CN111415718A

CN111415718A - Electronic prescription sharing method based on block chain and conditional proxy re-encryption

Info

Publication number: CN111415718A
Application number: CN202010132242.1A
Authority: CN
Inventors: 唐飞; 陈云龙
Original assignee: Chongqing University of Post and Telecommunications
Current assignee: Shanghai Guoxing Medical Instrument Co ltd
Priority date: 2020-02-29
Filing date: 2020-02-29
Publication date: 2020-07-14
Anticipated expiration: 2040-02-29
Also published as: CN111415718B

Abstract

The invention belongs to the field of block chain data sharing, and particularly relates to an electronic prescription sharing method based on block chain and conditional proxy re-encryption, which comprises the following steps: generating a public parameter, and initializing a shared node; generating a second key of the user; the electronic prescription has a person signature electronic prescription; the electronic prescription sharer encrypts the IPFS value and the symmetric key; the electronic prescription sharer generates a conditional proxy re-encryption key by using the key; the sharee acquires and verifies the electronic prescription; the invention solves the problem of key escrow based on identity through distributed key generation, realizes the delegation of fine-grained decryption authority of data by utilizing conditional proxy re-encryption, and finally realizes the safe storage and the credible sharing of the electronic prescription by combining the characteristics of decentralization and non-falsification of a block chain.

Description

Electronic prescription sharing method based on block chain and conditional proxy re-encryption

Technical Field

The invention belongs to the field of block chain data sharing, and particularly relates to an electronic prescription sharing method based on block chain and conditional proxy re-encryption.

Background

With the continuous development of scientific technology, more and more information technology means are assisting hospitals to gradually step into paperless times, and the electronic prescription of the hospitals is one of the representatives of medical informatization application. The electronic prescription is transmitted by means of a network, is programmed by adopting an information technology, bears the medicine treatment information filled for a patient by a doctor in the diagnosis and treatment activities, and is used as a dispensing voucher. The electronic prescription data archived by the hospital not only needs to be approved by patients and laws, but also can become a powerful evidence to solve disputes encountered by the hospital. At present, electronic prescriptions are only used in a local area network of a hospital, so that the development of medical departments is limited, and the prescription is difficult to be out-flowed. Solving the bottleneck problems of electronic prescriptions is a necessary way to promote the development of electronic prescriptions. Therefore, it is of great significance to carry out intensive research on aspects of storage, sharing and the like of electronic prescriptions.

The blockchain technology utilizes a chain data structure to verify and store data, a distributed node consensus algorithm generates and updates data, a cryptology mode ensures the safety of data transmission and access, an intelligent contract consisting of automatic script codes is used for programming and operating the data, the blockchain is constructed on a point-to-point (P2P) network, the blockchain is a brand-new distributed infrastructure and computing paradigm, has the characteristics of decentralization, non-tampering and traceability, and has wide application prospects when the blockchain is adopted for management of electronic prescription storage, sharing and the like. For example, the method, apparatus and system for acquiring medical prescriptions based on blockchain, which is disclosed in patent application No. CN201910911167.6, includes receiving an electronic prescription and a user identification sent by a terminal of a medical institution; generating a digital abstract of the electronic prescription and storing the contract prescription; storing the digital summary and the user identification to a first block in a block chain; and sending the first block identifier to a user terminal, signing the first block identifier by using a first private key by the user terminal, generating a first block identifier, a signature and a prescription certificate, and acquiring the electronic prescription from the service system by the target institution terminal according to the prescription certificate. By the method, the user side can not directly contact the electronic prescription, thereby avoiding the artificial modification of the electronic prescription and ensuring the authenticity of the electronic prescription.

However, when the electronic prescription is encrypted, the method only carries out electronic encryption once, so that the sharees are easy to crack in the decryption process, and the safety of the electronic prescription is poor; this method does not verify the signature of the acquired electronic prescription when the electronic prescription is acquired, and thus cannot judge the correctness of the electronic prescription.

