WO2022134812A1 - Consortium blockchain-based multi-institution data processing method, apparatus, and related device - Google Patents

Consortium blockchain-based multi-institution data processing method, apparatus, and related device Download PDF

Info

Publication number
WO2022134812A1
WO2022134812A1 PCT/CN2021/125594 CN2021125594W WO2022134812A1 WO 2022134812 A1 WO2022134812 A1 WO 2022134812A1 CN 2021125594 W CN2021125594 W CN 2021125594W WO 2022134812 A1 WO2022134812 A1 WO 2022134812A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
ciphertext
node device
node
serial code
Prior art date
Application number
PCT/CN2021/125594
Other languages
French (fr)
Chinese (zh)
Inventor
陈贝
Original Assignee
深圳壹账通智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳壹账通智能科技有限公司 filed Critical 深圳壹账通智能科技有限公司
Publication of WO2022134812A1 publication Critical patent/WO2022134812A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers

Definitions

  • the present application relates to the field of blockchain technology, and in particular, to a multi-organization data processing method, device, computer equipment and storage medium based on a consortium chain.
  • some blockchain-based systems serve users through a one-to-many model, such as a bank's credit system.
  • the so-called one-to-many model is a single institution to many customers.
  • customers In actual scenarios such as financial lending, customers often have more capital needs due to business expansion, consumption upgrades, etc.
  • customers want to seek re-lending they often fail to meet the re-lending conditions within the bank or because other banks have lower interest rates. The reason is that they want to change other banks to make loans, and other banks need to spend repeated resources to do the same background investigation and risk control screening for this customer.
  • blockchain-based multi-agency loan services have emerged.
  • the blockchain is divided into public chain, alliance chain and private chain.
  • the alliance chain can realize information opening within a certain range, record every write, and ensure a high degree of information security through encryption algorithm , which is suitable for enterprises to build a blockchain-based multi-agency loan system.
  • the inventor realizes that the existing methods have at least the following problems: in today's era of big data, users pay more and more attention to personal privacy, and the personal information and transaction data on the blockchain It is highly sensitive information and cannot be viewed and used without the authorization of the customer.
  • the alliance chain technology lacks relevant solutions that consider the authorization and authentication of private data on the basis of authenticating transaction data. There is an urgent need for a solution that protects user privacy. At the same time, it also allows user-authorized institutions to query the method of sensitive data on the chain.
  • the embodiments of the present application provide a multi-institution data processing method, device, computer equipment, and storage medium based on a consortium chain, so as to solve the problem that the existing technology lacks the protection of user privacy while allowing user-authorized institutions to query sensitive data on the chain .
  • a multi-organization data processing method based on the alliance chain is applied to the node equipment on the alliance chain, and the method includes:
  • serial code input by the user which is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
  • the ciphertext is obtained from the alliance chain, and the ciphertext is obtained by encrypting the historical data with the original key generated according to the sequence code and the preset encryption algorithm, and is obtained through The first legal node encrypts the historical data to obtain the ciphertext;
  • the original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm
  • the ciphertext is decrypted by the original key to obtain the historical data of the user.
  • a multi-organization data processing device based on a consortium chain comprising:
  • the serial code acquisition module is used to obtain the serial code input by the user, and the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
  • the judgment module is used to judge whether the device of the local node meets the conditions for obtaining the ciphertext by using the smart contract pre-established by the alliance chain;
  • the ciphertext obtaining module is used to obtain the ciphertext from the alliance chain if the local node device meets the conditions for obtaining the ciphertext.
  • the historical data is encrypted to obtain, and the ciphertext is obtained by encrypting the historical data through the first legal node;
  • an encryption algorithm obtaining module used to obtain the preset encryption algorithm from the smart contract
  • An encryption module used for encrypting the serial code input by the user through the encryption algorithm to obtain the original secret key
  • the decryption module is used for decrypting the ciphertext through the original secret key to obtain the historical data of the user.
  • a computer device comprising a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, when the processor executes the computer-readable instructions, the implementation is as follows: based on a consortium chain The steps of the multi-agency data processing method:
  • the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
  • the ciphertext is obtained from the alliance chain, and the ciphertext is paired with the historical data through the original key generated according to the sequence code and the preset encryption algorithm. Obtained by encrypting, and encrypting the historical data by the first legal node to obtain the ciphertext;
  • the original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm
  • a computer-readable storage medium which stores computer-readable instructions, and when the computer-readable instructions are executed by a processor, implements the following steps of a multi-organization data processing method based on a consortium chain:
  • the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
  • the ciphertext is obtained from the alliance chain, and the ciphertext is paired with the historical data through the original key generated according to the sequence code and the preset encryption algorithm. Obtained by encrypting, and encrypting the historical data by the first legal node to obtain the ciphertext;
  • the original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm
  • the multi-agency data processing method, device, computer equipment and storage medium based on the alliance chain proposed in this application while protecting the privacy of the user, this application allows the user-authorized organization to query the sensitive data on the chain, so that the user's sensitive data can be stored in the alliance chain. shared among trusted nodes on the
  • FIG. 1 is a schematic diagram of an application environment of a multi-organization data processing method based on a consortium chain in an embodiment of the present application;
  • FIG. 2 is a flowchart of a multi-organization data processing method based on a consortium chain in an embodiment of the present application
  • FIG. 3 is a further flowchart of step S102 in FIG. 2 according to an embodiment of the present application;
  • FIG. 4 is a schematic structural diagram of a multi-organization data processing device based on a consortium chain in an embodiment of the present application
  • FIG. 5 is a schematic diagram of a computer device in an embodiment of the present application.
  • FIG. 1 is a schematic diagram of an application environment of a multi-organization data processing method based on a consortium chain in an embodiment of the present application.
  • the multi-organization data processing method based on a consortium chain provided by the present application can be applied in the application environment as shown in FIG. 1 , wherein , the blockchain consists of several nodes that can communicate with each other, each node can be regarded as a block storage, each block storage is used to save data, and each data node contains all data, the block storage The data has a complete historical record and can be quickly recovered and expanded.
  • the blockchain is divided into public chain, private chain and alliance chain. The public chain is open to any node, and everyone can participate in the calculation of this blockchain, and anyone can You can download and obtain complete blockchain data.
  • Some blockchains do not want anyone to participate in the system, and are not open to the public. They are suitable for internal data management and auditing or open testing of specific institutions. The permissions of each node are completely equal, and everyone can realize the trusted exchange of data without complete mutual trust.
  • Each node of the alliance chain usually has a corresponding entity organization, and can only join and exit after authorization.
  • the network in the process of using the entire blockchain backup system, needs to use a digital signature.
  • the digital signature designs a hash function, the sender's public key, and the sender's private key.
  • the blockchain has a complete distributed storage feature. In fact, a larger network data storage also uses a data structure in the form of a "hash algorithm" to store basic data.
  • FIG. 2 is a flow chart of a multi-organization data processing method based on a consortium chain in an embodiment of the present application.
  • a multi-organization data processing method based on a consortium chain is provided. The method is applied to the node device on the consortium chain in FIG. 1 as an example to illustrate, including the following steps S101 to S106.
  • the first legal node is a node on the alliance chain, and the first legal node is different from the node device.
  • the user Zhang San seeks loans from two banks successively, and the equipment for processing loan requests from these two banks is deployed in the same alliance chain.
  • the equipment for processing loan requests from the bank that Zhang San first found can be understood as this
  • the first legal node in the scheme, the second bank that Zhang San finds to process loan requests can be understood as the node equipment in this scheme. If Zhang San finds the Nth bank to process the loan request, the Nth bank
  • the device processing loan requests can also be understood as the node device in this case.
  • the historical data includes information such as the user's name, ID number and/or loan information.
  • the step of the first legal node encrypting and transforming the historical data input by the user to obtain the sequence code includes:
  • the serial code of the encrypted data is sent to the user.
  • Rainbow Tables is a huge collection of pre-calculated hash values for various possible letter combinations.
  • various passwords can be quickly cracked, and the original data can be added through algorithms such as MD5.
  • Salt encryption can prevent the encrypted raw data from being attacked and cracked by rainbow tables.
  • Zhang San seeks loans from two banks successively, and the devices for processing loan requests by these two banks are all legal nodes in the same alliance chain.
  • Zhang San first finds the first bank to process the loan request, and obtains After Zhang San received the serial code sent by the first bank to Zhang San, when Zhang San asked the second bank for a loan, if the preset trigger node in the smart contract was approval, when Zhang San's loan process reached the approval process node, he would judge this
  • the end node device is the legal node of the alliance chain.
  • FIG. 3 is a further flowchart of step S102 in FIG. 2 according to an embodiment of the present application. As shown in FIG. 3 , this step S102 further includes the following steps S301 to S302 .
  • S302. Determine whether the local node device has registered with the central node of the alliance chain according to the CA certificate of the local node device, and if so, determine that the local node device is a legal node of the alliance chain.
  • the CA is the issuing authority of the certificate, and it is the authority responsible for issuing certificates, certifying certificates, and managing the issued certificates.
  • the principle of CA certificate is to append user information and CA's signature to the user's public key.
  • the public key is one part of the key pair and the other part is the private key.
  • the public key is made public and anyone can use it. Only you know the private key. Information encrypted by the public key can only be decrypted by the corresponding private key.
  • the sender encrypts the message with the recipient's public key; the recipient can decrypt the message with their own private key.
  • the sender signs the message with his private key; the recipient can verify the sender's identity by verifying the signature with the sender's public key.
  • this step S102 further includes the following steps S303 to S305.
  • the trigger node is, for example, the node where the user triggers the loan approval.
  • the pre-established smart contract of the alliance chain stipulates that the conditions for obtaining the ciphertext include that the local node device is a legal node registered in the alliance chain, and on the other hand, the business process node triggered by the user is required to be intelligent The trigger node agreed in the contract.
  • a preset trigger node such as a node where a user submits a loan application, is obtained in the smart contract.
  • the local node device meets the conditions for obtaining the ciphertext, obtain the ciphertext from the alliance chain, and the ciphertext is obtained by encrypting the historical data with the original key generated according to the serial code and a preset encryption algorithm , the ciphertext is obtained by encrypting the historical data by the first legal node.
  • the preset encryption algorithm includes but is not limited to AES (Advanced Encryption Standard) Advanced Encryption Standard algorithm, RSA algorithm or a combination of AES Advanced Encryption Standard algorithm and RSA algorithm.
  • AES Advanced Encryption Standard
  • the preset encryption algorithm includes the AES Advanced Encryption Standard algorithm
  • the step S103 further includes:
  • the serial code input by the user is encrypted by the AES advanced encryption standard algorithm to obtain the original secret key.
  • step S103 further includes:
  • the serial code input by the user is encrypted by the RSA algorithm to obtain the original secret key.
  • the serial code input by the user may also be encrypted by using the AES advanced encryption standard algorithm combined with the RSA algorithm to obtain the original secret key.
  • the original key generated by the first legal node according to the sequence code and the preset encryption algorithm is only stored in the first legal node, and the original key obtained by the first legal node can be understood as Private key, the first legal node only needs to send the serial code used to generate the original secret key to the user, the preset algorithm for generating the serial code through the original secret key is stored in the alliance chain, and the local node device Only when the conditions for obtaining ciphertext are met, the following steps can be performed to obtain the preset algorithm from the alliance chain.
  • the obtained preset encryption algorithm is the same as the preset encryption algorithm in the foregoing step S103.
  • S105 Encrypt the serial code input by the user through the encryption algorithm to obtain the original secret key.
  • step S105 specifically includes:
  • the serial code input by the user is encrypted by the AES advanced encryption standard algorithm to obtain the original secret key.
  • step S105 further includes:
  • the serial code input by the user is encrypted by the RSA algorithm to obtain the original secret key.
  • the serial code input by the user may also be encrypted by using the AES advanced encryption standard algorithm combined with the RSA algorithm to obtain the original secret key.
  • S106 Decrypt the ciphertext by using the original key to obtain historical data of the user.
  • the process of the user providing the serial code to the local node device is one of the conditions for obtaining historical data through ciphertext. It is necessary to comply with other agreements in the smart contract, so that the local node device can obtain the ciphertext and obtain the original secret key through the serial code. Obtained from the chain after authorization.
  • the preconditions of the preset algorithm for obtaining the ciphertext and obtaining the original key through the serial code are: the local node device is legal (CA certificate) and the business process on the local node device is the trigger process agreed in the contract, such as user triggering loan process.
  • the key to this case is the circulation of the serial code.
  • the serial code belongs to the intermediate product of the historical data and the original secret key.
  • the original data is encrypted (which can be MD5 encryption) to obtain the serial code, and then the serial code is preset.
  • the specific encryption method can be the AES algorithm or other encryption algorithms.
  • the specific algorithm can only be obtained from the chain by the node device that has passed the authentication.
  • the obtained original key is used to encrypt the historical data to obtain the secret key.
  • the original secret key is only known by the first legal node when it is generated, and the original secret key can be understood as a private key in the conventional sense.
  • the ciphertext is stored in the blockchain, and the local node device is When obtaining the serial code, it is also necessary to obtain the preset algorithm for generating the original secret key (private key) through the serial code from the contract, in order to obtain the original secret key (private key). The method of obtaining the original secret key through the serial code.
  • the user applies for a loan to bank_1 for the first time.
  • the customer's basic information such as name + ID + loan information, etc.
  • adding salt to prevent rainbow table attacks the customer-specific serial code C1 is generated through a hash algorithm. , and provide the serial code C1 to the customer to save;
  • bank_1 encrypts the serial code C1 according to the encryption method agreed by the alliance to generate C2 as the encryption key of the AES algorithm. After encrypting the user's personal information and loan information, the ciphertext M1 is generated, and then M1 is recorded in the alliance chain based on the consensus mechanism of the alliance chain. , complete the chain;
  • bank_2 judges whether the customer has historical orders in the banks of the alliance chain according to whether the customer provides the serial code, and the process of obtaining the serial code C1 is the customer In the process of authorizing its own loan data, bank_2 generates C2' through serial code C1 according to the unique key generation method agreed in advance;
  • bank_2 initiates a request to query customer loan information M1, which triggers the execution of the smart contract.
  • the writing logic of the smart contract includes permission verification for the bank_2 node. It determines whether the node is a legitimate node of the alliance chain by verifying the CA certificate of bank_2, and bank_2 Whether a user's order has been created and the order status has gone to the investigation and approval node to prove that the customer has a real loan demand for bank_2, and if there is an order that meets the conditions, the permission verification is passed, and the query request is successfully initiated.
  • the AES algorithm is a symmetric encryption algorithm, and the C2' obtained from the same sequence code C1 through the agreed algorithm transformation is consistent with the encryption key C2, so the use of C2' can successfully decrypt M1, and bank_2 extracts information from M1 and collects all The required risk control data, and then according to the risk control rules to determine whether they meet the loan conditions.
  • This solution focuses on the authorization and authentication of customer data in the multi-agency loan scenario in the blockchain. It uses the authorization letter + serial code to solve the authorization problem of obtaining user privacy and sensitive information, and uses the smart contract verification + key to provide the data on the chain. Query the solution to the authentication problem to ensure that the institution can obtain sensitive customer data only when the user has a loan demand and the authorization content is clear.
  • the AES algorithm is currently the most popular symmetric encryption algorithm. In this scheme, the key of AES is not directly transmitted, but the encryption and decryption parties respectively process the strings in the same sequence code to reduce the encryption. The risk of the key being eavesdropped and stolen during the transmission process further ensures data security. Paying attention to and protecting the private information of customers can help the company to improve its corporate image, enhance customers' intention to participate in alliance chain loans, and achieve a win-win situation.
  • a consortium chain-based multi-institution data processing apparatus is provided, and the consortium chain-based multi-institution data processing apparatus corresponds to the consortium chain-based multi-institution data processing method in the above embodiment.
  • the multi-organization data processing device 100 based on the alliance chain includes a serial code acquisition module 11 , a judgment module 12 , a ciphertext acquisition module 13 , an encryption algorithm acquisition module 14 , an encryption module 15 and a decryption module 16 .
  • the detailed description of each functional module is as follows:
  • the serial code obtaining module 11 is used to obtain the serial code input by the user, and the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
  • the judgment module 12 is used for judging whether the local node device meets the conditions for obtaining the ciphertext by using the smart contract pre-established by the alliance chain;
  • the ciphertext obtaining module 13 is used to obtain the ciphertext from the alliance chain if the local node device meets the conditions for obtaining the ciphertext, and the ciphertext passes through the original key pair generated according to the sequence code and the preset encryption algorithm
  • the historical data is obtained by encrypting, and the ciphertext is obtained by encrypting the historical data by the first legal node;
  • an encryption algorithm obtaining module 14 configured to obtain the preset encryption algorithm from the smart contract
  • the encryption module 15 is used for encrypting the serial code input by the user through the encryption algorithm to obtain the original secret key
  • the decryption module 16 is used for decrypting the ciphertext through the original secret key to obtain the historical data of the user.
  • the historical data includes the user's name, ID number and/or loan information.
  • the judging module specifically includes:
  • the certificate obtaining unit is used to obtain the CA certificate of the local node device
  • a first judging unit configured to judge whether the local node device has been registered with the central node of the alliance chain according to the CA certificate of the local node device, and if so, determine that the local node device is a legal node of the alliance chain;
  • a business process node acquiring unit used to acquire the business process node triggered by the user
  • a trigger node obtaining unit used to obtain a preset trigger node from the smart contract
  • the second judging unit is used for judging that the local node device meets the conditions for obtaining the ciphertext when the service process node is the same as the triggering node.
  • the preset encryption algorithm includes the AES advanced encryption standard algorithm
  • the encryption module 15 is specifically configured to encrypt the serial code input by the user through the AES advanced encryption standard algorithm to obtain the original secret key.
  • the preset encryption algorithm includes an RSA algorithm
  • the encryption module 15 is specifically configured to encrypt the serial code input by the user through the RSA algorithm to obtain the original secret key.
  • Each module in the above-mentioned consortium chain-based multi-organization data processing device may be implemented in whole or in part by software, hardware and combinations thereof.
  • the above modules can be embedded in or independent of the processor in the computer device in the form of hardware, or stored in the memory in the computer device in the form of software, so that the processor can call and execute the operations corresponding to the above modules.
  • a computer device is provided, and the computer device may be a terminal, and its internal structure diagram may be as shown in FIG. 5 .
  • the computer equipment includes a processor, memory, a network interface, a display screen, and an input device connected by a system bus.
  • the processor of the computer device is used to provide computing and control capabilities.
  • the memory of the computer device includes a non-volatile storage medium, an internal memory.
  • the non-volatile storage medium stores an operating system and computer-readable instructions.
  • the internal memory provides an environment for the execution of the operating system and computer-readable instructions in the non-volatile storage medium.
  • the network interface of the computer device is used to communicate with other node devices in the alliance chain through a network connection.
  • the computer-readable instructions when executed by the processor, implement a multi-organization data processing method based on a consortium chain.
  • a computer device which includes a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor.
  • the processor executes the computer-readable instructions, the The steps of the multi-organization data processing method of the consortium chain, for example, steps 101 to 106 shown in FIG. 2 and other extensions of the method and extensions of related steps.
  • the processor executes the computer-readable instructions, the functions of each module/unit of the multi-organization data processing apparatus based on the alliance chain in the above-mentioned embodiments are implemented, for example, the functions of modules 11 to 16 shown in FIG. 4 . In order to avoid repetition, details are not repeated here.
  • the processor may be a central processing unit (Central Processing Unit, CPU), and may also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), Application Specific Integrated Circuit (ASIC), Off-the-shelf Programmable Gate Array (Field-Programmable Gate Array, FPGA) Or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.
  • the general-purpose processor can be a microprocessor or the processor can also be any conventional processor, etc.
  • the processor is the control center of the computer device, and uses various interfaces and lines to connect various parts of the entire computer device.
  • the memory may be used to store the computer-readable instructions and/or modules, and the processor may execute or execute the computer-readable instructions and/or modules stored in the memory and recall the data stored in the memory, Various functions of the computer device are implemented.
  • the memory may mainly include a stored program area and a stored data area, wherein the stored program area may store an operating system, an application program required for at least one function (such as a sound playback function, an image playback function, etc.), etc.; the storage data area may store Data created according to the usage of the mobile phone (such as audio data, video data, etc.), etc.
  • the memory may be integrated in the processor, or may be provided separately from the processor.
  • a computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable storage medium may be non-volatile or volatile, and the computer-readable instructions are processed
  • the computer-readable instructions are executed by the processor, the functions of each module/unit of the multi-organization data processing apparatus based on the consortium chain in the above-mentioned embodiment are implemented, for example, the functions of modules 11 to 16 shown in FIG. 4 . In order to avoid repetition, details are not repeated here.
  • Nonvolatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory.
  • Volatile memory may include random access memory (RAM) or external cache memory.
  • RAM is available in various forms such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Road (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM) and so on.
  • SRAM static RAM
  • DRAM dynamic RAM
  • SDRAM synchronous DRAM
  • DDRSDRAM double data rate SDRAM
  • ESDRAM enhanced SDRAM
  • SLDRAM synchronous chain Road (Synchlink) DRAM
  • SLDRAM synchronous chain Road (Synchlink) DRAM
  • Rambus direct RAM
  • DRAM direct memory bus dynamic RAM
  • RDRAM memory bus dynamic RAM

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Mathematical Physics (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Disclosed in the present application is a consortium blockchain-based multi-institution data processing method, which is applied in the field of blockchain technology, and which is used for solving the technical problem where a current technology does not allow a user-authorized institution to query sensitive data on a blockchain while also protecting user privacy. The method provided in the present application comprises: acquiring a sequence code input by a user; utilizing a pre-formulated smart contract of a consortium blockchain to determine whether a local end node device complies with a condition to acquire a ciphertext; if the local end node device complies with the condition to acquire the ciphertext, acquiring the ciphertext from on the consortium blockchain, said ciphertext being obtained by means of performing encryption on historical data according to an original cryptographic key generated via the sequence code and a preset encryption algorithm, and obtaining the ciphertext by means of a first legitimate node performing encryption on said historical data; acquiring the preset encryption algorithm from within the smart contract; performing encryption on the sequence code input by the user by means of the encryption algorithm, and obtaining the original cryptographic key; performing decryption on the ciphertext by means of the original cryptographic key, and obtaining historical data of said user.

Description

基于联盟链的多机构数据处理方法、装置及相关设备Multi-organization data processing method, device and related equipment based on alliance chain
本申请要求于2020年12月21日提交中国专利局、申请号为202011521525.1,发明名称为“基于联盟链的多机构数据处理方法、装置及相关设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims the priority of the Chinese patent application filed on December 21, 2020 with the application number 202011521525.1 and the title of the invention is "Multi-organization data processing method, device and related equipment based on consortium chain", and its entire content Incorporated herein by reference.
  
技术领域technical field
本申请涉及区块链技术领域,尤其涉及一种基于联盟链的多机构数据处理方法、装置、计算机设备及存储介质。The present application relates to the field of blockchain technology, and in particular, to a multi-organization data processing method, device, computer equipment and storage medium based on a consortium chain.
背景技术Background technique
目前有一些基于区块链的***是通过一对多模式对用户进行服务,例如银行的信贷***,所谓一对多模式即单机构对多客户。在例如金融借贷的实际场景中,客户往往因为生意扩张、消费升级等有更多的资金需求,当客户想要寻求再次贷款时,常会因为不满足行内再次借贷条件或者他行利率更低等客观原因,希望改换他行进行贷款,其他银行需要耗费重复的资源对该客户做相同的背景调查、风控筛查。随着区块链概念的兴起,基于区块链的多机构贷款服务应运而生。At present, some blockchain-based systems serve users through a one-to-many model, such as a bank's credit system. The so-called one-to-many model is a single institution to many customers. In actual scenarios such as financial lending, customers often have more capital needs due to business expansion, consumption upgrades, etc. When customers want to seek re-lending, they often fail to meet the re-lending conditions within the bank or because other banks have lower interest rates. The reason is that they want to change other banks to make loans, and other banks need to spend repeated resources to do the same background investigation and risk control screening for this customer. With the rise of the blockchain concept, blockchain-based multi-agency loan services have emerged.
区块链分为公有链、联盟链、私有链,其中联盟链可以实现在一定范围内的的信息开放,对每一笔写入都记录在案,且通过加密算法保证了高度的信息安全性,适用于企业构建基于区块链的多机构贷款***。The blockchain is divided into public chain, alliance chain and private chain. Among them, the alliance chain can realize information opening within a certain range, record every write, and ensure a high degree of information security through encryption algorithm , which is suitable for enterprises to build a blockchain-based multi-agency loan system.
在实现本申请的过程中,发明人意识到现有的方法至少存在如下问题:在当今的大数据时代,用户对于个人隐私的关注度越来越高,区块链上的个人信息和交易数据属于高度敏感信息,未得到客户授权绝对不可查看使用,目前联盟链技术缺少在对交易数据进行鉴权的基础上又考虑隐私数据授权鉴权的相关解决方案,现迫切需要一种在保护用户隐私的同时又允许用户授权的机构查询链上敏感数据的方法。In the process of realizing this application, the inventor realizes that the existing methods have at least the following problems: in today's era of big data, users pay more and more attention to personal privacy, and the personal information and transaction data on the blockchain It is highly sensitive information and cannot be viewed and used without the authorization of the customer. At present, the alliance chain technology lacks relevant solutions that consider the authorization and authentication of private data on the basis of authenticating transaction data. There is an urgent need for a solution that protects user privacy. At the same time, it also allows user-authorized institutions to query the method of sensitive data on the chain.
技术问题technical problem
本申请实施例提供一种基于联盟链的多机构数据处理方法、装置、计算机设备及存储介质,以解决现有技术缺少在保护用户隐私的同时又允许用户授权的机构查询链上敏感数据的问题。The embodiments of the present application provide a multi-institution data processing method, device, computer equipment, and storage medium based on a consortium chain, so as to solve the problem that the existing technology lacks the protection of user privacy while allowing user-authorized institutions to query sensitive data on the chain .
技术解决方案technical solutions
一种基于联盟链的多机构数据处理方法,该方法应用于联盟链上的节点设备,该方法包括:A multi-organization data processing method based on the alliance chain, the method is applied to the node equipment on the alliance chain, and the method includes:
获取用户输入的序列码,该序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;Obtain the serial code input by the user, which is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
利用该联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;Use the smart contract pre-established by the alliance chain to determine whether the local node device meets the conditions for obtaining ciphertext;
若本端节点设备符合获取密文的条件,从该联盟链上获取该密文,该密文通过依据该序列码和预设的加密算法生成的原始秘钥对该历史数据进行加密得到,通过该第一合法节点对该历史数据进行加密得到该密文;If the local node device meets the conditions for obtaining the ciphertext, the ciphertext is obtained from the alliance chain, and the ciphertext is obtained by encrypting the historical data with the original key generated according to the sequence code and the preset encryption algorithm, and is obtained through The first legal node encrypts the historical data to obtain the ciphertext;
从该智能合约中获取该预设的加密算法;Obtain the preset encryption algorithm from the smart contract;
通过该加密算法对用户输入的该序列码进行加密得到该原始秘钥;The original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm;
通过该原始秘钥对该密文进行解密,得到该用户的历史数据。The ciphertext is decrypted by the original key to obtain the historical data of the user.
一种基于联盟链的多机构数据处理装置,包括:A multi-organization data processing device based on a consortium chain, comprising:
序列码获取模块,用于获取用户输入的序列码,该序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;The serial code acquisition module is used to obtain the serial code input by the user, and the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
判断模块,用于利用该联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;The judgment module is used to judge whether the device of the local node meets the conditions for obtaining the ciphertext by using the smart contract pre-established by the alliance chain;
密文获取模块,用于若本端节点设备符合获取密文的条件,从该联盟链上获取该密文,该密文通过依据该序列码和预设的加密算法生成的原始秘钥对该历史数据进行加密得到,通过该第一合法节点对该历史数据进行加密得到该密文;The ciphertext obtaining module is used to obtain the ciphertext from the alliance chain if the local node device meets the conditions for obtaining the ciphertext. The historical data is encrypted to obtain, and the ciphertext is obtained by encrypting the historical data through the first legal node;
加密算法获取模块,用于从该智能合约中获取该预设的加密算法;an encryption algorithm obtaining module, used to obtain the preset encryption algorithm from the smart contract;
加密模块,用于通过该加密算法对用户输入的该序列码进行加密得到该原始秘钥;An encryption module, used for encrypting the serial code input by the user through the encryption algorithm to obtain the original secret key;
解密模块,用于通过该原始秘钥对该密文进行解密,得到该用户的历史数据。The decryption module is used for decrypting the ciphertext through the original secret key to obtain the historical data of the user.
一种计算机设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现如下:基于联盟链的多机构数据处理方法的步骤:A computer device, comprising a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, when the processor executes the computer-readable instructions, the implementation is as follows: based on a consortium chain The steps of the multi-agency data processing method:
获取用户输入的序列码,所述序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;Obtain the serial code input by the user, the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;Use the smart contract pre-established by the alliance chain to determine whether the local node device meets the conditions for obtaining ciphertext;
若本端节点设备符合获取密文的条件,从所述联盟链上获取所述密文,所述密文通过依据所述序列码和预设的加密算法生成的原始秘钥对所述历史数据进行加密得到,通过所述第一合法节点对所述历史数据进行加密得到所述密文;If the local node device meets the conditions for obtaining the ciphertext, the ciphertext is obtained from the alliance chain, and the ciphertext is paired with the historical data through the original key generated according to the sequence code and the preset encryption algorithm. Obtained by encrypting, and encrypting the historical data by the first legal node to obtain the ciphertext;
从所述智能合约中获取所述预设的加密算法;Obtain the preset encryption algorithm from the smart contract;
通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥;The original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm;
通过所述原始秘钥对所述密文进行解密,得到所述用户的历史数据。Decrypt the ciphertext by using the original key to obtain historical data of the user.
一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,所述计算机可读指令被处理器执行时实现如下基于联盟链的多机构数据处理方法的步骤:A computer-readable storage medium, which stores computer-readable instructions, and when the computer-readable instructions are executed by a processor, implements the following steps of a multi-organization data processing method based on a consortium chain:
获取用户输入的序列码,所述序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;Obtain the serial code input by the user, the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;Use the smart contract pre-established by the alliance chain to determine whether the local node device meets the conditions for obtaining ciphertext;
若本端节点设备符合获取密文的条件,从所述联盟链上获取所述密文,所述密文通过依据所述序列码和预设的加密算法生成的原始秘钥对所述历史数据进行加密得到,通过所述第一合法节点对所述历史数据进行加密得到所述密文;If the local node device meets the conditions for obtaining the ciphertext, the ciphertext is obtained from the alliance chain, and the ciphertext is paired with the historical data through the original key generated according to the sequence code and the preset encryption algorithm. Obtained by encrypting, and encrypting the historical data by the first legal node to obtain the ciphertext;
从所述智能合约中获取所述预设的加密算法;Obtain the preset encryption algorithm from the smart contract;
通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥;The original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm;
通过所述原始秘钥对所述密文进行解密,得到所述用户的历史数据。Decrypt the ciphertext by using the original key to obtain historical data of the user.
有益效果beneficial effect
本申请提出的基于联盟链的多机构数据处理方法、装置、计算机设备及存储介质,本申请在保护用户隐私的同时又允许用户授权的机构查询链上敏感数据,实现用户的敏感数据在联盟链上的可信节点中共享。The multi-agency data processing method, device, computer equipment and storage medium based on the alliance chain proposed in this application, while protecting the privacy of the user, this application allows the user-authorized organization to query the sensitive data on the chain, so that the user's sensitive data can be stored in the alliance chain. shared among trusted nodes on the
附图说明Description of drawings
为了更清楚地说明本申请实施例的技术方案,下面将对本申请实施例的描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to illustrate the technical solutions of the embodiments of the present application more clearly, the following briefly introduces the drawings that are used in the description of the embodiments of the present application. Obviously, the drawings in the following description are only some embodiments of the present application. , for those of ordinary skill in the art, other drawings can also be obtained from these drawings without creative labor.
图1是本申请一实施例中基于联盟链的多机构数据处理方法的一应用环境示意图;1 is a schematic diagram of an application environment of a multi-organization data processing method based on a consortium chain in an embodiment of the present application;
图2是本申请一实施例中基于联盟链的多机构数据处理方法的一流程图;2 is a flowchart of a multi-organization data processing method based on a consortium chain in an embodiment of the present application;
图3是本申请一实施例图2中步骤S102的进一步一流程图;FIG. 3 is a further flowchart of step S102 in FIG. 2 according to an embodiment of the present application;
图4是本申请一实施例中基于联盟链的多机构数据处理装置的结构示意图;4 is a schematic structural diagram of a multi-organization data processing device based on a consortium chain in an embodiment of the present application;
图5是本申请一实施例中计算机设备的一示意图。FIG. 5 is a schematic diagram of a computer device in an embodiment of the present application.
具体实施方式Detailed ways
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, not all of the embodiments. Based on the embodiments in this application, all other embodiments obtained by those of ordinary skill in the art without creative work fall within the protection scope of this application.
