CN113806772A - Information encryption transmission method and device based on block chain - Google Patents

Information encryption transmission method and device based on block chain Download PDF

Info

Publication number
CN113806772A
CN113806772A CN202111032097.0A CN202111032097A CN113806772A CN 113806772 A CN113806772 A CN 113806772A CN 202111032097 A CN202111032097 A CN 202111032097A CN 113806772 A CN113806772 A CN 113806772A
Authority
CN
China
Prior art keywords
target
plaintext information
information
ciphertext
aes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111032097.0A
Other languages
Chinese (zh)
Inventor
尤紫云
刘晓东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WUHAN HONGXU INFORMATION TECHNOLOGY CO LTD
Original Assignee
WUHAN HONGXU INFORMATION TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by WUHAN HONGXU INFORMATION TECHNOLOGY CO LTD filed Critical WUHAN HONGXU INFORMATION TECHNOLOGY CO LTD
Priority to CN202111032097.0A priority Critical patent/CN113806772A/en
Publication of CN113806772A publication Critical patent/CN113806772A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an information encryption transmission method and device based on a block chain, wherein the method comprises the following steps: encrypting target plaintext information based on a target AES key to obtain a target ciphertext, encrypting the target AES key based on a first ECC public key to obtain the target AES ciphertext, and generating a digital signature of the target plaintext information; the method comprises the steps of sending a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information to a receiving end, enabling the receiving end to decrypt the target AES ciphertext based on a first ECC private key corresponding to a first ECC public key to obtain a target AES key, decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information, conducting safety verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition that the safety verification is passed. The block chain-based information encryption transmission method and device can realize safer and more efficient information encryption transmission.

Description

Information encryption transmission method and device based on block chain
Technical Field
The present invention relates to the field of communications technologies, and in particular, to an information encryption transmission method and apparatus based on a block chain.
Background
With the development of internet technology, information can be transmitted between different user terminals through the internet. The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm, and can improve the safety of data storage and transmission to a certain extent. But the block chain network still has data security risks of acquiring and downloading data randomly in the chain. In order to ensure the safety of information transmission in the block chain network, particularly the safety transmission of sensitive information, the information can be encrypted by an asymmetric encryption algorithm or a symmetric encryption algorithm and then transmitted. However, the security of the symmetric encryption algorithm is not high, so that the symmetric encryption algorithm is easy to crack; the security of the asymmetric algorithm is higher than that of the encryption algorithm, but the asymmetric algorithm is more complex, so that the efficiency of information encryption transmission is lower, and the information encryption transmission based on the prior art is difficult to perform safely and efficiently.
Disclosure of Invention
The invention provides an information encryption transmission method and device based on a block chain, which are used for solving the defect that the information encryption transmission is difficult to carry out safely and efficiently in the prior art and realizing safer and more efficient information encryption transmission.
The invention provides an information encryption transmission method based on a block chain, which comprises the following steps:
encrypting target plaintext information based on a target AES key to obtain a target ciphertext, encrypting the target AES key based on a first ECC public key to obtain the target AES ciphertext, and generating a digital signature of the target plaintext information;
sending the target ciphertext, the target AES ciphertext and the digital signature of the target plaintext information to a receiving end, so that the receiving end decrypts the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain the target AES key, decrypts the target ciphertext based on the target AES key to obtain decrypted plaintext information, performs security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determines to receive the target plaintext information under the condition of passing the security verification.
According to the information encryption transmission method based on the block chain provided by the invention, the generating of the digital signature of the target plaintext information specifically comprises the following steps:
acquiring a digest value of the target plaintext information based on a target function;
and obtaining a digital signature of the target plaintext information through a target digital signature algorithm based on a second ECC private key and the digest value of the target plaintext information.
According to the information encryption transmission method based on the block chain provided by the invention, before the target ciphertext, the target AES ciphertext and the digest value of the target plaintext information are sent to the receiving end, the method further comprises the following steps:
and sending a connection request which represents a request for establishing a communication channel between the server and the receiving end to the server, so that the server receives the connection request and establishes the communication channel between the sending end and the receiving end.
The invention also provides an information encryption transmission method based on the block chain, which comprises the following steps:
receiving a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information sent by a sending end;
decrypting the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain a target AES key, and then decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information;
according to the information encryption transmission method based on the block chain, provided by the invention, security verification is carried out based on the decrypted plaintext information and the digital signature of the target plaintext information, and the target plaintext information is determined to be received under the condition of passing the security verification;
the target ciphertext is obtained by encrypting the target plaintext information by the sending end based on the target AES key; the target AES ciphertext is obtained by the sending end after encrypting the target AES key based on the first ECC public key.
According to the information encryption transmission method based on the block chain, provided by the invention, the security verification is performed based on the decrypted plaintext information and the digital signature of the target plaintext information, and the method specifically comprises the following steps:
based on a second ECC public key corresponding to a second ECC private key and the digital signature of the target plaintext information, obtaining a digest value of the target plaintext information through a target digital signature function, and based on the target function, obtaining a digest value of the decrypted plaintext information;
and determining that the security verification is passed under the condition that the digest value of the target plaintext information and the digest value of the decrypted plaintext information are determined to be the same.
The invention also provides an information encryption transmission device based on the block chain, which comprises:
the encryption module is used for encrypting target plaintext information based on a target AES key to obtain a target ciphertext, encrypting the target AES key based on a first ECC public key to obtain a target AES ciphertext, and generating a digital signature of the target plaintext information;
the sending module is used for sending the target ciphertext, the target AES ciphertext and the digital signature of the target plaintext information to a receiving end, so that the receiving end decrypts the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain the target AES key, decrypts the target ciphertext based on the target AES key to obtain decrypted plaintext information, performs security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determines to receive the target plaintext information under the condition of passing the security verification.
The invention also provides an information encryption transmission device based on the block chain, which comprises:
the receiving module is used for receiving the digital signature of the target ciphertext, the target AES ciphertext and the target plaintext information sent by the sending end;
the decryption module is used for decrypting the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain a target AES key, and then decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information;
the verification module is used for carrying out security verification on the basis of the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition of passing the security verification;
the target ciphertext is obtained by encrypting the target plaintext information by the sending end based on the target AES key; the target AES ciphertext is obtained by the sending end after encrypting the target AES key based on the first ECC public key.
The invention also provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the program to realize the steps of any one of the above block chain-based information encryption transmission methods.
The present invention also provides a non-transitory computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the blockchain-based information encryption transmission method as described in any of the above.
The present invention also provides a computer program product comprising a computer program which, when being executed by a processor, implements the steps of the above-mentioned blockchain-based information encryption transmission method.
