CN114154192A - Data processing method and equipment - Google Patents

Data processing method and equipment Download PDF

Info

Publication number
CN114154192A
CN114154192A CN202111409292.0A CN202111409292A CN114154192A CN 114154192 A CN114154192 A CN 114154192A CN 202111409292 A CN202111409292 A CN 202111409292A CN 114154192 A CN114154192 A CN 114154192A
Authority
CN
China
Prior art keywords
data block
verified
hash value
data
tree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111409292.0A
Other languages
Chinese (zh)
Inventor
黄继超
李辉
丁振宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hisense Group Holding Co Ltd
Original Assignee
Hisense Group Holding Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hisense Group Holding Co Ltd filed Critical Hisense Group Holding Co Ltd
Priority to CN202111409292.0A priority Critical patent/CN114154192A/en
Publication of CN114154192A publication Critical patent/CN114154192A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2228Indexing structures
    • G06F16/2255Hash tables
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • Medical Informatics (AREA)
  • Data Mining & Analysis (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The application relates to the technical field of data processing, and discloses a data processing method and device, which comprise the following steps: receiving a to-be-verified data block identifier, a to-be-verified data block and a challenge number sent by terminal equipment, wherein the challenge number is determined by a preset specified rule of the to-be-verified data block identifier; then, determining a first hash value of the data block to be verified based on the data block to be verified and the challenge number; replacing a second hash value corresponding to the identification of the data block to be verified in the pre-constructed Merkel tree with a first hash value according to the identification of the data block to be verified, and determining a root hash value of the first Merkel tree based on the replaced first hash value; finally, if the second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value, determining that the data block to be verified is complete; and if the data blocks to be verified are different, determining that the data blocks to be verified are incomplete, and further accurately determining the integrity of the data blocks to be verified.

Description

Data processing method and equipment
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a data processing method and device.
Background
Along with the continuous development of networks, people pay more and more attention to the problem of personal private data leakage. In the prior art, after a user sends data to a server, the data is stored in the server by calculating a hash value of the data. When a user needs to verify data to be verified, after the data to be verified is sent to the server, the hash value of the data to be verified is calculated in the server, the hash value of the data to be verified is compared with the hash value of the pre-stored data, and if the hash value of the data to be verified is the same as the hash value of the pre-stored data, the data to be verified is determined to be the pre-stored data. But the accuracy of the data integrity checking mode is low.
Disclosure of Invention
The embodiment of the application provides a data processing method and equipment, so that the accuracy of data integrity verification can be improved.
In a first aspect, an embodiment of the present application provides a data processing method, where the method includes:
receiving a to-be-verified data block identifier, a to-be-verified data block and a challenge number sent by a terminal device, wherein the challenge number is determined by a preset specified rule for the to-be-verified data block identifier;
determining a first hash value of the data block to be verified based on the data block to be verified and the challenge number;
replacing a second hash value corresponding to the to-be-verified data block identifier in a pre-constructed Merkel tree with the first hash value according to the to-be-verified data block identifier, and determining a first Merkel tree root hash value based on the replaced first hash value;
if a second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value, determining that the data block to be verified is complete;
and if the second Merkel tree root hash value of the pre-constructed Merkel tree is different from the first Merkel tree root hash value, determining that the data block to be verified is incomplete.
Compared with the prior art that the integrity of the data to be verified is determined only by comparing the hash value of the data to be verified with the hash value of the pre-stored data, the method and the device obtain the challenge number through the preset specified rule of the data to be verified identifier, and simultaneously determine the first hash value of the data block to be verified by using the challenge number and the data block to be verified, so that the obtained first hash value is more accurate. And replacing a second hash value corresponding to the identification of the data block to be verified in the pre-constructed Meckel tree by using the first hash value, and determining the integrity of the data block to be verified more accurately by calculating whether the Meckel number root hash values before and after the replacement of the first hash value are the same.
Optionally, the method for determining the root hash value of the mekel tree based on the replaced first hash value includes:
sorting the hash values except the second hash value in the Merkel tree and the first hash value according to corresponding data block identifiers respectively;
and adding the sorted hash values pairwise in sequence, and executing circularly until the first Meckel tree root hash value is obtained.
The Merkel tree is constructed through the hash values respectively corresponding to the data blocks, the first hash value is used for replacing the second hash value, whether the Merkel number root hash values before and after replacement are the same or not is compared, and the completeness of the data blocks to be checked can be determined more accurately.
Optionally, the data block to be verified is health data of a user, and after the data block to be verified is determined to be complete, the method further includes:
and sending a verification result which determines that the data block to be verified is complete to the terminal equipment so that the terminal equipment can display the health state of the user by using the data block to be verified.
According to the method and the device, the health state of the user can be displayed more accurately by determining the integrity of the data block to be verified of the health data of the user.
Optionally, before receiving the to-be-verified data block identifier, the to-be-verified data block, and the challenge number sent by the terminal device, the method further includes:
receiving data sent by the terminal equipment, dividing the data, and determining hash values corresponding to each divided data block;
pre-constructing the Merkel tree by:
and constructing a Meckel tree by utilizing the hash value corresponding to each data block.
According to the method and the device, data are divided into the data blocks, the Merkel tree is constructed by the hash values corresponding to the divided data blocks, and the user privacy data can be better protected.
Optionally, the constructing a mekerr tree by using the hash values respectively corresponding to each data block includes:
sorting each data block according to the data block identification;
and adding the hash values of the sorted data blocks pairwise in sequence, and circularly executing until the second Merkel tree root hash value is obtained, so that the construction of the Merkel tree is completed.
According to the method and the device, the Merkel tree is constructed by utilizing the hash values respectively corresponding to the data blocks, so that the user privacy data can be better protected.
Optionally, after the data is divided, before determining the hash value corresponding to each divided data block, the method further includes:
judging whether the sizes of the data blocks are the same or not;
and if not, performing data filling on the data blocks with different data sizes.
According to the method and the device, data filling is performed on the data blocks with different data sizes, so that the size of each data block is the same, and then the Meckel tree can be constructed by utilizing the hash values corresponding to the divided data blocks more accurately.
Optionally, after the building the meikel tree by using the hash value respectively corresponding to each data block, the method further includes:
and sending the position index information corresponding to each data block to the terminal equipment.
According to the method and the device, the position index information corresponding to each data block is sent to the terminal equipment, so that the terminal equipment can conveniently determine the position of the data block more accurately by using the position index information.
In a second aspect, an embodiment of the present application provides a data processing apparatus, including: a processor and a display;
the display is used for displaying a user operation interface;
the processor configured to perform:
receiving a to-be-verified data block identifier, a to-be-verified data block and a challenge number sent by a terminal device, wherein the challenge number is determined by a preset specified rule for the to-be-verified data block identifier;
determining a first hash value of the data block to be verified based on the data block to be verified and the challenge number;
replacing a second hash value corresponding to the to-be-verified data block identifier in a pre-constructed Merkel tree with the first hash value according to the to-be-verified data block identifier, and determining a first Merkel tree root hash value based on the replaced first hash value;
if a second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value, determining that the data block to be verified is complete;
and if the second Merkel tree root hash value of the pre-constructed Merkel tree is different from the first Merkel tree root hash value, determining that the data block to be verified is incomplete.
Optionally, the mekerr tree is constructed by hash values corresponding to a plurality of data blocks, and the processor is configured to, when determining the first root hash value based on the replaced first hash value, specifically, perform:
sorting the hash values except the second hash value in the Merkel tree and the first hash value according to corresponding data block identifiers respectively;
and adding the sorted hash values pairwise in sequence, and executing circularly until the first Meckel tree root hash value is obtained.
Optionally, the data block to be verified is health data of a user, and after the determining that the data block to be verified is complete, the processor is further configured to perform:
and sending a verification result which determines that the data block to be verified is complete to the terminal equipment so that the terminal equipment can display the health state of the user by using the data block to be verified.
Optionally, before receiving the to-be-verified data block identifier, the to-be-verified data block, and the challenge number sent by the terminal device, the processor is further configured to perform:
receiving data sent by the terminal equipment, dividing the data, and determining hash values corresponding to each divided data block;
pre-constructing the Merkel tree by:
and constructing a Meckel tree by utilizing the hash value corresponding to each data block.
Optionally, the processor is configured to perform building of a merkel tree by using the hash value corresponding to each of the data blocks, and specifically configured to perform:
sorting each data block according to the data block identification;
and adding the hash values of the sorted data blocks pairwise in sequence, and circularly executing until the second Merkel tree root hash value is obtained, so that the construction of the Merkel tree is completed.
Optionally, after the data is divided, and before the hash value corresponding to each divided data block is determined, the processor is further configured to perform:
judging whether the sizes of the data blocks are the same or not;
and if not, performing data filling on the data blocks with different data sizes.
Optionally, after the processor is configured to construct the meikel tree by using the hash value respectively corresponding to each data block, the processor is further configured to perform:
and sending the position index information corresponding to each data block to the terminal equipment.
In a third aspect, an embodiment of the present application provides a data processing apparatus, including:
the device comprises a receiving module, a verification module and a verification module, wherein the receiving module is used for receiving a to-be-verified data block identifier, a to-be-verified data block and a challenge number which are sent by a terminal device, and the challenge number is determined by a preset specified rule for the to-be-verified data block identifier;
a determining module, configured to determine a first hash value of the data block to be verified based on the data block to be verified and the challenge number;
the replacing module is used for replacing a second hash value corresponding to the to-be-verified data block identifier in a pre-constructed Merkel tree with the first hash value according to the to-be-verified data block identifier, and determining a first Merkel tree root hash value based on the replaced first hash value;
the first comparison module is used for determining that the data block to be verified is complete if a second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value;
and the second comparison module is used for determining that the data block to be verified is incomplete if a second Merker tree root hash value of the pre-constructed Merker tree is different from the first Merker tree root hash value.
Optionally, the mekerr tree is constructed by hash values corresponding to the plurality of data blocks, and the replacement module determines a first mekerr tree root hash value based on the replaced first hash value, and is specifically configured to:
sorting the hash values except the second hash value in the Merkel tree and the first hash value according to corresponding data block identifiers respectively;
and adding the sorted hash values pairwise in sequence, and executing circularly until the first Meckel tree root hash value is obtained.
Optionally, the data block to be verified is health data of a user, and the first comparing module is further configured to:
and sending a verification result which determines that the data block to be verified is complete to the terminal equipment so that the terminal equipment can display the health state of the user by using the data block to be verified.
Optionally, before receiving the to-be-verified data block identifier, the to-be-verified data block, and the challenge number sent by the terminal device, the receiving module is further configured to:
receiving data sent by the terminal equipment, dividing the data, and determining hash values corresponding to each divided data block;
pre-constructing the Merkel tree by:
and constructing a Meckel tree by utilizing the hash value corresponding to each data block.
Optionally, when the receiving module constructs the merkel tree by using the hash value corresponding to each data block, the receiving module is specifically configured to:
sorting each data block according to the data block identification;
and adding the hash values of the sorted data blocks pairwise in sequence, and circularly executing until the second Merkel tree root hash value is obtained, so that the construction of the Merkel tree is completed.
Optionally, after the receiving module divides the data, before determining the hash value corresponding to each divided data block, the receiving module is further configured to:
judging whether the sizes of the data blocks are the same or not;
and if not, performing data filling on the data blocks with different data sizes.
Optionally, after the receiving module constructs the meikel tree by using the hash value respectively corresponding to each data block, the receiving module is further configured to:
and sending the position index information corresponding to each data block to the terminal equipment.
In a fourth aspect, an embodiment of the present application further provides a computer-readable storage medium, in which instructions, when executed by a processor of a data processing device, enable the data processing device to perform any one of the methods as provided in the first aspect of the present application.
In a fifth aspect, an embodiment of the present application provides a computer program product comprising computer programs/instructions which, when executed by a processor, implement any of the methods as provided in the first aspect of the present application.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the embodiments of the present application will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic view of an application scenario of a data processing method according to an embodiment of the present application;
FIG. 2a is a schematic diagram of a built Merkel tree provided in an embodiment of the present application;
FIG. 2b is a block chain storage diagram according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of a data processing method according to an embodiment of the present application;
fig. 4 is a schematic diagram illustrating a data storage process of interaction among a terminal device, a server, and a blockchain according to an embodiment of the present application;
fig. 5 is a schematic diagram illustrating a data integrity verification process of interaction among a terminal device, a server, and a blockchain according to an embodiment of the present application;
fig. 6 is a schematic diagram of a data processing apparatus according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions of the present application better understood by those of ordinary skill in the art, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present application, as detailed in the appended claims.
Hereinafter, some terms in the embodiments of the present application are explained to facilitate understanding by those skilled in the art.
(1) In the embodiments of the present application, the term "plurality" means two or more, and other terms are similar thereto.
(2) "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship.
(3) The server is used for serving the terminal equipment, and the content of the service such as integrity check of the data block to be checked sent by the terminal equipment is carried out; the server corresponds to the application program installed on the terminal device and operates in cooperation with the application program on the terminal device, for example, a user sends health data in the health application program of the terminal device to the server as a data block to be verified for integrity verification, so that the terminal device can display the health state of the user by using the data block to be verified.
(4) The terminal device may refer to an APP (Application) of a software class, or may refer to a client. The system is provided with a visual display interface and can interact with a user; is corresponding to the server, and provides local service for the client. For software applications, except for some applications that only run locally, the software applications are generally installed on a common client terminal and need to be run in cooperation with a server.
In the concrete practice process, along with the continuous development of networks, people pay more and more attention to the problem of personal private data leakage. In the prior art, after a user sends data to a server, the data is stored in the server by calculating a hash value of the data. When a user needs to verify data to be verified, after the data to be verified is sent to the server, the hash value of the data to be verified is calculated in the server, the hash value of the data to be verified is compared with the hash value of the pre-stored data, and if the hash value of the data to be verified is the same as the hash value of the pre-stored data, the data to be verified is determined to be the pre-stored data. But the accuracy of the data integrity checking mode is low.
Therefore, the data processing method is provided, the challenge number is obtained through a preset specified rule of the data to be verified, and the first hash value of the data block to be verified is determined simultaneously by using the challenge number and the data block to be verified, so that the obtained first hash value is more accurate. And replacing a second hash value corresponding to the identification of the data block to be verified in the pre-constructed Meckel tree by using the first hash value, and determining the integrity of the data block to be verified more accurately by calculating whether the Meckel number root hash values before and after the replacement of the first hash value are the same.
After introducing the design concept of the embodiment of the present application, some simple descriptions are provided below for application scenarios to which the technical solution of the embodiment of the present application can be applied, and it should be noted that the application scenarios described below are only used for describing the embodiment of the present application and are not limited. In specific implementation, the technical scheme provided by the embodiment of the application can be flexibly applied according to actual needs.
Fig. 1 is a schematic view of an application scenario of a data processing method according to an embodiment of the present application. The application scenario includes a plurality of terminal devices 101 (including terminal device 101-1, terminal device 101-2, … … terminal device 101-n), server 102. The terminal device 101 and the server 102 are connected via a wireless or wired network, and the terminal device 101 includes but is not limited to a desktop computer, a mobile phone, a mobile computer, a tablet computer, a media player, a smart wearable device, a smart television, and other electronic devices. The server 102 may be a server, a server cluster composed of several servers, or a cloud computing center. The server 102 may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a network service, cloud communication, middleware service, a domain name service, a security service, a CDN, a big data and artificial intelligence platform, and the like.
Taking the interaction between the terminal device 101-1 and the server 102 as an example for explanation, the terminal device 101-1 sends a to-be-verified data block identifier, a to-be-verified data block and a challenge number to the server 102, wherein the challenge number is determined by a preset specified rule for the to-be-verified data block identifier, and the server 102 first determines a first hash value of the to-be-verified data block based on the to-be-verified data block and the challenge number; replacing a second hash value corresponding to the identification of the data block to be verified in the pre-constructed Merkel tree with a first hash value according to the identification of the data block to be verified, and determining a root hash value of the first Merkel tree based on the replaced first hash value; finally, if the second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value, sending a complete verification result that the data block to be verified is to be the complete verification result to the terminal device 101-1; and if the data blocks are different, sending a verification result that the data block to be verified is incomplete to the terminal equipment 101-1.
Here, the first hash value and the first meikel tree root hash value of the data chunk to be verified may also be determined in the terminal device 101-1, and the first hash value and the first meikel tree root hash value of the data chunk to be verified may also be partially determined in the terminal device 101-1 and partially determined in the server 102.
Of course, the method provided in the embodiment of the present application is not limited to be used in the application scenario shown in fig. 1, and may also be used in other possible application scenarios, and the embodiment of the present application is not limited. The functions that can be implemented by each device in the application scenario shown in fig. 1 will be described in the following method embodiments, and will not be described in detail herein.
To further illustrate the technical solutions provided by the embodiments of the present application, the following detailed description is made with reference to the accompanying drawings and the detailed description. Although the embodiments of the present application provide the method operation steps as shown in the following embodiments or figures, more or less operation steps may be included in the method based on the conventional or non-inventive labor. In steps where no necessary causal relationship exists logically, the order of execution of the steps is not limited to that provided by the embodiments of the present application.
The following describes the technical solution provided in the embodiment of the present application with reference to the application scenario shown in fig. 1.
Next, a data processing method provided by the embodiment of the present application is introduced from two parts, which specifically includes: firstly, storing data, and secondly, checking the integrity of the data.
First, storage of data
The server receives data sent by the terminal equipment, divides the data, determines hash values corresponding to each divided data block, and then constructs a Meckel tree by using the hash values corresponding to each data block. Specifically, each data block is sorted according to the data block identification, the hash values of the sorted data blocks are added pairwise according to the sequence, and the construction of the Merkel tree is completed when the second Merkel tree root hash value is obtained through cyclic execution.
For example, when the data sent by the terminal device is health data of the user, and the health data is composed of blood pressure data a, heartbeat data B, and body temperature data C of the user, the health data is divided, and it is assumed that the health data is divided into three data blocks, namely, blood pressure data a, heartbeat data B, and body temperature data C of the user. The three data blocks are encrypted respectively, and Hash values corresponding to the encrypted three data blocks are calculated according to a SHA256 Algorithm (Secure Hash Algorithm). Here, the present application does not limit the specific encryption manner for the data block and the specific manner for determining the hash value of the encrypted data block, and may be adjusted according to the actual application.
As shown in fig. 2a, it is assumed that the data is divided into eight data blocks, the data block identifications of the eight data blocks are T1, T2, T3, T4, T5, T6, T7 and T8, the hash values corresponding to the eight data blocks are H7, H8, H9, H10, H11, H12, H13 and H14, adding the hash values H7 and H8, calculating by an SHA256 algorithm to obtain H3, adding the hash values H9 and H10, calculating by an SHA256 algorithm to obtain H4, adding the hash values H11 and H12, calculating by an SHA256 algorithm to obtain H5, adding the hash values H13 and H14, calculating by an SHA256 algorithm to obtain H6, adding the hash values H3 and H4, calculating by an SHA256 algorithm to obtain H1, adding the hash values H5 and H6, calculating by an SHA256 algorithm to obtain H2, adding the hash values H1 and H2, calculating by an SHA256 algorithm to obtain H0, therefore, the construction of a binary Merkel tree is completed, wherein H0 is the second Merkel tree root hash value of the Merkel tree. The construction process of the mekerr tree is merely illustrated, and the present application does not limit the specific construction method of the mekerr tree.
In an embodiment of the application, after data is divided, before determining the hash value corresponding to each divided data block, it may be further determined whether the size of each data block is the same; and if not, performing data filling on the data blocks with different data sizes.
For example, when data is 0110001 and the data is divided into two data blocks, the two data blocks are: 0110. 001, at this time, the two data blocks have different sizes, and data padding can be performed on data block 001, and if data 0 is used for padding, data block 001 after padding becomes 0010, so that the data size of data block 0010 after padding is the same as the data size of data block 0110. And calculating corresponding hash values by using the data blocks with the same size after filling, so that the Merkel tree can be constructed more accurately.
In an embodiment of the application, after the mackerel tree is constructed by using the hash value corresponding to each data block, position index information corresponding to each data block may be sent to the terminal device, so that the terminal device may accurately determine the position of the data block by using the position index information. For example, a URL (Uniform resource Locator) corresponding to each data block is sent to the terminal device.
In an embodiment of the present application, as shown in fig. 2b, a second root hash value of the meikel tree obtained after the meikel tree is constructed and URLs corresponding to data blocks 1 and 2 … …, respectively, are sent to a block chain, where the second root hash value and the URLs are stored in a block i of the block chain (where n and i are both positive integers), and IDs (identities) and IPs (Internet protocols, protocols for interconnection between networks) of terminal devices corresponding to a plurality of data blocks are also sent to the block chain for storage, so that subsequent terminal devices perform integrity verification on data composed of the plurality of data blocks. Here, each block in the block chain includes a block header and a block body, for example, block i includes a block header 1 and a block body 1, and block (i +1) includes a block header 2 and a block body 2. Block (i +1) refers to the block next to block i. In addition, the storage information can be backed up in the block i. Fig. 2b also shows that the user private key sent by the blockchain receiving terminal device encrypts the storage information, and when the subsequent terminal device performs integrity verification on data composed of a plurality of data blocks, the digital signature is verified by using the user public key pre-stored in the blockchain.
According to the method and the device, data are stored in the server, and the Merkel tree root hash value of the Merkel tree constructed by the data and the position index information of the data are stored in the block chain, so that the situation that other users except the user 1 of the terminal equipment cannot acquire the data related to the user 1 through the stored information in the block chain and cannot modify the data of the user 1 can be realized.
Second, data integrity check
Referring to fig. 3, an embodiment of the present application provides a data processing method, including the following steps:
s301, receiving a to-be-verified data block identifier, a to-be-verified data block and a challenge number sent by a terminal device, wherein the challenge number is determined by a preset specified rule of the to-be-verified data block identifier.
For example, the data block to be verified sent by the terminal device is identified as T4, and the challenge number may be determined according to the difficulty system contained in block header 1 in the above example.
S302, determining a first hash value of the data block to be verified based on the data block to be verified and the challenge number.
For example, assuming that the challenge number S4 is obtained according to the above description, a first hash value T' 4 of the data block to be checked is calculated according to the SHA256 algorithm by using the challenge number S4 and the data block to be checked corresponding to the data block to be checked identifier T4. A specific method of calculating the first hash value is not limited herein.
S303, replacing a second hash value corresponding to the identification of the data block to be verified in the pre-constructed Merkel tree with the first hash value according to the identification of the data block to be verified, and determining the root hash value of the first Merkel tree based on the replaced first hash value.
Specifically, it can be known from the data storage process that the meikel tree is constructed by hash values corresponding to the plurality of data blocks, and the first meikel tree root hash value is determined based on the replaced first hash value, which specifically includes: sorting the hash values except the second hash value and the first hash value in the Merkel tree according to corresponding data block identifiers respectively; and adding the sorted hash values pairwise in sequence, and executing circularly until the first Meckel tree root hash value is obtained.
Continuing with the above example, the data block identifications of the eight data blocks are T1, T2, T3, T4, T5, T6, T7, and T8, respectively, and the data block identification to be verified is T4. Since the hash values corresponding to the eight data blocks are H7, H8, H9, H10, H11, H12, H13, and H14, the second hash value corresponding to the data block identifier T4 to be checked in the pre-constructed merkel tree is H10, and the first hash value corresponding to the data block identifier T4 is T ' 4, so that after the second hash value H10 is replaced by the first hash value T ' 4, the hash values are sorted according to the data block identifiers to be H7, H8, H9, T ' 4, H11, H12, H13, and H14.
Adding the hash values H7 and H8, calculating by using an SHA256 algorithm to obtain H3, adding the hash values H9 and T ' 4, calculating by using an SHA256 algorithm to obtain H ' 4, adding the hash values H11 and H12, calculating by using an SHA256 algorithm to obtain H5, adding the hash values H13 and H14, calculating by using an SHA256 algorithm to obtain H6, continuing to add the hash values H3 and H ' 4, calculating by using an SHA256 algorithm to obtain H ' 1, adding the hash values H5 and H6, calculating by using an SHA256 algorithm to obtain H2, adding the hash values H ' 1 and H2, and calculating by using an SHA256 algorithm to obtain H ' 0, thereby completing construction of a new binary Merkel tree, wherein H ' 0 is the first Merkel tree root hash value of the Merkel tree.
S304, if the second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value, determining that the data block to be verified is complete.
S305, if the second Merker tree root hash value of the pre-constructed Merker tree is different from the first Merker tree root hash value, determining that the data block to be verified is incomplete.
For example, if the first meikel tree root hash value H' 0 and the second meikel tree root hash value H0 are the same, it is determined that the data corresponding to the to-be-verified data block identifier T4 is complete, and if not, it is determined that the data corresponding to the to-be-verified data block identifier T4 is incomplete.
In an embodiment of the application, the terminal device may send each data block obtained by dividing the data to the server as a data block to be verified, and determine the integrity of the data through multiple rounds of verification between the terminal device and the server.
In an embodiment of the application, the data block to be verified is health data of the user, and after the data block to be verified is determined to be complete, a verification result that the data block to be verified is complete can be sent to the terminal device, so that the terminal device can display the health state of the user by using the data block to be verified.
As shown in fig. 4, a schematic diagram of a data storage flow of interaction between a terminal device, a server, and a blockchain provided in an embodiment of the present application is shown, including the following steps:
s401, the terminal equipment divides data, determines hash values corresponding to each divided and encrypted data block, and sorts each encrypted data block according to data block identification; adding the hash values of the sorted data blocks pairwise in sequence, circularly executing until a second Merkel tree root hash value is obtained, finishing the construction of the Merkel tree, and obtaining the second Merkel tree root hash value according to the constructed Merkel tree;
s402, sending the second Merkel tree root hash value to a block chain;
s403, sending the built Merkel tree and each encrypted data block to a server;
s404, the server sends the position index information of each data block to the terminal equipment.
As shown in fig. 5, a schematic diagram illustrating a data integrity check flow of interaction among a terminal device, a server, and a blockchain provided in an embodiment of the present application is shown, where the schematic diagram includes the following steps:
s501, the terminal equipment sends the identification of the data block to be verified, the data block to be verified and the challenge number to a server;
s502, the server determines a first hash value of the data block to be verified based on the data block to be verified and the challenge number; replacing a second hash value corresponding to the identification of the data block to be verified in a pre-constructed Merkel tree with a first hash value according to the identification of the data block to be verified, and sequencing the hash values except the second hash value and the first hash value in the Merkel tree according to the corresponding identification of the data block; adding the sorted hash values pairwise in sequence, and executing in a circulating manner until a first Meckel tree root hash value is obtained;
s503, the block chain sends the second Merkel tree root hash value to the server;
s504, if the second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value, sending a complete verification result that the data block to be verified is to be the complete verification result to the terminal equipment; and if not, sending a verification result that the data block to be verified is incomplete to the terminal equipment.
Here, the specific execution order of step S502 and step S503 is not limited.
Having described the data processing method of the exemplary embodiment of the present application, next, a data processing apparatus according to another exemplary embodiment of the present application is described.
As will be appreciated by one skilled in the art, aspects of the present application may be embodied as a system, method or program product. Accordingly, various aspects of the present application may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
In some possible embodiments, a data processing device according to the present application may include at least one processor, and at least one memory. Wherein the memory stores program code which, when executed by the processor, causes the processor to perform the steps of the data processing method according to various exemplary embodiments of the present application described above in the present specification. For example, the processor may perform steps as in a data processing method.
The data processing apparatus 120 according to this embodiment of the present application is described below with reference to fig. 6. The data processing device 120 shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 6, the data processing device 120 is represented in the form of a general data processing device. The components of the data processing device 120 may include, but are not limited to: the at least one processor 121, the at least one memory 122, and a bus 123 connecting the various system components (including the memory 122 and the processor 121).
Bus 123 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, a processor, or a local bus using any of a variety of bus architectures.
The memory 122 may include readable media in the form of volatile memory, such as Random Access Memory (RAM)1221 and/or cache memory 1222, and may further include Read Only Memory (ROM) 1223.
Memory 122 may also include a program/utility 1225 having a set (at least one) of program modules 1224, such program modules 1224 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The data processing device 120 may also communicate with one or more external devices 124 (e.g., keyboard, pointing device, etc.), with one or more devices that enable a user to interact with the data processing device 120, and/or with any device (e.g., router, modem, etc.) that enables the data processing device 120 to communicate with one or more other data processing devices. Such communication may be through input/output (I/O) interfaces 125. Also, the data processing device 120 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) through the network adapter 126. As shown, network adapter 126 communicates with other modules for data processing device 120 over bus 123. It should be understood that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the data processing device 120, including but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
In an exemplary embodiment, a computer-readable storage medium comprising instructions, such as the memory 122 comprising instructions, executable by the processor 121 to perform the above-described method is also provided. Alternatively, the computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
In an exemplary embodiment, there is also provided a computer program product comprising computer programs/instructions which, when executed by the processor 121, implement any of the data processing methods as provided herein.
In exemplary embodiments, aspects of a data processing method provided herein may also be implemented in the form of a program product including program code for causing a computer device to perform the steps of a data processing method according to various exemplary embodiments of the present application described above in this specification when the program product is run on the computer device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The program product for data processing of the embodiments of the present application may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a data processing apparatus. However, the program product of the present application is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user data processing apparatus, partly on the user data processing apparatus, as a stand-alone software package, partly on the user data processing apparatus and partly on a remote data processing apparatus, or entirely on the remote data processing apparatus or server. In the case of remote data processing devices, the remote data processing devices may be connected to the user data processing device over any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to external data processing devices (e.g., over the internet using an internet service provider).
It should be noted that although several units or sub-units of the apparatus are mentioned in the above detailed description, such division is merely exemplary and not mandatory. Indeed, the features and functions of two or more units described above may be embodied in one unit, according to embodiments of the application. Conversely, the features and functions of one unit described above may be further divided into embodiments by a plurality of units.
Further, while the operations of the methods of the present application are depicted in the drawings in a particular order, this does not require or imply that these operations must be performed in this particular order, or that all of the illustrated operations must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.

Claims (10)

1. A method of data processing, the method comprising:
receiving a to-be-verified data block identifier, a to-be-verified data block and a challenge number sent by a terminal device, wherein the challenge number is determined by a preset specified rule for the to-be-verified data block identifier;
determining a first hash value of the data block to be verified based on the data block to be verified and the challenge number;
replacing a second hash value corresponding to the to-be-verified data block identifier in a pre-constructed Merkel tree with the first hash value according to the to-be-verified data block identifier, and determining a first Merkel tree root hash value based on the replaced first hash value;
if a second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value, determining that the data block to be verified is complete;
and if the second Merkel tree root hash value of the pre-constructed Merkel tree is different from the first Merkel tree root hash value, determining that the data block to be verified is incomplete.
2. The method of claim 1, wherein the Merkel tree is constructed by hash values corresponding to a plurality of data blocks, and wherein determining the first Merkel tree root hash value based on the replaced first hash value comprises:
sorting the hash values except the second hash value in the Merkel tree and the first hash value according to corresponding data block identifiers respectively;
and adding the sorted hash values pairwise in sequence, and executing circularly until the first Meckel tree root hash value is obtained.
3. The method of claim 1, wherein the data block to be verified is health data of a user, and after the determining that the data block to be verified is complete, the method further comprises:
and sending a verification result which determines that the data block to be verified is complete to the terminal equipment so that the terminal equipment can display the health state of the user by using the data block to be verified.
4. The method according to claim 1, wherein before receiving the data block to be verified identifier, the data block to be verified, and the challenge number sent by the terminal device, the method further comprises:
receiving data sent by the terminal equipment, dividing the data, and determining hash values corresponding to each divided data block;
pre-constructing the Merkel tree by:
and constructing a Meckel tree by utilizing the hash value corresponding to each data block.
5. The method according to claim 4, wherein the constructing the Merkel tree using the hash values corresponding to the data blocks comprises:
sorting each data block according to the data block identification;
and adding the hash values of the sorted data blocks pairwise in sequence, and circularly executing until the second Merkel tree root hash value is obtained, so that the construction of the Merkel tree is completed.
6. The method according to claim 4, wherein after the dividing the data, before determining the hash value corresponding to each divided data block, the method further comprises:
judging whether the sizes of the data blocks are the same or not;
and if not, performing data filling on the data blocks with different data sizes.
7. The method of claim 4, wherein after the building the Meckel tree using the hash value corresponding to each of the data blocks, the method further comprises:
and sending the position index information corresponding to each data block to the terminal equipment.
8. A data processing apparatus, characterized by comprising: a processor and a display;
the display is used for displaying a user operation interface;
the processor configured to perform:
receiving a to-be-verified data block identifier, a to-be-verified data block and a challenge number sent by a terminal device, wherein the challenge number is determined by a preset specified rule for the to-be-verified data block identifier;
determining a first hash value of the data block to be verified based on the data block to be verified and the challenge number;
replacing a second hash value corresponding to the to-be-verified data block identifier in a pre-constructed Merkel tree with the first hash value according to the to-be-verified data block identifier, and determining a first Merkel tree root hash value based on the replaced first hash value;
if a second Merker tree root hash value of the pre-constructed Merker tree is the same as the first Merker tree root hash value, determining that the data block to be verified is complete;
and if the second Merkel tree root hash value of the pre-constructed Merkel tree is different from the first Merkel tree root hash value, determining that the data block to be verified is incomplete.
9. The apparatus according to claim 8, wherein the mekerr tree is constructed by hash values corresponding to a plurality of data blocks, and the processor is configured to, when determining the first root hash value based on the replaced first hash value, specifically:
sorting the hash values except the second hash value in the Merkel tree and the first hash value according to corresponding data block identifiers respectively;
and adding the sorted hash values pairwise in sequence, and executing circularly until the first Meckel tree root hash value is obtained.
10. The apparatus of claim 8, wherein the data block to be verified is health data of a user, and wherein after the determining that the data block to be verified is complete, the processor is further configured to perform:
and sending a verification result which determines that the data block to be verified is complete to the terminal equipment so that the terminal equipment can display the health state of the user by using the data block to be verified.
CN202111409292.0A 2021-11-25 2021-11-25 Data processing method and equipment Pending CN114154192A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111409292.0A CN114154192A (en) 2021-11-25 2021-11-25 Data processing method and equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111409292.0A CN114154192A (en) 2021-11-25 2021-11-25 Data processing method and equipment

Publications (1)

Publication Number Publication Date
CN114154192A true CN114154192A (en) 2022-03-08

Family

ID=80457742

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111409292.0A Pending CN114154192A (en) 2021-11-25 2021-11-25 Data processing method and equipment

Country Status (1)

Country Link
CN (1) CN114154192A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110278211A (en) * 2019-06-24 2019-09-24 深圳前海微众银行股份有限公司 A kind of data checking method and device based on block chain
CN111768203A (en) * 2018-11-07 2020-10-13 阿里巴巴集团控股有限公司 Meckel tree construction and simple payment verification method and device
CN112699123A (en) * 2020-12-30 2021-04-23 武汉大学 Method and system for verifying existence and integrity of data in data storage system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111768203A (en) * 2018-11-07 2020-10-13 阿里巴巴集团控股有限公司 Meckel tree construction and simple payment verification method and device
CN110278211A (en) * 2019-06-24 2019-09-24 深圳前海微众银行股份有限公司 A kind of data checking method and device based on block chain
CN112699123A (en) * 2020-12-30 2021-04-23 武汉大学 Method and system for verifying existence and integrity of data in data storage system

Similar Documents

Publication Publication Date Title
US10263850B2 (en) Network testing device for automated topology validation
CN111163182B (en) Block chain-based device registration method and apparatus, electronic device, and storage medium
CN105450730A (en) Method and apparatus for processing request from client
CN109522363B (en) Cloud platform synchronization method, system, equipment and storage medium based on block chain
US11356485B2 (en) Pre-signed URLs with custom policies for data access in an object storage system
US20130067100A1 (en) Multi-desktop interaction using nested remote desktop sessions
CN106815524B (en) Malicious script file detection method and device
CN109635256B (en) Method and device for verifying data
CN111597567B (en) Data processing method, data processing device, node equipment and storage medium
CN110377440B (en) Information processing method and device
CN108933695B (en) Method and apparatus for processing information
CN113110963A (en) Service processing method, service processing device, electronic equipment and readable storage medium
CN111629063A (en) Block chain based distributed file downloading method and electronic equipment
CN112631924A (en) Automatic testing method and device, computer equipment and storage medium
CN109769010A (en) Method, apparatus, equipment and storage medium based on SDK access CloudStack server
CN109379179B (en) Method and apparatus for updating digital certificates
CN115409507A (en) Block processing method, block processing device, computer equipment and storage medium
CN111951112A (en) Intelligent contract execution method based on block chain, terminal equipment and storage medium
CN115022012B (en) Data transmission method, device, system, equipment and storage medium
CN110705935A (en) Logistics document processing method and device
EP2724489A2 (en) Validating download success
US20230418794A1 (en) Data processing method, and non-transitory medium and electronic device
CN114154192A (en) Data processing method and equipment
CN112286703B (en) User classification method and device, client device and readable storage medium
CN114398678A (en) Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination