08 | 2023-07-07 | 科大讯飞股份有限公司 | 基于区块链的数据保护方法及装置、电子设备和存储介质 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106503994A (zh) * | 2016-11-02 | 2017-03-15 | 西安电子科技大学 | 基于属性加密的区块链隐私数据访问控制方法 |
CN106549749A (zh) * | 2016-12-06 | 2017-03-29 | 杭州趣链科技有限公司 | 一种基于加法同态加密的区块链隐私保护方法 |
CN106845960A (zh) * | 2017-01-24 | 2017-06-13 | 上海亿账通区块链科技有限公司 | 基于区块链的安全交易方法及系统 |
US20180152513A1 (en) * | 2015-05-13 | 2018-05-31 | Universität Mannheim | Method for storing data in a cloud and network for carrying out the method |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107666388B (zh) * | 2016-07-28 | 2019-11-01 | 郑珂威 | 基于完全同态加密方法的区块链信息加密方法 |
CN107294709A (zh) * | 2017-06-27 | 2017-10-24 | 阿里巴巴集团控股有限公司 | 一种区块链数据处理方法、装置及系统 |
CN107342858B (zh) * | 2017-07-05 | 2019-09-10 | 武汉凤链科技有限公司 | 一种基于可信环境的智能合约保护方法和系统 |
CN107911216B (zh) * | 2017-10-26 | 2020-07-14 | 矩阵元技术(深圳)有限公司 | 一种区块链交易隐私保护方法及系统 |
-
2018
- 2018-08-24 WO PCT/CN2018/102264 patent/WO2020037654A1/zh active Application Filing
- 2018-08-24 CN CN201880002220.4A patent/CN109690551B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20180152513A1 (en) * | 2015-05-13 | 2018-05-31 | Universität Mannheim | Method for storing data in a cloud and network for carrying out the method |
CN106503994A (zh) * | 2016-11-02 | 2017-03-15 | 西安电子科技大学 | 基于属性加密的区块链隐私数据访问控制方法 |
CN106549749A (zh) * | 2016-12-06 | 2017-03-29 | 杭州趣链科技有限公司 | 一种基于加法同态加密的区块链隐私保护方法 |
CN106845960A (zh) * | 2017-01-24 | 2017-06-13 | 上海亿账通区块链科技有限公司 | 基于区块链的安全交易方法及系统 |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111683071A (zh) * | 2020-05-29 | 2020-09-18 | 百度在线网络技术(北京)有限公司 | 区块链的隐私数据处理方法、装置、设备以及存储介质 |
EP3916604A1 (en) * | 2020-05-29 | 2021-12-01 | Baidu Online Network Technology (Beijing) Co., Ltd | Method and apparatus for processing privacy data of block chain, device, storage medium and coputer program product |
US20210377038A1 (en) * | 2020-05-29 | 2021-12-02 | Baidu Online Network Technology (Beijing) Co., Ltd. | Method and apparatus for processing privacy data of block chain, device, and storage medium |
KR20210148863A (ko) * | 2020-05-29 | 2021-12-08 | 바이두 온라인 네트웍 테크놀러지 (베이징) 캄파니 리미티드 | 블록체인의 프라이버시 데이터 처리방법, 장치, 디바이스 및 저장매체 |
KR102377187B1 (ko) | 2020-05-29 | 2022-03-21 | 바이두 온라인 네트웍 테크놀러지 (베이징) 캄파니 리미티드 | 블록체인의 프라이버시 데이터 처리방법, 장치, 디바이스 및 저장매체 |
US11665000B2 (en) | 2020-05-29 | 2023-05-30 | Baidu Online Network Technology (Beijing) Co., Ltd. | Method and apparatus for processing privacy data of block chain, device, and storage medium |
CN112000962A (zh) * | 2020-07-13 | 2020-11-27 | 广发银行股份有限公司 | 基于区块链的数据加密处理方法、装置和系统 |
CN112000962B (zh) * | 2020-07-13 | 2024-02-27 | 广发银行股份有限公司 | 基于区块链的数据加密处理方法、装置和系统 |
CN112765649A (zh) * | 2020-12-31 | 2021-05-07 | 平安资产管理有限责任公司 | 基于区块链的多方数据分析方法、装置、设备和存储介质 |
CN112749165A (zh) * | 2021-01-06 | 2021-05-04 | 上海能链众合科技有限公司 | 一种基于区块链的电子数据交换方法 |
CN112749165B (zh) * | 2021-01-06 | 2024-05-28 | 上海零数众合信息科技有限公司 | 一种基于区块链的电子数据交换方法 |
CN113656829A (zh) * | 2021-07-22 | 2021-11-16 | 北京理工大学 | 一种基于格密码与联盟链的医疗数据安全共享方法 |
Also Published As
Publication number | Publication date |
---|---|
CN109690551A (zh) | 2019-04-26 |
CN109690551B (zh) | 2023-11-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2020037654A1 (zh) | 区块链数据保护方法、装置、系统及计算机可读存储介质 | |
Pal et al. | Key management for blockchain technology | |
Zhang et al. | A novel blockchain-based privacy-preserving framework for online social networks | |
Hwang et al. | A business model for cloud computing based on a separate encryption and decryption service | |
Thota et al. | Big data security framework for distributed cloud data centers | |
Zheng et al. | A blockchain-based trading platform for big data | |
Yan et al. | Context-aware verifiable cloud computing | |
CN107359998A (zh) | 一种便携式智能口令管理体制的建立与操作方法 | |
Deng et al. | BCTC-KSM: A blockchain-assisted threshold cryptography for key security management in power IoT data sharing | |
Xu et al. | An efficient blockchain‐based privacy‐preserving scheme with attribute and homomorphic encryption | |
Zhang et al. | Blockchain-enabled decentralized attribute-based access control with policy hiding for smart healthcare | |
Chen et al. | A privacy protection method based on key encapsulation mechanism in medical blockchain | |
Rajeshkumar et al. | A novel three-factor authentication and optimal mapreduce frameworks for secure medical big data transmission over the cloud with shaxecc | |
Wang et al. | A User‐Centered Medical Data Sharing Scheme for Privacy‐Preserving Machine Learning | |
Guo et al. | Iot data blockchain-based transaction model using zero-knowledge proofs and proxy re-encryption | |
Hua et al. | Practical m‐k‐Anonymization for Collaborative Data Publishing without Trusted Third Party | |
Banushri et al. | Hyperledger Blockchain and Lightweight Bcrypt Symmetric Key Encryption to Boost Cloud Computing Security Effectiveness | |
Zhao et al. | A blockchain-based transaction system with payment statistics and supervision | |
Qin et al. | Attribute-based encryption with outsourced computation for access control in IoTs | |
Deshmukh et al. | Secure fine-grained data access control over multiple cloud server based healthcare applications | |
Tu et al. | A blockchain implementation of an attendance management system | |
Yu et al. | Secure Data Sharing for Cross-domain Industrial IoT Based on Consortium Blockchain | |
Wang et al. | A multi-keyword searchable encryption sensitive data trusted sharing scheme in multi-user scenario | |
Raj et al. | A security-attribute-based access control along with user revocation for shared data in multi-owner cloud system | |
Huang et al. | A Multi-Cloud Collaborative Data Security Sharing Scheme With Blockchain Indexing in Industrial Internet Environments |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 18931032 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 18931032 Country of ref document: EP Kind code of ref document: A1 |