The invention provides a block chain-based information encryption transmission method and a block chain-based information encryption transmission device, a target ciphertext is obtained by encrypting target plaintext information based on a symmetric algorithm through a sending end, a target AES key is encrypted based on an asymmetric algorithm to obtain a target AES ciphertext, after a digital signature of the target plaintext information is generated, the target ciphertext, the target AES ciphertext and the digital signature of the target plaintext information are sent to a receiving end, the receiving end decrypts the target AES ciphertext and the target ciphertext respectively to obtain decrypted plaintext information, and the received target plaintext information is determined under the condition that the digital signature based on the decrypted plaintext information and the target plaintext information passes safety verification, so that the problems of key distribution and management can be solved, the information sent by the sending end can be prevented from being randomly obtained and downloaded by combining the asymmetric algorithm, the symmetric algorithm and the digital signature, and the safety of information transmission can be further improved, and the information encryption transmission with higher safety and higher efficiency can be realized.
Drawings
In order to more clearly illustrate the technical solutions of the present invention or the prior art, the drawings needed for the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is one of the flow diagrams of the block chain-based information encryption transmission method provided by the present invention;
fig. 2 is a second schematic flowchart of the information encryption transmission method based on the block chain according to the present invention;
fig. 3 is a third schematic flowchart of an information encryption transmission method based on a block chain according to the present invention;
fig. 4 is an interaction diagram of a sending end and a receiving end in the information encryption transmission method based on the block chain according to the present invention;
fig. 5 is one of the structural schematic diagrams of the information encryption transmission device based on the block chain provided by the invention;
fig. 6 is a second schematic structural diagram of an information encryption transmission apparatus based on a block chain according to the present invention;
fig. 7 is a schematic structural diagram of an electronic device provided by the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is obvious that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that an ECC algorithm (Elliptic curve algorithm) is an asymmetric algorithm based on Elliptic curve mathematics, and has the advantages of high security, small calculation amount, high processing speed, and less occupied storage space and transmission bandwidth.
The AES (Advanced Encryption Standard) is a widely used symmetric algorithm, and the Encryption key and the decryption key in the AES are the same, which has the advantage of fast calculation speed.
A key pair can be obtained through a certain algorithm, and comprises a public key and a private key, wherein the public key can be disclosed to the outside, and the private key is reserved not to be disclosed to the outside. The public key and the private key in any key pair have a unique corresponding relation, if data is encrypted through a certain public key, only the private key corresponding to the public key can decrypt the data, and if data is encrypted through a certain private key, only the public key corresponding to the private key can decrypt the data.
It should be noted that the information encryption transmission method based on the blockchain provided by the present invention can be used for information encryption transmission between nodes in the blockchain network. Optionally, the information encryption transmission method based on the block chain provided by the invention can also be used for information encryption transmission between different user clients in the internet.
Fig. 1 is a schematic flow chart of an information encryption transmission method based on a block chain according to the present invention. The information encryption transmission method based on the block chain of the present invention is described below with reference to fig. 1. As shown in fig. 1, the method includes: step 101, encrypting the target plaintext information based on the target AES key to obtain a target ciphertext, encrypting the target AES key based on the first ECC public key to obtain the target AES ciphertext, and generating a digital signature of the target plaintext information.
It should be noted that the execution subject of the embodiment of the present invention is a sending end. Under the condition that a sending end has a requirement for sending information to a receiving end, the information can be sent to the receiving end by the block chain-based information encryption transmission method provided by the invention. The sending end and the receiving end are both nodes in the same block chain. Alternatively, the sending end and the mobile end can also be two users in the internet.
It should be noted that, in the embodiment of the present invention, the sending end and the receiving end have already established a communication channel that can be used for information transmission through the service end. After a communication channel between the sending end and the receiving end is established, the receiving end can randomly generate a pair of ECC key pairs based on an ECC algorithm, the ECC key pairs comprise a first ECC public key and a first ECC private key, and the receiving end can send the first ECC public key to the server end for storage and locally store the first ECC private key. After a communication channel between the sending end and the receiving end is established, the sending end can also randomly generate a pair of ECC key pairs based on an ECC algorithm, the ECC key pairs comprise a second ECC public key and a second ECC private key, and the sending end can send the second ECC public key to the server end for storage and locally store the second ECC private key.
The target plaintext information is information that the sending end needs to send to the receiving end.
The sending end can randomly generate an AES key as a target AES key based on an AES algorithm, and after encrypting target plaintext information based on the target AES key, obtain a target ciphertext corresponding to the target plaintext information.
The sending end can also obtain a first ECC public key from the server end, and encrypt the target AES key based on the first ECC public key to obtain a target AES ciphertext.
It should be noted that, the target AES key is encrypted based on the first ECC public key, so that it is ensured that other clients cannot decrypt the target AES ciphertext to obtain the target AES key, and compared with the target plaintext information, the number of characters of the target AES key is smaller, and the calculation for encrypting the target AES key based on the first ECC public key is simpler and higher in calculation efficiency.
In the embodiment of the invention, the advantages of high encryption speed of the AES algorithm, suitability for encrypting long data and the advantages of high difficulty and high safety of the ECC algorithm are utilized, the management problem of the AES key is solved by combining the AES algorithm and the ECC algorithm, the symmetric encryption algorithm (AES algorithm) and the public key encryption algorithm (ECC algorithm) can be combined to form a complementary design, an illegal third party cannot easily intercept a target AES key, and the ECC public key is externally published, so that the confidentiality of the target AES key can be ensured, and the safety in the information transmission process can be effectively ensured. The server side is used as a core medium, so that data transmission between the sending end and the receiving end is realized, and the safety of information transmission can be dually ensured through digital signature and signature authentication.
The sending end can generate a digital signature of the target plaintext information in various modes, and after the receiving end receives the digital signature, the receiving end can perform security verification based on the digital signature to judge whether the information is tampered or damaged in the transmission process.
102, sending the target ciphertext, the target AES ciphertext and the digital signature of the target plaintext information to a receiving end, enabling the receiving end to decrypt the target AES ciphertext based on a first ECC private key corresponding to a first ECC public key to obtain a target AES key, decrypt the target ciphertext based on the target AES key to obtain decrypted plaintext information, performing security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition that the security verification is passed.
Specifically, after the sending end obtains the digital signatures of the target ciphertext, the target AES ciphertext, and the target plaintext information, the sending end may send the digital signatures of the target ciphertext, the target AES ciphertext, and the target plaintext information to the receiving end through a communication channel with the receiving end.
The receiving end can receive the target ciphertext, the target AES ciphertext and the digital signature of the target plaintext information sent by the sending end through a communication channel between the receiving end and the sending end.
After receiving the target cipher text, the target AES cipher text and the digital signature of the target plaintext information sent by the sending end, the receiving end can decrypt the target AES cipher text based on the first ECC private key stored locally to obtain the target AES key.