Disclosure of Invention

In order to solve the problems of the prior art, the invention provides an electronic prescription sharing method based on block chain and conditional proxy re-encryption, which comprises the following steps:

generating common parameters of the block chain system of the alliance;

according to the system public parameters, each sharing node generates a first public key and a first private key of the sharing node, and the first public key and the first private key of the system are generated together according to the first public keys and the first private keys of the sharing nodes;

each node generates a first private key of a user according to the identity information of the user, the user verifies the correctness of the first private key of the user according to public parameters, and a second public key and a second private key of the user are generated according to the correct first private key of the user; the user comprises an electronic prescription issuing person, an electronic prescription sharing person and a shared person;

the electronic prescription maker signs the electronic prescription through a second private key and uploads the electronic prescription with the signature to the system; the electronic prescription sharer downloads the signed electronic prescription, encrypts the signed electronic prescription by using a first symmetric key generated randomly to generate an electronic prescription ciphertext, uploads the electronic prescription ciphertext to the IPFS distributed file system, and returns the IPFS value of the electronic prescription ciphertext to the electronic prescription sharer; the IPFS value is the acquisition place of the ciphertext;

the electronic prescription sharer encrypts the IPFS value and the first symmetric key of the electronic prescription ciphertext by using the second public key, and embeds a condition value in the encrypted ciphertext, wherein the condition value is used for re-encrypting the electronic prescription ciphertext; the electronic prescription sharer uploads the encrypted second key, namely a second key ciphertext to the block chain system of the alliance;

the electronic prescription sharer generates a conditional proxy re-encryption key by using the identity information of the sharee, a second private key of the electronic prescription sharer and the condition value, and uploads a ciphertext of the conditional proxy re-encryption key to the alliance block chain;

the shared user obtains the re-encryption key ciphertext from the alliance block chain, and the shared user utilizes a first private key of the shared user to decrypt the re-encryption key ciphertext to obtain an IPFS value and a first symmetric key; the sharee downloads the electronic prescription ciphertext from the IPFS system, and decrypts the electronic prescription ciphertext by using the first symmetric key to obtain the electronic prescription; the sharee verifies the signature of the electronic prescription using the second public key of the electronic prescription issuer.

Preferably, the generating of the parameters common to the block chain system of the federation includes:

step 1: the alliance block chain sharing node selects two multiplication cyclic groups G with prime number q in order₁And G₂Setting bilinear mapping e: G₁×G₁→G₂；

Step 2: hash function H is selected to alliance block chain sharing node₁:{0,1}^*→G₂，

H₃:{0,1}^*→G₁，

H₅:G₂→G₁，

And step 3: randomly selecting a prime number p, and recording a shared node in the block chain of the union as A_i(i 1, 2.. N), then the common parameters are obtained as: params ═ G₁,G₂,g,p,e,H₁,H₂,H₃,H₄,H₅,H₆}。

Preferably, the process of verifying the correctness of the first private key of the user according to the public parameter by the user comprises:

1): each sharing node A_iRandomly selecting an N-1 order polynomial algorithm according to the common parameters;

2): computing each shared node A according to a polynomial_iA of (A)_ikA value of and A_ikValue group is sent to each sharing nodeWherein

And k is 0, 1.... N-1;

3): calculate each shared node A_iSent to other alliance blockchain node A_jSecret value t of_ij＝F_i(j) Wherein j is 1,2,. N, j ≠ i;

4): each sharing node A_iReceiving secret value t_jiPass verification

If the secret value is valid, the node A judges that the secret value is valid_jHonesty; otherwise, claim A_jResending t_ij；

5): calculate the parameter w for each shared node, i.e.

Preferably, the step of generating the first public key and the first private key of the system includes:

step 1: each sharing node A_iRandomly selecting two polynomials of the order of N-1 by system parameters, and converting the coefficient b of one polynomial into a polynomial_tiAs the first private key of the shared node, order

A first public key as a sharing node;

step 2: calculate each shared node A_iVerification information value B of_ikSending the verification information group to each sharing node; wherein k is 0,1, a.

And step 3: calculate each node A_iSending to other alliance block chain sharing node A_jSecret value s of (j ≠ 1, 2.. N, j ≠ i)_ij＝f_i(j),s'_ij＝f′(j)；

And 4, step 4: each node A_iReceiving a secret value s_ji,s'_jiVerification of

Whether the secret value is valid or not, if yes, the sent secret value is valid; otherwise, claim A_jResending;

and 5: the first keys of the N alliance block chain sharing nodes are united to generate a first key pair of the system

Step 6: each sharing node A_iThe first public key of the sharing node

Sending to each shared node, and calculating

Taking y as a first public key of the system;

and 7: according to the obtained information, the latest public parameter params ═ G of the block chain of the new alliance which is published last is obtained₁,G₂,g,p,e,H₁,H₂,H₃,H₄,H₅,H₆,N,y,y'}。

Preferably, the generating step of the second public key and the second private key of the user includes:

step 1: the user joining the system will identify itself_iSending to the alliance block chain system;

step 2: each sharing node A_jAccording to the received user identity id_iGenerating a first private key of a user

Sending the first private key of the user to the user;

and step 3: when the user receives the sharing node A_jFirst private key of user

Verifying the correctness of the first private key of the user if

If yes, sharing node A_jThe sent first private key of the user is correct, otherwise, the shared node A is required_jResending;

and 4, step 4: after the user receives the first private keys of the user sent by all the sharing nodes, the user calculates the second private key of the user according to the first private keys of all the users

And the second public key of the user is

Preferably, the process of signing the electronic prescription by the electronic prescription holder through the second private key comprises:

step 1: electronic prescription issuing person id_aSigning the generated electronic prescription m, and randomly selecting an integer by an electronic prescription maker

And calculate

Generating an electronic prescription signature sigma (u, v) according to the calculated u and v, packaging the electronic prescription m and sigma into m 'by using a second private key, and sending the m' to the electronic prescription sharer;

step 2: electronic prescription sharer id_iUsing a randomly generated first symmetric key

Encrypting the signed electronic prescription to generate an electronic prescription ciphertext C ═ Enc_sym(dek, m'), uploading the electronic prescription ciphertext C to the IPFS distributed file system, and returning the IPFS value of the electronic prescription ciphertext to the electronic prescription sharer.

Preferably, the process of encrypting the IPFS value of the electronic prescription cryptograph and the first symmetric key by the electronic prescription sharer using the second public key includes:

step 1: electronic prescription sharer using the second public key

The IPFS value of the M (IPFS | | | dek) electronic prescription ciphertext and the first symmetric key dek are encrypted, and one is randomly selected

And condition of re-encryption

Obtain the second layer ciphertext

Wherein C is₁＝g^r，

C₃＝g^cr， h＝H₄(C₁,C₂,C₃)，C₄＝u^hr；

Step 2: the patient will encrypt the second layer of ciphertext

And uploading the alliance block chain system.

Preferably, the process of generating the conditional proxy re-encryption key includes:

step 1: randomly select one

And one x ∈ G₂The electronic prescription sharer passes the second private key of the sharer

Identity id of sharee_jAnd generating a proxy re-encryption key by the condition value c when encrypting M (IPFS dek)

Wherein R is₁＝g^r′，

R₄＝u^r′；

Step 2: electronic prescription sharer will

Uploading a block chain of the alliance;

and step 3: the shared node in the block chain system of the alliance obtains the conditional proxy re-encryption authority through the competition of the consensus algorithm, and the node obtains the second layer ciphertext data with the condition c

By re-encrypting the key with condition c

Conversion to sharee id_jDecipherable first layer cipher text data

Wherein C'₁＝C₁，C′₂＝C₂e(C₁,R₃)/e(C₃,R₁)，C′₃＝R₁，C′₄＝R₂，h′＝H₆(C′₁,C′₂,C′₃,C′₄)，

By e (C)₁,u^h)＝e(g,C₄) To verify the validity of the second layer of ciphertext.

Preferably, the process of obtaining and verifying the electronic prescription by the sharee comprises:

step 1: the sharee uses the second private key of the sharee

Decryption

Calculating H ═ H₄(C′₁,C′₂,C′₃,C′₄) Verification of e (C'₃,u^h′)＝e(C′₅G) whether or not, if yes, calculating

Otherwise, the first layer of ciphertext is tampered, and the electronic prescription is requested again;

step 2: calculating M ═ C'₂/e(C′₁,H₅(x) Get the first symmetric key dek and the IPFS value of the electronic prescription ciphertext;

and step 3: the sharee downloads the electronic prescription ciphertext C according to the IPFS value, and the electronic prescription plaintext m and the signature sigma are obtained through decryption of the first symmetric key dek;

and 4, step 4: the sharee verifies whether the signature is valid or not through a second public key of the electronic prescribing person, namely e (v, g) e (u, y) e (H (id)_a)^tY); if the equation is established, the signature is valid, otherwise, the electronic prescription signature is invalid, and the electronic prescription is shared again.

The invention realizes the user key to be generated in a centralized way by utilizing the nodes in the block chain of the alliance, avoids the problem of key escrow under the traditional public key encryption mode based on the identity, and enables the user to generate the private key based on the identity; the invention utilizes the randomly generated symmetric key to encrypt the electronic prescription plaintext, thereby having higher encryption efficiency; the invention utilizes the nodes in the alliance block chain as proxy nodes to carry out conditional proxy re-encryption, thereby realizing fine-grained decryption authority delegation and effectively ensuring privacy when patients share electronic prescriptions; the electronic prescription ciphertext is stored by using the IPFS distributed file system, so that decentralized storage is realized; the invention utilizes the alliance block chain to store the related information of the electronic prescription, ensures that the electronic prescription can not be tampered and realizes the credible sharing.

Drawings

FIG. 1 is a block diagram of the present invention;

FIG. 2 is an overall flow diagram of the present invention;

FIG. 3 is a block diagram of an initialization process of the present invention;

FIG. 4 is a block diagram of a node initialization process of the present invention;

FIG. 5 is a block diagram of a user private key generation process of the present invention;

FIG. 6 is a block diagram of a flow of a doctor signing electronic prescription and a patient encrypting electronic prescription;

FIG. 7 is a block diagram of a patient encryption IPFS value and symmetric key flow;

FIG. 8 is a block diagram of a process for a patient to generate a conditional proxy re-encryption key for a requester;

FIG. 9 is a block diagram of a sharee's process of obtaining an electronic prescription and verifying.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is to be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The alliance blockchain system model is composed of three parts, namely an alliance blockchain layer, a user layer and an IPFS layer, as shown in figure 1, wherein computers of hospitals, pharmacies and supervision departments are used as sharing nodes to form an alliance blockchain, a first secret key of the system and a first secret key of each node are initialized, a user sends information to the sharing nodes, and receives the first secret key of the sharing nodes to generate a second secret key of the user. And secondly, the electronic prescription maker user generates an electronic prescription and signs and sends the electronic prescription to the electronic prescription sharer user. The electronic prescription sharer user uploads an electronic prescription ciphertext to the IPFS distributed file system, uploads a key ciphertext and a conditional proxy re-encryption key to the alliance block chain system, and the alliance block chain system performs conditional proxy re-encryption on the key ciphertext. And finally, the shared user decrypts the encrypted key ciphertext from the load under the block chain of the alliance to obtain the key, downloads the ciphertext from the IPFS distributed file system for decryption and verifies the signature of the electronic prescription issuing person.

The invention relates to an electronic prescription sharing method based on block chain and conditional proxy re-encryption, as shown in figure 2, the method comprises the following steps:

generating common parameters of the block chain system of the alliance;

the electronic prescription maker signs the electronic prescription through a second private key and uploads the electronic prescription with the signature to the system; the electronic prescription sharer downloads the signed electronic prescription, encrypts the signed electronic prescription by using a first symmetric key generated randomly to generate an electronic prescription ciphertext, uploads the electronic prescription ciphertext to the IPFS distributed file system, and returns the IPFS value of the electronic prescription ciphertext to the electronic prescription sharer; obtaining place of IPFS value as ciphertext

the shared user obtains the re-encryption key ciphertext from the alliance block chain, and the shared user utilizes a first private key of the shared user to decrypt the re-encryption key ciphertext to obtain an IPFS value and a first symmetric key; the sharee downloads the electronic prescription ciphertext from the IPFS system, and decrypts the electronic prescription ciphertext by using the first symmetric key to obtain the electronic prescription; the sharee verifies the signature of the electronic prescription by using the second public key of the electronic prescription issuer;

wherein, IPFS is an interplanetary file transfer system.

As shown in fig. 3, generating parameters common to the federation blockchain system includes:

step 1: the league block chain link point selects two multiplication cyclic groups G with prime number q in order₁And G₂Setting bilinear mapping e: G₁×G₁→G₂；

Step 2: hash function H is selected to alliance block chain link point₁:{0,1}^*→G₂，

H₃:{0,1}^*→G₁，

H₅:G₂→G₁，

And step 3: randomly selecting a prime number p, and enabling each node in the block chain of the alliance to be A_i(i 1, 2.. N), then the common parameters are obtained as: params ═ G₁,G₂,g,p,e,H₁,H₂,H₃,H₄,H₅,H₆}；

Wherein q and p each represent a prime number, e represents a bilinear map, G₁Representing a first multiplication cycle group, G₂Representing a second multiplication cycle group, A_iRepresenting a shared node, H_iRepresenting a hash function, and i ∈ {1, 2, 3, 4, 5, 6}, g being the generator of the first multiplication loop group, params representing a system common parameter.

As shown in fig. 4, the process of verifying the correctness of the first private key of the user according to the public parameter by the user includes:

1): each sharing node A_iRandomly selecting an N-1 order polynomial algorithm according to the common parameters; the algorithm expression is as follows:

F_i(x)＝a_i0+a_i1x+......+a_i(N-1)x^N-1

wherein, a_i(N-1)Representing randomly chosen elements, x, in a finite field^N-1Representing randomly chosen non-zero elements in a finite field.

2): computing each node A according to a polynomial_iA of (A)_ikA value of and A_ikThe value group is sent to each sharing node, wherein

And k is 0, 1.... N-1;

3): calculate each shared node A_iSent to other alliance blockchain node A_jSecret value t of_ij＝F_i(j) Wherein (j ≠ 1, 2.. N, j ≠ i);

4): each sharing node A_iReceiving secret value t_jiPass verification

5): calculate the parameter w for each shared node, i.e.

Wherein A is_iRepresenting a shared node, A_ikIndicating that the shared node authentication information value,

indicating the message broadcast by the node, mod p indicating the modulo operation, k indicating the number of shared nodes, t_ijRepresenting secret values sent by the nodes, F_i(j) Representing the selected polynomial.

The step of generating the first public key and the first private key of the system comprises the following steps:

A first public key as a sharing node; wherein the expressions of the two polynomials are:

f_i(x)＝b_i0+b_i1x+......+b_i(N-1)x^N-1

f′_i(x)＝c_i0+c_i1x+......+c_i(N-1)x^N-1

wherein, b_i(N-1)Representing a randomly selected element in a finite field, c_i(N-1)Representing randomly chosen elements in a finite field.

And step 3: calculate each node A_iSending to other alliance block chain sharing node A_jSecret value s of (j ≠ 1, 2.. N, j ≠ i)_ij＝f_i(j),s′_ij＝f′(j)；

And 4, step 4: each node A_iReceiving a secret value s_ji,s′_jiVerification of

Step 6: each sharing node A_iThe first public key of the sharing node

Sending to each shared node, and calculating

Taking y as a first public key of the system;

and 7: according to the obtained information, the latest public parameter params ═ G of the block chain of the new alliance which is published last is obtained₁,G₂,g,p,e,H₁,H₂,H₃,H₄,H₅,H₆,N,y,y'}；

Wherein, b_tiA first private key representing a shared node, y' representing the first private key of the shared node, B_ikThe authentication information is represented by a representation of,

which represents the first authentication parameters, is,

representing a second verification parameter, mod p representing a modulo operation, s_ijDenotes a first secret value, s'_ijWhich represents the second secret value, is,

representing a third authentication parameter, s representing a system first key pair, G₁Representing a first multiplication cycle group, G₂Representing a second multiplication cycle group, g being a generator of the multiplication cycle group, p representing a random prime number, e representing a bilinear map, H_iAnd i ∈ {1, 2, 3, 4, 5, 6} represents a hash function, N represents the number of federation blockchains, and y represents the system first public key.

As shown in fig. 5, the generating of the second public key and the second private key of the user includes:

Sending the first private key of the user to the user;

Verifying the correctness of the first private key of the user if

And the second public key of the user is

Wherein id_iWhich represents the information on the identity of the user,

representing the first private key of the user, g representing the generator of the multiplicative cyclic group, e representing the bilinear map, H (id)_i) A hash value representing identity information, y' represents the first public key of the sharing node,

representing the user's second private key,

representing the second public key, H, of the user₁(id_a) Representing the hash function value.

As shown in fig. 6, the process of signing the electronic prescription by the electronic prescription holder through the second private key includes:

And calculating u ═ H₁(id_a)^r,

Encrypting the signed electronic prescription to generate an electronic prescription ciphertext C ═ Enc_sym(dek, m'), uploading the electronic prescription ciphertext C to an IPFS distributed file system, and returning the IPFS value of the electronic prescription ciphertext to the electronic prescription sharer;

wherein the content of the first and second substances,

set of all pairs of modulo multiplicative invertible elements in the representation, H₁(.)^rRepresenting a hash operation, Enc_sym(.), dek denotes a first symmetric key, m' denotes an electronic prescription and signed package file, u denotes a first intermediate argument, v denotes a second intermediate argument,

representing the user's second private key.

As shown in fig. 7, the process of encrypting the IPFS value and the first symmetric key of the electronic prescription cryptograph by the electronic prescription sharer using the second public key includes:

step 1: electronic prescription sharer using the second public key

And condition of re-encryption

Obtain the second layer ciphertext

Wherein C is₁＝g^r，

C₃＝g^cr， h＝H₄(C₁,C₂,C₃)，C₄＝u^hr；

Step 2: the patient will encrypt the second layer of ciphertext

Uploading a block chain system of the alliance;

wherein, g^rA generator representing a multiplication loop group, M (. quadrature.) representing an encryption process, Me (. quadrature.)^rThe electronic prescription cryptogram is represented and,

representing the second public key of the user, y representing the first public key of the node, C_iRepresents elements in the second level ciphertext, wherein i ∈ {1, 2, 3, 4, 5, 6}, g^crAnd u^hrRespectively, representing partial re-encrypted ciphertext, dek representing a first symmetric key,

expressed under the modulus qC denotes an encryption condition value, and y denotes a system first public key.

As shown in fig. 8, the process of generating the conditional proxy re-encryption key includes:

step 1: randomly select one

Identity id of sharee_jAnd condition value c when encrypting M ═ IPFS | | | dek) generates a proxy re-encryption key

Wherein R is₁＝g^r′，

R₄＝u^r′；

Step 2: electronic prescription sharer will

Uploading a block chain of the alliance;

By re-encrypting the key with condition c

Conversion to sharee id_jDecipherable first layer cipher text data

Wherein C is₁′＝C₁，C′₂＝C₂e(C₁,R₃)/e(C₃,R₁)，C′₃＝R₁，C′₄＝R₂，h′＝H₆(C′₁,C′₂,C′₃,C′₄)，

By e (C)₁,u^h)＝e(g,C₄) Verifying the validity of the second layer of ciphertext;

where dek denotes the first symmetric key,

representing the multiplicative cyclic group modulo q, M (.) -representing the process of encryption,

representing proxy re-encryption key, g₁Generator representing multiplication loop group, e bilinear map, g^r' denotes a partial re-encryption key, x denotes a random value in a multiplication loop group, e ()^r′Denotes a bilinear mapping algorithm, u^r' denotes an intermediate parameter, C_i' denotes the decrypted first-layer ciphertext data, where i ∈ {1, 2, 3, 4, 5 }.

As shown in fig. 9, the process of obtaining and verifying the electronic prescription by the sharee includes:

step 1: the sharee uses the second private key of the sharee

Decryption

Otherwise the first layer is secretThe file is tampered, and the electronic prescription is requested again;

and 4, step 4: the shared person passes the verification that e (v, g) is e (u, y) e (H (id)_a)^tY) confirming whether the signature is valid; if the equation is established, the signature is valid, otherwise, the electronic prescription signature is invalid, and the electronic prescription is shared again;

wherein the content of the first and second substances,

representing a first layer of ciphertext data, h' representing a value to be verified, e representing a bilinear map, u representing a first intermediate parameter, v representing a second intermediate parameter,

representing the user's second private key, H (.)^tRepresents a hash function, id_aRepresenting user identity information, dek representing a first symmetric key, g representing a generator of a first multiplicative cyclic group, and y representing a system first public key.

Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by instructions associated with hardware via a program, which may be stored in a computer-readable storage medium, and the storage medium may include: ROM, RAM, magnetic or optical disks, and the like.

The above-mentioned embodiments, which further illustrate the objects, technical solutions and advantages of the present invention, should be understood that the above-mentioned embodiments are only preferred embodiments of the present invention, and should not be construed as limiting the present invention, and any modifications, equivalents, improvements, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims

1. A method for sharing electronic prescriptions based on blockchain and conditional proxy re-encryption, the method comprising:

generating common parameters of the block chain system of the alliance;

the electronic prescription maker signs the electronic prescription through a second private key and uploads the electronic prescription with the signature to the system; the electronic prescription sharer downloads the signed electronic prescription, encrypts the signed electronic prescription by using a first symmetric key generated randomly to generate an electronic prescription ciphertext, uploads the electronic prescription ciphertext to the IPFS distributed file system, and returns the IPFS value of the electronic prescription ciphertext to the electronic prescription sharer; the IPFS value is an acquisition address of the ciphertext;

wherein, IPFS is an interplanetary file transfer system.

2. The electronic prescription sharing method based on blockchain and conditional proxy re-encryption of claim 1, wherein the generating of federation blockchain system common parameters comprises:

step 1: the sharing node of the block chain of the alliance selects two multiplication circulation groups G with the order of prime number q₁And G₂Setting bilinear mapping e: G₁×G₁→G₂；

Step 2: hash function H is selected to sharing node of alliance block chain₁:{0,1}^*→G₂，H₂:

H₃:{0,1}^*→G₁，H₄:

H₅:G₂→G₁，H₆:

Wherein q and p each represent a prime number, e represents a bilinear map, G₁Representing a first multiplication cycle group, G₂Representing a second multiplication cycle group, A_iRepresenting a shared node, H_iRepresentation haThe objective function, i ∈ {1, 2, 3, 4, 5, 6}, g is the generator of the first multiplicative cyclic group, and params represents the system common parameters.

3. The electronic prescription sharing method based on blockchain and conditional proxy re-encryption as claimed in claim 1, wherein the process of the user verifying the correctness of the first private key of the user according to the public parameter comprises:

2): computing each shared node A according to a polynomial_iA of (A)_ikA value of and A_ikThe value group is sent to each sharing node, wherein

And k is 0, 1.... N-1;

4): each sharing node A_iReceiving secret value t_jiPass verification

5): calculate the parameter w for each shared node, i.e.

indicating messages broadcast by the node, mod p indicating a fortuneK denotes the number of shared nodes, t_ijRepresenting secret values sent by the nodes, F_i(j) Representing the selected polynomial.

4. The method of claim 1, wherein the step of generating the first public key and the first private key of the system comprises:

A first public key as a sharing node;

Step 6: each sharing node A_iThe first public key of the sharing node

Sending to each shared node, and calculating

Taking y as a first public key of the system;

and 7: according to the obtained information, the latest public parameter params ═ G of the block chain of the new alliance which is published last is obtained₁,G₂,g,p,e,H₁,H₂,H₃,H₄,H₅,H₆,N,y,y′}；

which represents the first authentication parameters, is,

representing a third authentication parameter, s representing a system first key pair, G₁Representing a first multiplication cycle group, G₂Representing a second multiplication cycle group, g being a generator of the multiplication cycle group, p representing a random prime number, e representing a bilinear map, H_iAnd i ∈ {1, 2, 3, 4, 5, 6} represents a hash function, N represents the number of federation blockchains, y represents the system first public key, and params represents the system public parameter.

5. The method for sharing electronic prescription based on block chain and conditional proxy re-encryption as claimed in claim 1, wherein the step of generating the second public key and the second private key of the user comprises:

step 1: joining systemThe user sends the identity information id of the user_iSending to the alliance block chain system;

Sending the first private key of the user to the user;

Verifying the correctness of the first private key of the user if

And the second public key of the user is

Wherein id_iWhich represents the information on the identity of the user,

indicating a second userThe private key is used to encrypt the data,

6. The electronic prescription sharing method based on block chain and conditional proxy re-encryption of claim 1, wherein the process of signing the electronic prescription by the electronic prescription holder through the second private key comprises:

And calculating u ═ H₁(id_a)^r,t＝H₁(m||u),

wherein the content of the first and second substances,

set of all pairs of modulo multiplicative invertible elements in the representation, H₁(.)^rRepresenting a hash operation, Enc_sym(.) represents symmetric encryption, dek represents a first symmetric cipherA key, m' denotes a package file of the electronic prescription and the signature, u denotes a first intermediate argument, v denotes a second intermediate argument,

representing the user's second private key.

7. The electronic prescription sharing method based on blockchain and conditional proxy re-encryption of claim 1, wherein the process of encrypting the IPFS value and the first symmetric key of the electronic prescription cryptograph by the electronic prescription sharer using the second public key comprises:

step 1: electronic prescription sharer using second public key of user

And condition of re-encryption

Obtain the second layer ciphertext

Wherein C is₁＝g^r，

C₃＝g^cr，h＝H₄(C₁,C₂,C₃)，C₄＝u^hr；

Step 2: the patient will encrypt the second layer of ciphertext

Uploading a block chain system of the alliance;

denotes the multiplicative cyclic group modulo q, c denotes the encryption condition value, and y denotes the system first public key.

8. The electronic prescription sharing method based on block chain and conditional proxy re-encryption as claimed in claim 1, wherein the process of generating the conditional proxy re-encryption key comprises:

step 1: randomly select one

Wherein R is₁＝g^r'，

R₄＝u^r’；

Step 2: electronic prescription sharer will

Uploading a block chain of the alliance;

By re-encrypting the key with condition c

Conversion to sharee id_jDecipherable first layer cipher text data

Wherein C'₁＝C₁，C'₂＝C₂e(C₁,R₃)/e(C₃,R₁)，C′₃＝R₁，C′₄＝R₂，h′＝H₆(C′₁,C′₂,C'₃,C'₄)，

where dek denotes the first symmetric key,

representing proxy re-encryption key, g₁Generator representing multiplication loop group, e bilinear map, g^r'Represents a partial re-encryption key, x represents a random value in a multiplicative cyclic group, e ()^r'Denotes a bilinear mapping algorithm, u^r'Denotes an intermediate parameter, C'_iRepresenting the decrypted first-level ciphertext data, i ∈ {1, 2, 3, 4, 5 }.

9. The electronic prescription sharing method based on blockchain and conditional proxy re-encryption as claimed in claim 1, wherein the process of obtaining and verifying the electronic prescription by the sharee comprises:

step 1: the sharee uses the second private key of the sharee

Decryption

wherein the content of the first and second substances,

representing the first layer of ciphertext data, h' representing the value to be verified, e representing the bilinear map, u representing the second layer of ciphertext dataAn intermediate parameter, v denotes a second intermediate parameter,