图1是本申请一实施例中基于联盟链的多机构数据处理方法的一应用环境示意图,本申请提供的基于联盟链的多机构数据处理方法,可应用在如图1的应用环境中,其中,区块链由若干个相互间能够进行通信的节点组成,每个节点可以看做是一个块存储,各块存储用于保存数据,每一个数据节点之间都包含所有数据,所述块存储数据具备完整历史记录,可快速复原拓展,区域链分为公有链、私有链和联盟链,公有链是任何节点都是开放的,每个人都可以参与到这个区块链计算,而且任何人都可以下载获得完整区块链数据,私有链是有些区块链并不希望这个***任何人都可参与,不对外公开,适用于特定机构的内部数据管理与审计或开放测试等,联盟链是参与每个节点的权限都完全对等,大家在不需要完全互信的情况下就可以实现数据的可信交换,联盟链的各个节点通常有与之对应的实体机构组织,通过授权后才能加入与退出网络,在使用整个区块链备份***的过程中,需使用数字签字,数字签字设计一个哈希函数、发送者的公钥、发送者的私钥,区块链具备完整的分布式存储特性,其实是更加庞大的网络数据存储同时使用了“哈希算法”形式的数据结构保存基础数据。FIG. 1 is a schematic diagram of an application environment of a multi-organization data processing method based on a consortium chain in an embodiment of the present application. The multi-organization data processing method based on a consortium chain provided by the present application can be applied in the application environment as shown in FIG. 1 , wherein , the blockchain consists of several nodes that can communicate with each other, each node can be regarded as a block storage, each block storage is used to save data, and each data node contains all data, the block storage The data has a complete historical record and can be quickly recovered and expanded. The blockchain is divided into public chain, private chain and alliance chain. The public chain is open to any node, and everyone can participate in the calculation of this blockchain, and anyone can You can download and obtain complete blockchain data. Some blockchains do not want anyone to participate in the system, and are not open to the public. They are suitable for internal data management and auditing or open testing of specific institutions. The permissions of each node are completely equal, and everyone can realize the trusted exchange of data without complete mutual trust. Each node of the alliance chain usually has a corresponding entity organization, and can only join and exit after authorization. The network, in the process of using the entire blockchain backup system, needs to use a digital signature. The digital signature designs a hash function, the sender's public key, and the sender's private key. The blockchain has a complete distributed storage feature. In fact, a larger network data storage also uses a data structure in the form of a "hash algorithm" to store basic data.
图2是本申请一实施例中基于联盟链的多机构数据处理方法的一流程图,在一实施例中,如图2所示,提供一种基于联盟链的多机构数据处理方法,以该方法应用在图1中联盟链上的节点设备为例进行说明,包括如下步骤S101至S106。FIG. 2 is a flow chart of a multi-organization data processing method based on a consortium chain in an embodiment of the present application. In an embodiment, as shown in FIG. 2, a multi-organization data processing method based on a consortium chain is provided. The method is applied to the node device on the consortium chain in FIG. 1 as an example to illustrate, including the following steps S101 to S106.
S101、获取用户输入的序列码,该序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到。S101. Obtain a serial code input by a user, where the serial code is obtained by encrypting and transforming historical data input by a user by a first legal node on the alliance chain.
其中,该第一合法节点为所述联盟链上的节点,且该第一合法节点与所述节点设备不同。在一个使用场景中,例如用户张三先后找两家银行贷款,这两家银行处理贷款请求的设备部署在同一联盟链中,张三首次找的那家银行处理贷款请求的设备可以理解为本方案中的第一合法节点,张三找的第二家银行处理贷款请求的设备可以理解为本方案中的节点设备,如果张三后续再找第N家银行处理贷款请求,该第N家银行处理贷款请求的设备也可以理解为本案中的节点设备。Wherein, the first legal node is a node on the alliance chain, and the first legal node is different from the node device. In a usage scenario, for example, the user Zhang San seeks loans from two banks successively, and the equipment for processing loan requests from these two banks is deployed in the same alliance chain. The equipment for processing loan requests from the bank that Zhang San first found can be understood as this The first legal node in the scheme, the second bank that Zhang San finds to process loan requests can be understood as the node equipment in this scheme. If Zhang San finds the Nth bank to process the loan request, the Nth bank The device processing loan requests can also be understood as the node device in this case.
进一步地,该历史数据包括用户的姓名、身份证号码和/或贷款信息等信息。Further, the historical data includes information such as the user's name, ID number and/or loan information.
进一步地,该第一合法节点对用户输入的历史数据加密变换得到所述序列码的步骤包括:Further, the step of the first legal node encrypting and transforming the historical data input by the user to obtain the sequence code includes:
对所述历史数据进行加盐防彩虹表攻击处理,得到加密数据;Performing salting on the historical data to prevent rainbow table attacks to obtain encrypted data;
通过哈希算法生成所述加密数据的序列码;Generate a sequence code of the encrypted data by a hash algorithm;
将所述加密数据的序列码发送给用户。The serial code of the encrypted data is sent to the user.
其中,彩虹表(Rainbow Tables)是一个庞大的、针对各种可能的字母组合预先计算好的哈希值的集合,有了它可以快速的破解各类密码,通过MD5等算法对原始数据进行加盐加密可以防止加密后的原始数据被彩虹表攻击和破解。Among them, Rainbow Tables is a huge collection of pre-calculated hash values for various possible letter combinations. With it, various passwords can be quickly cracked, and the original data can be added through algorithms such as MD5. Salt encryption can prevent the encrypted raw data from being attacked and cracked by rainbow tables.
S102、利用该联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件。S102. Use the smart contract pre-established by the alliance chain to determine whether the device of the local node meets the conditions for obtaining the ciphertext.
根据本实施例的一个使用场景例如:用户张三先后找两家银行贷款,这两家银行处理贷款请求的设备均为同一联盟链中的合法节点,张三先找第一银行处理贷款请求,并得到了第一银行发送给张三的序列码,张三再找第二家银行贷款时,若智能合约中预设的触发节点为审批,当张三的贷款流程走到审批流程节点时,判断本端节点设备为所述联盟链的合法节点。According to a usage scenario of this embodiment, for example, the user Zhang San seeks loans from two banks successively, and the devices for processing loan requests by these two banks are all legal nodes in the same alliance chain. Zhang San first finds the first bank to process the loan request, and obtains After Zhang San received the serial code sent by the first bank to Zhang San, when Zhang San asked the second bank for a loan, if the preset trigger node in the smart contract was approval, when Zhang San's loan process reached the approval process node, he would judge this The end node device is the legal node of the alliance chain.
图3是本申请一实施例图2中步骤S102的进一步一流程图,如图3所示,该步骤S102进一步包括以下步骤S301至S302。FIG. 3 is a further flowchart of step S102 in FIG. 2 according to an embodiment of the present application. As shown in FIG. 3 , this step S102 further includes the following steps S301 to S302 .
S301、获取该本端节点设备的CA(Certification Authority)证书;S301. Obtain the CA (Certification Authority) certificate of the local node device;
S302、根据该本端节点设备的CA证书判断该本端节点设备是否已向该联盟链的中心节点注册,若是,则判断该本端节点设备为该联盟链的合法节点。S302. Determine whether the local node device has registered with the central node of the alliance chain according to the CA certificate of the local node device, and if so, determine that the local node device is a legal node of the alliance chain.
CA是证书的签发机构,是负责签发证书、认证证书、管理已颁发证书的机关。CA证书原理是在用户公钥后附加了用户信息及CA的签名。公钥是密钥对的一部分,另一部分是私钥。公钥公之于众,谁都可以使用。私钥只有自己知道。由公钥加密的信息只能由与之相对应的私钥解密。为确保只有某个人才能阅读自己的消息,发送者要用收件人的公钥加密消息;收件人便可用自己的私钥解密消息。同样,为证实发件人的身份,发送者要用自己的私钥对消息进行签名;收件人可使用发送者的公钥对签名进行验证,以确认发送者的身份。 The CA is the issuing authority of the certificate, and it is the authority responsible for issuing certificates, certifying certificates, and managing the issued certificates. The principle of CA certificate is to append user information and CA's signature to the user's public key. The public key is one part of the key pair and the other part is the private key. The public key is made public and anyone can use it. Only you know the private key. Information encrypted by the public key can only be decrypted by the corresponding private key. To ensure that only one person can read their message, the sender encrypts the message with the recipient's public key; the recipient can decrypt the message with their own private key. Likewise, to verify the sender's identity, the sender signs the message with his private key; the recipient can verify the sender's identity by verifying the signature with the sender's public key.
进一步地,该步骤S102进一步还包括以下步骤S303至S305。Further, this step S102 further includes the following steps S303 to S305.
S303、获取用户触发的业务流程节点。S303. Acquire a business process node triggered by the user.
S304、从该智能合约中获取预设的触发节点。S304. Obtain a preset trigger node from the smart contract.
在其中一个实施例中,该触发节点例如用户触发贷款审批的节点。In one embodiment, the trigger node is, for example, the node where the user triggers the loan approval.
S305、当该业务流程节点与该触发节点相同时,判断该本端节点设备符合获取密文的条件。S305. When the service process node is the same as the trigger node, determine that the local node device meets the conditions for obtaining the ciphertext.
在该实施例中,该联盟链预先制定的智能合约约定了获取密文的条件包括本端节点设备是该联盟链中注册过的合法节点,另一方面还要求用户触发的业务流程节点为智能合约中约定的触发节点。In this embodiment, the pre-established smart contract of the alliance chain stipulates that the conditions for obtaining the ciphertext include that the local node device is a legal node registered in the alliance chain, and on the other hand, the business process node triggered by the user is required to be intelligent The trigger node agreed in the contract.
在其中一个实施例中,该智能合约中获取预设的触发节点例如用户提交贷款申请的结点。In one embodiment, a preset trigger node, such as a node where a user submits a loan application, is obtained in the smart contract.
S103、若本端节点设备符合获取密文的条件,从该联盟链上获取该密文,该密文通过依据该序列码和预设的加密算法生成的原始秘钥对该历史数据进行加密得到,通过该第一合法节点对该历史数据进行加密得到该密文。S103. If the local node device meets the conditions for obtaining the ciphertext, obtain the ciphertext from the alliance chain, and the ciphertext is obtained by encrypting the historical data with the original key generated according to the serial code and a preset encryption algorithm , the ciphertext is obtained by encrypting the historical data by the first legal node.
在其中一个实施例中,所述预设的加密算法包括但不限于AES(Advanced Encryption Standard)高级加密标准算法、RSA算法或AES高级加密标准算法和RSA算法的组合。In one embodiment, the preset encryption algorithm includes but is not limited to AES (Advanced Encryption Standard) Advanced Encryption Standard algorithm, RSA algorithm or a combination of AES Advanced Encryption Standard algorithm and RSA algorithm.
在其中一个实施例中,该预设的加密算法包括AES高级加密标准算法,该步骤S103进一步包括:In one embodiment, the preset encryption algorithm includes the AES Advanced Encryption Standard algorithm, and the step S103 further includes:
通过AES高级加密标准算法对用户输入的该序列码进行加密,得到该原始秘钥。The serial code input by the user is encrypted by the AES advanced encryption standard algorithm to obtain the original secret key.
在其他实施例中,该预设的加密算法包括RSA算法,该步骤S103进一步包括:In other embodiments, the preset encryption algorithm includes RSA algorithm, and step S103 further includes:
通过RSA算法对用户输入的该序列码进行加密,得到该原始秘钥。The serial code input by the user is encrypted by the RSA algorithm to obtain the original secret key.
在其他实施例中,还可以通过AES高级加密标准算法结合RSA算法对用户输入的该序列码进行加密,得到该原始秘钥。In other embodiments, the serial code input by the user may also be encrypted by using the AES advanced encryption standard algorithm combined with the RSA algorithm to obtain the original secret key.
应当理解的是,该步骤中第一合法节点依据该序列码和预设的加密算法生成的原始秘钥仅存储在该第一合法节点中,该第一合法节点得到的原始秘钥可以理解为私钥,该第一合法节点仅需要将用于生成该原始秘钥的序列码发送给用户,通过该原始秘钥生成该序列码的预设算法是保存在联盟链中的,本端节点设备只有在符合获取密文的条件时,才能够进行下面的步骤从联盟链中获取该预设算法。It should be understood that in this step, the original key generated by the first legal node according to the sequence code and the preset encryption algorithm is only stored in the first legal node, and the original key obtained by the first legal node can be understood as Private key, the first legal node only needs to send the serial code used to generate the original secret key to the user, the preset algorithm for generating the serial code through the original secret key is stored in the alliance chain, and the local node device Only when the conditions for obtaining ciphertext are met, the following steps can be performed to obtain the preset algorithm from the alliance chain.
S104、从该智能合约中获取该预设的加密算法。S104. Obtain the preset encryption algorithm from the smart contract.
在其中一个实施例中,获取的所述预设的加密算法与上述步骤S103中预设的加密算法相同。In one embodiment, the obtained preset encryption algorithm is the same as the preset encryption algorithm in the foregoing step S103.
S105、通过该加密算法对用户输入的该序列码进行加密得到该原始秘钥。S105: Encrypt the serial code input by the user through the encryption algorithm to obtain the original secret key.
进一步地,该步骤S105具体包括:Further, this step S105 specifically includes:
通过AES高级加密标准算法对用户输入的所述序列码进行加密,得到所述原始秘钥。The serial code input by the user is encrypted by the AES advanced encryption standard algorithm to obtain the original secret key.
在其他实施例中,该步骤S105还包括:In other embodiments, the step S105 further includes:
通过RSA算法对用户输入的所述序列码进行加密,得到所述原始秘钥。The serial code input by the user is encrypted by the RSA algorithm to obtain the original secret key.
在其他实施例中,还可以通过AES高级加密标准算法结合RSA算法对用户输入的该序列码进行加密,得到该原始秘钥。In other embodiments, the serial code input by the user may also be encrypted by using the AES advanced encryption standard algorithm combined with the RSA algorithm to obtain the original secret key.
S106、通过该原始秘钥对该密文进行解密,得到该用户的历史数据。S106: Decrypt the ciphertext by using the original key to obtain historical data of the user.
可以理解的是,用户向本端节点设备提供序列码的过程是其中一个能够通过密文得到历史数据的条件。需要符合智能合约中的其它约定,本端节点设备才可获取密文及通过序列码得到原始秘钥的预设算法,AES高级加密标准可以是其中可行的一种,具体是哪一种算法需要授权后从链上获取。获取密文及通过序列码得到原始秘钥的预设算法的前提条件是:本端节点设备合法(CA证书)以及在本端节点设备上的业务流程为合约中约定的触发流程,例如用户触发贷款流程。It can be understood that the process of the user providing the serial code to the local node device is one of the conditions for obtaining historical data through ciphertext. It is necessary to comply with other agreements in the smart contract, so that the local node device can obtain the ciphertext and obtain the original secret key through the serial code. Obtained from the chain after authorization. The preconditions of the preset algorithm for obtaining the ciphertext and obtaining the original key through the serial code are: the local node device is legal (CA certificate) and the business process on the local node device is the trigger process agreed in the contract, such as user triggering loan process.
本案的关键还在于该序列码的流转,本案中是序列码属于历史数据和原始秘钥的中间产物,对原始数据进行加密处理(可以是MD5加密)得到序列码,对序列码再进行预设方式的加密处理,具体的加密方式可以是AES算法也可以是其他加密算法,具体用什么算法只有鉴权通过的节点设备从链上获取得知,得到的原始秘钥对历史数据进行加密得到密文,其中,该原始秘钥在生成时只有第一合法节点知道,该原始秘钥可以理解为常规意义的私钥,得到密文后将密文存储在区块链中,本端节点设备在得到序列码时还需要从合约中获取通过该序列码生成原始秘钥(私钥)的预设算法,才能得到该原始秘钥(私钥),本案鉴权的目的除了得到密文还包括得到通过序列码得到原始秘钥的方法。The key to this case is the circulation of the serial code. In this case, the serial code belongs to the intermediate product of the historical data and the original secret key. The original data is encrypted (which can be MD5 encryption) to obtain the serial code, and then the serial code is preset. The specific encryption method can be the AES algorithm or other encryption algorithms. The specific algorithm can only be obtained from the chain by the node device that has passed the authentication. The obtained original key is used to encrypt the historical data to obtain the secret key. The original secret key is only known by the first legal node when it is generated, and the original secret key can be understood as a private key in the conventional sense. After obtaining the ciphertext, the ciphertext is stored in the blockchain, and the local node device is When obtaining the serial code, it is also necessary to obtain the preset algorithm for generating the original secret key (private key) through the serial code from the contract, in order to obtain the original secret key (private key). The method of obtaining the original secret key through the serial code.
根据本实施例的一个使用场景例如: According to a usage scenario of this embodiment, for example:
用户第一次向bank_1申请贷款,银行调查审批通过后,基于客户的基本信息(如姓名+身份证+贷款信息等)并加盐防彩虹表攻击后,通过哈希算法生成客户专属序列码C1,将序列码C1提供给客户保存;The user applies for a loan to bank_1 for the first time. After the bank's investigation and approval is approved, based on the customer's basic information (such as name + ID + loan information, etc.) and adding salt to prevent rainbow table attacks, the customer-specific serial code C1 is generated through a hash algorithm. , and provide the serial code C1 to the customer to save;
bank_1根据联盟约定的加密方法对序列码C1进行加密生成C2作为AES算法加密密钥,加密用户的个人信息和贷款信息后生成密文M1,再将M1基于联盟链的共识机制记录到联盟链中,完成上链;bank_1 encrypts the serial code C1 according to the encryption method agreed by the alliance to generate C2 as the encryption key of the AES algorithm. After encrypting the user's personal information and loan information, the ciphertext M1 is generated, and then M1 is recorded in the alliance chain based on the consensus mechanism of the alliance chain. , complete the chain;
用户再次向bank_2申请贷款,签署授权书并提供序列码C1,bank_2创建订单记录;bank_2根据客户是否提供序列码判断该客户在联盟链各银行中是否存在历史订单,获取序列码C1的过程就是客户对自己的贷款数据授权的过程,bank_2根据事先约定的独特的密钥生成方法通过序列码C1生成C2’;The user applies for a loan from bank_2 again, signs the authorization letter and provides the serial code C1, and bank_2 creates an order record; bank_2 judges whether the customer has historical orders in the banks of the alliance chain according to whether the customer provides the serial code, and the process of obtaining the serial code C1 is the customer In the process of authorizing its own loan data, bank_2 generates C2' through serial code C1 according to the unique key generation method agreed in advance;
bank_2发起查询客户贷款信息M1的请求,触发智能合约的执行,智能合约的编写逻辑中包含对bank_2节点的权限验证,它通过验证bank_2的CA证书确定该节点是否为联盟链的合法节点,以及bank_2是否创建了一笔用户的订单且该订单状态进行到调查审批节点,以证明客户对bank_2有真实贷款需求,存在符合条件的订单则权限验证通过,成功发起查询请求。bank_2 initiates a request to query customer loan information M1, which triggers the execution of the smart contract. The writing logic of the smart contract includes permission verification for the bank_2 node. It determines whether the node is a legitimate node of the alliance chain by verifying the CA certificate of bank_2, and bank_2 Whether a user's order has been created and the order status has gone to the investigation and approval node to prove that the customer has a real loan demand for bank_2, and if there is an order that meets the conditions, the permission verification is passed, and the query request is successfully initiated.
其中,AES算法为对称加密算法,同一个序列码C1经过约定的算法变换得到的C2’与加密密钥C2是一致的,所以使用C2’能够成功解密M1,bank_2对M1进行信息提取采集到所需的风控数据,而后根据风控规则自行判断是否符合贷款条件。Among them, the AES algorithm is a symmetric encryption algorithm, and the C2' obtained from the same sequence code C1 through the agreed algorithm transformation is consistent with the encryption key C2, so the use of C2' can successfully decrypt M1, and bank_2 extracts information from M1 and collects all The required risk control data, and then according to the risk control rules to determine whether they meet the loan conditions.
本方案使得若客户序列码C1不慎泄露,被联盟链外的机构获取,该机构没有中心节点颁发的CA证书无法通过智能合约的节点合法校验,信息安全;若客户序列码C1被联盟链内的机构获取,客户不向该机构申请贷款,机构也无法创建订单并将订单流转至调查状态,无法通过智能合约的权限校验,信息安全;若客户已向联盟内机构申请贷款,但无法提供序列码,机构可以通过智能合约的校验,却无法对密文信息解密,信息也是安全的。This solution makes it possible that if the customer serial code C1 is accidentally leaked and obtained by an organization outside the alliance chain, the organization does not have the CA certificate issued by the central node and cannot pass the legal verification of the smart contract node, and the information is safe; if the customer serial code C1 is obtained by the alliance chain If the customer does not apply for a loan to the institution, the institution cannot create an order and transfer the order to the investigation state, and it cannot pass the permission verification of the smart contract, and the information is safe; if the customer has applied for a loan to the institution in the alliance, but cannot Provided the serial code, the organization can pass the verification of the smart contract, but cannot decrypt the ciphertext information, and the information is also safe.
本方案关注区块链中多机构贷款场景的客户数据授权鉴权,利用授权书+序列码的方式解决了获取用户隐私敏感信息的授权问题,利用智能合约校验+密钥提供了链上数据查询鉴权问题的解决方案,确保在用户有贷款需求且明确授权内容时,机构才能获取客户敏感数据。另一方面,AES算法是当前最流行的对称加密算法,本方案中AES的密钥并不直接传递,而是在加密方和解密方各自对同一个序列码中的字符串进行处理,降低密钥在传输过程中被窃听盗取的风险,进一步保障数据安全。关注并保障客户的隐私信息,能够帮助公司提高企业形象,提升客户对联盟链贷款的参与意向,实现共赢。This solution focuses on the authorization and authentication of customer data in the multi-agency loan scenario in the blockchain. It uses the authorization letter + serial code to solve the authorization problem of obtaining user privacy and sensitive information, and uses the smart contract verification + key to provide the data on the chain. Query the solution to the authentication problem to ensure that the institution can obtain sensitive customer data only when the user has a loan demand and the authorization content is clear. On the other hand, the AES algorithm is currently the most popular symmetric encryption algorithm. In this scheme, the key of AES is not directly transmitted, but the encryption and decryption parties respectively process the strings in the same sequence code to reduce the encryption. The risk of the key being eavesdropped and stolen during the transmission process further ensures data security. Paying attention to and protecting the private information of customers can help the company to improve its corporate image, enhance customers' intention to participate in alliance chain loans, and achieve a win-win situation.
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。It should be understood that the size of the sequence numbers of the steps in the above embodiments does not mean the sequence of execution, and the execution sequence of each process should be determined by its function and internal logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
在一实施例中,提供一种基于联盟链的多机构数据处理装置,该基于联盟链的多机构数据处理装置与上述实施例中基于联盟链的多机构数据处理方法一一对应。如图4所示,该基于联盟链的多机构数据处理装置100包括序列码获取模块11、判断模块12、密文获取模块13、加密算法获取模块14、加密模块15和解密模块16。各功能模块详细说明如下:In one embodiment, a consortium chain-based multi-institution data processing apparatus is provided, and the consortium chain-based multi-institution data processing apparatus corresponds to the consortium chain-based multi-institution data processing method in the above embodiment. As shown in FIG. 4 , the multi-organization data processing device 100 based on the alliance chain includes a serial code acquisition module 11 , a judgment module 12 , a ciphertext acquisition module 13 , an encryption algorithm acquisition module 14 , an encryption module 15 and a decryption module 16 . The detailed description of each functional module is as follows:
序列码获取模块11,用于获取用户输入的序列码,该序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;The serial code obtaining module 11 is used to obtain the serial code input by the user, and the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
判断模块12,用于利用该联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;The judgment module 12 is used for judging whether the local node device meets the conditions for obtaining the ciphertext by using the smart contract pre-established by the alliance chain;
密文获取模块13,用于若本端节点设备符合获取密文的条件,从该联盟链上获取该密文,该密文通过依据该序列码和预设的加密算法生成的原始秘钥对该历史数据进行加密得到,通过该第一合法节点对该历史数据进行加密得到该密文;The ciphertext obtaining module 13 is used to obtain the ciphertext from the alliance chain if the local node device meets the conditions for obtaining the ciphertext, and the ciphertext passes through the original key pair generated according to the sequence code and the preset encryption algorithm The historical data is obtained by encrypting, and the ciphertext is obtained by encrypting the historical data by the first legal node;
加密算法获取模块14,用于从该智能合约中获取该预设的加密算法;an encryption algorithm obtaining module 14, configured to obtain the preset encryption algorithm from the smart contract;
加密模块15,用于通过该加密算法对用户输入的该序列码进行加密得到该原始秘钥;The encryption module 15 is used for encrypting the serial code input by the user through the encryption algorithm to obtain the original secret key;
解密模块16,用于通过该原始秘钥对该密文进行解密,得到该用户的历史数据。The decryption module 16 is used for decrypting the ciphertext through the original secret key to obtain the historical data of the user.
其中,该历史数据包括用户的姓名、身份证号码和/或贷款信息。Wherein, the historical data includes the user's name, ID number and/or loan information.
在其中一个实施例中,该判断模块具体包括:In one embodiment, the judging module specifically includes:
证书获取单元,用于获取该本端节点设备的CA证书;The certificate obtaining unit is used to obtain the CA certificate of the local node device;
第一判断单元,用于根据该本端节点设备的CA证书判断该本端节点设备是否已向该联盟链的中心节点注册,若是,则判断该本端节点设备为该联盟链的合法节点;a first judging unit, configured to judge whether the local node device has been registered with the central node of the alliance chain according to the CA certificate of the local node device, and if so, determine that the local node device is a legal node of the alliance chain;
业务流程节点获取单元,用于获取用户触发的业务流程节点;a business process node acquiring unit, used to acquire the business process node triggered by the user;
触发节点获取单元,用于从该智能合约中获取预设的触发节点;a trigger node obtaining unit, used to obtain a preset trigger node from the smart contract;
第二判断单元,用于当该业务流程节点与该触发节点相同时,判断该本端节点设备符合获取密文的条件。The second judging unit is used for judging that the local node device meets the conditions for obtaining the ciphertext when the service process node is the same as the triggering node.
进一步地,该预设的加密算法包括AES高级加密标准算法,该加密模块15具体用于通过AES高级加密标准算法对用户输入的该序列码进行加密,得到该原始秘钥。Further, the preset encryption algorithm includes the AES advanced encryption standard algorithm, and the encryption module 15 is specifically configured to encrypt the serial code input by the user through the AES advanced encryption standard algorithm to obtain the original secret key.
在其它实施例中,该预设的加密算法包括RSA算法,该加密模块15具体用于通过RSA算法对用户输入的该序列码进行加密,得到该原始秘钥。In other embodiments, the preset encryption algorithm includes an RSA algorithm, and the encryption module 15 is specifically configured to encrypt the serial code input by the user through the RSA algorithm to obtain the original secret key.
其中上述模块/单元中的“第一”和“第二”的意义仅在于将不同的模块/单元加以区分,并不用于限定哪个模块/单元的优先级更高或者其它的限定意义。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或模块的过程、方法、***、产品或设备不必限于清楚地列出的那些步骤或模块,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或模块,本申请中所出现的模块的划分,仅仅是一种逻辑上的划分,实际应用中实现时可以有另外的划分方式。The meanings of "first" and "second" in the above modules/units are only to distinguish different modules/units, and are not used to define which module/unit has a higher priority or other limiting meanings. Furthermore, the terms "comprising" and "having", and any variations thereof, are intended to cover non-exclusive inclusion, for example, a process, method, system, product or device comprising a series of steps or modules is not necessarily limited to those expressly listed Those steps or modules, but may include other steps or modules not explicitly listed or inherent to these processes, methods, products or devices, the division of modules appearing in this application is only a logical division , and there may be other division methods when implementing in practical applications.
关于基于联盟链的多机构数据处理装置的具体限定可以参见上文中对于基于联盟链的多机构数据处理方法的限定,在此不再赘述。上述基于联盟链的多机构数据处理装置中的各个模块可全部或部分通过软件、硬件及其组合来实现。上述各模块可以硬件形式内嵌于或独立于计算机设备中的处理器中,也可以以软件形式存储于计算机设备中的存储器中,以便于处理器调用执行以上各个模块对应的操作。For the specific limitation of the multi-organization data processing apparatus based on the consortium chain, please refer to the above definition of the multi-organization data processing method based on the consortium chain, which will not be repeated here. Each module in the above-mentioned consortium chain-based multi-organization data processing device may be implemented in whole or in part by software, hardware and combinations thereof. The above modules can be embedded in or independent of the processor in the computer device in the form of hardware, or stored in the memory in the computer device in the form of software, so that the processor can call and execute the operations corresponding to the above modules.
在一个实施例中,提供了一种计算机设备,该计算机设备可以是终端,其内部结构图可以如图5所示。该计算机设备包括通过***总线连接的处理器、存储器、网络接口、显示屏和输入装置。其中,该计算机设备的处理器用于提供计算和控制能力。该计算机设备的存储器包括非易失性存储介质、内存储器。该非易失性存储介质存储有操作***和计算机可读指令。该内存储器为非易失性存储介质中的操作***和计算机可读指令的运行提供环境。该计算机设备的网络接口用于与联盟链中其它节点设备通过网络连接通信。该计算机可读指令被处理器执行时以实现一种基于联盟链的多机构数据处理方法。In one embodiment, a computer device is provided, and the computer device may be a terminal, and its internal structure diagram may be as shown in FIG. 5 . The computer equipment includes a processor, memory, a network interface, a display screen, and an input device connected by a system bus. Among them, the processor of the computer device is used to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium, an internal memory. The non-volatile storage medium stores an operating system and computer-readable instructions. The internal memory provides an environment for the execution of the operating system and computer-readable instructions in the non-volatile storage medium. The network interface of the computer device is used to communicate with other node devices in the alliance chain through a network connection. The computer-readable instructions, when executed by the processor, implement a multi-organization data processing method based on a consortium chain.
在一个实施例中,提供了一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机可读指令,处理器执行计算机可读指令时实现上述实施例中基于联盟链的多机构数据处理方法的步骤,例如图2所示的步骤101至步骤106及该方法的其它扩展和相关步骤的延伸。或者,处理器执行计算机可读指令时实现上述实施例中基于联盟链的多机构数据处理装置的各模块/单元的功能,例如图4所示模块11至模块16的功能。为避免重复,这里不再赘述。In one embodiment, a computer device is provided, which includes a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor. When the processor executes the computer-readable instructions, the The steps of the multi-organization data processing method of the consortium chain, for example, steps 101 to 106 shown in FIG. 2 and other extensions of the method and extensions of related steps. Alternatively, when the processor executes the computer-readable instructions, the functions of each module/unit of the multi-organization data processing apparatus based on the alliance chain in the above-mentioned embodiments are implemented, for example, the functions of modules 11 to 16 shown in FIG. 4 . In order to avoid repetition, details are not repeated here.
所述处理器可以是中央处理单元(Central Processing Unit,CPU),还可以是其他通用处理器、数字信号处理器 (Digital Signal Processor,DSP)、专用集成电路 (Application Specific Integrated Circuit,ASIC)、现成可编程门阵列 (Field-Programmable Gate Array,FPGA) 或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等,所述处理器是所述计算机装置的控制中心,利用各种接口和线路连接整个计算机装置的各个部分。The processor may be a central processing unit (Central Processing Unit, CPU), and may also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), Application Specific Integrated Circuit (ASIC), Off-the-shelf Programmable Gate Array (Field-Programmable Gate Array, FPGA) Or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor can be a microprocessor or the processor can also be any conventional processor, etc. The processor is the control center of the computer device, and uses various interfaces and lines to connect various parts of the entire computer device.
所述存储器可用于存储所述计算机可读指令和/或模块,所述处理器通过运行或执行存储在所述存储器内的计算机可读指令和/或模块,以及调用存储在存储器内的数据,实现所述计算机装置的各种功能。所述存储器可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作***、至少一个功能所需的应用程序(比如声音播放功能、图像播放功能等)等;存储数据区可存储根据手机的使用所创建的数据(比如音频数据、视频数据等)等。The memory may be used to store the computer-readable instructions and/or modules, and the processor may execute or execute the computer-readable instructions and/or modules stored in the memory and recall the data stored in the memory, Various functions of the computer device are implemented. The memory may mainly include a stored program area and a stored data area, wherein the stored program area may store an operating system, an application program required for at least one function (such as a sound playback function, an image playback function, etc.), etc.; the storage data area may store Data created according to the usage of the mobile phone (such as audio data, video data, etc.), etc.
所述存储器可以集成在所述处理器中,也可以与所述处理器分开设置。The memory may be integrated in the processor, or may be provided separately from the processor.
在一个实施例中,提供了一种计算机可读存储介质,其上存储有计算机可读指令,该计算机可读存储介质可以是非易失性,也可以是易失性,计算机可读指令被处理器执行时实现上述实施例中基于联盟链的多机构数据处理方法的步骤,例如图2所示的步骤101至步骤106及该方法的其它扩展和相关步骤的延伸。或者,计算机可读指令被处理器执行时实现上述实施例中基于联盟链的多机构数据处理装置的各模块/单元的功能,例如图4所示模块11至模块16的功能。为避免重复,这里不再赘述。In one embodiment, a computer-readable storage medium is provided having computer-readable instructions stored thereon, the computer-readable storage medium may be non-volatile or volatile, and the computer-readable instructions are processed The steps of implementing the multi-organization data processing method based on the consortium chain in the above embodiment when the server is executed, such as steps 101 to 106 shown in FIG. 2 and other extensions of the method and extensions of related steps. Alternatively, when the computer-readable instructions are executed by the processor, the functions of each module/unit of the multi-organization data processing apparatus based on the consortium chain in the above-mentioned embodiment are implemented, for example, the functions of modules 11 to 16 shown in FIG. 4 . In order to avoid repetition, details are not repeated here.
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机可读指令来指令相关的硬件来完成,所述的计算机可读指令可存储于一非易失性计算机可读取存储介质中,该计算机可读指令在执行时,可包括如上述各方法的实施例的流程。其中,本申请所提供的各实施例中所使用的对存储器、存储、数据库或其它介质的任何引用,均可包括非易失性和/或易失性存储器。非易失性存储器可包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM)或者外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双数据率SDRAM(DDRSDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synchlink) DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)等。Those of ordinary skill in the art can understand that all or part of the processes in the methods of the above embodiments can be implemented by instructing the relevant hardware through computer-readable instructions, and the computer-readable instructions can be stored in a non-volatile computer. In the readable storage medium, the computer-readable instructions, when executed, may include the processes of the foregoing method embodiments. Wherein, any reference to memory, storage, database or other medium used in the various embodiments provided in this application may include non-volatile and/or volatile memory. Nonvolatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory. Volatile memory may include random access memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in various forms such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Road (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM) and so on.
以上所述实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围,均应包含在本申请的保护范围之内。The above-mentioned embodiments are only used to illustrate the technical solutions of the present application, but not to limit them; although the present application has been described in detail with reference to the above-mentioned embodiments, those of ordinary skill in the art should understand that: it can still be used for the above-mentioned implementations. The technical solutions described in the examples are modified, or some technical features thereof are equivalently replaced; and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the spirit and scope of the technical solutions in the embodiments of the application, and should be included in the within the scope of protection of this application.

Claims (20)

  1. 一种基于联盟链的多机构数据处理方法,其中,所述方法应用于联盟链上的节点设备,所述方法包括: A multi-organization data processing method based on a consortium chain, wherein the method is applied to a node device on the consortium chain, and the method includes:
    获取用户输入的序列码,所述序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;Obtain the serial code input by the user, the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
    利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;Use the smart contract pre-established by the alliance chain to determine whether the local node device meets the conditions for obtaining ciphertext;
    若本端节点设备符合获取密文的条件,从所述联盟链上获取所述密文,所述密文通过依据所述序列码和预设的加密算法生成的原始秘钥对所述历史数据进行加密得到,通过所述第一合法节点对所述历史数据进行加密得到所述密文;If the local node device meets the conditions for obtaining the ciphertext, the ciphertext is obtained from the alliance chain, and the ciphertext is paired with the historical data through the original key generated according to the sequence code and the preset encryption algorithm. Obtained by encrypting, and encrypting the historical data by the first legal node to obtain the ciphertext;
    从所述智能合约中获取所述预设的加密算法;Obtain the preset encryption algorithm from the smart contract;
    通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥;The original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm;
    通过所述原始秘钥对所述密文进行解密,得到所述用户的历史数据。Decrypt the ciphertext by using the original key to obtain historical data of the user.
  2. 根据权利要求1所述基于联盟链的多机构数据处理方法,其中,所述利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件的步骤包括: The multi-organization data processing method based on the consortium chain according to claim 1, wherein the step of judging whether the local node device meets the conditions for obtaining ciphertext by using the smart contract pre-established by the consortium chain comprises:
    获取所述本端节点设备的CA证书;Obtain the CA certificate of the local node device;
    根据所述本端节点设备的CA证书判断所述本端节点设备是否已向所述联盟链的中心节点注册,若是,则判断所述本端节点设备为所述联盟链的合法节点。According to the CA certificate of the local node device, it is determined whether the local node device has registered with the central node of the consortium chain, and if so, it is determined that the local node device is a legal node of the consortium chain.
  3. 根据权利要求2所述基于联盟链的多机构数据处理方法,其中,在所述判断所述本端节点设备为所述联盟链的合法节点的步骤之后,还包括: The multi-organization data processing method based on the consortium chain according to claim 2, wherein after the step of judging that the local node device is a legal node of the consortium chain, the method further comprises:
    获取用户触发的业务流程节点;Get the business process node triggered by the user;
    从所述智能合约中获取预设的触发节点;Obtain a preset trigger node from the smart contract;
    当所述业务流程节点与所述触发节点相同时,判断所述本端节点设备符合获取密文的条件。When the service process node is the same as the trigger node, it is determined that the local node device meets the conditions for obtaining the ciphertext.
  4. 根据权利要求1所述基于联盟链的多机构数据处理方法,其中,所述预设的加密算法包括AES高级加密标准算法,所述通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥的步骤包括: The method for multi-organization data processing based on consortium chain according to claim 1, wherein the preset encryption algorithm includes AES Advanced Encryption Standard algorithm, and the encryption algorithm is used to encrypt the serial code input by the user to obtain The steps of the original key include:
    通过AES高级加密标准算法对用户输入的所述序列码进行加密,得到所述原始秘钥。The serial code input by the user is encrypted by the AES advanced encryption standard algorithm to obtain the original secret key.
  5. 根据权利要求1所述基于联盟链的多机构数据处理方法,其中,所述预设的加密算法包括RSA算法,所述通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥的步骤包括: The method for multi-organization data processing based on consortium chain according to claim 1, wherein the preset encryption algorithm includes an RSA algorithm, and the original encryption algorithm is used to encrypt the serial code input by the user to obtain the original Key steps include:
    通过RSA算法对用户输入的所述序列码进行加密,得到所述原始秘钥。The serial code input by the user is encrypted by the RSA algorithm to obtain the original secret key.
  6. 根据权利要求1所述基于联盟链的多机构数据处理方法,其中,所述历史数据包括用户的姓名、身份证号码和/或贷款信息。 The method for multi-institution data processing based on consortium chain according to claim 1, wherein the historical data includes the user's name, ID number and/or loan information.
  7. 一种基于联盟链的多机构数据处理装置,其中,包括: A multi-organization data processing device based on a consortium chain, comprising:
    序列码获取模块,用于获取用户输入的序列码,所述序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;a serial code acquisition module, used to obtain the serial code input by the user, the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
    判断模块,用于利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;a judgment module, used for judging whether the local node device meets the conditions for obtaining ciphertext by using the smart contract pre-established by the alliance chain;
    密文获取模块,用于若本端节点设备符合获取密文的条件,从所述联盟链上获取所述密文,所述密文通过依据所述序列码和预设的加密算法生成的原始秘钥对所述历史数据进行加密得到,通过所述第一合法节点对所述历史数据进行加密得到所述密文;The ciphertext obtaining module is used to obtain the ciphertext from the alliance chain if the local node device meets the conditions for obtaining the ciphertext. The secret key is obtained by encrypting the historical data, and the ciphertext is obtained by encrypting the historical data by the first legal node;
    加密算法获取模块,用于从所述智能合约中获取所述预设的加密算法;an encryption algorithm obtaining module, used for obtaining the preset encryption algorithm from the smart contract;
    加密模块,用于通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥;an encryption module, configured to encrypt the serial code input by the user through the encryption algorithm to obtain the original secret key;
    解密模块,用于通过所述原始秘钥对所述密文进行解密,得到所述用户的历史数据。A decryption module, configured to decrypt the ciphertext by using the original key to obtain historical data of the user.
  8. 根据权利要求7所述的基于联盟链的多机构数据处理装置,其中,所述判断模块具体包括: The multi-organization data processing device based on the alliance chain according to claim 7, wherein the judgment module specifically includes:
    证书获取单元,用于获取所述本端节点设备的CA证书;a certificate obtaining unit, used to obtain the CA certificate of the local node device;
    第一判断单元,用于根据所述本端节点设备的CA证书判断所述本端节点设备是否已向所述联盟链的中心节点注册,若是,则判断所述本端节点设备为所述联盟链的合法节点;a first judging unit, configured to judge whether the local node device has registered with the central node of the consortium chain according to the CA certificate of the local node device, and if so, judge that the local node device is the consortium legitimate nodes of the chain;
    业务流程节点获取单元,用于获取用户触发的业务流程节点;a business process node acquiring unit, used to acquire the business process node triggered by the user;
    触发节点获取单元,用于从所述智能合约中获取预设的触发节点;a trigger node obtaining unit, used for obtaining a preset trigger node from the smart contract;
    第二判断单元,用于当所述业务流程节点与所述触发节点相同时,判断所述本端节点设备符合获取密文的条件。A second judging unit, configured to judge that the local node device meets the conditions for obtaining the ciphertext when the service process node is the same as the triggering node.
  9. 一种计算机设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,其中,所述处理器执行所述计算机可读指令时实现如下基于联盟链的多机构数据处理方法的步骤: A computer device comprising a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, wherein the processor, when executing the computer-readable instructions, implements the following alliance-based Steps of the chain's multi-agency data processing method:
    获取用户输入的序列码,所述序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;Obtain the serial code input by the user, the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
    利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;Use the smart contract pre-established by the alliance chain to determine whether the local node device meets the conditions for obtaining the ciphertext;
    若本端节点设备符合获取密文的条件,从所述联盟链上获取所述密文,所述密文通过依据所述序列码和预设的加密算法生成的原始秘钥对所述历史数据进行加密得到,通过所述第一合法节点对所述历史数据进行加密得到所述密文;If the local node device meets the conditions for obtaining the ciphertext, the ciphertext is obtained from the alliance chain, and the ciphertext is paired with the historical data through the original key generated according to the sequence code and the preset encryption algorithm. Obtained by encrypting, and encrypting the historical data by the first legal node to obtain the ciphertext;
    从所述智能合约中获取所述预设的加密算法;Obtain the preset encryption algorithm from the smart contract;
    通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥;The original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm;
    通过所述原始秘钥对所述密文进行解密,得到所述用户的历史数据。Decrypt the ciphertext by using the original key to obtain historical data of the user.
  10. 根据权利要求9所述的计算机设备,其中,所述利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件的步骤包括: The computer device according to claim 9, wherein the step of judging whether the local node device meets the conditions for obtaining the ciphertext using the smart contract pre-established by the alliance chain comprises:
    获取所述本端节点设备的CA证书;Obtain the CA certificate of the local node device;
    根据所述本端节点设备的CA证书判断所述本端节点设备是否已向所述联盟链的中心节点注册,若是,则判断所述本端节点设备为所述联盟链的合法节点。According to the CA certificate of the local node device, it is determined whether the local node device has registered with the central node of the consortium chain, and if so, it is determined that the local node device is a legal node of the consortium chain.
  11. 根据权利要求10所述的计算机设备,其中,在所述判断所述本端节点设备为所述联盟链的合法节点的步骤之后,所述处理器执行所述计算机可读指令时还实现如下基于联盟链的多机构数据处理方法的步骤: The computer device according to claim 10, wherein, after the step of judging that the local node device is a legal node of the alliance chain, when the processor executes the computer-readable instruction, the processor further implements the following: The steps of the multi-institution data processing method of the alliance chain:
    获取用户触发的业务流程节点;Get the business process node triggered by the user;
    从所述智能合约中获取预设的触发节点;Obtain a preset trigger node from the smart contract;
    当所述业务流程节点与所述触发节点相同时,判断所述本端节点设备符合获取密文的条件。When the service process node is the same as the trigger node, it is determined that the local node device meets the conditions for obtaining the ciphertext.
  12. 根据权利要求9所述的计算机设备,其中,所述预设的加密算法包括AES高级加密标准算法,所述通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥的步骤包括: The computer device according to claim 9, wherein the preset encryption algorithm includes an AES Advanced Encryption Standard algorithm, and the encryption algorithm is used to encrypt the serial code input by the user to obtain the original key. Steps include:
    通过AES高级加密标准算法对用户输入的所述序列码进行加密,得到所述原始秘钥。The serial code input by the user is encrypted by the AES advanced encryption standard algorithm to obtain the original secret key.
  13. 根据权利要求9所述的计算机设备,其中,所述预设的加密算法包括RSA算法,所述通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥的步骤包括: The computer device according to claim 9, wherein the preset encryption algorithm comprises an RSA algorithm, and the step of encrypting the serial code input by the user through the encryption algorithm to obtain the original secret key comprises:
    通过RSA算法对用户输入的所述序列码进行加密,得到所述原始秘钥。The serial code input by the user is encrypted by the RSA algorithm to obtain the original secret key.
  14. 根据权利要求9所述的计算机设备,其中,所述历史数据包括用户的姓名、身份证号码和/或贷款信息。 The computer device of claim 9, wherein the historical data includes the user's name, ID number and/or loan information.
  15. 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,其中,所述计算机可读指令被处理器执行时实现如下基于联盟链的多机构数据处理方法的步骤: A computer-readable storage medium storing computer-readable instructions, wherein when the computer-readable instructions are executed by a processor, the following steps of a consortium chain-based multi-organization data processing method are implemented:
    获取用户输入的序列码,所述序列码通过联盟链上的第一合法节点对用户输入的历史数据加密变换得到;Obtain the serial code input by the user, the serial code is obtained by encrypting and transforming the historical data input by the user by the first legal node on the alliance chain;
    利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件;Use the smart contract pre-established by the alliance chain to determine whether the local node device meets the conditions for obtaining ciphertext;
    若本端节点设备符合获取密文的条件,从所述联盟链上获取所述密文,所述密文通过依据所述序列码和预设的加密算法生成的原始秘钥对所述历史数据进行加密得到,通过所述第一合法节点对所述历史数据进行加密得到所述密文;If the local node device meets the conditions for obtaining the ciphertext, the ciphertext is obtained from the alliance chain, and the ciphertext is paired with the historical data through the original key generated according to the sequence code and the preset encryption algorithm. Obtained by encrypting, and encrypting the historical data by the first legal node to obtain the ciphertext;
    从所述智能合约中获取所述预设的加密算法;Obtain the preset encryption algorithm from the smart contract;
    通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥;The original secret key is obtained by encrypting the serial code input by the user through the encryption algorithm;
    通过所述原始秘钥对所述密文进行解密,得到所述用户的历史数据。Decrypt the ciphertext by using the original key to obtain historical data of the user.
  16. 根据权利要求15所述的计算机可读存储介质,其中,所述利用所述联盟链预先制定的智能合约判断本端节点设备是否符合获取密文的条件的步骤包括: The computer-readable storage medium according to claim 15, wherein the step of judging whether the local node device meets the conditions for obtaining the ciphertext by using the smart contract pre-established by the alliance chain comprises:
    获取所述本端节点设备的CA证书;Obtain the CA certificate of the local node device;
    根据所述本端节点设备的CA证书判断所述本端节点设备是否已向所述联盟链的中心节点注册,若是,则判断所述本端节点设备为所述联盟链的合法节点。According to the CA certificate of the local node device, it is determined whether the local node device has registered with the central node of the consortium chain, and if so, it is determined that the local node device is a legal node of the consortium chain.
  17. 根据权利要求16所述的计算机可读存储介质,其中,在所述判断所述本端节点设备为所述联盟链的合法节点的步骤之后,所述计算机可读指令被处理器执行时还实现如下基于联盟链的多机构数据处理方法的步骤: The computer-readable storage medium according to claim 16, wherein, after the step of judging that the local node device is a legal node of the alliance chain, the computer-readable instruction is further implemented when executed by the processor The steps of the multi-institution data processing method based on the alliance chain are as follows:
    获取用户触发的业务流程节点;Get the business process node triggered by the user;
    从所述智能合约中获取预设的触发节点;Obtain a preset trigger node from the smart contract;
    当所述业务流程节点与所述触发节点相同时,判断所述本端节点设备符合获取密文的条件。When the service process node is the same as the trigger node, it is determined that the local node device meets the conditions for obtaining the ciphertext.
  18. 根据权利要求15所述的计算机可读存储介质,其中,所述预设的加密算法包括AES高级加密标准算法,所述通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥的步骤包括: The computer-readable storage medium according to claim 15, wherein the preset encryption algorithm includes an AES Advanced Encryption Standard algorithm, and the original encryption algorithm is used to encrypt the serial code input by the user to obtain the original encryption algorithm. Key steps include:
    通过AES高级加密标准算法对用户输入的所述序列码进行加密,得到所述原始秘钥。The serial code input by the user is encrypted by the AES advanced encryption standard algorithm to obtain the original secret key.
  19. 根据权利要求15所述的计算机可读存储介质,其中,所述预设的加密算法包括RSA算法,所述通过所述加密算法对用户输入的所述序列码进行加密得到所述原始秘钥的步骤包括: The computer-readable storage medium according to claim 15, wherein the preset encryption algorithm includes an RSA algorithm, and the encryption algorithm is used to encrypt the serial code input by the user to obtain the original key. Steps include:
    通过RSA算法对用户输入的所述序列码进行加密,得到所述原始秘钥。The serial code input by the user is encrypted by the RSA algorithm to obtain the original secret key.
  20. 根据权利要求15所述的计算机可读存储介质,其中,所述历史数据包括用户的姓名、身份证号码和/或贷款信息。 The computer-readable storage medium of claim 15, wherein the historical data includes the user's name, ID number and/or loan information.
      
PCT/CN2021/125594 2020-12-21 2021-10-22 Consortium blockchain-based multi-institution data processing method, apparatus, and related device WO2022134812A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202011521525.1A CN112632574A (en) 2020-12-21 2020-12-21 Multi-mechanism data processing method and device based on alliance chain and related equipment
CN202011521525.1 2020-12-21

Publications (1)

Publication Number Publication Date
WO2022134812A1 true WO2022134812A1 (en) 2022-06-30

Family

ID=75320374

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/125594 WO2022134812A1 (en) 2020-12-21 2021-10-22 Consortium blockchain-based multi-institution data processing method, apparatus, and related device

Country Status (2)

Country Link
CN (1) CN112632574A (en)
WO (1) WO2022134812A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115840683A (en) * 2023-02-24 2023-03-24 浪潮电子信息产业股份有限公司 Monitoring method, system, device, equipment and storage medium of heterogeneous alliance chain

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112632574A (en) * 2020-12-21 2021-04-09 深圳壹账通智能科技有限公司 Multi-mechanism data processing method and device based on alliance chain and related equipment
CN113746829B (en) * 2021-08-31 2023-03-24 平安银行股份有限公司 Multi-source data association method, device, equipment and storage medium
CN114820175B (en) * 2022-06-27 2022-09-23 浙江数秦科技有限公司 Loan purpose supervision method based on block chain

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933995A (en) * 2019-01-31 2019-06-25 广州中国科学院软件应用技术研究所 A kind of user's protecting sensitive data and system based on cloud service and block chain
CN111371790A (en) * 2020-03-05 2020-07-03 中国工商银行股份有限公司 Data encryption sending method based on alliance chain, related method, device and system
WO2020169126A2 (en) * 2020-06-08 2020-08-27 Alipay Labs (singapore) Pte. Ltd. Managing user authorizations for blockchain-based custom clearance services
CN112073479A (en) * 2020-08-26 2020-12-11 重庆邮电大学 Method and system for controlling de-centering data access based on block chain
CN112632574A (en) * 2020-12-21 2021-04-09 深圳壹账通智能科技有限公司 Multi-mechanism data processing method and device based on alliance chain and related equipment

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109933995A (en) * 2019-01-31 2019-06-25 广州中国科学院软件应用技术研究所 A kind of user's protecting sensitive data and system based on cloud service and block chain
CN111371790A (en) * 2020-03-05 2020-07-03 中国工商银行股份有限公司 Data encryption sending method based on alliance chain, related method, device and system
WO2020169126A2 (en) * 2020-06-08 2020-08-27 Alipay Labs (singapore) Pte. Ltd. Managing user authorizations for blockchain-based custom clearance services
CN112073479A (en) * 2020-08-26 2020-12-11 重庆邮电大学 Method and system for controlling de-centering data access based on block chain
CN112632574A (en) * 2020-12-21 2021-04-09 深圳壹账通智能科技有限公司 Multi-mechanism data processing method and device based on alliance chain and related equipment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115840683A (en) * 2023-02-24 2023-03-24 浪潮电子信息产业股份有限公司 Monitoring method, system, device, equipment and storage medium of heterogeneous alliance chain
CN115840683B (en) * 2023-02-24 2023-05-16 浪潮电子信息产业股份有限公司 Heterogeneous alliance chain monitoring method, system, device, equipment and storage medium

Also Published As

Publication number Publication date
CN112632574A (en) 2021-04-09

Similar Documents

Publication Publication Date Title
US10673626B2 (en) Threshold secret share authentication proof and secure blockchain voting with hardware security modules
US10671733B2 (en) Policy enforcement via peer devices using a blockchain
JP6606156B2 (en) Data security service
WO2020181845A1 (en) Method and device for encrypting blockchain data, computer apparatus, and storage medium
US11159307B2 (en) Ad-hoc trusted groups on a blockchain
WO2021013245A1 (en) Data key protection method and system, electronic device and storage medium
WO2020062668A1 (en) Identity authentication method, identity authentication device, and computer readable medium
WO2019214070A1 (en) Encryption method for user communication on block chain, apparatus, terminal device and storage medium
JP2020528224A (en) Secure execution of smart contract operations in a reliable execution environment
WO2022134812A1 (en) Consortium blockchain-based multi-institution data processing method, apparatus, and related device
US7526649B2 (en) Session key exchange
TW201914254A (en) Method, apparatus and system for data encryption and decryption
WO2022199290A1 (en) Secure multi-party computation
WO2019214068A1 (en) Method and apparatus for verifying users on blockchain system, terminal device, and storage medium
WO2021120615A1 (en) Encryption apparatus, encryption system and data encryption method
US11924332B2 (en) Cryptographic systems and methods using distributed ledgers
JP2023500570A (en) Digital signature generation using cold wallet
CN115296838B (en) Block chain-based data sharing method, system and storage medium
WO2019214069A1 (en) Method and apparatus for encrypted user communication on blockchain, and terminal device and storage medium
US11711213B2 (en) Master key escrow process
WO2022217714A1 (en) Data collision method, apparatus and device, and computer-readable storage medium
WO2023051337A1 (en) Data processing method and apparatus, and device and storage medium
CN112804217A (en) Block chain technology-based evidence storing method and device
US20240064009A1 (en) Distributed anonymized compliant encryption management system
EP1790116B1 (en) Method and system for managing authentication and payment for use of broadcast material

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21908813

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 26/09/2023)

122 Ep: pct application non-entry in european phase

Ref document number: 21908813

Country of ref document: EP

Kind code of ref document: A1