After the receiving end obtains the target AES key, the receiving end can also decrypt the received target ciphertext based on the target AES key to obtain decrypted plaintext information.
After the receiving end obtains the decrypted plaintext information, it needs to determine whether the decrypted plaintext information is the same as the target plaintext information, that is, it needs to determine whether the target plaintext information is modified or deleted in the encryption transmission process.
The receiving end can determine whether the decrypted plaintext information is the same as the target plaintext information by performing security verification, that is, whether the target plaintext information is modified or deleted in the encryption transmission process can be determined.
The receiving end can carry out security verification based on the obtained decrypted plaintext information and the received digital signature of the target plaintext information, and verify whether the obtained decrypted plaintext information is the same as the target plaintext information.
If the security verification is passed, the decrypted plaintext information obtained by the receiving end can be determined to be the same as the target plaintext information, that is, the information received by the receiving end can be determined to be the target plaintext information. If the information passes the security verification, the information can be safely transmitted in the process of information encryption transmission between the sending end and the receiving end.
If the information does not pass the security verification, the decrypted plaintext information obtained by the receiving end is determined to be different from the target plaintext information, that is, the information received by the receiving end is determined not to be the target plaintext information, and the information is not transmitted safely in the information encryption transmission process between the sending end and the receiving end.
It should be noted that, in the case that the security authentication is not passed, the receiving end may send an interrupt request to the service end, the interrupt request requesting to interrupt the communication channel between the receiving end and the sending end. After receiving the interrupt request, the server may interrupt the communication channel between the receiver and the sender.
The embodiment of the invention encrypts target plaintext information based on a symmetric algorithm by a sending end to obtain a target ciphertext, encrypts a target AES key based on an asymmetric algorithm to obtain a target AES ciphertext, sends the target ciphertext, the target AES ciphertext and a digital signature of the target plaintext information to a receiving end after generating the digital signature of the target plaintext information, decrypts the target AES ciphertext and the target ciphertext by the receiving end respectively to obtain decrypted plaintext information, determines to receive the target plaintext information under the condition that the digital signature based on the decrypted plaintext information and the target plaintext information passes safety verification, can solve the problems of key distribution and management, can combine the asymmetric algorithm, the symmetric algorithm and the digital signature to prevent the information sent by the sending end from being randomly obtained and downloaded, further improves the safety of information transmission, and can realize safer AES, And more efficient information encryption transmission is realized.
Based on the content of the foregoing embodiments, generating a digital signature of target plaintext information specifically includes: and acquiring the digest value of the target plaintext information based on the target function.
It should be noted that the objective function may be a hash function, and may also be another function, and the objective function is not specifically limited in the embodiment of the present invention. The following describes a specific process of acquiring a digest value of target plaintext information by taking an objective function as a hash function as an example.
Specifically, after the sending end generates the target plaintext information m, the sending end encrypts the target plaintext information m to obtain the target ciphertext c, and then the digest value h of the target plaintext information can be obtained based on the hash function1Wherein h is1=hash(m)。
And obtaining a digital signature of the target plaintext information through a target digital signature algorithm based on the second ECC private key and the digest value of the target plaintext information.
It should be noted that the target digital signature algorithm may be an ECDSA digital signature algorithm, and may also be another digital signature algorithm. The specific process of obtaining the digital signature of the target plaintext information will be described below by taking the target digital signature algorithm as the ECDSA digital signature algorithm as an example.
Specifically, the sending end may perform the ECDSA digital signature algorithm on the digest value h of the target plaintext information based on the second ECC private key1Signing to obtain a digital signature s of target plaintext information1(h1)。
And performing digital signature and signature verification in the chain through an ECDSA (electronic signature SA) digital signature algorithm, and performing double encryption verification on information in the chain. The safety level of the algorithm is improved, the integrity of the data is guaranteed, and the information is effectively prevented from being stolen, tampered and damaged.
According to the embodiment of the invention, after the digest value of the target plaintext information is obtained based on the target function, the digital signature of the target plaintext information is obtained based on the first ECC private key generated by the receiving terminal through the ECC algorithm and the digest value of the target plaintext information through the target digital signature algorithm, the digital signature of the target plaintext information can be carried out through the receiving terminal, and the information is subjected to double encryption verification, so that the safety level of the encryption algorithm can be improved, the integrity of the information is ensured, the information theft, the tampering and the damage can be effectively avoided, and the safety of information transmission can be further improved.
Based on the content of the above embodiments, before sending the digest values of the target ciphertext, the target AES ciphertext, and the target plaintext information to the receiving end, the method further includes: and sending a connection request which indicates that a communication channel between the sending end and the receiving end is required to be established to the server end, so that the server end receives the connection request and establishes the communication channel between the sending end and the receiving end.
Specifically, before the sending end sends information to the receiving end through the information encryption transmission method based on the block chain, the sending end and the receiving end need to establish a communication channel with the service end respectively, and establish a communication channel between the sending end and the receiving end through the service end.
Under the condition that the server side determines that the server side and the sending side pass the bidirectional identity authentication, the server side can establish a communication channel with the sending side.
Specifically, the transmitting end may transmit a connection request indicating a request to establish a communication channel with the receiving end to the server end.
After receiving the connection request, the server may send the digital certificate of the server to the sender.
After the sending end receives the digital certificate of the server, the identity authentication can be performed on the server based on the digital certificate of the server, and under the condition that the server is confirmed to pass the identity authentication, confirmation information indicating that the server passes the identity authentication is returned to the server.
After receiving the confirmation information, the server side can encrypt any plaintext information based on a private key corresponding to the digital certificate of the server side to obtain a verification ciphertext, and sends the plaintext information and the verification ciphertext to the sending end.
After the sending end receives the plaintext information and the verification ciphertext, the verification ciphertext can be decrypted based on a public key corresponding to the digital certificate of the server, and the sending end is determined to pass identity authentication under the condition that the ciphertext information obtained by decryption is the same as the received ciphertext information.
After the server side determines that the sender side passes the identity authentication, a communication channel with the sender side can be established.
It should be noted that the procedure for establishing the communication channel between the receiving end and the service end is the same as the specific procedure for establishing the communication channel between the sending end and the service end, and is not described herein again.
After the sending end and the receiving end establish communication channels with the server end respectively, the server end establishes the communication channels between the sending end and the receiving end.
The embodiment of the invention can effectively prevent unauthorized client from accessing the server by carrying out bidirectional identity authentication between the server and the sending end and between the server and the receiving end under the condition that the bidirectional identity authentication is carried out between the server and the sending end as well as between the server and the receiving end before the encrypted transmission of the information from the sending end to the receiving end, can block illegal invasion before the encrypted transmission of the information, and can further improve the safety of information transmission.
Fig. 2 is a second schematic flow chart of the method for encrypted transmission of information based on block chains according to the present invention. The information encryption transmission method based on the block chain of the present invention is described below with reference to fig. 2. As shown in fig. 2, the method includes: step 201, receiving a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information sent by a sending end.
It should be noted that the execution subject in the embodiment of the present invention is the receiving end.
It should be noted that, in the embodiment of the present invention, the sending end and the receiving end have already established a communication channel that can be used for information transmission through the service end. After a communication channel between the sending end and the receiving end is established, the receiving end can randomly generate a pair of ECC key pairs based on an ECC algorithm, the ECC key pairs comprise a first ECC public key and a first ECC private key, and the receiving end can send the first ECC public key to the server end for storage and locally store the first ECC private key. After a communication channel between the sending end and the receiving end is established, the sending end can also randomly generate a pair of ECC key pairs based on an ECC algorithm, the ECC key pairs comprise a second ECC public key and a second ECC private key, and the sending end can send the second ECC public key to the server end for storage and locally store the second ECC private key.
The target plaintext information is information that the receiving end should receive.
The sending end can randomly generate an AES key as a target AES key based on an AES algorithm, and after encrypting target plaintext information based on the target AES key, obtain a target ciphertext corresponding to the target plaintext information.
The sending end can also obtain a first ECC public key from the server end, and encrypt the target AES key based on the first ECC public key to obtain a target AES ciphertext.
The receiving end can receive the target ciphertext, the target AES ciphertext and the digital signature of the target plaintext information sent by the sending end through a communication channel between the receiving end and the sending end.
Step 202, decrypting the target AES ciphertext based on the first ECC private key corresponding to the first ECC public key to obtain a target AES key, and then decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information; the target ciphertext is obtained by encrypting target plaintext information by the sending end based on a target AES key; and the target AES ciphertext is obtained by encrypting the target AES key by the sending end based on the first ECC public key.
Specifically, after receiving the target cipher text, the target AES cipher text, and the digital signature of the target plaintext information sent by the sending end, the receiving end may decrypt the target AES cipher text based on the locally stored first ECC private key to obtain the target AES key.
After the receiving end obtains the target AES key, the receiving end can also decrypt the received target ciphertext based on the target AES key to obtain decrypted plaintext information.
And step 203, performing security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition of passing the security verification.
Specifically, after the receiving end obtains the decrypted plaintext information, it needs to determine whether the decrypted plaintext information is the same as the target plaintext information, that is, it needs to determine whether the target plaintext information is modified or deleted in the encryption transmission process.
The receiving end can determine whether the decrypted plaintext information is the same as the target plaintext information by performing security verification, that is, whether the target plaintext information is modified or deleted in the encryption transmission process can be determined.
The receiving end can carry out security verification based on the obtained decrypted plaintext information and the received digital signature of the target plaintext information, and verify whether the obtained decrypted plaintext information is the same as the target plaintext information.
If the security verification is passed, the decrypted plaintext information obtained by the receiving end can be determined to be the same as the target plaintext information, that is, the information received by the receiving end can be determined to be the target plaintext information. If the information passes the security verification, the information can be safely transmitted in the process of information encryption transmission between the sending end and the receiving end.
If the information does not pass the security verification, the decrypted plaintext information obtained by the receiving end is determined to be different from the target plaintext information, that is, the information received by the receiving end is determined not to be the target plaintext information, and the information is not transmitted safely in the information encryption transmission process between the sending end and the receiving end.
It should be noted that, in the case that the security authentication is not passed, the receiving end may send an interrupt request to the service end, the interrupt request requesting to interrupt the communication channel between the receiving end and the sending end. After receiving the interrupt request, the server may interrupt the communication channel between the receiver and the sender.
The embodiment of the invention receives the digital signature of the target ciphertext, the target AES ciphertext and the target plaintext information sent by the sending end through the receiving end, decrypts the target AES ciphertext to obtain the target AES key based on the first ECC private key generated by the ECC algorithm by the receiving end, decrypts the target ciphertext based on the target AES key to obtain the decrypted plaintext information, performs security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, determines to receive the target plaintext information by the receiving end under the condition of passing the security verification, sends an interrupt request for requesting to interrupt a communication channel between the receiving end and the sending end to the service end under the condition of not passing the security verification, interrupts the communication channel between the receiving end and the sending end after the service end receives the interrupt request, can solve the problems of key distribution and management, can combine the asymmetric algorithm, the symmetric algorithm and the digital signature to avoid the information sent by the sending end from being randomly acquired and downloaded, therefore, the safety of information transmission is further improved, safer and more efficient information encryption transmission can be realized, and when the transmitting end encounters an illegal third party attack in the process of encrypting and transmitting information to the receiving end, the communication channel between the transmitting end and the receiving end is interrupted, and the connection between the transmitting end and the receiving end and other clients is not influenced.
Based on the content of each embodiment, the security verification is performed based on the decrypted plaintext information and the digital signature of the target plaintext information, which specifically includes: and obtaining the digest value of the target plaintext information through a target digital signature function based on a second ECC public key corresponding to the second ECC private key and the digital signature of the target plaintext information, and obtaining the digest value of the decrypted plaintext information based on the target function.
Digital signature s of target plaintext information received by receiving end1(h1) Then, the digital signature s of the target plaintext information can be decrypted by the target digital signature algorithm based on the second ECC public key corresponding to the second ECC private key1(h1) Obtaining the abstract value h of the target plaintext information1
It should be noted that the target digital signature algorithm may be an ECDSA digital signature algorithm, and may also be another digital signature algorithm.
It should be noted that the objective function may be a hash function, and may also be another function, and the objective function is not specifically limited in the embodiment of the present invention. The following describes a specific process of acquiring a digest value of decrypted plaintext information by taking an objective function as a hash function as an example.
After the decrypted plaintext information n obtained by the receiving end, the digest value h of the decrypted plaintext information can be obtained based on the hash function2Wherein h is2=hash(n)。
In the case where it is determined that the digest value of the target plaintext information and the digest value of the decrypted plaintext information are the same, it is determined that the security verification is passed.
The receiving end obtains the abstract value h of the target plaintext information1And a digest value h for decrypting the plaintext information2Then, the digest value h of the target plaintext information can be compared1And a digest value h for decrypting the plaintext information2
If the abstract value h of the target plaintext information is judged and obtained1And a digest value h for decrypting the plaintext information2If the decryption plaintext information obtained by the receiving end is the same as the target plaintext information, the receiving end can be determined to pass the security verification.
If the abstract value h of the target plaintext information is judged and obtained1And a digest value h for decrypting the plaintext information2If the decryption plaintext information obtained by the receiving end is different from the target plaintext information, it can be determined that the decryption plaintext information does not pass the security verification.
The embodiment of the invention obtains the digest value of the target plaintext information through the target digital signature algorithm based on the second ECC public key and the digital signature of the target plaintext information at the receiving end, obtains the digest value of the decrypted plaintext information based on the target function, determines whether the information passes the security verification by judging whether the digest value of the target plaintext information is the same as the digest value of the decrypted plaintext information or not, can carry out double encryption verification on the information, can improve the security level of the encryption algorithm and ensure the integrity of the information, can effectively avoid the theft, the falsification and the damage of the information, and can further improve the security of information transmission.
In order to facilitate understanding of the information encryption transmission method based on the blockchain provided by the present invention, the information encryption transmission method based on the blockchain provided by the present invention is described below by an example. Fig. 3 is a third schematic flowchart of the information encryption transmission method based on the block chain according to the present invention.
As shown in fig. 3, firstly, the client performs bidirectional identity authentication with the sending end and the receiving end respectively, and the server establishes communication channels with the sending end and the receiving end respectively under the condition that the bidirectional identity authentication of the server and the sending end and the receiving end is passed; and under the condition that the server and any one of the sending end and the receiving end do not pass the bidirectional identity authentication, the server does not establish a communication channel with the sending end or the receiving end which does not pass the bidirectional identity authentication.
After the server establishes communication channels with the transmitting end and the receiving end, the transmitting end and the receiving end can randomly generate a pair of ECC keys based on an ECC algorithm respectively. The receiving end can obtain a first ECC public key and a first ECC private key, can send the first ECC public key to the server end for storage, and can locally store the first ECC private key; the sending end can obtain the second ECC public key and the second ECC private key, and can send the second ECC public key to the server end for storage, and locally store the second ECC private key.
And the sending end encrypts the target plaintext information and sends the encrypted target plaintext information to the receiving end through information encryption transmission.
After receiving the encrypted target plaintext information, the receiving end can decrypt the encrypted target plaintext information and perform security verification based on the digital signature of the target plaintext information.
If the judgment shows that the security verification is passed, the receiving end can confirm that the target plaintext information is received and can confirm that the information is safely transmitted in the information encryption transmission process between the sending end and the receiving end.
And after judging that the security verification is not passed, the receiving end can confirm that the target plaintext information is not received and can confirm that the information is not safely transmitted in the information encryption transmission process between the sending end and the receiving end, and the service end can interrupt communication channels among the sending end, the receiving end and the service end.
Fig. 4 is an interaction diagram of a sending end and a receiving end in the information encryption transmission method based on the block chain provided by the present invention.
As shown in fig. 4, the sending end may randomly generate an AES key based on the AES algorithm as a target AES key, and encrypt the target plaintext information based on the target AES key to obtain a target ciphertext c corresponding to the target plaintext information.
The sending end can also obtain a first ECC public key from the server end, and encrypt the target AES key based on the first ECC public key to obtain a target AES ciphertext.
After the sending end encrypts the target plaintext information m to obtain the target ciphertext c, the digest value h of the target plaintext information can be obtained based on the hash function1Wherein h is1=hash(m)。
The sending end can perform the ECDSA digital signature algorithm on the digest value h of the target plaintext information based on the second ECC private key1Signing to obtain a digital signature s of target plaintext information1(h1)。
The sending end obtains a digital signature s of a target ciphertext c, a target AES ciphertext and a target plaintext information1(h1) The target ciphertext c, the target AES ciphertext, and the digital signature s of the target plaintext information may then be signed1(h1) And sending the data to a receiving end.
The receiving end can receive the target ciphertext c, the target AES ciphertext and the digital signature s of the target plaintext information sent by the sending end through a communication channel between the receiving end and the sending end1(h1)。
After receiving the target cipher text c, the target AES cipher text and the digital signature of the target plaintext information sent by the sending end, the receiving end can decrypt the target AES cipher text based on the first ECC private key stored locally to obtain the target AES key.
After the receiving end obtains the target AES key, the received target ciphertext c can be decrypted based on the target AES key, and the decrypted plaintext information n is obtained.
Digital signature s of target plaintext information received by receiving end1(h1) Then, based on a second ECC public key corresponding to the second ECC private key, the digital signature s of the target plaintext information may be decrypted by an ECDSA digital signature algorithm1(h1) Obtaining the abstract value h of the target plaintext information1
After the decrypted plaintext information n obtained by the receiving end, the digest value h of the decrypted plaintext information can be obtained based on the hash function2Wherein h is2=hash(n)。
The receiving end can compare the abstract value h of the target plaintext information1And a digest value h for decrypting the plaintext information2And carrying out security verification.
If the abstract value h of the target plaintext information is judged and obtained1And a digest value h for decrypting the plaintext information2If the information is identical to the target plaintext information, the receiving end can confirm that the target plaintext information is received and can confirm that the information is safely transmitted in the information encryption transmission process between the sending end and the receiving end.
If the abstract value h of the target plaintext information is judged and obtained1And a digest value h for decrypting the plaintext information2If the information is different from the target plaintext information, the receiving end can determine that the decrypted plaintext information obtained by the receiving end is different from the target plaintext information, the receiving end can determine that the target plaintext information is not received, the receiving end can determine that the information is not safely transmitted in the information encryption transmission process between the sending end and the receiving end, and the service end can interrupt a communication channel between the sending end and the receiving end and between the service end and the receiving end.
Fig. 5 is a schematic structural diagram of an information encryption transmission apparatus based on a block chain according to the present invention. The following describes the information encryption transmission apparatus based on the block chain according to the present invention with reference to fig. 5, and the information encryption transmission apparatus based on the block chain described below and the information encryption transmission method based on the block chain according to the present invention described above may be referred to correspondingly. As shown in fig. 5, the apparatus includes: an encryption module 501 and a sending module 502.
The encryption module 501 is configured to encrypt the target plaintext information based on the target AES key to obtain a target ciphertext, encrypt the target AES key based on the first ECC public key to obtain the target AES ciphertext, and generate a digital signature of the target plaintext information.
The sending module 502 is configured to send the target ciphertext, the target AES ciphertext, and the digital signature of the target plaintext information to the receiving end.
Specifically, the encryption module 501 and the transmission module 503 are electrically connected.
The encryption module 501 may randomly generate an AES key based on the AES algorithm as a target AES key, and encrypt target plaintext information based on the target AES key to obtain a target ciphertext corresponding to the target plaintext information.
The encryption module 501 may further obtain the first ECC public key from the server, and encrypt the target AES key based on the first ECC public key to obtain the target AES ciphertext.
The encryption module 501 may also generate a digital signature of the target plaintext information in various manners, and after receiving the digital signature at the receiving end, the security verification may be performed based on the digital signature to determine whether the information is tampered or damaged in the transmission process.
The sending module 502 may send the target cipher text, the target AES cipher text, and the digital signature of the target plaintext information to the receiving end through a communication channel with the receiving end.
Optionally, the encryption module 501 may be specifically configured to obtain a digest value of the target plaintext information based on the target function; and obtaining a digital signature of the target plaintext information through a target digital signature algorithm based on the second ECC private key and the digest value of the target plaintext information.
The embodiment of the invention encrypts target plaintext information based on a symmetric algorithm by a sending end to obtain a target ciphertext, encrypts a target AES key based on an asymmetric algorithm to obtain a target AES ciphertext, sends the target ciphertext, the target AES ciphertext and a digital signature of the target plaintext information to a receiving end after generating the digital signature of the target plaintext information, decrypts the target AES ciphertext and the target ciphertext by the receiving end respectively to obtain decrypted plaintext information, determines to receive the target plaintext information under the condition that the digital signature based on the decrypted plaintext information and the target plaintext information passes safety verification, can solve the problems of key distribution and management, can combine the asymmetric algorithm, the symmetric algorithm and the digital signature to prevent the information sent by the sending end from being randomly obtained and downloaded, further improves the safety of information transmission, and can realize safer AES, And more efficient information encryption transmission is realized.
Fig. 6 is a second schematic structural diagram of an information encryption transmission apparatus based on a block chain according to the present invention. The following describes the block chain based information encryption transmission apparatus provided by the present invention with reference to fig. 6, and the block chain based information encryption transmission apparatus described below and the block chain based information encryption transmission method provided by the present invention described above may be referred to correspondingly. As shown in fig. 6, the apparatus includes: a receiving module 601, a decryption module 602 and a verification module 603.
The receiving module 601 is configured to receive a target ciphertext, a target AES ciphertext, and a digital signature of target plaintext information sent by a sending end.
The decryption module 602 is configured to decrypt the target AES ciphertext based on the first ECC private key corresponding to the first ECC public key to obtain the target AES key, and then decrypt the target ciphertext based on the target AES key to obtain decrypted plaintext information.
A verification module 603, configured to perform security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determine that the target plaintext information is received in case of passing the security verification; the target ciphertext is obtained by encrypting target plaintext information by the sending end based on a target AES key; and the target AES ciphertext is obtained by encrypting the target AES key by the sending end based on the first ECC public key.
Specifically, the receiving module 601, the decryption module 602, and the verification module 603 are electrically connected.
The receiving module 601 may receive a target cipher text, a target AES cipher text, and a digital signature of target plaintext information sent by the sending end through a communication channel with the sending end.
The decryption module 602 may decrypt the target AES ciphertext based on the locally stored first ECC private key to obtain the target AES key.
The decryption module 602 may further decrypt the received target ciphertext based on the target AES key to obtain decrypted plaintext information.
The verification module 603 may perform security verification based on the obtained decrypted plaintext information and the received digital signature of the target plaintext information, and verify whether the obtained decrypted plaintext information is the same as the target plaintext information.
If the security verification is passed, the decrypted plaintext information obtained by the receiving end can be determined to be the same as the target plaintext information, that is, the information received by the receiving end can be determined to be the target plaintext information. If the information passes the security verification, the information can be safely transmitted in the process of information encryption transmission between the sending end and the receiving end.
If the information does not pass the security verification, the decrypted plaintext information obtained by the receiving end is determined to be different from the target plaintext information, that is, the information received by the receiving end is determined not to be the target plaintext information, and the information is not transmitted safely in the process of information encryption transmission between the transmitting end and the receiving end.
It should be noted that, in the case that the security authentication is not passed, the receiving end may send an interrupt request to the service end, the interrupt request requesting to interrupt the communication channel between the receiving end and the sending end. Before the server receives the interrupt request, the server may interrupt a communication channel between the receiver and the server.
Optionally, the verification module 603 may be specifically configured to obtain, based on the second ECC public key corresponding to the second ECC private key and the digital signature of the target plaintext information, the digest value of the target plaintext information through the target digital signature function, and obtain, based on the target function, the digest value of the decrypted plaintext information; in the case where it is determined that the digest value of the target plaintext information and the digest value of the decrypted plaintext information are the same, it is determined that the security verification is passed.
The embodiment of the invention receives the digital signature of the target ciphertext, the target AES ciphertext and the target plaintext information sent by the sending end through the receiving end, decrypts the target AES ciphertext to obtain the target AES key based on the first ECC private key generated by the ECC algorithm by the receiving end, decrypts the target ciphertext based on the target AES key to obtain the decrypted plaintext information, performs security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, determines to receive the target plaintext information by the receiving end under the condition of passing the security verification, sends an interrupt request for requesting to interrupt a communication channel between the receiving end and the sending end to the service end under the condition of not passing the security verification, interrupts the communication channel between the receiving end and the sending end after the service end receives the interrupt request, can overcome the problems of key distribution and management, can combine the asymmetric algorithm, the symmetric algorithm and the digital signature to avoid the information sent by the sending end from being randomly acquired and downloaded, therefore, the safety of information transmission is further improved, safer and more efficient information encryption transmission can be realized, and when the transmitting end encounters an illegal third party attack in the process of encrypting and transmitting information to the receiving end, the communication channel between the transmitting end and the receiving end is interrupted, and the connection between the transmitting end and the receiving end and other clients is not influenced.
Fig. 7 illustrates a physical structure diagram of an electronic device, and as shown in fig. 7, the electronic device may include: a processor (processor)710, a communication Interface (Communications Interface)720, a memory (memory)730, and a communication bus 740, wherein the processor 710, the communication Interface 720, and the memory 730 communicate with each other via the communication bus 740. Processor 710 may invoke logic instructions in memory 730 to perform a blockchain based information encryption transmission method comprising: encrypting target plaintext information based on a target AES key to obtain a target ciphertext, encrypting the target AES key based on a first ECC public key to obtain the target AES ciphertext, and generating a digital signature of the target plaintext information; the method comprises the steps of sending a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information to a receiving end, enabling the receiving end to decrypt the target AES ciphertext based on a first ECC private key corresponding to a first ECC public key to obtain a target AES key, decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information, conducting safety verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition that the safety verification is passed. Receiving a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information sent by a sending end; decrypting the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain a target AES key, and then decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information; performing security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition of passing the security verification; the target ciphertext is obtained by encrypting target plaintext information by the sending end based on a target AES key; and the target AES ciphertext is obtained by encrypting the target AES key by the sending end based on the first ECC public key.
In addition, the logic instructions in the memory 730 can be implemented in the form of software functional units and stored in a computer readable storage medium when the software functional units are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, the present invention further provides a computer program product, where the computer program product includes a computer program, the computer program can be stored on a non-transitory computer readable storage medium, and when the computer program is executed by a processor, a computer can execute the method for encrypted transmission of information based on a blockchain provided by the above methods, where the method includes: encrypting target plaintext information based on a target AES key to obtain a target ciphertext, encrypting the target AES key based on a first ECC public key to obtain the target AES ciphertext, and generating a digital signature of the target plaintext information; the method comprises the steps of sending a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information to a receiving end, enabling the receiving end to decrypt the target AES ciphertext based on a first ECC private key corresponding to a first ECC public key to obtain a target AES key, decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information, conducting safety verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition that the safety verification is passed. Receiving a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information sent by a sending end; decrypting the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain a target AES key, and then decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information; performing security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition of passing the security verification; the target ciphertext is obtained by encrypting target plaintext information by the sending end based on a target AES key; and the target AES ciphertext is obtained by encrypting the target AES key by the sending end based on the first ECC public key.
In yet another aspect, the present invention also provides a non-transitory computer-readable storage medium, on which a computer program is stored, the computer program, when being executed by a processor, implementing a blockchain-based information encryption transmission method provided by the above methods, the method including: encrypting target plaintext information based on a target AES key to obtain a target ciphertext, encrypting the target AES key based on a first ECC public key to obtain the target AES ciphertext, and generating a digital signature of the target plaintext information; the method comprises the steps of sending a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information to a receiving end, enabling the receiving end to decrypt the target AES ciphertext based on a first ECC private key corresponding to a first ECC public key to obtain a target AES key, decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information, conducting safety verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition that the safety verification is passed. Receiving a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information sent by a sending end; decrypting the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain a target AES key, and then decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information; performing security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition of passing the security verification; the target ciphertext is obtained by encrypting target plaintext information by the sending end based on a target AES key; and the target AES ciphertext is obtained by encrypting the target AES key by the sending end based on the first ECC public key.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. An information encryption transmission method based on a block chain is characterized by comprising the following steps:
encrypting target plaintext information based on a target AES key to obtain a target ciphertext, encrypting the target AES key based on a first ECC public key to obtain the target AES ciphertext, and generating a digital signature of the target plaintext information;
sending the target ciphertext, the target AES ciphertext and the digital signature of the target plaintext information to a receiving end, so that the receiving end decrypts the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain the target AES key, decrypts the target ciphertext based on the target AES key to obtain decrypted plaintext information, performs security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determines to receive the target plaintext information under the condition of passing the security verification.
2. The method for encrypted transmission of information based on a blockchain according to claim 1, wherein the generating a digital signature of the target plaintext information specifically includes:
acquiring a digest value of the target plaintext information based on a target function;
and obtaining a digital signature of the target plaintext information through a target digital signature algorithm based on a second ECC private key and the digest value of the target plaintext information.
3. The method for encrypted transmission of information based on block chains according to claim 1, wherein before the sending the target ciphertext, the target AES ciphertext, and the digest value of the target plaintext information to the receiving end, the method further comprises:
and sending a connection request which represents a request for establishing a communication channel between the server and the receiving end to the server, so that the server receives the connection request and establishes the communication channel between the sending end and the receiving end.
4. An information encryption transmission method based on a block chain is characterized by comprising the following steps:
receiving a target ciphertext, a target AES ciphertext and a digital signature of target plaintext information sent by a sending end;
decrypting the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain a target AES key, and then decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information;
performing security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition of passing the security verification;
the target ciphertext is obtained by encrypting the target plaintext information by the sending end based on the target AES key; the target AES ciphertext is obtained by the sending end after encrypting the target AES key based on the first ECC public key.
5. The method for information encryption transmission based on a blockchain according to claim 4, wherein the security verification based on the digital signature of the decrypted plaintext information and the target plaintext information specifically includes:
based on a second ECC public key corresponding to a second ECC private key and the digital signature of the target plaintext information, obtaining a digest value of the target plaintext information through a target digital signature function, and based on the target function, obtaining a digest value of the decrypted plaintext information;
and determining that the security verification is passed under the condition that the digest value of the target plaintext information and the digest value of the decrypted plaintext information are determined to be the same.
6. An information encryption transmission device based on a block chain, comprising:
the encryption module is used for encrypting target plaintext information based on a target AES key to obtain a target ciphertext, encrypting the target AES key based on a first ECC public key to obtain a target AES ciphertext and generating a digital signature of the target plaintext information;
the sending module is used for sending the target ciphertext, the target AES ciphertext and the digital signature of the target plaintext information to a receiving end, so that the receiving end decrypts the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain the target AES key, decrypts the target ciphertext based on the target AES key to obtain decrypted plaintext information, performs security verification based on the decrypted plaintext information and the digital signature of the target plaintext information, and determines to receive the target plaintext information under the condition of passing the security verification.
7. An information encryption transmission device based on a block chain, comprising:
the receiving module is used for receiving the digital signature of the target ciphertext, the target AES ciphertext and the target plaintext information sent by the sending end;
the decryption module is used for decrypting the target AES ciphertext based on a first ECC private key corresponding to the first ECC public key to obtain a target AES key, and then decrypting the target ciphertext based on the target AES key to obtain decrypted plaintext information;
the verification module is used for carrying out security verification on the basis of the decrypted plaintext information and the digital signature of the target plaintext information, and determining that the target plaintext information is received under the condition of passing the security verification;
the target ciphertext is obtained by encrypting the target plaintext information by the sending end based on the target AES key; the target AES ciphertext is obtained by the sending end after encrypting the target AES key based on the first ECC public key.
8. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor executes the program to implement the steps of the method for encrypted transmission of information based on a blockchain according to any one of claims 1 to 5.
9. A non-transitory computer readable storage medium, on which a computer program is stored, wherein the computer program, when being executed by a processor, implements the steps of the method for encrypted transmission of information based on a blockchain according to any one of claims 1 to 5.
10. A computer program product comprising a computer program, wherein the computer program is adapted to carry out the steps of the method for encrypted transmission of information based on a blockchain according to any one of claims 1 to 5 when executed by a processor.
CN202111032097.0A 2021-09-03 2021-09-03 Information encryption transmission method and device based on block chain Pending CN113806772A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111032097.0A CN113806772A (en) 2021-09-03 2021-09-03 Information encryption transmission method and device based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111032097.0A CN113806772A (en) 2021-09-03 2021-09-03 Information encryption transmission method and device based on block chain

Publications (1)

Publication Number Publication Date
CN113806772A true CN113806772A (en) 2021-12-17

Family

ID=78942384

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111032097.0A Pending CN113806772A (en) 2021-09-03 2021-09-03 Information encryption transmission method and device based on block chain

Country Status (1)

Country Link
CN (1) CN113806772A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978534A (en) * 2022-05-16 2022-08-30 中国银行股份有限公司 Authentication method and system for third party access, third party enterprise terminal and bank terminal
CN115208632A (en) * 2022-06-16 2022-10-18 国网浙江省电力有限公司营销服务中心 Front-end and back-end data encryption transmission method and system
CN115225399A (en) * 2022-07-22 2022-10-21 蔚来汽车科技(安徽)有限公司 Vehicle alarm information processing system and method
CN115348114A (en) * 2022-10-19 2022-11-15 浙江浩普智能科技有限公司 Intelligent power plant data safety transmission method and system, electronic equipment and medium
CN115913565A (en) * 2022-10-19 2023-04-04 南方电网科学研究院有限责任公司 Method for improving communication transmission security of encryption chip and encryption chip
CN115967583A (en) * 2023-03-16 2023-04-14 安羚科技(杭州)有限公司 Key management system and method based on alliance chain
CN116366289A (en) * 2023-02-24 2023-06-30 中国测绘科学研究院 Safety supervision method and device for remote sensing data of unmanned aerial vehicle
CN116886268A (en) * 2023-08-10 2023-10-13 云海链控股股份有限公司 Data transmission verification method, device, equipment and computer readable storage medium
CN117014223A (en) * 2023-09-06 2023-11-07 深圳龙电华鑫控股集团股份有限公司 Concentrator, data transmission method and device thereof and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104320257A (en) * 2014-10-22 2015-01-28 李名选 Electronic record validation method and device
CN110535868A (en) * 2019-09-05 2019-12-03 山东浪潮商用***有限公司 Data transmission method and system based on Hybrid Encryption algorithm
CN112637136A (en) * 2020-12-03 2021-04-09 北京北信源软件股份有限公司 Encrypted communication method and system
CN112804205A (en) * 2020-12-31 2021-05-14 南方电网科学研究院有限责任公司 Data encryption method and device and data decryption method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104320257A (en) * 2014-10-22 2015-01-28 李名选 Electronic record validation method and device
CN110535868A (en) * 2019-09-05 2019-12-03 山东浪潮商用***有限公司 Data transmission method and system based on Hybrid Encryption algorithm
CN112637136A (en) * 2020-12-03 2021-04-09 北京北信源软件股份有限公司 Encrypted communication method and system
CN112804205A (en) * 2020-12-31 2021-05-14 南方电网科学研究院有限责任公司 Data encryption method and device and data decryption method and device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
赵冰: "《区块链技术的网络应用》", 31 October 2019, pages: 35 - 36 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978534A (en) * 2022-05-16 2022-08-30 中国银行股份有限公司 Authentication method and system for third party access, third party enterprise terminal and bank terminal
CN115208632A (en) * 2022-06-16 2022-10-18 国网浙江省电力有限公司营销服务中心 Front-end and back-end data encryption transmission method and system
CN115208632B (en) * 2022-06-16 2023-11-07 国网浙江省电力有限公司营销服务中心 Front-end and back-end data encryption transmission method and system
CN115225399A (en) * 2022-07-22 2022-10-21 蔚来汽车科技(安徽)有限公司 Vehicle alarm information processing system and method
CN115913565B (en) * 2022-10-19 2023-08-15 南方电网科学研究院有限责任公司 Method for improving communication transmission safety of encryption chip and encryption chip
CN115913565A (en) * 2022-10-19 2023-04-04 南方电网科学研究院有限责任公司 Method for improving communication transmission security of encryption chip and encryption chip
CN115348114B (en) * 2022-10-19 2023-02-28 浙江浩普智能科技有限公司 Intelligent power plant data safety transmission method and system, electronic equipment and medium
CN115348114A (en) * 2022-10-19 2022-11-15 浙江浩普智能科技有限公司 Intelligent power plant data safety transmission method and system, electronic equipment and medium
CN116366289A (en) * 2023-02-24 2023-06-30 中国测绘科学研究院 Safety supervision method and device for remote sensing data of unmanned aerial vehicle
CN115967583A (en) * 2023-03-16 2023-04-14 安羚科技(杭州)有限公司 Key management system and method based on alliance chain
CN115967583B (en) * 2023-03-16 2023-06-06 安羚科技(杭州)有限公司 Key management system and method based on alliance chain
CN116886268A (en) * 2023-08-10 2023-10-13 云海链控股股份有限公司 Data transmission verification method, device, equipment and computer readable storage medium
CN116886268B (en) * 2023-08-10 2024-04-26 云海链控股股份有限公司 Data transmission verification method, device, equipment and computer readable storage medium
CN117014223A (en) * 2023-09-06 2023-11-07 深圳龙电华鑫控股集团股份有限公司 Concentrator, data transmission method and device thereof and storage medium
CN117014223B (en) * 2023-09-06 2024-02-27 深圳龙电华鑫控股集团股份有限公司 Concentrator, data transmission method and device thereof and storage medium

Similar Documents

Publication Publication Date Title
CN113806772A (en) Information encryption transmission method and device based on block chain
CN107294937B (en) Data transmission method based on network communication, client and server
US6535980B1 (en) Keyless encryption of messages using challenge response
CN110535868A (en) Data transmission method and system based on Hybrid Encryption algorithm
CN106878016A (en) Data is activation, method of reseptance and device
CN102811224A (en) Method, device and system for implementation of SSL (secure socket layer)/TLS (transport layer security) connection
CN109818747B (en) Digital signature method and device
CN112702318A (en) Communication encryption method, decryption method, client and server
CN104901935A (en) Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
CN112637136A (en) Encrypted communication method and system
CN111914291A (en) Message processing method, device, equipment and storage medium
CN113204760B (en) Method and system for establishing secure channel for software cryptographic module
CN111404664A (en) Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices
CN115499250B (en) Data encryption method and device
CN114499837B (en) Message leakage prevention method, device, system and equipment
CN117081736A (en) Key distribution method, key distribution device, communication method, and communication device
CN110611679A (en) Data transmission method, device, equipment and system
CN113904767A (en) System for establishing communication based on SSL
CN116707778A (en) Data hybrid encryption transmission method and device and electronic equipment
CN114650181B (en) E-mail encryption and decryption method, system, equipment and computer readable storage medium
CN112822015B (en) Information transmission method and related device
CN112769759B (en) Information processing method, information gateway, server and medium
CN113592484A (en) Account cubing method, system and device
JP2004274134A (en) Communication method, communication system using the communication method, server and client
CN114978564B (en) Data transmission method and device based on multiple encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination