CN110061843A - The high creation method of block, device and equipment in a kind of chain type account book - Google Patents

The high creation method of block, device and equipment in a kind of chain type account book Download PDF

Info

Publication number
CN110061843A
CN110061843A CN201910101181.XA CN201910101181A CN110061843A CN 110061843 A CN110061843 A CN 110061843A CN 201910101181 A CN201910101181 A CN 201910101181A CN 110061843 A CN110061843 A CN 110061843A
Authority
CN
China
Prior art keywords
block
data
data block
data record
cryptographic hash
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910101181.XA
Other languages
Chinese (zh)
Other versions
CN110061843B (en
Inventor
杨新颖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Advanced New Technologies Co Ltd
Advantageous New Technologies Co Ltd
Original Assignee
Alibaba Group Holding Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alibaba Group Holding Ltd filed Critical Alibaba Group Holding Ltd
Priority to CN201910101181.XA priority Critical patent/CN110061843B/en
Publication of CN110061843A publication Critical patent/CN110061843A/en
Application granted granted Critical
Publication of CN110061843B publication Critical patent/CN110061843B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/72Signcrypting, i.e. digital signing and encrypting simultaneously
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

Disclose the high creation method of block, device and the equipment in a kind of chain type account book.Switched to by the Chunky Time of data block stamp for a big integer data, big integer data monotonic increase uses the big integer as the block of data block height.To which block height had both reflected data block tandem in chain type account book, also while the generation time of data block is contained.

Description

The high creation method of block, device and equipment in a kind of chain type account book
Technical field
This specification embodiment be related to a kind of high creation method of block in information technology field more particularly to chain type account book, Device and equipment.
Background technique
When using the account book storing data of block chain type, continuous multiple data blocks have been generally comprised in an account book.It is practical In, data block is numbered commonly using nature serial number.For example, the block of initial data block a height of 1, subsequent every increase by one A data block, block height add 1.Since block height can be used for identification data block, in the data manipulation for account book, usually can Use this high information of block.But under this identification means, the information that block senior middle school can react is less.
Based on this, a kind of block height creation mode that may include more effective informations is needed.
Summary of the invention
For the less problem of the information that block height is included in existing piece of chain type account book, this specification embodiment provides one kind The high creation method of block, device and equipment, the method specifically include:
Obtain the Chunky Time stamp of data block;
The Chunky Time is stabbed by it using symmetric encipherment algorithm and is converted to integer data, wherein the integer data base In time monotonic increase;
The block that the integer data is determined as the data block is high.
Corresponding, this specification embodiment also provides the high creating device of block in a kind of chain type account book, comprising:
Module is obtained, the Chunky Time stamp of data block is obtained;
The Chunky Time is stabbed it using symmetric encipherment algorithm and is converted to integer data by conversion module, wherein described whole Type data are based on time monotonic increase;
Determining module, the block that the integer data is determined as the data block are high.
Switched to by the Chunky Time of data block stamp for a big integer data, big integer data monotonic increase uses this Big integer is high as the block of data block.To which block height had both reflected data block tandem in chain type account book, also while containing The generation time of data block.Further, it is also possible to splice the sequence serial number of upper data record in the high tail portion of block, generates while including The high high timing word string of Chunky Time and data record number block of block locating for the height of block locating for data record, data record, and shape At concordance list, more succinct creation includes the third concordance list of more information.
It should be understood that above general description and following detailed description be only it is exemplary and explanatory, not This specification embodiment can be limited.
In addition, any embodiment in this specification embodiment does not need to reach above-mentioned whole effects.
Detailed description of the invention
In order to illustrate more clearly of this specification embodiment or technical solution in the prior art, below will to embodiment or Attached drawing needed to be used in the description of the prior art is briefly described, it should be apparent that, the accompanying drawings in the following description is only The some embodiments recorded in this specification embodiment for those of ordinary skill in the art can also be attached according to these Figure obtains other attached drawings.
The schematic diagram of system architecture involved in Fig. 1 current techniques;
Fig. 2 is the flow diagram of the high creation method of block in a kind of chain type account book that this specification embodiment provides;
Fig. 3 is the flow diagram that the illustrative part of one kind provided by this specification embodiment is removed;
Fig. 4 is a kind of process schematic for construction concealmentization data record that this specification embodiment provides;
Fig. 5 is the schematic diagram of another system framework involved in this specification embodiment;
Fig. 6 is the structural schematic diagram of the high creating device of block in a kind of chain type account book that this specification embodiment provides;
Fig. 7 shows one kind provided by this specification embodiment and more specifically calculates device hardware structural schematic diagram;
Fig. 8 is the specific schematic diagram for generating time service certificate of one kind that this specification embodiment provides.
Specific embodiment
In order to make those skilled in the art more fully understand the technical solution in this specification embodiment, below in conjunction with this Attached drawing in specification embodiment is described in detail the technical solution in this specification embodiment, it is clear that described Embodiment is only a part of the embodiment of this specification, instead of all the embodiments.The embodiment of base in this manual, Those of ordinary skill in the art's every other embodiment obtained, all should belong to the range of protection.
Firstly the need of explanation, in current server architecture, database server can be the visitor directly docked Family end personal user is also possible to dock client personal user by some application servers, and database server then docks The application server.As shown in Figure 1, the schematic diagram of system architecture involved in Fig. 1 current techniques.
Therefore, in this specification embodiment, when user is application server, database service provider can be figure Database server shown in 1;And when user is client personal user, database service provider is also possible to by answering The server-side constituted with server and database server is whole.But no matter in that case, all it is for the storage of data It is completed in database service provider, and the instruction for being also based on user for the operation of data (change including additions and deletions look into etc.) exists Database service provider carries out, and user data and is stored in database service provider to the operating result of data, uses The data cannot be stored in family and other equipment.In other words, the database service provider in this specification be with The form of centralization provides data service.
Below in conjunction with attached drawing, the technical solution that each embodiment of this specification provides is described in detail.As shown in Fig. 2, Fig. 2 is this A kind of flow diagram for the high creation method of block in chain type account book that specification embodiment provides, which specifically includes as follows Step:
S201 obtains the Chunky Time stamp of data block.
In this specification embodiment, chain type account book can be the block chain account book of decentralization, be also possible to centralization Server-side provided by chain type account book.In the chain type account book involved in this specification, an account book includes multiple data blocks, Each data block includes unique corresponding cryptographic Hash, cryptographic Hash and the number that itself is included of the cryptographic Hash by last data block It is determined according to record, the storage mode comprising multiple data blocks an of chain type is consequently formed.Wherein, in addition to initial data block, It include at least one data record in each data block, the block height of data block is based on the sequencing monotonic increase of Chunky Time.
Data block can confirm the Chunky Time of itself when blocking, and in writing data blocks.Therefore, for any number According to block, the Chunky Time for obtaining data block can be directly inquired from data block.
The Chunky Time is stabbed it using symmetric encipherment algorithm and is converted to integer data by S203, wherein the integer According to based on time monotonic increase.
Specifically, integer here can be a big integer data, for example, one 13 big integers.To, by It is to be obtained based on time symmetric cryptography in big integer, it, can be similarly symmetrical thus in the Chunky Time for needing data block Decryption obtains Chunky Time.
It, can be with after by symmetric cryptography for example, for Chunky Time " 20xx-01-19 03:14:07.938576 " One big integer " 1547838847938 " is converted to, due to integer data monotonic increase at any time, "1547838847938".It at this time can be as the block height of the data block, for identifying the data block.
In this specification, block height is based on Chunky Time monotonic increase, accordingly even when big integer data is used, but they Between still from small to large, reflect the sequence between each data block.For example, if a following data block it is blocking when Between be " 20xx-01-19 03:16:07.235125 ", then can using preset symmetric encipherment algorithm be converted into it is another more Big big integer " 1547838848125 ".
S205, the block that the integer data is determined as the data block are high.
It, when needed can also be according to the integer data symmetric solution using symmetric encipherment algorithm when due to conversion It is close to obtain Chunky Time.In other words, state in use big integer data it is high as block when, while containing the front and back of each data block Sequentially, it goes back while containing the generation time of data block.
After block height is determined to, it is also based on block height and the various operations such as is inquired data block, verified.In order to more It is convenient to carry out data manipulation, some indexes can also be pre-established.
Under based on above-mentioned piece of high mode, this specification embodiment also provides a kind of index creation mode, specifically includes Such as under type:
Obtain the sequence serial number and cryptographic Hash of each data record in the data block.For the data record in data block It says, if having receiving time stamp in the data record in the block, for example, service side is i.e. one given when receiving data record Receiving time stamp is ranked up data record then can be stabbed according to receiving time, distributes to each data record one row Sequence serial number;Or can reset serial number according to the direct Allotment Serial Number of the sequence for receiving data record, and after blocking, So as to Allotment Serial Number inside next data block.The cryptographic Hash of data record can calculate at any time according to the content of data record It arrives.
In the sequence serial number of described piece high of tail portion splicing data record, the high timing word string of block of data record is generated.? After the sequence serial number for determining each data record in data block, it can in the sequence of the tail portion of integer data splicing data record Number, the high timing word string of block of a data record is generated, for example, it is assumed that the serial number 001 of the data record, then splicing is available The high timing word string " 1547838847938001 " of the block of the data record.The high timing word string of the block actually contains one simultaneously The Chunky Time of high, the locating data block of the block of data block locating for data record accepts serial number, Ke Yiyong in locating data block In the timing information for expressing data record.
Establish the third concordance list of the corresponding relationship of the cryptographic Hash including described piece high timing word string and data record.Such as table Shown in 3, table 3 is a kind of third concordance list provided by this specification embodiment.In the table, the big integer in left side is to include block High and serial number timing information, block height are based on time symmetric cryptography and obtain.
Chunky Time be accurate to Millisecond it is other in the case of (that is, one big integer data can correspond to 1000 numbers According to), 3 decimal digits are introduced after block height in third index and come identification number (limit block threshold value be 1000), so right It is million grades in the hypothesis of handling capacity, being used to identification data block and data record at this time will not collide, and have been able to Meet any real trade scene.If handling capacity is higher, more decimal system can be introduced after block height to identify sequence Number.
Table 3
1547838847938000 1547838847938
1547838847938001 Hash1
1547838847938002 Hash2
1547838847938003 Hash3
1547838847938004 ……
Further, it is also possible to the specified sequence serial number of data record will not be distributed to by being added in the index, for store at Block timestamp and the high corresponding relationship of the block of data block, and third index is written.For example, it is assumed that the serial number of data record generally from " 001 " starts, then can be high by the block of serial number " 000 " block for storing data.
It can be created at once in the time of block out when above-mentioned index creation, be also possible to asynchronous creation.Index itself can To be avoided out of data block for some lookups or statistical operation for example, counting the data record quantity in some period Traversal counting is carried out, it is more convenient.
By traversing all data blocks, the respective data record in all data blocks is written in concordance list To obtain in the completion concordance list corresponding to all customer data.In above-mentioned concordance list, each data record is existing to be written into block Chunky Time (in same piece pieces of data record Chunky Time it is identical), also have the sequence accepted by service side, because Certain data records there are successive correlation easily can be inquired and be traced to the source based on above-mentioned concordance list, be mentioned by this High user experience.
Switched to by the Chunky Time of data block stamp for a big integer data, big integer data monotonic increase uses this Big integer is high as the block of data block.To which block height had both reflected data block tandem in chain type account book, also while containing The generation time of data block.Further, it is also possible to splice the sequence serial number of upper data record in the high tail portion of block, generates while including The high high timing word string of Chunky Time and data record number block of block locating for the height of block locating for data record, data record, it is more simple Clean creation includes the third concordance list of more information.
When the database service provider of the centralization involved by this specification embodiment, the data block in chain type account book can To pre-generate in the following way:
Data record to be stored is received, determines the cryptographic Hash of each data record.The data record of to be stored, can herein To be the various consumer records of client personal user, it is also possible to instruction of the application server based on user, in the business of execution Business result, intermediate state and operation note for being generated when logic etc..Specific business scenario may include consumer record, Audit log, supply chain, government regulation record, medical records etc..
When reaching preset blocking condition, each data record in data block to be written is determined, generating includes data block Cryptographic Hash and data record n-th data block.
The preset blocking condition includes: that data record quantity to be stored reaches amount threshold, for example, often receiving When 1000 datas record, a new data block is generated, 1,000 datas are recorded in write-in block;Alternatively, apart from the last time at The time interval at block moment reaches time threshold, for example, a new data block was generated every 5 minutes, it will be inscribed at this 5 minutes In the data record write-in block received.
N herein refers to the serial number of data block, and in other words, in this specification embodiment, data block is with block chain Form, the sequence based on Chunky Time successively arrange, and have very strong temporal aspect.Wherein, the block height of data block is based on blocking The sequencing monotonic increase of time.Block height can be serial number, and the block height of n-th data block is N at this time;Block height can also be with it Its mode generates.
As N=1, i.e., data block at this time is initial data block.The cryptographic Hash and block height of initial data block are based on pre- If mode is given.For example, not including data record in initial data block, cryptographic Hash is then any given cryptographic Hash, and block is high Blknum=0;In another example the generation trigger condition of initial data block is consistent with the trigger condition of other data blocks, but it is initial The cryptographic Hash of data block is by taking Hash to determine all the elements in initial data block.
As N > 1, since content and the cryptographic Hash of last data block are it has been determined that then at this point it is possible to be based on last data The cryptographic Hash of block (i.e. the N-1 data block) generates the cryptographic Hash of current data block (n-th data block), for example, a kind of feasible Mode be to determine that the cryptographic Hash of the data record in n-th block will be written in each, according to putting in order in block, A Merkel tree is generated, the cryptographic Hash of the root cryptographic Hash of Merkel tree and last data block is stitched together, is used again Hash algorithm generates the cryptographic Hash of current block.In another example can also be spliced according to the sequence of data record in block and take Kazakhstan The uncommon cryptographic Hash for obtaining overall data record splices the cryptographic Hash of last data block and the cryptographic Hash of overall data record, and right Splice obtained word string and carry out Hash operation, generates the cryptographic Hash of data block.
By the generating mode of data block above-mentioned, each data block is determined by cryptographic Hash, the cryptographic Hash of data block It is determined by the cryptographic Hash of the content of the data record in data block, sequence and last data block.User can be at any time based on number Verifying is initiated according to the cryptographic Hash of block, for content any in data block (including for data record content in data block or suitable The modification of sequence) cryptographic Hash of the modification when cryptographic Hash of data block being calculated in verifying and data block can all be caused to generate It is inconsistent, and lead to authentication failed, thus can not distort under realizing centralization.
After being stored to data record, some relevant index informations can also be resettled, for example, due to What is saved in data block is data record, without the cryptographic Hash of data record.Therefore, in order to which finding of can be convenient is any Data record, can establish using the cryptographic Hash of data record as key, and with the block of data block locating for data record, high, data are recorded in Offset in locating data block is the index of value, is stored.Data record is inquired to more can be convenient.It needs It is noted that the creation of above-mentioned index information is relative to blocking can be asynchronous progress, and, above-mentioned index information can be with Backup is sent to user, thus user also can be convenient any data record is inquired or is verified according to index.
In query process, the block of data block locating for data record can be obtained based on the cryptographic Hash inquiry that user inputs High, data are recorded in offset or data record plaintext in locating data block, alternatively, inquiry obtains the cryptographic Hash of data block The block of corresponding data block is high, and returns to query result.
Specific inquiry mode can be realized by inquiry instruction.Include the to be checked of user's input in inquiry instruction Cryptographic Hash.Cryptographic Hash herein can be the cryptographic Hash of data record or the cryptographic Hash of data block, database service mention Supplier can carry out traversal queries from data block, can also be inquired from the index pre-established.
Following exemplary enumerates several inquiry modes provided by several this specification embodiments:
The first, the cryptographic Hash of input block, all data clear texts in returned data block;Alternatively, input data is remembered The cryptographic Hash of record, returned data record in plain text, specifically, inquiry instruction SELECT (khash , &v) realization can be used, work as clothes When business side receives corresponding inquiry instruction, i.e., query logic above-mentioned is executed to return the result based on cryptographic Hash.
Second, the block of the cryptographic Hash of input data record, the locating data block of returned data record is high, and, at this Offset in data block, specifically, inquiry instruction SELECT (khash , &v, FULL) realization can be used;
The third, it is high to return to block according to block Hash for the cryptographic Hash of input block.Specifically, inquiry instruction can be used SELECT (khash, BLK) Lai Shixian.
It is of course also possible to which there are users to have input a cryptographic Hash, and service side cannot inquire the feelings of corresponding result Shape.For example, user has input the corresponding cryptographic Hash of a data record, and service side's inquiry is less than as a result, so at this point, user Can be with reasonable doubt, data record corresponding to the Hash has occurred that variation, it may be possible to be tampered, or be possible to Loss of data has occurred.
Cryptographic Hash due in query process, needing to rely on data record cryptographic Hash or data block is inquired.It changes Yan Zhi, each data record have required corresponding data record Hash.Therefore when user needs storing data, can pass through The addition instruction of dedicated addition data record, is added specific data record, service side determines described to be added The cryptographic Hash of data record, and the block Hash of block locating for the cryptographic Hash and the data record of the data record is returned to user; The data record to be added is stored in local cache, when to meet preset blocking condition, the data record is write Enter in new data block.To which user can look into according to the Hash to data record when needing to inquire It askes.The following are the instructions that record is illustratively added provided by this specification embodiment:
APPEND (v , &khash): addition data record, the cryptographic Hash of returned data record.
Further, in storing process, service side can also provide the signature of corresponding service platform, specifically include as Under type: encrypting the data record using privacy key, generates server to the private key label of the data record Name;The cryptographic Hash of the private key signature and data record is returned to user, so that user uses private described in corresponding public key decryptions Key signature is verified.To which user can be confirmed that the cryptographic Hash is that service side is recognized.Specifically, user can add Service side is required to provide the signature in instruction, the following are the additions for illustratively returning to signature provided by this specification embodiment The instruction of record:
APPEND (v , &khash, CERT): the corresponding cryptographic Hash of returned data record, and, return to service side's signature Certificate.
Certainly, in the other types of database manipulation provided by this specification embodiment, for example, inquiry, removing, It can also include service side's signing certificate in returning the result in the other database manipulations of verifying and concealment etc..
Except inquiry, user actively can also initiate verifying to multiple data blocks already existing in database, specifically For, verifying instruction can be initiated by user, need which data block to initiate verifying, example to by the way that parameter is specified in verifying instruction Such as, a data block can be specified by cryptographic Hash or block height, multiple data blocks before or after the data block is sent out It rises and whether correctly verifies;Alternatively, specifying a data record by cryptographic Hash, a data record is verified with the presence or absence of data In library.It verifies obtaining the result is that one " having " perhaps metadata as "None" and " correct " or " incorrect ".Below Illustratively give several validation testings provided by this specification embodiment:
The first, input cryptographic Hash, data block is determined by cryptographic Hash, verifying is executed to the data block, be verified as a result, Specifically, can be realized by verifying instruction VERIFY (' khash ' , &v).
Second, cryptographic Hash is inputted, corresponding data block is determined by cryptographic Hash or determines that the corresponding data of cryptographic Hash are remembered The locating data block of record, is verified up to initial data block forward from determining data BOB(beginning of block), specifically, can be referred to by verifying VERIFY (' khash ', -1) is enabled to realize, it is however generally that, original block a height of " 0 " or " 1 ", therefore, therein -1 can also be with It is other values high less than original block.
The third, inputs cryptographic Hash, determines corresponding data block by cryptographic Hash, verify forward from determining data BOB(beginning of block) The data block of specified number, specifically, can be realized by verifying instruction VERIFY (' khash ' , &v, blknum).
4th kind, the quantity that input block height and needs are verified verifies forward specified number by the high corresponding data BOB(beginning of block) of block The data block of amount, specifically, can be realized by verifying instruction VERIFY (blkh , &v, blknum).
It is being returned when verifying the result is that a "Yes" or "No" metadata, as previously mentioned, service side can be at this time The signature of service side is added in this process, and the generating mode of signature is described above.Specifically, can be any Verifying instruction end be added represent service side signature parameter " CERT ", such as: VERIFY (' khash ' , &v, blknum, CERT), to sign in returning the result with service side.
Under another embodiment, if in the content of data block also including timestamp or the business diary of data block Timestamp, alternatively, when database service provider has also pre-generated the index in relation to data parameters and time, for example, The business of the cryptographic Hash and timestamp of sequence index or business diary when generating the data block that block height and Chunky Time stab when blocking The index of cryptographic Hash and Chunky Time etc. of sequence index or data block when log, then at this point, database enhancing service mentions Supplier can also provide corresponding time inquiring mode.Further, generation when sequence index in, can also be according to timestamp Sequence is arranged, so as to easily be inquired or counted.
In other words, corresponding block height or cryptographic Hash can be inquired by time value from perhaps indexing in data block, or Person inquires corresponding time value by cryptographic Hash or block height, and enumerating for following exemplary is several provided by this specification embodiment Time-based inquiry mode:
The first, input block is high, the Chunky Time of the high corresponding data block of query block, specifically, can be by time inquiring TIME (blknum , &v) is instructed to realize.
Second, cryptographic Hash is inputted, returns to timestamp corresponding to cryptographic Hash, cryptographic Hash here can be data block Cryptographic Hash is also possible to the cryptographic Hash of data record, specifically, TIME (' khash ' , &v) can be instructed real by time inquiring It is existing.
The third, input time value, the block for returning to the last one data block before the time value is high, alternatively, returning The block of the cryptographic Hash of the last item data record and locating data block is high before the time value, specifically, can be by the time Inquiry instruction LTIME (' timestamp ' , &v) it realizes.
In this specification embodiment, if user no longer needs the service, data can be carried out before terminating service Global purge.For example, user inputs account book ID, service side removes the account book, for example, real by clearance order PURGE (lgid) Existing, alternatively, user also inputs a time span, service side first files the account book, after reaching the time span, service side The account book is removed, for example, being realized by clearance order PURGE (lgid, day-archive).
And since the data of user constantly increase, memory space is caused to occupy more and more or some longer The historical data of time is no longer valuable for user at this point, database service side is also based on the demand of user, right Data block carries out corresponding part and removes.When part is removed, it can carry out at or time point high based on block.
For example, user specifies account book ID and block high, the data block before service side determines block height based on block height is to need Then the data block to be removed removes these and determines the data block for needing to remove, specifically, can be by clearance order PURGE (lgid, d-a, blkbound) is realized.
In another example user specifies account book ID and time point, service side is based on time point and determines at the time point before most The data block generated before the data block is determined as the data block for needing to remove, then clearly by the data block that the latter generates Except these determine the data block for needing to remove, specifically, can be real by clearance order PURGE (lgid, d-a, ' timestmp ') It is existing.
Before execution part removing, since the cryptographic Hash of first data block of the data block chain after removing is before being based on What the cryptographic Hash of one data block generated, at this time, it is also necessary to generate a pseudo- initial data block, the cryptographic Hash etc. of pseudo- initial data block In the cryptographic Hash of determined the last one data block for needing to remove, this way it is possible to avoid appearance when being verified afterwards Mistake.The cryptographic Hash of the last one data block can inquire acquisition from the index pre-established, can also be from initial data block Start the cryptographic Hash that the data block is calculated in progress sequence, or inquires and obtain from the data block.
Content in newly-generated pseudo- initial data block can be sky, some corresponding remarks can also be recorded, for example, raw At time etc..But the content of pseudo- initial data block is unrelated with the pseudo- cryptographic Hash of initial data block.And service side is also It can sign to the puppet initial data block.
In addition, for a user, the data that generally can all remove to part back up.Based on this, carried out in user During part is removed, the data for needing part to remove confirmation can also be inserted into and verified.As shown in figure 3, Fig. 3 is The flow diagram that the illustrative part of one kind provided by this specification embodiment is removed.In the schematic diagram, user's input At time point, at the generation moment of nearest data block, be then somebody's turn to do before can specifically inquiring to obtain first at the time point The block for generating moment corresponding data block is high, generates pseudo- initial data block and signs, performs part clear operation again later.
In practical applications, some data (herein referred to as sensitive data) are once written into data block, Jiu Huizao At harmfulness consequence.For example, having the content in data record is " leaf XX, gender male, identity in the data that company A uploads Card number is 123456 ", and the identification card number in the data record is related to having revealed privacy of user, needs to hide it.
As the modification or removing while meeting in the scheme provided by specification embodiment, for any data record Lead to the validation failure to other data blocks, be based on this, this specification embodiment also provides a kind of side for hiding sensitive data Method, specifically, core technology means are that data record locating for the information that will need to be concealed in data block is substituted for the number According to the cryptographic Hash of record.In this way, can not only stop disclosing the sensitive information, but also the steady fortune of data block system is not affected Row.
Specifically, user can directly specify the position to secret information, alternatively, in practical applications, user can also To issue the secret information instruction for carrying location information.Here location information includes that data block block is high, data are recorded in block height In offset, to offset of the secret information in data record, to length of secret information etc..
For example, a kind of illustrative secret information instruction can be DELETE (blkheight, txoff), in this instruction Under, concealment is the data record as corresponding to the specified high blkheight of the block and amount of specifying Offsets txoff;
In another example another illustrative secret information instruction can be DELETE (blkheight, txoff, offset, Length), under this instruction, determine that a data records by block high blkheight and offset txoff, hide the data Starting length at the offset specified in record is information determined by length.
The information obtained after secret information is replaced or is removed has not been re-used as data record use, can be with Referred to as remark information.During secret information, a kind of feasible mode is to determine to data record locating for secret information Cryptographic Hash, preset preceding tab character is spliced to the stem of the cryptographic Hash, tab character after preset is spliced to institute The tail portion of cryptographic Hash is stated, also, remark information is spliced to the tail portion of the rear tab character, then, by the preceding marker word The data that symbol, the transaction Hash, the rear tab character and the remark information are spliced into are determined as the concealmentization number According to record.As shown in figure 4, Fig. 4 is a kind of process schematic for construction concealmentization data record that this specification embodiment provides.
It should be noted that above-mentioned preceding tab character can be specified according to actual needs with rear tab character.Example Such as, the preceding tab character can be " 0E ", and the rear tab character can be " 0F ".The effect of above-mentioned preceding tab character It is, when needing to read the data record when being verified later, then, preceding tab character reveals out information to node at this time: " clear content for the not instead of data record that the storage location is stored, the cryptographic Hash of data record ".At this point, then can be straight Connect read the cryptographic Hash verified.And when needing to read corresponding remark information, then it can be since rear tab character " 0F " It is read out, after having hidden sensitive information, content can be essentially identical with the data record content before concealment in remark information, It is also possible to completely empty (content of i.e. whole data record is hidden completely).
In addition, it should be noted that, being a stringenter operation for the concealment of historgraphic data recording.Its often elephant Levy the information that certain triggering laws and regulations perhaps violate morals and disclose also tend to be it is multi-party adjust or trial after obtain and need To carry out forcing the conclusion of processing to information.Therefore, when executing above-mentioned clear operation, a kind of feasible mode are as follows: remove behaviour Make to need certain signature weight.
For example, for the operational order that ordinary user is issued, backstage default signature weight is 30, and service side or its The useful signature weight of its transaction system is then 60, and the national executing agency by force such as law court issues the signature weight of operational order It is 120, and signature weight needed for a clear operation is preset as 100.The execution weight of one operation can be participant The sum of weight of signing, it is however generally that, participant can be set no more than 2.Under this embodiment, two sum numbers are at least needed It could be executed according to the digital signature for recording related authorities (such as transaction system side and database service side).That is, it needs to hand over Easy system side initiates clearance order and signs, and database service side receives clearance order and signs and can just be purged.And by Even if terminal user initiate clearance order database service side carried out signature authorization as signature weight not enough without It can execute.
Further, database service side can also provide some other database service modes, such as:
During filing, user data account book is given for change, realized by giving instruction RECALL (lgid) for change, account book herein It refers to containing the set of all data blocks;
The block for returning to the last one current data block is high, by instructing GETHEIGHT (&v) it realizes;
User's account book ID is returned to, by instructing GETLEDGER (&v) realize etc..
In addition, it should be noted that, it is provided herein to realize to provide a variety of operational orders in the above description Database service mode.But the form of operational order is not limited to the form that this specification embodiment is proposed, in reality In, the form of the operational order of data can be diversified, only need to may be implemented the service side that the application is proposed Formula.And inquiry instruction itself merely provides a user-friendly external form, receives and instructs in service side And executive mode corresponding to each instruction is still relied on when executing.
Further, after generating data block, service side can also provide each piece of corresponding timestamp.For example, introducing National time service hub-interface carries out out block using believable timestamp in block out.It is thus possible to which relying on the timestamp carries out rope The foundation drawn.
In one embodiment, for any data block, if having receiving time in data record in the block Stamp is ranked up data record then can be stabbed according to receiving time, distributes to one sequence serial number of each data record;Or Person can reset serial number according to the direct Allotment Serial Number of the sequence for receiving data record, and after blocking, so as to next Allotment Serial Number inside a data block.
After determining serial number, it can according to the cryptographic Hash of each data record of determination, splice the serial number and Kazakhstan Uncommon value.Specifically, can be used to place serial number in the substring that designated length is added in the head of cryptographic Hash or tail portion, number is generated According to the timing Hash character string of record, then, according to the sequence of sequence serial number, establishes the Chunky Time comprising data block and stab sum number According to the first concordance list of the timing Hash character string corresponding relationship of record.As shown in table 1, table 1 is mentioned by this specification embodiment A kind of the first concordance list about data record supplied.In table 1, first 6 of the cryptographic Hash of data record are inserted accordingly Serial number word string, " 0x " therein are serial numbers for identifying next, and " 0001 " therein is serial number, and " hash1 " is to count According to the cryptographic Hash of the first data in block, the time in left side is the Chunky Time of data block.In this manner, timestamp has Effect digit is fully retained.
Table 1
20xx-01-19 03:14:07.938576 0x0001Hash1
20xx-01-19 03:14:07.938576 0x0002Hash2
20xx-01-19 03:14:07.938576 0x0003Hash3
20xx-01-19 03:14:07.938576 ……
Under another embodiment, same mode, for any data block, if the data record in the block In have receiving time stamp, then can according to receiving time stab data record is ranked up, distribute to each data record one A sequence serial number;Or it can be according to the direct Allotment Serial Number of the sequence for receiving data record, and by serial number after blocking Resetting, so as to Allotment Serial Number inside next data block.
At this point it is possible to by Chunky Time stab in last specified digit eliminate, for the serial number of data record to be written. Further, it is also possible to the appointed sequence number that will not distribute to data record be added in the index, for storing Chunky Time stamp and data The high corresponding relationship of the block of block, and index is written.For example, the serial number of data record is generally since 1, then it can be by serial number " 0 " The block of block is high for storing data.As shown in table 2, table 2 is a kind of about data record provided by this specification embodiment Second concordance list.In table 2, last three of the Chunky Time in left side are (assuming that the data record quantity stored in a block is not More than 1000) for storing the serial number of data record.
Table 2
Under this embodiment, although sacrificing several time number of significant digit, the cryptographic Hash of data record can be with It directly reads, and can be high by the block of specified serial number (000 i.e. in table 2) identification data block.
It can be created at once in the time of block out when above-mentioned index creation, be also possible to asynchronous creation.Index itself can To be avoided out of data block for some lookups or statistical operation for example, counting the data record quantity in some period Traversal counting is carried out, it is more convenient.
Under a kind of actual application scenarios, database service provider involved in the embodiment of this specification may be used also To provide corresponding service for corresponding database.As shown in Figure 5, Fig. 5 is another involved in this specification embodiment The schematic diagram of system architecture enhances service provider including Basis of Database service provider and database.For example, wherein MySQL, PostgreSQL, MongoDB etc. be Basis of Database service provider, these Database Systems can be normal The additions and deletions that the transaction system seen provides basis change the service for looking into etc. operation.Meanwhile also phase can be respectively locally stored in they The business operation log for these operations answered, describes Basis of Database service provider to business in business operation log The operation note of data.There is provided the system further serviced for this Basis of Database service provider is this specification embodiment Provided database enhances service provider Ledger server.
Based on this, this specification embodiment, which also provides one kind, can provide further increasing for Basis of Database service provider The mode serviced by force.Specifically, when MySQL, PostgreSQL, MongoDB etc. these databases generate business operation day After will, both the business operation log that each generates can be sent to Ledger.Due to being had in business operation log Timestamp is generated, Ledger system can be ranked up these business operation logs according to timestamp is generated, is blocking and deposit Storage.To which each database can further be managed to based on System Operation Log of the mode of operation above-mentioned for oneself Reason.Basis of Database service provider, without being sent to Ledger system at once, can be one in generation system operation log The process of a asynchronous transmission.
Each Basis of Database service provider can send business operation log to Ledger system by way of " plaintext " System." plaintext " herein refers to that Ledger system is understood that or part understands business operation day transmitted by each database Will.For example, some database and Ledger system allow Ledger system to know business by pre-establishing communication protocol Action type, operation service object in operation log etc., so that Ledger system can further basis when blocking Action type or operation target object progress are blocking, so that each Database Systems are preferably managed.In this manner, If desired each database carries out inquiry to itself or statistics (for example, statistics has done how many to the data of which business object Secondary clear operation), instruction only need to can be sent, specific statistics or query procedure can be completed in Ledger system end.
Certainly, each Basis of Database service provider can also send business operation log extremely by way of " ciphertext " Ledger system." ciphertext " herein refers to that Ledger system cannot understand business operation log transmitted by each database. In this manner, each database can only then carry out the reading or removing of stored business operation log to Ledger system Etc. operation, specific inquiry or statistical work then need after reading data in Basis of Database service provider local It executes.
Under a kind of implement scene, for example, being the cost information in relation to enterprise in data record, and need to data record When being audited.Prevent enterprise combine with service side play tricks forge timestamp produce new account book at this point, to it is some authority The time service certification that time just mechanism carries out data block is exactly indispensable technological means.Here time just mechanism example It such as can be national time service center, alternatively, the authoritative time certification mechanism permitted through national time service center.Time service certification herein I.e. are as follows: obtain the related signature of time just mechanism, the trusted time that signature packets just mechanism containing having time here is issued Stamp, the trusted timestamp correspond to the data block for needing to authenticate.
Specifically, service side determines to need to carry out time service certification first from the data block for having generated and having stored One section of account book wherein at least should include a data block or the multiple pieces of continuous data blocks of height.Determining mode can be with base It is specified in user's operation, for example, user initiates time service instruction, it include the starting block height for needing to carry out time service certification in instruction And number of blocks;It is also possible to specify without user, service side is based on preset service logic and carries out automatically.
For example, application time service can be gone from most fine granularity with each data block.In this manner, Merkel tree Root Hash be the data block block cryptographic Hash, which can to the greatest extent carry out account book (i.e. each data block) true The protection of property.Due to data block go out block frequency it is higher, this mode no matter for time service center, or for service side and Speech, cost overhead all can be bigger.A kind of optional mode is that certain time service preset condition is arranged, when meeting certain award When preset condition when, initiate time service request.It is regarded as when the data block that time service authenticates in newly-generated data block, it is described Time service preset condition may is that time service certification data block reach amount threshold, alternatively, apart from last time service certification when Between interval have arrived at time threshold.
Specific time service authentication mode is to play the block Hash of the data block authenticated to time service according to the high sequential series of block Come, the block Hash based on each data block generates the Merkel tree for corresponding to the multiple data block, to confirm Merkel tree Root Hash.Also, the relevant information for confirming the data block authenticated to time service, end block height high for example including starting block or number Quantity according to block etc. information.Then the root Hash of Merkel tree and the relevant information of above-mentioned data block are sent to time just machine Structure.Time just authorities provide a trusted timestamp to above- mentioned information, and carry out digital label to trusted timestamp Name certification generates one and includes the time service certificate of trusted timestamp and digital signature, wherein can also include above-mentioned data block Relevant information, the mode of digital signature are conventional private key encryption, public key decryptions.
To, service side can receive a series of trusted timestamp comprising time just authority signature, each Trusted timestamp corresponds to one section of account book, also, can explicitly know it is which segment data block based on relevant information.Service side It can be managed accordingly based on the trusted timestamp, and verifying.For example, when needing to audit to certain account book, clothes Business side can provide the time service certificate of corresponding the data block trusted timestamp comprising time just mechanism and signature in account book, and And the relevant information according to included in time service certificate carries out recalculating for Merkel's tree root Hash, whereby it was confirmed that the card Data block corresponding to book is impossible to be forged in the future, and service side can be effectively prevented and include by service side's joint manufacture The account book of false timestamp, to hide corresponding audit.As shown in figure 8, Fig. 8 is that one kind that this specification embodiment provides is specific Generation time service certificate schematic diagram.
Corresponding, this specification embodiment also provides the high creating device of block in a kind of chain type account book, as shown in fig. 6, Fig. 6 It is the structural schematic diagram of the high creating device of block in a kind of chain type account book of this specification embodiment offer, comprising:
Module 601 is obtained, the Chunky Time stamp of data block is obtained;
The Chunky Time is stabbed it using symmetric encipherment algorithm and is converted to integer data by conversion module 603, wherein institute It states integer data and is based on time monotonic increase;
Determining module 605, the block that the integer data is determined as the data block are high.
Further, described device further include:
Receiving module 607 receives data record to be stored, and determines the cryptographic Hash of each data record;
Writing module 609 determines each data record in data block to be written when reaching preset blocking condition, raw At the n-th data block of the cryptographic Hash comprising data block and data record, specifically include:
As N=1, the cryptographic Hash and block height of initial data block are given based on predetermined manner;
As N > 1, N is determined according to the cryptographic Hash of each data record and the N-1 data block in data block to be written The cryptographic Hash of a data block generates the of the Chunky Time comprising the cryptographic Hash of n-th data block, each data record and data block N number of data block, wherein sequencing monotonic increase of the block height of data block based on Chunky Time.
Further, the preset blocking condition includes: that data record quantity to be stored reaches amount threshold;Or The time interval of person, distance last blocking moment reach time threshold.
Further, described device further includes index creation module 611, obtains the row of each data record in the data block Sequence serial number and cryptographic Hash;In the sequence serial number of described piece high of tail portion splicing data record, the high timing of block of data record is generated Word string;Establish the third concordance list of the corresponding relationship of the cryptographic Hash including described piece high timing word string and data record.
Further, the index creation module 611 is ranked up according to the receiving time of each data record stamp, Determine the sequence serial number of each data record in the data block being selected;Divide alternatively, obtaining when receiving data record The sequence serial number matched.
Further, the index creation module 611, addition includes specified sequence serial number in the third concordance list The high corresponding relationship of the block of the high timing word string of block and data block.
This specification embodiment also provides a kind of computer equipment, includes at least memory, processor and is stored in On reservoir and the computer program that can run on a processor, wherein processor realizes chain shown in Fig. 2 when executing described program Block height in formula account book creates creation method.
Fig. 7 shows one kind provided by this specification embodiment and more specifically calculates device hardware structural schematic diagram, The equipment may include: processor 1010, memory 1020, input/output interface 1030, communication interface 1040 and bus 1050.Wherein processor 1010, memory 1020, input/output interface 1030 and communication interface 1040 are real by bus 1050 The now communication connection inside equipment each other.
Processor 1010 can use general CPU (Central Processing Unit, central processing unit), micro- place Reason device, application specific integrated circuit (Application Specific Integrated Circuit, ASIC) or one Or the modes such as multiple integrated circuits are realized, for executing relative program, to realize technical side provided by this specification embodiment Case.
Memory 1020 can use ROM (Read Only Memory, read-only memory), RAM (Random Access Memory, random access memory), static storage device, the forms such as dynamic memory realize.Memory 1020 can store Operating system and other applications are realizing technical solution provided by this specification embodiment by software or firmware When, relevant program code is stored in memory 1020, and execution is called by processor 1010.
Input/output interface 1030 is for connecting input/output module, to realize information input and output.Input and output/ Module can be used as component Configuration (not shown) in a device, can also be external in equipment to provide corresponding function.Wherein Input equipment may include keyboard, mouse, touch screen, microphone, various kinds of sensors etc., output equipment may include display, Loudspeaker, vibrator, indicator light etc..
Communication interface 1040 is used for connection communication module (not shown), to realize the communication of this equipment and other equipment Interaction.Wherein communication module can be realized by wired mode (such as USB, cable etc.) and be communicated, can also be wirelessly (such as mobile network, WIFI, bluetooth etc.) realizes communication.
Bus 1050 include an access, equipment various components (such as processor 1010, memory 1020, input/it is defeated Outgoing interface 1030 and communication interface 1040) between transmit information.
It should be noted that although above equipment illustrates only processor 1010, memory 1020, input/output interface 1030, communication interface 1040 and bus 1050, but in the specific implementation process, which can also include realizing normal fortune Other assemblies necessary to row.In addition, it will be appreciated by those skilled in the art that, it can also be only comprising real in above equipment Component necessary to existing this specification example scheme, without including all components shown in figure.
This specification embodiment also provides a kind of computer readable storage medium, is stored thereon with computer program, the journey The block height creation creation method in chain type account book shown in Fig. 2 is realized when sequence is executed by processor.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data. The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM), Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
As seen through the above description of the embodiments, those skilled in the art can be understood that this specification Embodiment can be realized by means of software and necessary general hardware platform.Based on this understanding, this specification is implemented Substantially the part that contributes to existing technology can be embodied in the form of software products the technical solution of example in other words, The computer software product can store in storage medium, such as ROM/RAM, magnetic disk, CD, including some instructions are to make It is each to obtain computer equipment (can be personal computer, server or the network equipment etc.) execution this specification embodiment Method described in certain parts of a embodiment or embodiment.
System, method, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity, Or it is realized by the product with certain function.A kind of typically to realize that equipment is computer, the concrete form of computer can To be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play In device, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment The combination of any several equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for method reality For applying example, since it is substantially similar to the method embodiment, so describing fairly simple, related place is referring to embodiment of the method Part explanation.Embodiment of the method described above is only schematical, wherein described be used as separate part description Module may or may not be physically separated, can be each module when implementing this specification example scheme Function realize in the same or multiple software and or hardware.Can also select according to the actual needs part therein or Person's whole module achieves the purpose of the solution of this embodiment.Those of ordinary skill in the art are not the case where making the creative labor Under, it can it understands and implements.
The above is only the specific embodiment of this specification embodiment, it is noted that for the general of the art For logical technical staff, under the premise of not departing from this specification embodiment principle, several improvements and modifications can also be made, this A little improvements and modifications also should be regarded as the protection scope of this specification embodiment.

Claims (13)

1. the high creation method of block in a kind of chain type account book, comprising:
Obtain the Chunky Time stamp of data block;
The Chunky Time is stabbed by it using symmetric encipherment algorithm and is converted to integer data, wherein when the integer data is based on Between monotonic increase;
The block that the integer data is determined as the data block is high.
2. the method as described in claim 1, in the database service provider of centralization, data block is preparatory in the following way It generates:
Data record to be stored is received, determines the cryptographic Hash of each data record;
When reaching preset blocking condition, each data record in data block to be written is determined, generate the Kazakhstan comprising data block The n-th data block of uncommon value and data record, specifically includes:
As N=1, the cryptographic Hash and block height of initial data block are given based on predetermined manner;
As N > 1, n-th number is determined according to the cryptographic Hash of each data record and the N-1 data block in data block to be written According to the cryptographic Hash of block, the n-th of the Chunky Time of the cryptographic Hash comprising n-th data block, each data record and data block is generated Data block, wherein sequencing monotonic increase of the block height of data block based on Chunky Time.
3. method according to claim 2, the preset blocking condition include:
Data record quantity to be stored reaches amount threshold;Alternatively, when reaching apart from the time interval at last blocking moment Between threshold value.
4. the method as described in claim 1, further includes:
Obtain the sequence serial number and cryptographic Hash of each data record in the data block;
In the sequence serial number of described piece high of tail portion splicing data record, the high timing word string of block of data record is generated;
Establish the third concordance list of the corresponding relationship of the cryptographic Hash including described piece high timing word string and data record.
5. method as claimed in claim 4 determines the sequence serial number of each data record in the data block being selected, comprising:
It is ranked up according to the receiving time of each data record stamp, determines each data note in the data block being selected The sequence serial number of record;Alternatively,
Obtain the allocated sequence serial number when receiving data record.
6. method as claimed in claim 4, further includes:
High corresponding of block high timing word string of the addition comprising specified sequence serial number and the block of data block in the third concordance list Relationship.
7. the high creating device of block in a kind of chain type account book, comprising:
Module is obtained, the Chunky Time stamp of data block is obtained;
The Chunky Time is stabbed it using symmetric encipherment algorithm and is converted to integer data by conversion module, wherein the integer According to based on time monotonic increase;
Determining module, the block that the integer data is determined as the data block are high.
8. device as claimed in claim 7, in the database service provider of centralization, further includes:
Receiving module receives data record to be stored, and determines the cryptographic Hash of each data record;
Generation module determines each data record in data block to be written when reaching preset blocking condition, generates comprising number According to the cryptographic Hash of block and the n-th data block of data record, specifically include:
As N=1, the cryptographic Hash and block height of initial data block are given based on predetermined manner;
As N > 1, n-th number is determined according to the cryptographic Hash of each data record and the N-1 data block in data block to be written According to the cryptographic Hash of block, the n-th of the Chunky Time of the cryptographic Hash comprising n-th data block, each data record and data block is generated Data block, wherein sequencing monotonic increase of the block height of data block based on Chunky Time.
9. device as claimed in claim 8, the preset blocking condition include:
Data record quantity to be stored reaches amount threshold;Alternatively, when reaching apart from the time interval at last blocking moment Between threshold value.
10. device as claimed in claim 7 further includes index creation module, each data record in the data block is obtained The serial number that sorts and cryptographic Hash;Described piece high tail portion splicing data record sequence serial number, generate data record block it is high when Sequence word string;Establish the third concordance list of the corresponding relationship of the cryptographic Hash including described piece high timing word string and data record.
11. device as claimed in claim 10, the index creation module are stabbed according to the receiving time of each data record It is ranked up, determines the sequence serial number of each data record in the data block being selected;Data note is being received alternatively, obtaining Allocated sequence serial number when record.
12. device as claimed in claim 10, the index creation module, addition is comprising specified in the third concordance list The high timing word string of block for the serial number that sorts and the high corresponding relationship of block of data block.
13. a kind of computer equipment including memory, processor and stores the meter that can be run on a memory and on a processor Calculation machine program, wherein the processor realizes method as described in any one of claims 1 to 6 when executing described program.
CN201910101181.XA 2019-01-31 2019-01-31 Block height creating method, device and equipment in chain type account book Active CN110061843B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910101181.XA CN110061843B (en) 2019-01-31 2019-01-31 Block height creating method, device and equipment in chain type account book

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910101181.XA CN110061843B (en) 2019-01-31 2019-01-31 Block height creating method, device and equipment in chain type account book

Publications (2)

Publication Number Publication Date
CN110061843A true CN110061843A (en) 2019-07-26
CN110061843B CN110061843B (en) 2022-02-18

Family

ID=67316438

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910101181.XA Active CN110061843B (en) 2019-01-31 2019-01-31 Block height creating method, device and equipment in chain type account book

Country Status (1)

Country Link
CN (1) CN110061843B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110636042A (en) * 2019-08-14 2019-12-31 阿里巴巴集团控股有限公司 Method, device and equipment for updating verified block height of server
CN110830260A (en) * 2019-09-27 2020-02-21 电子科技大学 Block chain-based digital signature timestamp generation method
CN111026770A (en) * 2019-10-29 2020-04-17 北京海益同展信息科技有限公司 Account book processing method and device for block chain nodes, server and storage medium
CN111352935A (en) * 2019-07-29 2020-06-30 阿里巴巴集团控股有限公司 Index creating method, device and equipment in block chain type account book
US10795874B2 (en) 2019-07-29 2020-10-06 Alibaba Group Holding Limited Creating index in blockchain-type ledger
CN112380573A (en) * 2019-07-29 2021-02-19 创新先进技术有限公司 Digital signature method, device and equipment in block chain type account book

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106341421A (en) * 2016-10-31 2017-01-18 杭州云象网络技术有限公司 Block chain technology based data exchange method
US20170331635A1 (en) * 2016-05-10 2017-11-16 Acronis International Gmbh System and method for file time-stamping using a blockchain network
CN107846282A (en) * 2017-11-03 2018-03-27 法信公证云(厦门)科技有限公司 A kind of electronic data distribution keeping method and system based on block chain technology
US20180139056A1 (en) * 2016-11-15 2018-05-17 Fujitsu Limited Apparatus and method to perform secure data sharing in a distributed network by using a blockchain
CN109086325A (en) * 2018-06-29 2018-12-25 阿里巴巴集团控股有限公司 Data processing method and device based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170331635A1 (en) * 2016-05-10 2017-11-16 Acronis International Gmbh System and method for file time-stamping using a blockchain network
CN106341421A (en) * 2016-10-31 2017-01-18 杭州云象网络技术有限公司 Block chain technology based data exchange method
US20180139056A1 (en) * 2016-11-15 2018-05-17 Fujitsu Limited Apparatus and method to perform secure data sharing in a distributed network by using a blockchain
CN107846282A (en) * 2017-11-03 2018-03-27 法信公证云(厦门)科技有限公司 A kind of electronic data distribution keeping method and system based on block chain technology
CN109086325A (en) * 2018-06-29 2018-12-25 阿里巴巴集团控股有限公司 Data processing method and device based on block chain

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11068457B2 (en) 2019-07-29 2021-07-20 Advanced New Technologies Co., Ltd. Creating index in blockchain-type ledger
CN111352935A (en) * 2019-07-29 2020-06-30 阿里巴巴集团控股有限公司 Index creating method, device and equipment in block chain type account book
US10795874B2 (en) 2019-07-29 2020-10-06 Alibaba Group Holding Limited Creating index in blockchain-type ledger
CN112380573A (en) * 2019-07-29 2021-02-19 创新先进技术有限公司 Digital signature method, device and equipment in block chain type account book
CN113535720A (en) * 2019-07-29 2021-10-22 创新先进技术有限公司 Index creating method, device and equipment in block chain type account book
US11573944B2 (en) 2019-07-29 2023-02-07 Advanced New Technologies Co., Ltd. Creating index in blockchain-type ledger
CN112380573B (en) * 2019-07-29 2024-05-14 创新先进技术有限公司 Digital signature method, device and equipment in block chain type account book
CN110636042A (en) * 2019-08-14 2019-12-31 阿里巴巴集团控股有限公司 Method, device and equipment for updating verified block height of server
CN110830260A (en) * 2019-09-27 2020-02-21 电子科技大学 Block chain-based digital signature timestamp generation method
CN110830260B (en) * 2019-09-27 2021-09-24 电子科技大学 Block chain-based digital signature timestamp generation method
US11936799B2 (en) 2019-09-27 2024-03-19 University Of Electronic Science And Technology Of China Blockchain-based time stamping method for digital signature
CN111026770A (en) * 2019-10-29 2020-04-17 北京海益同展信息科技有限公司 Account book processing method and device for block chain nodes, server and storage medium
CN111026770B (en) * 2019-10-29 2023-08-04 京东科技信息技术有限公司 Ledger processing method and device of blockchain node, server and storage medium

Also Published As

Publication number Publication date
CN110061843B (en) 2022-02-18

Similar Documents

Publication Publication Date Title
CN109902086A (en) A kind of index creation method, device and equipment
CN109902071A (en) Business diary storage method, system, device and equipment
CN109951290A (en) A kind of time service authentication method, device and the equipment of chain type account book
CN110061843A (en) The high creation method of block, device and equipment in a kind of chain type account book
CN110059084A (en) A kind of date storage method, device and equipment
CN110019278A (en) A kind of data verification method, device and equipment
TWI727594B (en) Signature verification method, system, device and equipment in block chain ledger
CN110008203A (en) A kind of data clearing method, device and equipment
CN110188096A (en) A kind of index creation method, device and equipment of data record
CN110008249A (en) A kind of time-based data query method, device and equipment
CN110046281A (en) A kind of data adding method, device and equipment
CN110334153B (en) Authorization method, system, device and equipment in block chain type account book
CN111602166B (en) Method and apparatus for providing traversable key-value data storage on a blockchain
CN110162662A (en) Verification method, device and the equipment of data record in a kind of piece of chain type account book
CN110162526A (en) Querying method, device and the equipment of data record in a kind of piece of chain type account book
CN110147686A (en) A kind of storage method, system, device and the equipment of personal asset change record
CN110022315A (en) Weight management method, device and equipment in a kind of piece of chain type account book
CN110474775B (en) User creating method, device and equipment in block chain type account book
CN110347674A (en) A kind of index creation method, device and equipment based on service identification
CN110162523A (en) Date storage method, system, device and equipment
CN110008743A (en) Data attribute identification method, device and equipment in a kind of piece of chain type account book
CN110190963A (en) A kind of monitoring method, device and equipment for the request of time service certificates constructing
CN110266494A (en) Time service authentication method, device and equipment in a kind of piece of chain type account book
CN110008210A (en) A kind of index creation method, device and equipment
CN110019373A (en) A kind of data query method, device and equipment based on cryptographic Hash

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20201015

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Innovative advanced technology Co.,Ltd.

Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant before: Advanced innovation technology Co.,Ltd.

Effective date of registration: 20201015

Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands

Applicant after: Advanced innovation technology Co.,Ltd.

Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands

Applicant before: Alibaba Group Holding Ltd.

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant