CN116186725A

CN116186725A - Data processing method, device, equipment and storage medium

Info

Publication number: CN116186725A
Application number: CN202111447168.3A
Authority: CN
Inventors: 朱耿良
Original assignee: Tencent Technology Shenzhen Co Ltd
Current assignee: Tencent Technology Shenzhen Co Ltd
Priority date: 2021-11-29
Filing date: 2021-11-29
Publication date: 2023-05-30

Abstract

The embodiment of the application discloses a data processing method, a device, equipment and a storage medium, wherein the method can comprise the following steps: acquiring a key acquisition request, wherein the key acquisition request comprises a token of a target account and a ciphertext of a first key of the target account, determining the plaintext of the first key according to the ciphertext of the first key under the condition that the token of the target account passes verification, returning the plaintext of the first key to a requester of the key acquisition request, and acquiring data to be verified, wherein the data to be verified is obtained by encrypting target data by adopting the plaintext of the first key by the requester of the key acquisition request, carrying out integrity verification on the data to be verified, and returning validity verification of the data to be verified to the requester of the key acquisition request if the data to be verified passes the integrity verification. Therefore, the target data is encrypted through the plaintext of the first secret key, and the security of the data can be better improved through generating the validity proof of the data to be verified.

Description

Data processing method, device, equipment and storage medium

Technical Field

The present invention relates to the field of computer technology, and in particular, to a data processing method, a data processing apparatus, a computer device, and a computer readable storage medium.

Background

With the continued development of computer technology, more and more data is stored in computer devices. Taking ticket data as an example, after ticket management personnel synchronize required ticket data (such as ticket data related to departments where the ticket management personnel are located) from a network, the ticket data is usually required to be stored in a computer device. It has been found in practice that a computer device may be used by multiple objects, and that there is a risk of leakage and tampering with the data in the computer device, which is less secure.

Disclosure of Invention

The embodiment of the application provides a data processing method, a device, equipment and a storage medium, which can improve the security of data.

In one aspect, an embodiment of the present application provides a data processing method, including:

acquiring a key acquisition request, wherein the key acquisition request comprises a token of a target account and a ciphertext of a first key of the target account;

under the condition that the token verification of the target account is passed, determining the plaintext of the first key according to the ciphertext of the first key, and returning the plaintext of the first key to a requester of the key acquisition request;

obtaining data to be verified, wherein the data to be verified is obtained by encrypting target data by adopting a plaintext of a first key by a requester of a key obtaining request;

And carrying out integrity check on the data to be verified, and if the data to be verified passes the integrity check, returning the validity proof of the data to be verified to a requester of the key acquisition request.

sending a key acquisition request to a trusted execution environment, wherein the key acquisition request comprises a token of a target account and a ciphertext of a first key of the target account;

receiving a plaintext of a first key returned by the trusted execution environment under the condition that token verification of the target account is passed, and encrypting target data by adopting the plaintext of the first key to obtain data to be verified;

providing data to be verified to the trusted execution environment so that the trusted execution environment performs integrity check on the data to be verified;

and if the data to be verified passes the integrity verification, receiving the validity evidence of the data to be verified returned by the trusted execution environment, and carrying out associated storage on the data to be verified and the validity evidence of the data to be verified.

In one aspect, an embodiment of the present application provides a data processing apparatus, including:

an obtaining unit, configured to obtain a key obtaining request, where the key obtaining request includes a token of the target account and a ciphertext of a first key of the target account;

The processing unit is used for determining the plaintext of the first key according to the ciphertext of the first key and returning the plaintext of the first key to a requester of the key acquisition request under the condition that the token verification of the target account is passed;

the acquisition unit is also used for acquiring data to be verified, wherein the data to be verified is obtained by encrypting target data by adopting a plaintext of a first key by a requester of a key acquisition request;

the processing unit is further used for carrying out integrity check on the data to be verified, and if the data to be verified passes the integrity check, the validity of the data to be verified is returned to a requester of the key acquisition request.

In one embodiment, the processing unit is further configured to:

obtaining login information, wherein the login information comprises an identification of a target account and a token of the target account;

under the condition that the token verification of the target account is passed, a key group is distributed to the target account, wherein the key group comprises a first key and a second key;

and returning the ciphertext of the first key to the provider of the login information, wherein the ciphertext of the first key is obtained by encrypting the plaintext of the first key by adopting the second key.

In one embodiment, the processing unit is configured to determine a plaintext of the first key from a ciphertext of the first key, in particular to:

Obtaining a second key associated with the ciphertext of the first key;

and decrypting the ciphertext of the first key by adopting the second key to obtain the plaintext of the first key.

In one embodiment, the data processing method is executed in a trusted execution environment in a computer device, and the processing unit is configured to obtain a second key associated with a ciphertext of the first key, specifically configured to:

generating a second key associated with the ciphertext of the first key according to the identification of the target account and preset parameters;

the preset parameters comprise: a serial number of the computer device stored in the trusted execution environment.

In one embodiment, the processing unit is configured to return a proof of validity of the data to be verified to a requester of the key acquisition request, in particular for:

calculating a sum check code of the data to be verified;

signing the sum check code to obtain signature data associated with the sum check code;

generating validity evidence of the data to be verified based on the sum check code and signature data associated with the sum check code;

and returning the validity proof of the data to be verified to the requester of the key acquisition request so that the requester of the key acquisition request can store the data to be verified and the validity proof in an associated mode.

In one embodiment, the processing unit is further configured to:

detecting whether the current moment belongs to the valid period of the token of the target account;

and if the current moment does not belong to the valid period of the token of the target account, sending a renewal notification to a requester of the key acquisition request of the target account so as to enable the requester of the key acquisition request of the target account to provide a new token.

In one embodiment, the target data is obtained by synchronizing data in the blockchain network after logging in the blockchain network through the target account; the processing unit is further configured to:

obtaining a token of a target account, wherein the token of the target account is provided when a requester of a key obtaining request of the target account detects that the target account logs out from a blockchain network;

invalidating the token of the target account.

the processing unit is used for sending a key acquisition request to the trusted execution environment, wherein the key acquisition request comprises a token of the target account and a ciphertext of a first key of the target account;

the receiving unit is used for receiving the plaintext of the first key returned by the trusted execution environment and encrypting the target data by adopting the plaintext of the first key under the condition that the token verification of the target account is passed, so as to obtain the data to be verified;

The processing unit is also used for providing the data to be verified for the trusted execution environment so that the trusted execution environment performs integrity check on the data to be verified;

the receiving unit is further used for receiving validity certification of the data to be verified returned by the trusted execution environment if the data to be verified passes the integrity check;

the processing unit is also used for carrying out associated storage on the data to be verified and the validity evidence of the data to be verified.

In one embodiment, the processing unit is further configured to:

carrying out integrity check on the data to be verified through the validity proof of the data to be verified;

and if the data to be verified passes the integrity verification, decrypting the data to be verified by adopting the plaintext of the first key to obtain the target data.

In one embodiment, the processing unit is further configured to:

sending login information to a trusted execution environment, wherein the login information comprises an identification of a target account and a token of the target account;

receiving ciphertext of a first key returned by the trusted execution environment;

the ciphertext of the first key is obtained by encrypting the plaintext of the first key by adopting the second key, and the first key and the second key are generated by the trusted execution environment based on the identification of the target account.

Accordingly, the present application provides a computer device comprising:

a processor for loading and executing the computer program;

a computer readable storage medium having a computer program stored therein, which when executed by a processor, implements the above-described data processing method.

Accordingly, the present application provides a computer readable storage medium storing a computer program adapted to be loaded by a processor and to perform the above described data processing method.

Accordingly, the present application provides a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the above-described data processing method.

In the embodiment of the application, a key acquisition request is acquired, the key acquisition request comprises a token of a target account and a ciphertext of a first key of the target account, under the condition that the token of the target account passes verification, a plaintext of the first key is determined according to the ciphertext of the first key, the plaintext of the first key is returned to a requester of the key acquisition request, data to be verified is acquired, the requester of the key acquisition request encrypts the target data by adopting the plaintext of the first key, integrity verification is carried out on the data to be verified, and if the data to be verified passes the integrity verification, validity verification of the data to be verified is returned to the requester of the key acquisition request. Therefore, the target data is encrypted through the plaintext of the first secret key, so that the risk of target data leakage can be reduced; by generating the validity evidence of the data to be verified, the integrity and the validity of the target data can be well ensured, so that the safety of the data is improved.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

FIG. 1a is a schematic diagram of a data sharing system according to an embodiment of the present disclosure;

FIG. 1b is a block chain architecture diagram according to one embodiment of the present disclosure;

fig. 1c is a schematic flow chart of a block generation method according to an embodiment of the present application;

fig. 1d is a schematic architecture diagram of a dual-layer network according to an embodiment of the present application;

fig. 1e is a schematic diagram of a scenario of an electronic invoice service based on a dual-layer network according to an embodiment of the present application;

FIG. 1f is a schematic diagram of a data processing flow according to an embodiment of the present disclosure;

fig. 1g is an application scenario diagram of data processing according to an embodiment of the present application;

fig. 2 is a schematic flow chart of a data processing method according to an embodiment of the present application;

FIG. 3 is a flowchart illustrating another data processing method according to an embodiment of the present disclosure;

FIG. 4 is a flowchart illustrating another data processing method according to an embodiment of the present disclosure;

FIG. 5 is a schematic diagram of a data processing apparatus according to an embodiment of the present application;

FIG. 6 is a schematic diagram of another data processing apparatus according to an embodiment of the present disclosure;

fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present application.

Detailed Description

The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art based on the embodiments herein without making any inventive effort, are intended to be within the scope of the present application.

Embodiments of the present application relate to blockchain technology and related terms and concepts of blockchain technology are briefly described below:

blockchain (Blockchain) is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and the like. The method is characterized in that the method is a decentralised database, which is a series of data blocks generated by correlation of a cryptography method, and each data block contains information of a batch of network transactions and is used for checking the validity (anti-counterfeiting) of the information and generating a next block. The blockchain may include a blockchain underlying platform, a platform product services layer, and an application services layer.

A blockchain network may be understood as a data sharing system 100, the data sharing system 100 may refer to a system for sharing data between nodes, and an exemplary architecture of the data sharing system 100 may be seen in fig. 1a; as shown in fig. 1a, a data sharing system 100 refers to a system for performing data sharing between nodes, where a plurality of nodes 101 may be included in the data sharing system, and the plurality of nodes 101 may be respective clients in the data sharing system. Each node 101 may receive input information while operating normally and maintain shared data within the data sharing system based on the received input information. In order to ensure the information intercommunication in the data sharing system, information connection can exist between each node in the data sharing system, and the nodes can transmit information through the information connection. For example, when any node in the data sharing system receives input information, other nodes in the data sharing system acquire the input information according to a consensus algorithm, and store the input information as data in the shared data, so that the data stored on all nodes in the data sharing system are consistent.

Each node in the data sharing system has a node identifier corresponding to the node identifier, and each node in the data sharing system can store the node identifiers of other nodes in the data sharing system, so that the generated block can be broadcast to other nodes in the data sharing system according to the node identifiers of the other nodes. Each node can maintain a node identification list shown in the following table, and the node names and the node identifications are correspondingly stored in the node identification list. Wherein the node identity may be an IP (Internet Protocol, protocol for interconnection between networks) address and any other information that can be used to identify the node; for example, the node identifier may also be a binary sequence code (e.g., 110001110), and table 1 is only illustrated by taking an IP address as an example:

TABLE 1

Node name	Node identification
		Node 1	117.114.151.174
Node 2	117.116.189.145
		…	…
Node X (X is a positive integer)	xx.xxx.xxx.xxx

Each node in the data sharing system stores one and the same blockchain. The blockchain is composed of a plurality of blocks, see fig. 1b, the blockchain is composed of a plurality of blocks, the starting block comprises a block head and a block main body, the block head stores an input information characteristic value, a version number, a time stamp and a difficulty value, and the block main body stores input information; the next block of the starting block takes the starting block as a father block, the next block also comprises a block head and a block main body, the block head stores the input information characteristic value of the current block, the block head characteristic value of the father block, the version number, the timestamp and the difficulty value, and the like, so that the block data stored in each block in the block chain are associated with the block data stored in the father block, and the safety of the input information in the block is ensured.

When each block in the blockchain is generated, referring to fig. 1c, when the node where the blockchain is located receives input information, checking the input information, after the checking is completed, storing the input information into a memory pool, and updating a hash tree used for recording the input information; then, updating the update time stamp to the time of receiving the input information, trying different random numbers, and calculating the characteristic value for a plurality of times, so that the calculated characteristic value can meet the following formula:

SHA256（SHA256（version+prev_hash+merkle_root+ntime+nbits+x））<TARGET

wherein SHA256 is a eigenvalue algorithm used to calculate eigenvalues; version (version number) is version information of the related block protocol in the block chain; the prev_hash is the block header characteristic value of the parent block of the current block; the merkle_root is a characteristic value of input information; ntime is the update time of the update timestamp; the nbits is the current difficulty, is a fixed value in a period of time, and is determined again after exceeding a fixed period of time; x is a random number; TARGET is a eigenvalue threshold that can be determined from nbits.

Thus, when the random number meeting the formula is calculated, the information can be correspondingly stored to generate the block head and the block main body, and the current block is obtained. And then, broadcasting the newly generated block to other nodes in the data sharing system according to the node identification of other nodes in the data sharing system by the node in which the block chain is positioned, performing common check on the newly generated block by the other nodes, and adding the newly generated block into the stored block chain after the common check is finished. Wherein, the node can perform consensus verification on the newly generated block through a consensus algorithm, and the consensus algorithm can comprise but is not limited to:

1) Pow (Proof of Work):

workload certification refers to a measure set by a system (such as the aforementioned data sharing system) to achieve a certain goal. A simple understanding is a proof to confirm the workload. What is essentially who does much more, who has a better chance to get the bonus. The workload evidence is that a random number meeting a rule is calculated by a node in the blockchain network through AND operation, namely, the billing right is obtained, the data needing to be recorded in the round is sent out, and other nodes in the blockchain network are stored together after verification. This results in the workload proving to have the following advantages: completely decentralizing, and freely entering and exiting the node.

2) Pos (proof-of-status):

pos equity proof is an upgrade consensus mechanism for Pow workload proof; specifically, the longer the time of holding the electronic resource (the length of time of holding the electronic resource=the number of holding the electronic resource) ×the time of holding the electronic resource), the more the person has the opportunity to acquire the billing right of the block, wherein the electronic resource may be a resource stored in an electronic account in an electronic form and capable of being circulated through the internet; according to the proportion and time of the electronic resource occupied by each node; the difficulty of obtaining the workload evidence is reduced in an equal proportion, so that the speed of finding the random number is increased. Pos benefits have demonstrated that the time for consensus to reach is somewhat shortened, but still requires the calculation of random numbers.

3) DPos (Delegated Proof of Stake, delegated rights proving) share authorization proving mechanism:

the DPos share authorization proof mechanism is similar to a board vote, with a number of nodes thrown by the person holding the electronic resource, acting on their checksum accounting. To motivate more people and competing, the system generates a small amount of electronic resources as rewards. The DPos share authorization proof mechanism is to have each person holding a bit stock vote, thus producing a 101-bit representation, which we can understand as 101 supernodes or pools, where the rights of the 101 supernodes to each other are exactly equal. If the selected representatives cannot fulfill their duties (when they are rolled up, no blocks can be generated), then the representatives are renamed and the network selects a new supernode to replace them. This enables the DPos share authorization proof mechanism to significantly reduce the number of participating checksum accounting nodes, which can reach a second level of consensus check, but the entire consensus mechanism is still dependent on electronic resources.

4) pbft (Practical Byzantine Fault Tolerance, bayer fault tolerance algorithm):

the pbft bayer fault tolerance algorithm is a message passing based consistency algorithm that agrees through three phases that may be repeated for failure. Specifically, assuming that the total number of nodes is 3f+1, f is a praise-court error node, first, when a node finds that a leader (such as a representative node, an accounting node or a super node) is bad, other replicas (nodes) are elected as a leader by an algorithm. Secondly, the leader broadcasts the value it selects to other replying nodes via a pre-prepare message, and the other replying nodes send the prepare message if accepted and not if not accepted. Second, once 2f nodes accept the prepare message, the nodes send a commit message. Finally, when 2f+1 nodes accept the commit message, a value representing the value is determined. The process enables the pbft Bayesian and busy-court fault-tolerant algorithm to commonly know that each node is composed of a business party or a supervision party of the business, and the safety and the stability are ensured by a business related party; and the consensus time delay is about 2-5 seconds, so that the requirement of commercial real-time processing is basically met, the consensus efficiency is improved, and the requirement of high-frequency transaction amount can be met.

5) Paxos (a distributed algorithm) algorithm:

the Paxos algorithm is a two-stage algorithm with three main roles, proposer, accept, learner. Proposer issues agreement, acceptance or rejection, and learner obtains the final value after consensus. The Paxos algorithm includes two phases, respectively: (1) the preparation stage: the proposer selects a proposal number n and sends a prepare request to a plurality of groups in the acceptance; after the receiver receives the request, if the number of the proposal is greater than all the requests which it has replied to, the receiver replies the last accepted proposal to the proposer and promises not to reply to the proposal smaller than n. (2) Approval stage: when one Proposer receives replies of a plurality of acceptors to the request, the approval stage is entered; it sends an accept request to the accept that replies to the prepare request, including the number n and value (if there is no value already accepted, it can decide value freely); the receiver receives the accept request without violating its own promise to other proposers.

The Paxos algorithm is suitable for a simple fault-tolerant model, namely, only invalid or fault nodes exist in the system, no malicious node exists, and if the number of the invalid nodes is x (x is a positive integer), the normal operation of the system can be maintained only by the number of the non-invalid nodes being x+1.

6) Raft (a distributed consensus algorithm) algorithm:

the Raft algorithm contains three roles, respectively: follower (follower), candidate (leader) and leader (leader). A node can only be one of these three states at a time, and these three roles can be switched over each other with time and changes in conditions. All nodes are in the initial state of a follow, the follow which does not receive a heartbeat packet after overtime changes into a candidiate and broadcasts a voting request, the node which obtains majority votes takes the avatar, the process of voting is who sends out the first, and each node only gives out one vote. The leader node periodically sends heartbeat packets to other nodes, and the failure of the leader node causes a new voting process.

In practice, when blockchains are applied in some scenarios, for example: bill service scenarios, data storage scenarios for commercial establishments, etc.; in these scenarios, not all nodes in the blockchain network have sufficient resources and necessity to become nodes that participate in blockchain consensus. In order to adapt to service requirements (such as an internal network, an external network, a service network, an office network separation and the like) and further improve the security and confidentiality of data, the embodiment of the application provides a double-layer network architecture for forming a 'witness sub-network-consensus sub-network' through a P2P (Peer to Peer) network, wherein the P2P network is a network of point-to-point connection, and each node of the point-to-point connection is called a Peer node. The P2P network is based on a specific network protocol, so that a central node is not required between peer nodes to maintain network state, and each node maintains node state of the whole network and connection state of the node with adjacent nodes through broadcasting interaction with the adjacent nodes.

Fig. 1d is a schematic diagram of a dual-layer network according to an embodiment of the present application; as shown in fig. 1d, the blockchain network includes a witness sub-network and a consensus sub-network, the service node is deployed in the witness sub-network in the public network, and the accounting node running the blockchain consensus protocol is deployed in the consensus sub-network; the witness and consensus subnetworks interact through a routing boundary. The service nodes in the witness sub-network mainly perform service execution, do not participate in accounting consensus, and acquire block header data and block data with visible partial authorization from the consensus sub-network in an identity authentication mode. The consensus sub-network is a core network in the blockchain network for accounting consensus of the blockchain network. Typically, the witness sub-network and the consensus sub-network are in different network environments, the witness sub-network being in a public network and the consensus sub-network being in a private network. Because the consensus sub-network is in a relatively safe private network, the mutual access of the consensus sub-network and the public network ensures the safety by a consensus mechanism, and no additional identity management or network control is needed. While the service node is in the public network, it may be accessed by other uncertain network terminals, so the behavior of the service node and other possible nodes in accessing the consensus sub-network needs to be tightly controlled.

Taking a blockchain network as an example, the blockchain network is a network for providing consensus service for electronic invoices, a schematic view of a scenario architecture of a dual-layer network according to an embodiment of the present application may be seen in fig. 1e. As shown in fig. 1e, the blockchain network includes: the service layer, the routing agent layer and the core consensus network layer form a whole complete block chain service system; wherein, (1) the business layer is in witness sub-network, the business layer includes at least one business node, the business node can be SPV node specifically, SPV node maintains normal unstructured P2P network, business node can process (local tax office) tax, bill (enterprise billing), payment (enterprise fund flow) etc. business. (2) The core consensus network layer is in a consensus sub-network, and the core consensus network layer includes various consensus clusters, such as consensus cluster 102, consensus clusters 103, … …, and the like, each of which maintains a block chain sub-chain within the present cluster, e.g., consensus cluster 104 maintains core chain 1 within the present cluster, and consensus cluster 105 maintains core chain 2 within the present cluster. (3) The routing agent layer comprises at least one agent node, and the agent node can provide routing service, authentication service, certificate caching service, point-to-point (P2P) service and the like; wherein the certificate caching service involves a certificate hierarchy (PKI, public Key Infrastructure) in which certificates are an identification of the public key owner, issued (CA) by an authority. Asymmetric encryption and digital signature of information can be achieved based on public key certificate systems. The service layer and the core consensus network layer carry out information interaction through the routing agent layer, namely the service layer submits service operation interaction to the core consensus network layer through the routing agent layer, so that the routing agent layer plays an isolating role for the service layer and the core consensus network layer.

Based on the above description of the basic structure of the dual-layer network related to the embodiment of the present application, the following description simply describes the data processing scheme based on the blockchain proposed by the embodiment of the present application based on the dual-layer network structure, which can improve the verification efficiency of the cross-chain service. This scheme may be performed by any of the service nodes in the service layer shown in fig. 1 e. The service node may in particular be a terminal device or a server carrying a trusted execution environment. The terminal device may include, but is not limited to: smart phones (e.g., android phones, IOS phones, etc.), tablet computers, portable personal computers, mobile internet devices (MIDs for short), etc., which are not limited in this embodiment of the present application. The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDN (Content Delivery Network ), basic cloud computing services such as big data and an artificial intelligent platform, which is not limited in the embodiment of the present application.

It will be appreciated that in the specific embodiments of the present application, where synchronization of target data (e.g., ticketing data) is involved, when the above embodiments of the present application are applied to specific products or technologies, corresponding data acquisition rights (e.g., the account currently logged in the computer device has data synchronization rights) need to be obtained, and collection, use and processing of relevant data need to comply with relevant laws and regulations and standards of relevant countries and regions.

Fig. 1f is a schematic diagram of a data processing flow according to an embodiment of the present application. As shown in fig. 1f, in a specific implementation, the general principle of the data processing scheme is as follows:

(1) When the data manager needs to encrypt and store target data, a key acquisition request is sent to a trusted execution environment in the computer device, wherein the key acquisition request comprises ciphertext of a first key and a token of a target account. The target account is an account used by a data manager, and the ciphertext of the first key is obtained by encrypting the plaintext of the first key distributed to the target account by the trusted execution environment when the data manager logs in the computer equipment for the first time through the target account. In one embodiment, when a data administrator logs in to a computer device for the first time through a target account, the trusted execution environment allocates a key group for the target account (i.e., one account corresponds to one key group), the key group includes a first key and a second key, a ciphertext of the first key is obtained by encrypting a plaintext of the first key by using the second key, and after the key group is allocated to the target account, the trusted execution environment outputs the ciphertext of the first key, so that the computer device stores the ciphertext of the first key corresponding to the target account and the target account in an associated manner.

(2) After acquiring the key acquisition request, the trusted execution environment verifies the token of the target account, and if the token of the target account passes the verification, the trusted execution environment determines the plaintext of the first key according to the ciphertext of the first key; for example, ciphertext of the first key is decrypted by the second key to obtain plaintext of the first key. After determining the plaintext of the first key, the trusted execution environment returns the plaintext of the first key to the requestor of the key acquisition request (e.g., memory in the computer device).

(3) After the computer equipment obtains the plaintext of the first key, the target data is encrypted by adopting the plaintext of the first key, so as to obtain the data to be verified. And providing the data to be verified to the trusted execution environment when the data to be verified meets a verification condition (for example, the number of the target data reaches a number threshold, the exit operation of the target account is detected, the current moment is matched with the verification period of the data to be verified, the encryption of the target data is completed, and the like).

(4) After the trusted execution environment acquires the data to be verified, carrying out integrity verification on the data to be verified; for example, decrypting the data to be verified by adopting the plaintext of the first key to obtain decrypted data, and checking whether the decrypted data is matched with the target data or not; if the data to be verified passes the integrity check, the data to be verified does not pass the integrity check. And under the condition that the data to be verified passes the integrity verification, the trusted execution environment generates a validity proof of the data to be verified, and returns the validity proof of the data to be verified to a requester of the key request. In one embodiment, the trusted execution environment calculates a sum check code of the data to be verified and signs the sum check code; and packaging the sum check code and the signature of the sum check code into the validity proof of the data to be verified, and returning the validity proof to the requester of the key request so as to enable the requester of the key request to store the data to be verified and the validity proof of the data to be verified in an associated mode.

Fig. 1g is an application scenario diagram of data processing according to an embodiment of the present application. As shown in fig. 1g, the computer device is a service node in the blockchain network, the target data is ticket data synchronized by the service node from the consensus sub-network, and the data processing scheme provided in the present application is described in detail below with reference to fig. 1 g:

after ticket manager obtains the data synchronization authority of the consensus sub-network through the target account, the service node starts the data synchronization service, calls the data synchronization service to obtain the ciphertext of the first key corresponding to the target account stored in the memory, and requests the plaintext of the first key from the trusted execution environment carried in the service node. In one embodiment, a business node invokes a data synchronization service to send a key acquisition request to a trusted execution environment, the key acquisition request including ciphertext of a first key and a token of a target account; after receiving the key acquisition request, the trusted execution environment verifies the token of the target account, determines the plaintext of the first key according to the ciphertext of the first key under the condition that the token of the target account passes the verification, and returns the plaintext of the first key to the service memory to which the data synchronization service belongs.

After the plaintext of the first key is obtained, the service node synchronizes ticket data (namely target data) associated with the target account from the blockchain network through the data synchronization service, and encrypts the synchronized ticket data associated with the target account by adopting the plaintext of the first key to obtain data to be verified. And providing the data to be verified to the trusted execution environment when the verification condition is met (for example, the number of the synchronized ticket data reaches a number threshold, the exit operation of the target account is detected, the current moment is matched with the verification period of the data to be verified, the synchronization of the current block is completed, and the like). After the trusted execution environment acquires the data to be verified, carrying out integrity verification on the data to be verified; in one embodiment, the trusted execution environment calculates a sum check code of the data to be verified and signs the sum check code; and packaging the sum check code and the signature of the sum check code as the validity proof of the data to be verified, and returning the validity proof to the data synchronization service. After obtaining the validity proof of the data to be verified, the service node stores the data to be verified, the validity proof of the data to be verified and the ciphertext of the first key in a correlated manner so that a ticket manager can verify the data to be verified through the validity proof of the data to be verified in subsequent use; and obtaining the plaintext of the first key through the ciphertext of the first key, and decrypting the verified data to be verified through the plaintext of the first key to obtain ticket data.

In the blockchain scenario, the target account may specifically be an SPVID, where the SPVID is an ID registered by a ticket manager in the blockchain network, and the identity of the ticket manager may be verified through the SPVID in the blockchain network. In addition, the transaction record related to the SPVID can be searched from the blockchain network through the SPVID, and the trusted execution environment comprises the following steps when verifying the data to be verified: checking whether the data to be verified is matched with the transaction records in the blockchain network; if the data to be verified is matched, the synchronous data to be verified can be judged to be ticket data passing through consensus in the block chain network.

Based on the above described data processing scheme, the embodiments of the present application provide a more detailed blockchain-based data processing method, and the data processing method provided by the embodiments of the present application will be described in detail with reference to the accompanying drawings.

Fig. 2 is a flow chart of a data processing method according to an embodiment of the present application. The data processing method may be performed by a trusted execution environment in any one of the service nodes in the service layer shown in fig. 1 e. As shown in fig. 2, the data processing method may include, but is not limited to, steps S201-S204:

s201, acquiring a key acquisition request.

The key acquisition request includes ciphertext of the first key and a token of the target account. The target account is an account used by a data manager, and the ciphertext of the first key is obtained by encrypting the plaintext of the first key distributed to the target account by the trusted execution environment when the data manager logs in the computer equipment for the first time through the target account. After obtaining the ciphertext of the first key, the trusted execution environment outputs the ciphertext of the first key, so that the service node (i.e. the computer equipment) can store the ciphertext of the first key and the target account in a correlated manner, and the service node logged in with the target account can provide the ciphertext of the first key for the trusted execution environment to obtain the plaintext of the first key when the service node logged in with the target account needs to use the plaintext of the first key (when the target data needs to be encrypted by using the plaintext of the first key or the plaintext of the first key needs to be decrypted by using the plaintext of the first key).

In one embodiment, when a data administrator logs in to a computer device for the first time through a target account, a trusted execution environment assigns a key set to the target account, and it is understood that in the trusted execution environment, one account corresponds to one key set, and the key set includes a first key and a second key. In one embodiment, the ciphertext of the first key is obtained by encrypting the plaintext of the first key using the second key.

S202, under the condition that token verification of the target account is passed, determining the plaintext of the first key according to the ciphertext of the first key, and returning the plaintext of the first key to a requester of the key acquisition request.

After acquiring the key acquisition request, the trusted execution environment verifies the token of the target account; for example, it is verified whether the current time belongs to the validity period of the token of the target account. If the token of the target account passes the verification, the trusted execution environment determines the plaintext of the first key according to the ciphertext of the first key; for example, ciphertext of the first key is decrypted by the second key to obtain plaintext of the first key. After determining the plaintext of the first key, the trusted execution environment returns the plaintext of the first key to a requestor (e.g., a memory in a computer device) of the key acquisition request; for another example, the ciphertext of the first key and the plaintext of the first key may be stored in association in a trusted execution environment, and after the trusted execution environment obtains the ciphertext of the first key, the plaintext of the first key corresponding to the ciphertext of the first key may be searched for and confirmed. Correspondingly, if the token of the target account fails to pass the verification, the trusted execution environment outputs token prompt information, the token prompt information is used for prompting that the token of the target account is invalid, and if the plaintext of the first secret key needs to be acquired, a new token needs to be provided for the verification.

In one embodiment, the plaintext of the first key returned by the trusted execution environment is stored in the memory to which the target service (e.g., the data synchronization service for synchronizing the target data, i.e., the data synchronization service is requested by the requester of the key acquisition request), and is only used for encrypting the target data, and is not exposed to the outside, that is, the data administrator of the target account cannot acquire the plaintext of the first key from the service node. Therefore, when the plaintext of the first key is needed (for example, encrypting the target data or decrypting the data to be verified), the target data needs to be obtained from the trusted execution environment, so that the risk of target data leakage is further reduced, and the safety of the target data is improved.

S203, obtaining data to be verified.

The data to be verified is obtained by encrypting the target data by adopting the plaintext of the first key by a requester (such as a service node) of the key acquisition request. In one embodiment, after obtaining the plaintext of the first key, the computer device encrypts the target data by using the plaintext of the first key to obtain data to be verified; the target data may be data input by a data administrator, or may be data synchronized by the data administrator from a network (such as a blockchain). The computer device provides the data to be verified to the trusted execution environment when the data to be verified meets a verification condition (e.g., the number of the target data reaches a number threshold, an exit operation of the target account is detected, the current time is matched with a verification period of the data to be verified, encryption of the target data is completed, etc.).

S204, carrying out integrity check on the data to be verified, and if the data to be verified passes the integrity check, returning validity evidence of the data to be verified to a requester of the key acquisition request.

After the trusted execution environment acquires the data to be verified, carrying out integrity verification on the data to be verified; for example, decrypting the data to be verified by adopting the plaintext of the first key to obtain decrypted data, and checking whether the decrypted data is matched with the target data or not; if the data to be verified passes the integrity check, the data to be verified does not pass the integrity check.

And under the condition that the data to be verified passes the integrity verification, the trusted execution environment generates a validity proof of the data to be verified, and returns the validity proof of the data to be verified to a requester of the key request. In one embodiment, the trusted execution environment calculates a sum check code of the data to be verified and signs the sum check code; and packaging the sum check code and the signature of the sum check code into the validity proof of the data to be verified, and returning the validity proof to the requester of the key request so as to enable the requester of the key request to store the data to be verified and the validity proof of the data to be verified in an associated mode.

Fig. 3 is a flow chart of another data processing method according to an embodiment of the present application. The data processing method may be performed by a trusted execution environment in any one of the service nodes in the service layer shown in fig. 1 e. As shown in fig. 3, the data processing method may include, but is not limited to, steps S301-S307:

S301, acquiring login information.

The login information includes an identification of the target account and a token of the target account. In one embodiment, the login information is used to login to the blockchain network; in one embodiment, the ticket manager logs into the blockchain network with an ID (e.g., an SPVID) that has been registered on the blockchain network, and a login authorization code (i.e., a token for the target account) for the SPVID for a limited period of time. The blockchain network may specifically refer to a consensus sub-network in the dual-layer network shown in fig. 1 d.

In the login process, login information is also provided for a trusted execution environment in the service node; for example, login information is provided to the trusted execution environment through a data synchronization service.

S302, if the token verification of the target account is passed, a key group is allocated to the target account.

After the trusted execution environment acquires the login information, the token of the target account is verified. In one embodiment, an authentication service is built into the trusted execution environment, which may perform asymmetric key authentication on the token of the target account. The authentication service may perform asymmetric key authentication on the token of the target account including: detecting whether the current moment belongs to the valid period of the token of the target account or not through the asymmetric key; if the time belongs to the effective period of the token of the target account, judging that the token of the target account passes verification; and if the current time does not belong to the valid period of the token of the target account, judging that the token of the target account is not verified.

In the event that token authentication of the target account passes, a key set is assigned to the target account. It will be appreciated that in a trusted execution environment, each account corresponds to a key set. In one embodiment, the key set includes a first key and a second key, and the trusted execution environment encrypts plaintext of the first key using the second key to obtain ciphertext of the first key. In one embodiment, the encryption algorithm associated with the first key may be an SM4 algorithm.

S303, returning the ciphertext of the first key to the provider of the login information.

After obtaining the ciphertext of the first key, the trusted execution environment outputs the ciphertext of the first key, so that the service node can store the target account and the ciphertext of the first key in a correlated manner, and the service node logged in the target account can conveniently provide the ciphertext of the first key to the trusted execution environment to acquire the plaintext of the first key when the service node logged in the target account needs to use the plaintext of the first key (when the target data needs to be encrypted by using the plaintext of the first key or the data to be verified needs to be decrypted by using the plaintext of the first key).

S304, acquiring a key acquisition request.

The specific embodiment of step S304 can refer to the embodiment of step S201 in fig. 2, and will not be described herein.

S305, under the condition that the token verification of the target account is passed, acquiring a second key associated with the ciphertext of the first key, and adopting the second key to decrypt the ciphertext of the first key to obtain the plaintext of the first key.

The trusted execution environment verifies the token of the target account after acquiring the key acquisition request. The specific embodiment of verifying the token of the target account may refer to the embodiment of asymmetric key verification for the token of the target account in step S302, which is not described herein.

In the event that token verification of the target account passes, the trusted execution environment obtains a second key associated with ciphertext of the first key. In one embodiment, the trusted execution environment generates the second key associated with the ciphertext of the first key according to the identification of the target account and a preset parameter (such as an internal specific parameter, such as a serial number of a memory of the computer device, a certificate number of the trusted execution environment, etc., stored in the trusted execution environment). That is, the trusted execution environment does not need to store the second key associated with the ciphertext of the first key, so that the storage space can be saved better.

After obtaining the second key associated with the ciphertext of the first key, the trusted execution environment decrypts the ciphertext of the first key by adopting the second key associated with the ciphertext of the first key to obtain the plaintext of the first key, and returns the plaintext of the first key to the provider of the key obtaining request.

S306, obtaining data to be verified.

The specific embodiment of step S306 can refer to the embodiment of step S203 in fig. 2, and will not be described herein.

In one embodiment, the trusted execution environment may periodically verify the token of the target account during generation of the data to be verified by the provider of the key acquisition request. Specifically, detecting whether the current moment belongs to the valid period of the token of the target account; if the current time belongs to the valid period of the token of the target account, acquiring data to be verified, and continuously executing the following step S307; if the current moment does not belong to the valid period of the token of the target account, a renewal notification is sent to a requester of the key acquisition request of the target account so that the requester of the key acquisition request of the target account provides a new token; further, if the requester of the key acquisition request of the target account cannot provide the new valid token, the operation is ended.

S307, carrying out integrity check on the data to be verified, and if the data to be verified passes the integrity check, returning validity evidence of the data to be verified to a requester of the key acquisition request.

The data to be verified is obtained by encrypting the target data by adopting a plaintext of the first key by a requester of the key acquisition request.

In one embodiment, the target data is self-associated data (e.g., ticket data, transaction data, etc.) synchronized from the blockchain network by the requestor of the key acquisition request, i.e., the target data is synchronized from the data in the blockchain network. And the data to be verified is sent to the trusted execution environment when the requester of the key acquisition request detects the exit operation of the target account.

On one hand, the trusted execution environment adopts the plaintext of the first key to decrypt the data to be verified to obtain target data; the target data is compared with data in the blockchain associated with a requester of the key acquisition request to determine the integrity of the data to be verified. Specifically, if the target data is matched with the data associated with the requester of the key acquisition request in the blockchain, determining that the data to be verified passes the integrity check; if the target data is not matched with the data associated with the requester of the key acquisition request in the blockchain, the data to be verified is judged to not pass the integrity check.

Under the condition that the data to be verified passes the integrity verification, the trusted execution environment calculates a sum verification code of the data to be verified; and signing the sum check code to obtain signature data associated with the sum check code. The trusted execution environment generates validity evidence of the data to be verified based on the sum check code and signature data associated with the sum check code; for example, the sum check code and the signature data associated with the sum check code are packaged as proof of validity of the data to be verified. In addition, the validity proof can also comprise relevant information such as generation time. After obtaining the validity evidence of the data to be verified, the trusted execution environment returns the validity evidence of the data to be verified to a requester of the key acquisition request, so that the requester of the key acquisition request stores the data to be verified and the validity evidence in an associated mode.

On the other hand, when the requester of the key acquisition request of the target account detects that the target account logs out from the blockchain network, the token of the target account is provided for the trusted execution environment, the trusted execution environment acquires the token of the target account, and invalidation processing is carried out on the token of the target account, namely, the current token of the target account is set to be invalid. That is, in the context of synchronizing blockchain data, the tokens used by the same object each time it logs into the blockchain network are different. Therefore, the identity of the object is verified through the dynamically changed token, so that the security of the data can be further improved.

The following describes in detail the data processing method provided in the present application by taking the target data as tax data in the blockchain network as an example:

(1) The drawer logs in at the SPV node (tax manager) through the target account (SPVID) and the Token of the target account (authtoken). Wherein, SPVID is an ID unique to the drawer that has been registered on the blockchain; auth Token is a login authorization code for a limited time.

(2) After logging, the SPV node transmits the SPVID and the AuthToken to a key generation service of a Trusted Execution Environment (TEE) through a data synchronization service, and the TEE embeds an asymmetric key verification for the AuthToken, so that the AuthToken can be verified. After the Auth Token passes the verification, the TEE initializes a set of keys for the SPVID, respectively data encryption keys (Key 1), key encryption keys (Key 2). Key1 is used for encrypting invoice data synchronized from a blockchain network, key2 is used for encrypting Key1, key2 is generated by combining specific parameters inside a TEE with an SPVID together and cannot be stored outside the TEE, and Key1 is stored in a local disk of an SPV node after being encrypted by Key 2.

(3) In the subsequent SPV node starting process, an AuthToken is used for acquiring the clear text of Key1 from the TEE, the clear text is stored in a memory to which a data synchronization service belongs, and after the clear text is synchronized to the online invoice data related to the SPV node, the invoice data is encrypted through the Key1 and then stored.

(4) AuthToken may expire during use; for example, the AuthToken has an effective duration of 2 hours; for another example, the AuthToken expires when the target account exits. Therefore, authToken requires a timed duration.

(5) When the SPV node detects the exit operation of the SPVID which is logged in currently, key1 is destroyed in the memory first. After the preparation before the exit is completed, the AuthToken is sent to the exit program in the TEE, at which point the TEE exit program performs the following steps:

(5.1) setting the AuthToken to be inactive against the TEE for its expiration date, i.e., invalidating the AuthToken.

And (5.2) carrying out integrity check on the data to be verified, and calculating a sum check code (checksum) of the data to be verified (obtained by encrypting invoice data by adopting a plaintext of Key 1) after the integrity check is passed. The TEE provides a signature for the checksum and combines the checksum and signature into a proof of validity, stored in the SPV node in the form of a file.

(5.3) checking whether the data to be verified is already stored in the SPV node.

(6) After the step (5) is finished, the current drawer can exit, the data to be verified is stored in the SPV node after being encrypted safely, and in addition, the SPV node also comprises integrity certification of the data to be verified, ciphertext of Key1 and the like. When the current drawer logs in next time, after the AuthToken passes the TEE verification, the data to be verified can be reused after the integrity of the part of data is checked.

(7) And (3) initializing a new drawer through the TEE by the process of the steps (1) - (5), and using an encrypted data space corresponding to the account.

Fig. 4 is a flowchart of another data processing method according to an embodiment of the present application. The data processing method may be performed by a memory in any one of the service nodes in the service layer shown in fig. 1 e. As shown in fig. 4, the data processing method may include, but is not limited to, steps S401 to S406:

s401, sending login information to a trusted execution environment.

The login information includes an identification of the target account and a token of the target account. In one embodiment, the login information is used to login to the blockchain network to obtain data synchronization rights for data in the blockchain network.

S402, receiving ciphertext of the first key returned by the trusted execution environment.

The ciphertext of the first key is obtained by encrypting the plaintext of the first key by adopting the second key, and the first key and the second key are generated by the trusted execution environment based on the identification of the target account. The specific embodiment of the trusted execution environment for distributing the first key and the second key to the target account based on the identification of the target account may refer to the embodiment of step S302 in fig. 3, which is not described herein again.

In one embodiment, the service node, after receiving the ciphertext of the first key, stores the identity of the target account in association with the ciphertext of the first key.

S403, sending a key acquisition request to the trusted execution environment.

When plaintext of the first key is needed (e.g., when encrypted storage of the target data is needed, or when decryption of the data to be verified is needed), a key acquisition request is sent to the trusted execution environment, the key acquisition request including a token of the target account and ciphertext of the first key of the target account.

S404, receiving a plaintext of the first key returned by the trusted execution environment, and encrypting the target data by adopting the plaintext of the first key to obtain the data to be verified.

The plaintext of the first key is returned to the memory of the service node by the trusted execution environment in the event that the token of the target account is verified. The encryption algorithm for the target data may include, but is not limited to: the encryption algorithm such as SM4 algorithm, DES algorithm, RSA algorithm, etc. is not limited in this application.

S405, sending the data to be verified to the trusted execution environment.

And when the verification condition is met, providing the data to be verified to the trusted execution environment so that the trusted execution environment verifies the data to be verified. Wherein, satisfying the check condition may include: the number of ticket data synchronized in the blockchain network reaches a number threshold, the exit operation of the target account is detected, the current moment is matched with the verification period of the data to be verified, and the current block synchronization is completed.

In one embodiment, when the service node detects the exit operation of the target account, the service node further provides the token of the target account to the trusted execution environment, so that the trusted execution environment performs invalidation processing on the target account.

And S406, if the data to be verified passes the integrity verification, receiving the validity evidence of the data to be verified returned by the trusted execution environment, and carrying out associated storage on the data to be verified and the validity evidence of the data to be verified.

The validity of the data to be verified is verified, and the data to be verified is returned to the memory of the service node by the trusted execution environment after passing the integrity verification. After receiving the validity evidence of the data to be verified returned by the trusted execution environment, the service node stores the data to be verified and the validity evidence of the data to be verified in an associated mode.

Further, when the target data is needed to be used later, the integrity of the data to be verified is verified through the validity proof of the data to be verified. Specifically, the validity proof comprises a first sum check code of data to be verified and a signature of a trusted execution environment; firstly, verifying the credibility of a first sum check code through a signature of a credible execution environment; if the first sum check code is credible, comparing whether the first sum check code is matched with a second sum check code obtained by calculating the data to be verified, and if the first sum check code is matched with the second sum check code, judging that the data to be verified passes the integrity check. Correspondingly, if the first sum check code is not trusted or the first sum check code is not matched with the second sum check code, judging that the data to be verified does not pass the integrity check; if the target data is synchronized from the blockchain network, the object may be prompted to resynchronize the desired data from the blockchain network.

In the case that the data to be verified passes the integrity check, the plaintext of the first key is obtained, and the specific obtaining manner may refer to the obtaining manner of the plaintext of the first key in step S403 and step S404, which are not described herein. Decrypting the data to be verified by adopting the plaintext of the first secret key to obtain target data.

In the embodiment of the application, a key acquisition request is sent to a trusted execution environment, the key acquisition request comprises a token of a target account and a ciphertext of a first key of the target account, under the condition that token verification of the target account passes, plaintext of the first key returned by the trusted execution environment is received, target data is encrypted by adopting the plaintext of the first key to obtain data to be verified, the data to be verified is provided for the trusted execution environment, so that the trusted execution environment performs integrity verification on the data to be verified, if the data to be verified passes the integrity verification, validity evidence of the data to be verified returned by the trusted execution environment is received, and the data to be verified and the validity evidence of the data to be verified are stored in an associated mode. Therefore, the target data is encrypted through the plaintext of the first secret key, so that the risk of target data leakage can be reduced; by generating the validity evidence of the data to be verified, the data to be verified is verified, and the integrity and the validity of the target data can be well ensured.

The foregoing details of the method of embodiments of the present application are set forth in order to provide a better understanding of the foregoing aspects of embodiments of the present application, and accordingly, the following provides a device of embodiments of the present application.

Referring to fig. 5, fig. 5 is a schematic structural diagram of a data processing apparatus according to an embodiment of the present application, where the apparatus may be mounted on a computer device, and the computer device may be a service node in a blockchain network. The data processing device shown in fig. 5 may be used to perform some or all of the functions of the method embodiments described above with respect to fig. 2 and 3. Referring to fig. 5, the detailed descriptions of the respective units are as follows:

an obtaining unit 501, configured to obtain a key obtaining request, where the key obtaining request includes a token of a target account and a ciphertext of a first key of the target account;

the processing unit 502 is configured to determine a plaintext of the first key according to a ciphertext of the first key and return the plaintext of the first key to a requester of the key acquisition request when token verification of the target account is passed;

the obtaining unit 501 is further configured to obtain data to be verified, where the data to be verified is obtained by encrypting, by a requester of a key obtaining request, target data with a plaintext of a first key;

The processing unit 502 is further configured to perform integrity check on the data to be verified, and if the data to be verified passes the integrity check, return a validity proof of the data to be verified to a requester of the key acquisition request.

In one embodiment, the processing unit 502 is further configured to:

In one embodiment, the processing unit 502 is configured to determine a plaintext of the first key from a ciphertext of the first key, specifically configured to:

obtaining a second key associated with the ciphertext of the first key;

In one embodiment, the data processing method is performed in a trusted execution environment in a computer device, and the processing unit 502 is configured to obtain a second key associated with a ciphertext of the first key, specifically configured to:

In one embodiment, the processing unit 502 is configured to return a validity proof of the data to be verified to a requester of the key obtaining request, specifically configured to:

calculating a sum check code of the data to be verified;

In one embodiment, the processing unit 502 is further configured to:

In one embodiment, the target data is obtained by synchronizing data in the blockchain network after logging in the blockchain network through the target account; the processing unit 502 is further configured to:

invalidating the token of the target account.

According to one embodiment of the present application, part of the steps involved in the data processing method shown in fig. 2 and 3 may be performed by respective units in the data processing apparatus shown in fig. 5. For example, step S201 and step S203 shown in fig. 2 may be performed by the acquisition unit 501 shown in fig. 5, and step S202 and step S204 may be performed by the processing unit 502 shown in fig. 5; step S301, step S304, and step S306 shown in fig. 3 may be performed by the acquisition unit 501 shown in fig. 5, step S302, step S303, step S305, and step S307 may be performed by the processing unit 502 shown in fig. 5. The respective units in the data processing apparatus shown in fig. 5 may be individually or all combined into one or several other units, or some (some) of them may be further split into a plurality of units with smaller functions to form them, which may achieve the same operation without affecting the achievement of the technical effects of the embodiments of the present application. The above units are divided based on logic functions, and in practical applications, the functions of one unit may be implemented by a plurality of units, or the functions of a plurality of units may be implemented by one unit. In other embodiments of the present application, the data processing apparatus may also include other units, and in practical applications, these functions may also be implemented with assistance from other units, and may be implemented by cooperation of a plurality of units.

According to another embodiment of the present application, a data processing apparatus as shown in fig. 5 may be constructed by running a computer program (including program code) capable of executing the steps involved in the respective methods as shown in fig. 2 and 3 on a general-purpose computing apparatus such as a computer including a processing element such as a Central Processing Unit (CPU), a random access storage medium (RAM), a read only storage medium (ROM), and the like, and a storage element, and the data processing method of the embodiments of the present application may be implemented. The computer program may be recorded on, for example, a computer-readable recording medium, and loaded into and run in the above-described computing device through the computer-readable recording medium.

Based on the same inventive concept, the principle and beneficial effects of the data processing device provided in the embodiments of the present application are similar to those of the data processing method in the embodiments of the present application, and may refer to the principle and beneficial effects of implementation of the method, which are not described herein for brevity.

Referring to fig. 6, fig. 6 is a schematic structural diagram of another data processing apparatus according to an embodiment of the present application, where the apparatus may be mounted on a computer device, and the computer device may be a service node in a blockchain network. The data processing device shown in fig. 6 may be used to perform some or all of the functions of the method embodiment described above with respect to fig. 4. Referring to fig. 6, the detailed descriptions of the respective units are as follows:

A processing unit 601, configured to send a key obtaining request to a trusted execution environment, where the key obtaining request includes a token of a target account and a ciphertext of a first key of the target account;

the receiving unit 602 is configured to receive a plaintext of a first key returned by the trusted execution environment and encrypt target data with the plaintext of the first key, where the token verification of the target account passes, to obtain data to be verified;

the processing unit 601 is further configured to provide data to be verified to the trusted execution environment, so that the trusted execution environment performs integrity check on the data to be verified;

the receiving unit 602 is further configured to receive a validity proof of the data to be verified returned by the trusted execution environment if the data to be verified passes the integrity check;

the processing unit 601 is further configured to store the data to be verified and the validity proof of the data to be verified in an associated manner.

In one embodiment, the processing unit 601 is further configured to:

According to one embodiment of the present application, part of the steps involved in the data processing method shown in fig. 4 may be performed by respective units in the data processing apparatus shown in fig. 6. For example, step S401, step S403 and step S405 shown in fig. 4 may be performed by the processing unit 601 shown in fig. 6, step S402 may be performed by the receiving unit 602 shown in fig. 6, and step S404 and step S406 may be cooperatively performed by the processing unit 601 and the receiving unit 602 shown in fig. 6. The respective units in the data processing apparatus shown in fig. 6 may be individually or all combined into one or several other units, or some (some) of them may be further split into a plurality of units with smaller functions to form them, which may achieve the same operation without affecting the achievement of the technical effects of the embodiments of the present application. The above units are divided based on logic functions, and in practical applications, the functions of one unit may be implemented by a plurality of units, or the functions of a plurality of units may be implemented by one unit. In other embodiments of the present application, the data processing apparatus may also include other units, and in practical applications, these functions may also be implemented with assistance from other units, and may be implemented by cooperation of a plurality of units.

According to another embodiment of the present application, a data processing apparatus as shown in fig. 6 may be constructed by running a computer program (including program code) capable of executing the steps involved in the respective methods as shown in fig. 4 on a general-purpose computing apparatus such as a computer including a processing element such as a Central Processing Unit (CPU), a random access storage medium (RAM), a read only storage medium (ROM), and the like, and a storage element, and implementing the data processing method of the embodiments of the present application. The computer program may be recorded on, for example, a computer-readable recording medium, and loaded into and run in the above-described computing device through the computer-readable recording medium.

Referring to fig. 7, fig. 7 is a schematic structural diagram of a computer device according to an embodiment of the present application, and as shown in fig. 7, the computer device at least includes a processor 701, a communication interface 702, and a memory 703. Wherein the processor 701, the communication interface 702, and the memory 703 may be connected by a bus or other means. The processor 701 (or called central processing unit (Central Processing Unit, CPU)) is a computing core and a control core of the terminal, and may parse various instructions in the terminal and process various data of the terminal, for example: the CPU can be used for analyzing a startup and shutdown instruction sent by an object to the terminal and controlling the terminal to perform startup and shutdown operation; and the following steps: the CPU can transmit various kinds of interactive data between the internal structures of the terminal, and so on. Communication interface 702 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI, mobile communication interface, etc.), and may be controlled by processor 701 to receive and transmit data; the communication interface 702 may also be used for transmission and interaction of data inside the terminal. The Memory 703 (Memory) is a Memory device in the terminal for storing programs and data. It will be appreciated that the memory 703 here may include both the internal memory of the terminal and the expansion memory supported by the terminal. The memory 703 provides a storage space that stores the operating system of the terminal, which may include, but is not limited to: android systems, iOS systems, windows Phone systems, etc., which are not limiting in this application.

The embodiment of the application also provides a computer readable storage medium (Memory), which is a Memory device in the terminal and is used for storing programs and data. It will be appreciated that the computer readable storage medium herein may include both a built-in storage medium in the terminal and an extended storage medium supported by the terminal. The computer readable storage medium provides a storage space that stores a processing system of the terminal. Also stored in this memory space are one or more instructions, which may be one or more computer programs (including program code), adapted to be loaded and executed by the processor 701. Note that the computer readable storage medium can be either a high-speed RAM memory or a non-volatile memory (non-volatile memory), such as at least one magnetic disk memory; alternatively, it may be at least one computer-readable storage medium located remotely from the aforementioned processor.

In one embodiment, the processor 701 performs the following operations by executing executable program code in the memory 703:

As an alternative embodiment, the processor 701 further performs the following operations by running executable program code in the memory 703:

As an alternative embodiment, the specific embodiment of determining the plaintext of the first key by the processor 701 based on the ciphertext of the first key is:

Obtaining a second key associated with the ciphertext of the first key;

As an alternative embodiment, the data processing method is executed in a trusted execution environment in a computer device, and the specific embodiment of the processor 701 obtaining the second key associated with the ciphertext of the first key is:

As an alternative embodiment, the specific embodiment of the processor 701 returning the validity proof of the data to be verified to the requester of the key retrieval request is:

calculating a sum check code of the data to be verified;

As an optional embodiment, the target data is obtained by synchronizing data in the blockchain network after logging into the blockchain network through the target account; the processor 701 further performs the following operations by executing the executable program code in the memory 703:

invalidating the token of the target account.

In another embodiment, the processor 801 performs the following operations by executing executable program code in the memory 803:

As an alternative embodiment, the processor 801, by executing executable program code in the memory 803, also performs the following operations:

Based on the same inventive concept, the principle and beneficial effects of solving the problem of the computer device provided in the embodiments of the present application are similar to those of solving the problem of the data processing method in the embodiments of the method of the present application, and may refer to the principle and beneficial effects of implementation of the method, which are not described herein for brevity.

Embodiments of the present application also provide a computer readable storage medium having one or more instructions stored therein, the one or more instructions being adapted to be loaded by a processor and to perform the data processing method of the above-described method embodiments.

The present application also provides a computer program product comprising instructions which, when run on a computer, cause the computer to perform the data processing method of the method embodiments described above.

Embodiments of the present application also provide a computer program product or computer program comprising computer instructions stored in a computer-readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the data processing method described above.

The steps in the method of the embodiment of the application can be sequentially adjusted, combined and deleted according to actual needs.

The modules in the device of the embodiment of the application can be combined, divided and deleted according to actual needs.

Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of the above embodiments may be implemented by a program to instruct related hardware, the program may be stored in a computer readable storage medium, and the readable storage medium may include: flash disk, read-Only Memory (ROM), random-access Memory (Random Access Memory, RAM), magnetic or optical disk, and the like.

The foregoing disclosure is only a preferred embodiment of the present application, and it is not intended to limit the scope of the claims, and one of ordinary skill in the art will understand that all or part of the processes for implementing the embodiments described above may be performed with equivalent changes in the claims of the present application and still fall within the scope of the claims.

Claims

1. A method of data processing, comprising:

Determining a plaintext of the first key according to the ciphertext of the first key under the condition that the token verification of the target account is passed, and returning the plaintext of the first key to a requester of the key acquisition request;

obtaining data to be verified, wherein the data to be verified is obtained by encrypting target data by adopting a plaintext of the first key by a requester of the key obtaining request;

2. The method of claim 1, wherein the method further comprises:

assigning a key group to the target account, the key group comprising a first key and a second key, if the token of the target account passes verification;

3. The method of claim 1, wherein the determining plaintext of the first key from ciphertext of the first key comprises:

obtaining a second key associated with ciphertext of the first key;

4. The method of claim 3, wherein the method is performed in a trusted execution environment in a computer device, the obtaining a second key associated with ciphertext of the first key, comprising:

the preset parameters include: a serial number of the computer device stored in the trusted execution environment.

5. The method of claim 1, wherein the returning of the proof of validity of the data to be verified to the requestor of the key acquisition request comprises:

calculating a sum check code of the data to be verified;

And returning the validity proof of the data to be verified to the requester of the key acquisition request so that the requester of the key acquisition request can store the data to be verified and the validity proof in a correlated mode.

6. The method of claim 1, wherein the method further comprises:

7. The method of claim 1, wherein the target data is obtained by synchronizing data in a blockchain network after logging into the blockchain network through the target account; the method further comprises the steps of:

obtaining a token of the target account, wherein the token of the target account is provided when a requester of a key obtaining request of the target account detects that the target account logs out of the blockchain network;

and invalidating the token of the target account.

8. A method of data processing, comprising:

receiving a plaintext of the first key returned by the trusted execution environment and encrypting target data by adopting the plaintext of the first key under the condition that the token verification of the target account is passed, so as to obtain data to be verified;

providing the data to be verified to the trusted execution environment so that the trusted execution environment performs integrity check on the data to be verified;

9. The method of claim 8, wherein the method further comprises:

and if the data to be verified passes the integrity verification, decrypting the data to be verified by adopting the plaintext of the first key to obtain target data.

10. The method of claim 8, wherein the method further comprises:

sending login information to the trusted execution environment, wherein the login information comprises an identification of a target account and a token of the target account;

the ciphertext of the first key is obtained by encrypting the plaintext of the first key by adopting a second key, and the first key and the second key are generated by the trusted execution environment based on the identification of the target account.

11. A data processing apparatus, characterized in that the data processing apparatus comprises:

an obtaining unit, configured to obtain a key obtaining request, where the key obtaining request includes a token of a target account and a ciphertext of a first key of the target account;

the obtaining unit is further configured to obtain data to be verified, where the data to be verified is obtained by encrypting target data by a requester of the key obtaining request using a plaintext of the first key;

The processing unit is further configured to perform integrity check on the data to be verified, and if the data to be verified passes the integrity check, return the validity proof of the data to be verified to the requester of the key acquisition request.

12. A data processing apparatus, characterized in that the data processing apparatus comprises:

the processing unit is used for sending a key acquisition request to the trusted execution environment, wherein the key acquisition request comprises a token of a target account and a ciphertext of a first key of the target account;

the processing unit is further configured to provide the data to be verified to the trusted execution environment, so that the trusted execution environment performs integrity check on the data to be verified;

the receiving unit is further configured to receive a validity proof of the data to be verified returned by the trusted execution environment if the data to be verified passes the integrity check;

The processing unit is further used for carrying out association storage on the data to be verified and the validity evidence of the data to be verified.

13. A computer device, comprising: a memory device and a processor;

a memory in which a computer program is stored;

a processor for loading the computer program for implementing the data processing method according to any of claims 1-7 or for implementing the data processing method according to any of claims 8-10.

14. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program adapted to be loaded by a processor and to perform the data processing method according to any of claims 1-7 or to perform the data processing method according to any of claims 8-10.

15. A computer program product, characterized in that the computer program product comprises a computer program adapted to be loaded by a processor and to perform the data processing method according to any of claims 1-7 or to perform the data processing method according to any of claims 8-10.