[go: nahoru, domu]

WO2022057106A1 - Credibility verification system for digital asset data packet - Google Patents

Credibility verification system for digital asset data packet Download PDF

Info

Publication number
WO2022057106A1
WO2022057106A1 PCT/CN2020/134330 CN2020134330W WO2022057106A1 WO 2022057106 A1 WO2022057106 A1 WO 2022057106A1 CN 2020134330 W CN2020134330 W CN 2020134330W WO 2022057106 A1 WO2022057106 A1 WO 2022057106A1
Authority
WO
WIPO (PCT)
Prior art keywords
node
verification
digital
data packet
signature
Prior art date
Application number
PCT/CN2020/134330
Other languages
French (fr)
Chinese (zh)
Inventor
白杰
Original Assignee
江苏傲为控股有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 江苏傲为控股有限公司 filed Critical 江苏傲为控股有限公司
Publication of WO2022057106A1 publication Critical patent/WO2022057106A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q2220/00Business processing using cryptography

Definitions

  • the present application relates to the field of internet data processing, in particular to a trustworthiness verification system for digital asset data packets based on a blockchain network.
  • Digital asset financial systems usually use blockchain as the bearer network to solve problems such as the credibility of digital assets.
  • the realization of each function of the system, such as the generation and transaction of digital assets, is usually completed by different nodes or sub-chains of the public chain.
  • different nodes are used to implement different functions or operations.
  • the network P shown in Figure 1 can be regarded as a simple public chain, in which node 1 is used to realize the generation of digital assets, and node 2 is used to realize the transaction of digital assets.
  • node 1 is used to realize the generation of digital assets
  • node 2 is used to realize the transaction of digital assets.
  • different functions or operations are implemented by different sub-chains, or nodes of sub-chains.
  • the public chain P connects four sub-chains, wherein, sub-chain 3 is a digital asset generation sub-chain, referred to as a sub-chain of generation; sub-chain 4 is a digital asset transaction sub-chain, referred to as a transaction sub-chain; 5 is the digital asset storage sub-chain, referred to as the storage sub-chain; sub-chain 6 is the digital asset verification sub-chain, referred to as the verification sub-chain.
  • sub-chain 3 is a digital asset generation sub-chain, referred to as a sub-chain of generation
  • sub-chain 4 is a digital asset transaction sub-chain, referred to as a transaction sub-chain
  • 5 is the digital asset storage sub-chain, referred to as the storage sub-chain
  • sub-chain 6 is the digital asset verification sub-chain, referred to as the verification sub-chain.
  • the nodes used to implement different functions or operations are usually determined by the traditional technical mechanisms of the blockchain network, such as election or competition mechanisms.
  • the blockchain network shown in Figure 2 is a typical bearer network of a digital asset financial system, in which the functions and operations of sub-chains are related to each other.
  • the data structures and mechanisms used by the functions implemented by the sub-chain 6 are relevant, otherwise the corresponding functions or operations cannot be implemented.
  • the relationship between each sub-chain in FIG. 2 is described in conjunction with FIG. 3 .
  • the sub-chain 3 shown in FIG. 2 is an example of the digital asset generation sub-chain, including the digital asset generation node 31, which is used to carry the digital asset generation platform, and the other nodes 32, 33, 34, and 35 are used to carry justice, evaluation, due diligence Platforms for surveys, guarantees, etc., where each platform in turn links one or more sub-chains consisting of terminal nodes formed by multiple nodes.
  • FIG. 3 is a relationship diagram between the sub-chains of the digital asset financial system carried by the blockchain network shown in FIG.
  • the digital asset data packet A generated by the digital asset generation node 31 is transmitted to the nodes 32, 33, 34, 35, used to generate some attributes b1, b2, b3, b4 of the digital asset data package A, for example, used to express data such as evaluation value, justice matters, due diligence data, guarantee matters, etc.
  • These attributes b1, b2, b3 , b4 is processed by the node 31 to form the attribute B of the digital asset data package A.
  • the digital asset data package A and the attribute B together constitute a tradable digital asset data package D, and the digital asset data package D is sent by the node 31 to the transaction sub-chain 4 and the storage sub-chain 5 for transactions.
  • Subchain 4 verifies the transaction or stores subchain 5 storage.
  • the digital asset data package D is sent to the storage sub-chain 5 by the node 31 , and the transaction sub-chain 4 obtains the tradable digital asset data package D from the sub-chain 5 .
  • the digital asset data package D should have credibility before it can be stored by the sub-chain 5 or traded by the transaction sub-chain 4 .
  • the blockchain network cannot guarantee the credibility of the digital asset data package, that is, it cannot guarantee that the digital asset data package stored in the storage sub-chain 5 has complete credibility. sex.
  • the way to ensure trustworthiness is that the digital asset data package can withstand verification.
  • the usual practice is that any platform or any blockchain node initiates a verification request for a digital asset data package through a trusted node to further verify each verification sub-item of the digital asset data package.
  • nodes 32, 33, 34, and 35 may all be provided with differential services by many terminals in the same or different time periods.
  • some attributes b1, b2, b3 or b4 of the digital asset data package A may all be the product of the cooperative operation of multiple terminals. Therefore, the credibility of the digital asset data package is realized by the credibility of each terminal operation, and verifying the credibility of the digital asset data package is to verify the credibility of each terminal operation.
  • the usual practice is to perform hash signatures on the operation results of all terminals, that is, for the final formation of attribute B or digital asset data packet D, so that the node performing the verification will pass the hash calculation for attribute B or digital asset data packet D. , to get the conclusion of the credibility of attribute B or digital asset data package D. Obviously, this cannot guarantee the credibility of the formation process and source of attribute B or digital asset data package D.
  • An improved method is to perform a verification operation on the operator of the attribute B or the digital asset data package D. Since the verification operation usually generates verification requirements at an uncertain time after the attribute B or the digital asset data package D is generated, so , using this method to trace the source and verify the operators one by one requires complex retrieval and deletion operations, involving many blockchain service nodes and a large amount of data, resulting in high resource consumption and low efficiency.
  • the present application provides a reliability verification system for digital asset data packets.
  • the problem to be solved by this application is to provide a reliability verification system for digital asset data packets that consumes less resources and is efficient.
  • a credibility verification system for digital asset data packets comprising: several execution terminal nodes, several aggregation nodes, and several verification nodes, the execution terminal nodes include a plurality of different main chains or sub-chains that perform operations on the digital asset data packets , the collection node is a node that is pre-assigned a corresponding collection function role, and the verification node is a node that is pre-assigned a corresponding verification function role, wherein:
  • the verification node is configured with:
  • Verification request step send a credibility verification request for the digital asset data package to the execution terminal node;
  • the execution terminal node is configured with:
  • the step of receiving verification receiving the verification request sent by the verification node;
  • Digital signature step digitally sign the data packet by using the respective private keys of the execution terminal nodes, and the digital signature is at least one;
  • the verification node is further configured with:
  • Digital signature verification step verifying the digital signature
  • Aggregation triggering step if each of the digital signatures passes the verification, trigger the aggregation node to aggregate the digital signatures;
  • the collection node is configured with:
  • the collective signature step performing a collective operation on the digital signature to generate a collective signature
  • the verification node is further configured with:
  • the collective signature verification step verifying the collective signature, if the verification is passed, the data packet is credible.
  • the present application provides a credibility verification system for digital asset data packets, including several execution terminal nodes, several aggregation nodes and several verification nodes, and the execution terminal nodes include a plurality of different types of performing digital asset data packet operations.
  • the collection node is the node that is pre-assigned the corresponding collection function role
  • the verification node is the node that is pre-assigned the corresponding verification function role.
  • the verification node sends the trustworthiness of the digital asset data package to the execution terminal node.
  • the execution terminal node receives the verification request, uses the private key of the execution terminal node to digitally sign the data packet, and the verification node verifies the digital signature. If each digital signature passes the verification, trigger the collection node to collect the digital signatures , the collection node performs a collection operation on the digital signature, generates a collection signature, and the verification node verifies the collection signature result. If the verification is passed, the data packet is credible.
  • the collective signature can be verified once, which greatly reduces the cost of verifying the signature and saves the storage space of the execution terminal node.
  • Figure 1 is an example diagram of a simple blockchain network
  • Figure 2 is an example diagram of a typical blockchain network
  • Fig. 3 is a relationship diagram between sub-chains of the digital asset financial system carried by the blockchain network shown in Fig. 2;
  • Figure 4 is a schematic diagram of the reliability verification flow of the digital asset data package
  • FIG. 5 is a schematic diagram of forming a trustworthy tree during a transaction operation process of a data packet.
  • digital assets such as electronic money, Q coins, online games and some application software
  • digital assets are constantly being integrated into people's production and life, becoming an indispensable part of the Internet era.
  • Digital assets can be seen everywhere in daily life.
  • the common manifestations of digital assets include movie tickets, game equipment, paid courseware, paid music, star voting, virtual points, etc.
  • the main areas involved in digital assets are literature, film and television, Games, animation, finance and other fields.
  • Packet is a data unit in TCP/IP protocol communication transmission, generally also called "data packet”.
  • Digital asset data packet means that digital assets exist in the Internet in the form of data packets.
  • blockchain In order to ensure the credibility of digital asset data packets, blockchain is usually used as the bearer network, but digital asset data packets will generate a lot of intermediate process data during the transaction process.
  • a certain node of the node initiates a transaction on the digital asset data package.
  • the transaction operation process passes through several sub-chains on the main chain, and passes through the next-level nodes of some nodes on the sub-chain, that is, the digital asset data package. In the entire transaction process, many terminal nodes will pass through, and a lot of process data will be generated.
  • the present application provides a credibility verification system for digital asset data packets, including: several execution terminal nodes, several aggregation nodes, and several verification nodes, and the execution terminal nodes include multiple different main chains or sub-chains that perform operations on digital asset data packets
  • a node in the blockchain performs a transaction operation on a digital asset data packet (hereinafter referred to as a data packet)
  • this node is the execution terminal node.
  • the transaction operation of a data packet will pass through many nodes. , so the number of execution terminal nodes corresponds to a lot.
  • a collection node is a node that is pre-assigned the corresponding collection function role. The collection node mainly collects each discrete signature, and collects multiple signatures into one collection signature.
  • the verification node is the node that is pre-assigned the corresponding verification function role, mainly to verify the credibility of the node and the credibility of the signature in the process of the data packet transaction.
  • a node is an execution terminal node, and can also be a collection node and a verification node.
  • the number of execution terminal nodes, verification nodes and collection nodes is not limited, but multiple verification nodes include at least one trusted node.
  • the foundation initiates a credibility verification request for the digital asset data package.
  • Fig. 4 is a schematic diagram of the credibility verification process of the digital asset data package, the credibility verification system of the digital asset data packet of the present application, wherein:
  • Verification request step send a credibility verification request for the digital asset data package to the execution terminal node.
  • the execution terminal node before the verification node initiates a credibility verification request to the execution terminal node, the execution terminal node also needs to perform the node trustworthiness judgment step, that is, the execution terminal node judges whether the verification node is a trusted node, and the specific judgment method is this application.
  • the verification node is credible and receives a credibility verification request, that is, the verification node can verify the credibility of the digital asset data package. Or maliciously pretend to be a node, etc., and the execution terminal node rejects the credibility verification request of the verification node, that is, the verification node cannot perform the credibility verification process of the digital asset data package.
  • the execution endpoint configuration is:
  • the step of receiving verification receiving the verification request sent by the verification node, and if the execution terminal node determines that the verification node is a trusted node, then receives the verification request sent by the verification node.
  • Digital signature step digitally sign the data package with the private key of the execution terminal node, and the number of digital signatures must be at least one.
  • the initial data packet may be allocated to one or more execution terminal nodes at the beginning of the transaction, or the data packet may be split and allocated to different execution terminal nodes.
  • the blockchain mainly uses digital signatures to realize permission control, and the private key of each execution terminal node is used for digital data packet transactions of each execution terminal node.
  • the public key corresponding to the private key is disclosed, and the digital signature using the private key has an anti-tampering mechanism, which can identify the legal identity of the transaction initiator, prevent the identity of malicious nodes from impersonating, and thus prevent transactions from being tampered with by third parties.
  • Digital signatures also known as electronic signatures, use certain algorithms to achieve effects similar to traditional physical signatures.
  • a digital signature is to process the signature content through algorithms in the field of cryptography to obtain a segment of characters used to represent the signature.
  • a set of digital signature algorithms generally includes two operations: signature and signature verification. After the data is signed, it only needs to be verified by the matching verification signature method, and it does not require professional means to identify it like traditional physical signatures.
  • Digital signature usually adopts asymmetric encryption algorithm, that is, each node needs a pair of private key and public key.
  • the signatures of different private keys to the same piece of data are completely different, similar to the handwriting of physical signatures.
  • the digital signature is usually attached to the original message as additional information to prove the identity of the message sender.
  • the public key is the key that everyone can obtain.
  • the public key is required to verify the signature. Because the public key can be obtained by everyone, all nodes can verify the legitimacy of the identity.
  • the step of generating the digest generating a digital digest by hashing the original data of the data packet, and in this application, hashing the initial data of the digital asset data packet to generate a digital digest;
  • the step of encrypting the digest encrypting the digital digest with the private key of the node where the data packet is located to obtain a digital signature.
  • the generated digital digest is encrypted with the private key of the execution terminal node where the data packet is located;
  • Digital signature sending step Send the digital signature and the original data of the data packet to the verification node.
  • the verification node is further configured with:
  • the digital signature verification step verifying the digital signature result of the execution terminal node.
  • the digital signature verification method can be determined through pre-negotiation between the verification node and the execution terminal node, which is not specifically limited in this application.
  • Collection triggering step If each digital signature passes the verification, trigger the collection node to collect the digital signatures to generate a collection signature.
  • Collective signature collects multiple digital signature data of one execution terminal node or multiple execution terminal nodes to generate collective signature data corresponding to the execution terminal node, that is, multiple signatures signed by multiple users on multiple messages respectively, can be collected. Synthesize a short signature.
  • the collection node configuration has:
  • Collection signature step perform collection operations on digital signatures to generate collection signatures.
  • Collection signatures are digital signatures with additional properties, which have compression and batch processing properties. In practice, the more favorable factor is that collection signatures are verifiable , and only one verification is required, that is, when multiple digital signatures are assembled to generate a collective signature for the first time, all digital signatures involved and the collective signature after the collection of digital signatures need to be verified. Once the initial verification is passed, There is no need to verify the digital signature in the verification in the future, only the final generated set signature result is verified.
  • the rule of the collective signature is that as long as the collective signature result passes the verification, it means that each digital signature that generates the collective signature has passed the verification.
  • the verification node is further configured with:
  • Collection signature verification step Verify the collection signature, if it passes the verification, the data package is trusted.
  • the verification of the collective signature includes two cases. One is to verify all digital signatures involved in the collective signature when the collective signature is performed for the first time; the other is to verify the collective signature when the collective signature is initialized. The details are as follows:
  • Initial verification step When the collective node performs collective signature on the digital signature for the first time, all digital signatures need to be verified.
  • the verification method of the digital signature can be predetermined.
  • a verification method of the digital signature data can be: encrypt the digest information with the sender's private key, transmit it to the receiver together with the original text, and decrypt the receiver with his own public key The encrypted summary information, and then use the HASH function to generate a summary information for the received original text, and compare it with the decrypted summary information. If they are the same, it means that the received information is complete and has not been modified during the transmission process; otherwise, it means that the information has been modified, so the digital signature can verify the integrity of the information. It should be noted that it is only necessary to verify all the digital signature data during the initial collective signature. After the initial verification is passed, there is no need to verify all the digital signature data in the future. It is only necessary to verify the result of the collective signature. Can.
  • the initial set signature In the initial set signature, if all the digital signatures pass the verification, verify the initial set signature result, or, in practical applications, when the set signature is initialized, initialization certification is required.
  • the initialization referred to here includes, for example, When the system carried by the data packet exchange is started every day or the system is restarted, the verification method of the collective signature result can be pre-determined by the verification node.
  • the collective signature result can be the product of each digital signature data, and the verification node only needs to verify the collective signature once to be sure whether the digital signature involved in the collective signature comes from the specified execution terminal node. Attributes and links are signed separately, which greatly improves the efficiency of signature verification and transmission.
  • the collective signature result may also be other algorithms customized by the user according to actual needs, which is not specifically limited in this application.
  • the collective signature can be verified only once, so the cost of verifying the signature can be greatly reduced. Moreover, since multiple signatures are aggregated into one signature, the storage of the execution terminal node can be greatly saved.
  • the purpose of collectively signing digital signatures is to provide a reliability verification system for digital asset data packets with less resource consumption and high efficiency.
  • the execution terminal node is further configured with the following steps:
  • Steps of generating a trusted tree According to the transaction operation process of the terminal node to the data packet, the trusted tree of the processing process of the data packet is generated according to the node level.
  • the trusted tree here refers to the operation process of all the execution terminal nodes that the data packet passes through.
  • FIG. 5 is a schematic diagram of a trusted tree formed by a transaction operation process of a data packet.
  • the node-level confirmation method is to first confirm the root node, and take the execution terminal node of the initial operation data packet as the root Next, confirm the child nodes.
  • the confirmation method is that the root node is the first level node, and the next level node of the root node is the second level node.
  • the execution terminal node of the initial data packet is the root node.
  • the initial data packet is divided into data packet 0 and data packet 1, then the second-level node has two execution terminal nodes to operate the two packet data packets respectively.
  • the next-level node of the node is the third-level node, and the third-level node splits the data packet 0 into three data packets, namely data packet 01, data packet 02 and data packet 03, and splits the data packet 1 again.
  • the trusted tree encryption step encrypting each transaction operation in the trusted tree, and the specific encryption method is not specifically limited in this application.
  • Trust tree verification step verify the transaction operation of each execution terminal node to determine whether there is any malicious operation.
  • Trust tree storage steps If there is a malicious operation, record the execution terminal node corresponding to the malicious operation, indicating that the operation of the execution terminal node is untrustworthy. If the set signature verification fails later, it is likely that the malicious node failed. Verify, record the encryption and verification process of each execution terminal node, and store the trust tree periodically according to the preset time. For example, the trust tree can be stored after the data packet transaction is completed, or it can be stored in stages during the data packet transaction process. , which can be preset according to the transaction complexity of the data package.
  • the present application can also perform collective signatures on digital signatures according to the trusted tree.
  • the collective signature can perform collective signatures on multiple digital signatures of a user, that is, an execution terminal node, It is also possible to collectively sign multiple digital signatures of multiple users, that is, multiple execution terminal nodes.
  • the execution terminal nodes corresponding to malicious operations have been recorded, and the collective signature is constructed on the basis of the trusted tree.
  • the first search should be the execution terminal node with malicious operation records, which saves the work of checking and tracing the source one by one, greatly improving the efficiency.
  • the processing flow of the entire data packet can be clearly displayed.
  • the verification node is further configured with the following steps:
  • Data packet storage step If the data packet is credible, that is, the verification result of the verification node on the set signature is verified, the data packet is stored in the verification node, and the data packet at this time is a trusted data packet, in which the stored data
  • the operation of digital signature and collective signature is included in the package.
  • the data package storage step specifically includes the following steps:
  • the data packet splitting step splitting the trusted data packet to obtain a plurality of grouped data packets.
  • Packet data packet encryption step encrypt each packet data packet.
  • Encrypted data packet storage step store each encrypted packet data packet to the verification node for later use.
  • the present application provides a credibility verification system for digital asset data packets, including several execution terminal nodes, several aggregation nodes and several verification nodes, and the execution terminal nodes include a plurality of different types of performing digital asset data packet operations.
  • the collection node is the node that is pre-assigned the corresponding collection function role
  • the verification node is the node that is pre-assigned the corresponding verification function role.
  • the verification node sends the trustworthiness of the digital asset data package to the execution terminal node.
  • the execution terminal node receives the verification request, uses the private key of the execution terminal node to digitally sign the data packet, and the verification node verifies the digital signature. If each digital signature passes the verification, trigger the collection node to collect the digital signatures , the collection node performs a collection operation on the digital signature, generates a collection signature, and the verification node verifies the collection signature result. If the verification is passed, the data packet is credible.
  • the collective signature does not need to verify all digital signatures every time. It can be verified by one time, which greatly reduces the cost of verifying signatures. Moreover, because multiple signatures are aggregated into one signature, the storage space of the execution terminal node can be greatly saved.
  • the execution terminal node is also configured with the step of generating a trusted tree.
  • the first search should be the execution terminal node with malicious operation records, which eliminates the need for one-by-one investigation and traceability. It greatly improves the efficiency, and at the same time, the processing flow of the entire data packet can be clearly displayed through the trusted tree.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Storage Device Security (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

A credibility verification system for a digital asset data packet, comprising a plurality of execution terminal nodes, a plurality of collection nodes, and a plurality of verification nodes. The execution terminal nodes comprise a plurality of nodes, on different main chains or sub-chains, for performing digital asset data packet operations; the collection nodes are nodes pre-assigned with a corresponding collection function role; and the verification nodes are nodes pre-assigned a corresponding verification function role. First, the verification nodes first send to the execution terminal nodes a credibility verification request for a digital asset data packet; the execution terminal nodes receive the verification request and perform digital signing on the data packet by using respective private keys of the execution terminal nodes; the verification nodes verify the digital signatures, and if each digital signature passes the verification, trigger the collection nodes to collect the digital signature; the collection nodes perform a collection operation on the digital signatures to generate a collection signature; the verification nodes verify the collection signature result; and if the collection signature result passes the verification, the data packet is credible.

Description

数字资产数据包的可信性验证系统Credibility verification system of digital asset data package 技术领域technical field
本申请涉及互联网络数据处理领域,尤其涉及基于区块链网络的数字资产数据包的可信性验证系统。The present application relates to the field of internet data processing, in particular to a trustworthiness verification system for digital asset data packets based on a blockchain network.
背景技术Background technique
数字资产金融系统通常以区块链作为承载网络,以解决数字资产的可信性等问题。系统的每一个功能的实现,例如数字资产的生成和交易,通常由公链不同的节点或子链完成。对于图1所示的简单的区块链网络示意图,不同的节点用于实现不同的功能或操作。可以将图1所示网络P看做是一个简单的公链,其中节点1用于实现数字资产的生成,节点2用于实现数字资产的交易。而对于图2所示的典型的区块链网络示意图,不同的功能或操作则由不同的子链,或子链的节点实现。按照图2所示,公链P连接四个子链,其中,子链3是数字资产生成子链,简称为生成子链;子链4是数字资产交易子链,简称为交易子链;子链5是数字资产存储子链,简称为存储子链;子链6是数字资产验证子链,简称为验证子链。在图1或图2中,用于实现不同功能或操作的节点,通常由区块链网络传统的技术机制确定,例如选举或竞争机制等。另外,图2所示子链之间通过公链的跨链操作不在此讨论。Digital asset financial systems usually use blockchain as the bearer network to solve problems such as the credibility of digital assets. The realization of each function of the system, such as the generation and transaction of digital assets, is usually completed by different nodes or sub-chains of the public chain. For the simple blockchain network diagram shown in Figure 1, different nodes are used to implement different functions or operations. The network P shown in Figure 1 can be regarded as a simple public chain, in which node 1 is used to realize the generation of digital assets, and node 2 is used to realize the transaction of digital assets. For the typical block chain network schematic diagram shown in Figure 2, different functions or operations are implemented by different sub-chains, or nodes of sub-chains. As shown in Figure 2, the public chain P connects four sub-chains, wherein, sub-chain 3 is a digital asset generation sub-chain, referred to as a sub-chain of generation; sub-chain 4 is a digital asset transaction sub-chain, referred to as a transaction sub-chain; 5 is the digital asset storage sub-chain, referred to as the storage sub-chain; sub-chain 6 is the digital asset verification sub-chain, referred to as the verification sub-chain. In Figure 1 or Figure 2, the nodes used to implement different functions or operations are usually determined by the traditional technical mechanisms of the blockchain network, such as election or competition mechanisms. In addition, the cross-chain operation between the sub-chains shown in Figure 2 through the public chain is not discussed here.
图2所示区块链网络是一个典型的数字资产金融系统的承载网络,其中子链的功能和操作彼此相关,例如,生成子链3采用的数据结构和机制,与其它子链,如验证子链6所实现功能采用的数据结构和机制就具有相关性,否则无法实现相应的功能或操作。图2中各个子链之间的关系结合图3说明。The blockchain network shown in Figure 2 is a typical bearer network of a digital asset financial system, in which the functions and operations of sub-chains are related to each other. The data structures and mechanisms used by the functions implemented by the sub-chain 6 are relevant, otherwise the corresponding functions or operations cannot be implemented. The relationship between each sub-chain in FIG. 2 is described in conjunction with FIG. 3 .
图2所示子链3作为数字资产生成子链的示例,包括数字资产生成节点31,它用于承载生成数字资产生成平台,其它节点32、33、34、35用于承载公正、评估、尽职调查、担保等平台,其中每个平台又链接由多个节点形成的终端节点构成的一个或多个子链。参见图3,图3是图2所示区块链网络承载的数字资产金融系统子链之间的关系图,数字资产生成节点31生成的数字资产数据包A,被传送给节点32、33、34、35,用于生成数字资产数据包A的某些属性b1、b2、b3、b4,例如用于表达评估值、公正事项、尽职调查数据、担保事项等数据,这些属性b1、b2、b3、b4经过所述节点31的加工,形成了数字资产数据包A的属性B。所述数字资产数据包A和所述属性B共同构成了一个可交易的数字资产数据包D,所述数字资产数据包D被节点31发送到交易子链4和存储子链5,以供交易子链4验证交易或存储子链5存储。或者,所述数字资产数据包D被节点31发送到存储子链5,交易子链4从子链5获得可交易的数字资产数据包D。显然,所述数字资产数据包D应具有可信性才能够被子链5存储,或者被交易子链4交易。The sub-chain 3 shown in FIG. 2 is an example of the digital asset generation sub-chain, including the digital asset generation node 31, which is used to carry the digital asset generation platform, and the other nodes 32, 33, 34, and 35 are used to carry justice, evaluation, due diligence Platforms for surveys, guarantees, etc., where each platform in turn links one or more sub-chains consisting of terminal nodes formed by multiple nodes. Referring to FIG. 3, FIG. 3 is a relationship diagram between the sub-chains of the digital asset financial system carried by the blockchain network shown in FIG. 2, the digital asset data packet A generated by the digital asset generation node 31 is transmitted to the nodes 32, 33, 34, 35, used to generate some attributes b1, b2, b3, b4 of the digital asset data package A, for example, used to express data such as evaluation value, justice matters, due diligence data, guarantee matters, etc. These attributes b1, b2, b3 , b4 is processed by the node 31 to form the attribute B of the digital asset data package A. The digital asset data package A and the attribute B together constitute a tradable digital asset data package D, and the digital asset data package D is sent by the node 31 to the transaction sub-chain 4 and the storage sub-chain 5 for transactions. Subchain 4 verifies the transaction or stores subchain 5 storage. Alternatively, the digital asset data package D is sent to the storage sub-chain 5 by the node 31 , and the transaction sub-chain 4 obtains the tradable digital asset data package D from the sub-chain 5 . Obviously, the digital asset data package D should have credibility before it can be stored by the sub-chain 5 or traded by the transaction sub-chain 4 .
然而,由于多种原因,例如节点故障、节点被攻击等,使得区块链网络无法保证数字资产数据包具有可信性,即无法保证存储子链5存储的数字资产数据包具有完全的可信性。保证可信性的方法就是数字资产数据包能够经得起验证。通常的做法是,任意平台或者任 意一个区块链节点,通过一个可信节点发起对某个数字资产数据包的验证请求,进一步验证数字资产数据包的每一个验证子项。例如,在图2中,节点32、33、34、35,都可能由很多个终端在相同或不同的时间段提供差别服务。也就是说,数字资产数据包A的某些属性b1、b2、b3或b4,都可能是多个终端协作操作的产物。因此,数字资产数据包的可信性是通过每一个终端操作的可信性实现的,验证数字资产数据包的可信性,就是验证每一个终端操作的可信性。通常的做法是,将所有终端的操作结果,即针对最后形成属性B或数字资产数据包D进行哈希签名,这样,执行验证的节点就会通过对于属性B或数字资产数据包D哈希计算,得到属性B或数字资产数据包D可信性的结论,显然,这样无法保证属性B或数字资产数据包D形成过程和源头的可信性。However, due to various reasons, such as node failure, node attack, etc., the blockchain network cannot guarantee the credibility of the digital asset data package, that is, it cannot guarantee that the digital asset data package stored in the storage sub-chain 5 has complete credibility. sex. The way to ensure trustworthiness is that the digital asset data package can withstand verification. The usual practice is that any platform or any blockchain node initiates a verification request for a digital asset data package through a trusted node to further verify each verification sub-item of the digital asset data package. For example, in FIG. 2, nodes 32, 33, 34, and 35 may all be provided with differential services by many terminals in the same or different time periods. That is to say, some attributes b1, b2, b3 or b4 of the digital asset data package A may all be the product of the cooperative operation of multiple terminals. Therefore, the credibility of the digital asset data package is realized by the credibility of each terminal operation, and verifying the credibility of the digital asset data package is to verify the credibility of each terminal operation. The usual practice is to perform hash signatures on the operation results of all terminals, that is, for the final formation of attribute B or digital asset data packet D, so that the node performing the verification will pass the hash calculation for attribute B or digital asset data packet D. , to get the conclusion of the credibility of attribute B or digital asset data package D. Obviously, this cannot guarantee the credibility of the formation process and source of attribute B or digital asset data package D.
一个改进的方法是,对于所述属性B或数字资产数据包D的操作者进行验证操作,由于验证操作通常在所述属性B或数字资产数据包D生成后的不确定时间产生验证需求,因此,采用这种方法溯源以及逐一验证操作者需要复杂的检索和删选操作,涉及的区块链服务节点多、数据量大,导致消耗的资源多而且效率较低。An improved method is to perform a verification operation on the operator of the attribute B or the digital asset data package D. Since the verification operation usually generates verification requirements at an uncertain time after the attribute B or the digital asset data package D is generated, so , using this method to trace the source and verify the operators one by one requires complex retrieval and deletion operations, involving many blockchain service nodes and a large amount of data, resulting in high resource consumption and low efficiency.
发明内容SUMMARY OF THE INVENTION
基于上述技术问题,本申请提供一种数字资产数据包的可信性验证系统,本申请要解决的问题在于,提供一种资源消耗少,且高效的数字资产数据包的可信性验证系统。Based on the above technical problems, the present application provides a reliability verification system for digital asset data packets. The problem to be solved by this application is to provide a reliability verification system for digital asset data packets that consumes less resources and is efficient.
数字资产数据包的可信性验证系统,包括:若干执行终端节点、若干集合节点以及若干验证节点,所述执行终端节点包括多个执行所述数字资产数据包操作的不同主链或子链上的节点,所述集合节点为预先赋予对应集合功能角色的节点,所述验证节点为预先赋予对应验证功能角色的节点,其中:A credibility verification system for digital asset data packets, comprising: several execution terminal nodes, several aggregation nodes, and several verification nodes, the execution terminal nodes include a plurality of different main chains or sub-chains that perform operations on the digital asset data packets , the collection node is a node that is pre-assigned a corresponding collection function role, and the verification node is a node that is pre-assigned a corresponding verification function role, wherein:
所述验证节点配置有:The verification node is configured with:
验证请求步骤:向执行终端节点发送对数字资产数据包的可信性验证请求;Verification request step: send a credibility verification request for the digital asset data package to the execution terminal node;
所述执行终端节点配置有:The execution terminal node is configured with:
接收验证步骤:接收所述验证节点发送的验证请求;The step of receiving verification: receiving the verification request sent by the verification node;
数字签名步骤:利用执行终端节点各自的私钥对所述数据包进行数字签名,所述数字签名至少为1个;Digital signature step: digitally sign the data packet by using the respective private keys of the execution terminal nodes, and the digital signature is at least one;
所述验证节点进一步配置有:The verification node is further configured with:
数字签名验证步骤:验证所述数字签名;Digital signature verification step: verifying the digital signature;
集合触发步骤:如果每个所述数字签名通过验证,触发集合节点对所述数字签名进行集合;Aggregation triggering step: if each of the digital signatures passes the verification, trigger the aggregation node to aggregate the digital signatures;
所述集合节点配置有:The collection node is configured with:
集合签名步骤:对所述数字签名进行集合操作,生成集合签名;The collective signature step: performing a collective operation on the digital signature to generate a collective signature;
所述验证节点进一步配置有:The verification node is further configured with:
集合签名验证步骤:验证所述集合签名,如果通过验证,所述数据包可信。The collective signature verification step: verifying the collective signature, if the verification is passed, the data packet is credible.
由以上技术方案可知,本申请提供一种数字资产数据包的可信性验证系统,包括若干执行终端节点、若干集合节点以及若干验证节点,执行终端节点包括多个执行数字资产数据包操作的不同主链或子链上的节点,集合节点为预先赋予对应集合功能角色的节点,验证节点为预先赋予对应验证功能角色的节点,首先验证节点向执行终端节点发送对数字资产数据包的可信性验证请求,执行终端节点接收验证请求,利用执行终端节点各自的私钥 对数据包进行数字签名,验证节点对数字签名进行验证,如果每个数字签名都通过验证,触发集合节点对数字签名进行集合,集合节点对数字签名进行集合操作,生成集合签名,验证节点对集合签名结果进行验证,如果通过验证,所述数据包可信。集合签名通过一次验证就可以,大大减少了验证签名的成本,而且节约对执行终端节点存储空间的占用。It can be seen from the above technical solutions that the present application provides a credibility verification system for digital asset data packets, including several execution terminal nodes, several aggregation nodes and several verification nodes, and the execution terminal nodes include a plurality of different types of performing digital asset data packet operations. Nodes on the main chain or sub-chain, the collection node is the node that is pre-assigned the corresponding collection function role, and the verification node is the node that is pre-assigned the corresponding verification function role. First, the verification node sends the trustworthiness of the digital asset data package to the execution terminal node. To verify the request, the execution terminal node receives the verification request, uses the private key of the execution terminal node to digitally sign the data packet, and the verification node verifies the digital signature. If each digital signature passes the verification, trigger the collection node to collect the digital signatures , the collection node performs a collection operation on the digital signature, generates a collection signature, and the verification node verifies the collection signature result. If the verification is passed, the data packet is credible. The collective signature can be verified once, which greatly reduces the cost of verifying the signature and saves the storage space of the execution terminal node.
附图说明Description of drawings
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其它的附图。In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the accompanying drawings required in the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some of the present application. In the embodiments, for those of ordinary skill in the art, other drawings can also be obtained according to these drawings without any creative effort.
图1是简单的区块链网络示例图;Figure 1 is an example diagram of a simple blockchain network;
图2是典型的区块链网络示例图;Figure 2 is an example diagram of a typical blockchain network;
图3是图2所示区块链网络承载的数字资产金融系统子链之间的关系图;Fig. 3 is a relationship diagram between sub-chains of the digital asset financial system carried by the blockchain network shown in Fig. 2;
图4是数字资产数据包的可信性验证流程示意图;Figure 4 is a schematic diagram of the reliability verification flow of the digital asset data package;
图5是数据包的交易操作过程形成可信树的示意图。FIG. 5 is a schematic diagram of forming a trustworthy tree during a transaction operation process of a data packet.
具体实施方式detailed description
为使本申请的目的、技术方案和优点更加清楚,下面将结合本申请具体实施例及相应的附图对本申请技术方案进行清楚、完整地描述。显然,所描述的实施例仅是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。以下结合附图,详细说明本申请各实施例提供的技术方案。In order to make the objectives, technical solutions and advantages of the present application clearer, the technical solutions of the present application will be clearly and completely described below with reference to the specific embodiments of the present application and the corresponding drawings. Obviously, the described embodiments are only a part of the embodiments of the present application, but not all of the embodiments. Based on the embodiments in the present application, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application. The technical solutions provided by the embodiments of the present application will be described in detail below with reference to the accompanying drawings.
随着互联网技术的发展和应用,数字资产应运而生,如电子货币、Q币、网络游戏和一些应用软件等,且正不断融入到人们的生产、生活,成为互联网时代不可缺少的组成部分。这些由企业或个人拥有或控制的,以电子数据形式存在,具备一定价值或预期能带来经济利益的各类资源,均统称为数字资产。数字资产在日常生活中随处可见,例如,数字资产常见的表现形式有电影门票、游戏装备、付费课件、付费音乐、明星投票、虚拟积分等,数字资产主要涉及的领域常见的有文学、影视、游戏、动漫、金融等领域。With the development and application of Internet technology, digital assets, such as electronic money, Q coins, online games and some application software, are constantly being integrated into people's production and life, becoming an indispensable part of the Internet era. These various resources that are owned or controlled by enterprises or individuals, exist in the form of electronic data, have certain value or are expected to bring economic benefits are collectively referred to as digital assets. Digital assets can be seen everywhere in daily life. For example, the common manifestations of digital assets include movie tickets, game equipment, paid courseware, paid music, star voting, virtual points, etc. The main areas involved in digital assets are literature, film and television, Games, animation, finance and other fields.
包(Packet)是TCP/IP协议通信传输中的数据单位,一般也称“数据包”,数字资产数据包则是指数字资产以数据包的形式存在于互联网中。数字资产数据包为了保证其可信性,通常以区块链作为承载网络,但数字资产数据包在交易过程中,会产生很多中间过程数据,例如,在区块链网络上,由主链上的某个节点对数字资产数据包发起一笔交易,该交易操作过程经过主链上的若干子链,由经过了子链上某些节点的下一级节点,也就是说,数字资产数据包在整个交易过程中,会途径很多终端节点,也会产生很多过程数据,为了保证整个数字资产数据包的可信性,则要对所有过程数据进行验证,常用的方法为溯源验证法,但是验证过程中由于交易过程中涉及的区块链服务节点多,数据量大,导致消耗的资源多而且效率较低。Packet is a data unit in TCP/IP protocol communication transmission, generally also called "data packet". Digital asset data packet means that digital assets exist in the Internet in the form of data packets. In order to ensure the credibility of digital asset data packets, blockchain is usually used as the bearer network, but digital asset data packets will generate a lot of intermediate process data during the transaction process. A certain node of the node initiates a transaction on the digital asset data package. The transaction operation process passes through several sub-chains on the main chain, and passes through the next-level nodes of some nodes on the sub-chain, that is, the digital asset data package. In the entire transaction process, many terminal nodes will pass through, and a lot of process data will be generated. In order to ensure the credibility of the entire digital asset data package, all process data must be verified. The commonly used method is the traceability verification method, but verification In the process, due to the large number of blockchain service nodes involved in the transaction process and the large amount of data, many resources are consumed and the efficiency is low.
本申请提供一种数字资产数据包的可信性验证系统,包括:若干执行终端节点、若干集合节点以及若干验证节点,执行终端节点包括多个执行数字资产数据包操作的不同主链或子链上的节点,当区块链中的某个节点对数字资产数据包(以下简称数据包)进行交易 操作时,这个节点就是执行终端节点,通常情况下,一个数据包的交易操作会经由很多节点,所以执行终端节点的数量对应也很多。集合节点为预先赋予对应集合功能角色的节点,集合节点主要是对各个离散的签名进行集合,将多个签名集合成为1个集合签名,它可以把一笔交易的多个签名或者多签交易的各个参与方的公钥和签名集合为一个公钥与签名,整个集合过程是不可见的,在验证时仅需一次验证即可。验证节点为预先赋予对应验证功能角色的节点,主要是对数据包交易过程中节点可信性、签名可信性的验证,区块链上的某个节点到底是哪个节点取决于预先赋予它的功能角色,一个节点是执行终端节点,同时也可以是集合节点和验证节点,执行终端节点、验证节点以及集合节点的数量不作限定,但多个验证节点中至少包括一个可信节点,以此为基础发起对数字资产数据包的可信性验证请求。The present application provides a credibility verification system for digital asset data packets, including: several execution terminal nodes, several aggregation nodes, and several verification nodes, and the execution terminal nodes include multiple different main chains or sub-chains that perform operations on digital asset data packets When a node in the blockchain performs a transaction operation on a digital asset data packet (hereinafter referred to as a data packet), this node is the execution terminal node. Usually, the transaction operation of a data packet will pass through many nodes. , so the number of execution terminal nodes corresponds to a lot. A collection node is a node that is pre-assigned the corresponding collection function role. The collection node mainly collects each discrete signature, and collects multiple signatures into one collection signature. It can combine multiple signatures of a transaction or multi-signature transactions. The public keys and signatures of each participant are set as a public key and signature, and the entire set process is invisible, and only needs to be verified once. The verification node is the node that is pre-assigned the corresponding verification function role, mainly to verify the credibility of the node and the credibility of the signature in the process of the data packet transaction. Functional role, a node is an execution terminal node, and can also be a collection node and a verification node. The number of execution terminal nodes, verification nodes and collection nodes is not limited, but multiple verification nodes include at least one trusted node. The foundation initiates a credibility verification request for the digital asset data package.
参见图4,图4是数字资产数据包的可信性验证流程示意图,本申请的数字资产数据包的可信性验证系统,其中:Referring to Fig. 4, Fig. 4 is a schematic diagram of the credibility verification process of the digital asset data package, the credibility verification system of the digital asset data packet of the present application, wherein:
验证节点配置有执行如下步骤:Verify that the node is configured with the following steps:
验证请求步骤:向执行终端节点发送对数字资产数据包的可信性验证请求。Verification request step: send a credibility verification request for the digital asset data package to the execution terminal node.
需要说明的是,在验证节点向执行终端节点发起可信性验证请求之前,执行终端节点还需要执行节点可信判断步骤,即执行终端节点判断验证节点是否为可信节点,具体判断方式本申请不作具体限定,如果验证节点可信,接收可信性验证请求,即验证节点可以对数字资产数据包的可信性进行验证,如果验证节点不可信,例如,之前发生过不可信行为,修改数据或者恶意冒充节点等,执行终端节点拒绝验证节点的可信性验证请求,即验证节点不可以执行对数字资产数据包的可信性验证流程。It should be noted that, before the verification node initiates a credibility verification request to the execution terminal node, the execution terminal node also needs to perform the node trustworthiness judgment step, that is, the execution terminal node judges whether the verification node is a trusted node, and the specific judgment method is this application. Without specific limitations, if the verification node is credible and receives a credibility verification request, that is, the verification node can verify the credibility of the digital asset data package. Or maliciously pretend to be a node, etc., and the execution terminal node rejects the credibility verification request of the verification node, that is, the verification node cannot perform the credibility verification process of the digital asset data package.
执行终端节点配置有:The execution endpoint configuration is:
接收验证步骤:接收验证节点发送的验证请求,如果执行终端节点判断验证节点为可信节点,则接收验证节点发送的验证请求。The step of receiving verification: receiving the verification request sent by the verification node, and if the execution terminal node determines that the verification node is a trusted node, then receives the verification request sent by the verification node.
数字签名步骤:利用执行终端节点各自的私钥对数据包进行数字签名,数字签名至少为1个。初始的数据包在交易刚刚开始时,可能被分配到某一个或多个执行终端节点,也有可能将数据包进行拆分分配到不同的执行终端节点。为了保证执行终端节点以及每一笔交易、每个环节的可信性,区块链主要使用数字签名来实现权限控制,对各个执行终端节点的数据包交易使用各自执行终端节点的私钥进行数字签名,将私钥对应的公钥公开,使用私钥进行数字签名具有防篡改机制,可识别交易发起者的合法身份,防止恶意节点身份冒充,进而防止交易被第三方篡改。Digital signature step: digitally sign the data package with the private key of the execution terminal node, and the number of digital signatures must be at least one. The initial data packet may be allocated to one or more execution terminal nodes at the beginning of the transaction, or the data packet may be split and allocated to different execution terminal nodes. In order to ensure the credibility of the execution terminal node and each transaction and each link, the blockchain mainly uses digital signatures to realize permission control, and the private key of each execution terminal node is used for digital data packet transactions of each execution terminal node. Signature, the public key corresponding to the private key is disclosed, and the digital signature using the private key has an anti-tampering mechanism, which can identify the legal identity of the transaction initiator, prevent the identity of malicious nodes from impersonating, and thus prevent transactions from being tampered with by third parties.
数字签名也称电子签名,是通过一定算法实现类似传统物理签名的效果。数字签名是通过密码学领域相关算法对签名内容进行处理,获得一段用于表示签名的字符。在密码学领域,一套数字签名算法一般包含签名和验证签名两种运算,数据经过签名后,只需要使用配套的验证签名方法验证即可,不必像传统物理签名一样需要专业手段鉴别。Digital signatures, also known as electronic signatures, use certain algorithms to achieve effects similar to traditional physical signatures. A digital signature is to process the signature content through algorithms in the field of cryptography to obtain a segment of characters used to represent the signature. In the field of cryptography, a set of digital signature algorithms generally includes two operations: signature and signature verification. After the data is signed, it only needs to be verified by the matching verification signature method, and it does not require professional means to identify it like traditional physical signatures.
数字签名通常采用非对称加密算法,即每个节点需要一对私钥、公钥密钥对,所谓私钥即只有本人可以拥有的密钥,签名时需要使用私钥。不同的私钥对同一段数据的签名是完全不同的,类似物理签名的字迹。数字签名一般作为额外信息附加在原消息中,以此证明消息发送者的身份。公钥即所有人都可以获取的密钥,验证签名时需要使用公钥,因为公钥人人可以获取,所以所有节点均可以校验身份的合法性。Digital signature usually adopts asymmetric encryption algorithm, that is, each node needs a pair of private key and public key. The signatures of different private keys to the same piece of data are completely different, similar to the handwriting of physical signatures. The digital signature is usually attached to the original message as additional information to prove the identity of the message sender. The public key is the key that everyone can obtain. The public key is required to verify the signature. Because the public key can be obtained by everyone, all nodes can verify the legitimacy of the identity.
数字签名的具体步骤如下:The specific steps of digital signature are as follows:
摘要生成步骤:对数据包原始数据通过哈希计算生成数字摘要,本申请中即对数字资产数据包初始数据进行哈希计算,生成数字摘要;The step of generating the digest: generating a digital digest by hashing the original data of the data packet, and in this application, hashing the initial data of the digital asset data packet to generate a digital digest;
摘要加密步骤:用数据包所在节点的私钥对数字摘要进行加密,得到数字签名,本申请中即用数据包所在执行终端节点的私钥对生成的数字摘要进行加密;The step of encrypting the digest: encrypting the digital digest with the private key of the node where the data packet is located to obtain a digital signature. In this application, the generated digital digest is encrypted with the private key of the execution terminal node where the data packet is located;
数字签名发送步骤:将数字签名和数据包的原始数据一起发送至验证节点。Digital signature sending step: Send the digital signature and the original data of the data packet to the verification node.
验证节点进一步配置有:The verification node is further configured with:
数字签名验证步骤:验证执行终端节点的数字签名结果,数字签名验证的方式可以通过验证节点和执行终端节点预先协商确定,本申请不作具体限定。The digital signature verification step: verifying the digital signature result of the execution terminal node. The digital signature verification method can be determined through pre-negotiation between the verification node and the execution terminal node, which is not specifically limited in this application.
集合触发步骤:如果每个数字签名均通过验证,触发集合节点对数字签名进行集合,生成集合签名。集合签名将一个执行终端节点或多个执行终端节点的多个数字签名数据集合,生成与执行终端节点对应的集合签名数据,即,多个用户对多个消息分别签署的多个签名,能够集合成一个短签名。Collection triggering step: If each digital signature passes the verification, trigger the collection node to collect the digital signatures to generate a collection signature. Collective signature collects multiple digital signature data of one execution terminal node or multiple execution terminal nodes to generate collective signature data corresponding to the execution terminal node, that is, multiple signatures signed by multiple users on multiple messages respectively, can be collected. Synthesize a short signature.
集合节点配置有:The collection node configuration has:
集合签名步骤:对数字签名进行集合操作,生成集合签名,集合签名是一种具有附加性质的数字签名,它具有压缩和批处理性质,实际工作中,更有利的因素是,集合签名是可验证的,且仅需一次验证即可,即,初次由多个数字签名进行集合生成集合签名时,需要对所涉及的所有数字签名和数字签名集合后的集合签名进行验证,一旦初次验证通过后,以后再验证时就无需验证里面的数字签名了,只需验证最后生成的集合签名结果。集合签名的规则为,只要集合签名结果通过验证,就说明生成集合签名的各个数字签名均通过了验证。Collection signature step: perform collection operations on digital signatures to generate collection signatures. Collection signatures are digital signatures with additional properties, which have compression and batch processing properties. In practice, the more favorable factor is that collection signatures are verifiable , and only one verification is required, that is, when multiple digital signatures are assembled to generate a collective signature for the first time, all digital signatures involved and the collective signature after the collection of digital signatures need to be verified. Once the initial verification is passed, There is no need to verify the digital signature in the verification in the future, only the final generated set signature result is verified. The rule of the collective signature is that as long as the collective signature result passes the verification, it means that each digital signature that generates the collective signature has passed the verification.
验证节点进一步配置有:The verification node is further configured with:
集合签名验证步骤:验证集合签名,如果通过验证,数据包可信。Collection signature verification step: Verify the collection signature, if it passes the verification, the data package is trusted.
集合签名的验证包括两种情况,一种情况是初次进行集合签名时,对集合签名涉及的所有数字签名进行验证;二是集合签名初始化时对集合签名进行验证,具体情况如下:The verification of the collective signature includes two cases. One is to verify all digital signatures involved in the collective signature when the collective signature is performed for the first time; the other is to verify the collective signature when the collective signature is initialized. The details are as follows:
初次验证步骤:当集合节点初次对数字签名进行集合签名时,需要对所有数字签名进行验证。数字签名的验证方式可以预先确定,例如,一种对数字签名数据的验证方式可以为:将摘要信息用发送者的私钥加密,与原文一起传送给接收者,接收者用自己的公钥解密被加密的摘要信息,然后用HASH函数对收到的原文产生一个摘要信息,与解密的摘要信息对比。如果相同,则说明收到的信息是完整的,在传输过程中没有被修改,否则说明信息被修改过,因此数字签名能够验证信息的完整性。需要说明的是,只需要在初步进行集合签名时对所有的数字签名数据进行验证,初次验证通过后,以后就不用再对全部数字签名数据进行验证了,只需要对集合签名的结果进行验证就可以。Initial verification step: When the collective node performs collective signature on the digital signature for the first time, all digital signatures need to be verified. The verification method of the digital signature can be predetermined. For example, a verification method of the digital signature data can be: encrypt the digest information with the sender's private key, transmit it to the receiver together with the original text, and decrypt the receiver with his own public key The encrypted summary information, and then use the HASH function to generate a summary information for the received original text, and compare it with the decrypted summary information. If they are the same, it means that the received information is complete and has not been modified during the transmission process; otherwise, it means that the information has been modified, so the digital signature can verify the integrity of the information. It should be noted that it is only necessary to verify all the digital signature data during the initial collective signature. After the initial verification is passed, there is no need to verify all the digital signature data in the future. It is only necessary to verify the result of the collective signature. Can.
集合结果验证步骤:初次集合签名中,如果数字签名全部通过验证,对初次集合签名结果进行验证,或者,实际应用中,集合签名在初始化时,需要进行初始化认证,此处所指的初始化例如包括数据包交易所承载的系统每天开机启动或系统重启等情况,集合签名结果的验证方式可以通过验证节点预先确定。例如,集合签名结果可以是各个数字签名数据的乘积,而验证节点只需对集合后的签名进行一次验证,便可以确信集合签名所涉及的数字签名是否来自指定的执行终端节点对数据包及相关属性、环节分别进行的签名,大幅 度提高了签名的验证与传输效率。集合签名结果也可以是用户根据实际需求自定义的其他算法,本申请不作具体限定。Set result verification step: In the initial set signature, if all the digital signatures pass the verification, verify the initial set signature result, or, in practical applications, when the set signature is initialized, initialization certification is required. The initialization referred to here includes, for example, When the system carried by the data packet exchange is started every day or the system is restarted, the verification method of the collective signature result can be pre-determined by the verification node. For example, the collective signature result can be the product of each digital signature data, and the verification node only needs to verify the collective signature once to be sure whether the digital signature involved in the collective signature comes from the specified execution terminal node. Attributes and links are signed separately, which greatly improves the efficiency of signature verification and transmission. The collective signature result may also be other algorithms customized by the user according to actual needs, which is not specifically limited in this application.
相比于逐个对数字签名的溯源验证,集合签名由于只通过一次验证就可以,所以可以大大减少验证签名的成本,而且,由于将多个签名聚合为一个签名,可以大大节约对执行终端节点存储空间的占用,对数字签名进行集合签名的目的在于,提供一种资源消耗少,且高效的数字资产数据包的可信性验证系统。Compared with the traceability verification of digital signatures one by one, the collective signature can be verified only once, so the cost of verifying the signature can be greatly reduced. Moreover, since multiple signatures are aggregated into one signature, the storage of the execution terminal node can be greatly saved. The purpose of collectively signing digital signatures is to provide a reliability verification system for digital asset data packets with less resource consumption and high efficiency.
为了更清晰的记录数据包的交易过程,执行终端节点进一步配置有如下步骤:In order to record the transaction process of data packets more clearly, the execution terminal node is further configured with the following steps:
生成可信树步骤:根据执行终端节点对数据包的交易操作过程,按照节点级别生成数据包的处理过程可信树,这里的可信树就是指数据包经过的所有执行终端节点的操作过程。参见图5,图5是数据包的交易操作过程形成可信树的示意图,本实施例中,节点级别的确认方式为,首先对根节点进行确认,以初次操作数据包的执行终端节点为根节点;其次对子节点进行确认,确认方式为,以根节点作为第一级别节点,根节点的下一级节点为第二级别节点,结合图5,初始数据包的执行终端节点为根节点,此实施例中,将初始数据包进行拆分,分为数据包0和数据包1,则第二级节点有两个执行终端节点分别操作这两个分组数据包,同理,以第二级别节点的下一级节点作为第三级别节点,第三级节点将数据包0又拆分为三个数据包,分别为数据包01、数据包02和数据包03,将数据包1又拆分为两个数据包,分别为数据包11和数据包12,也即图5中的第三级节点对应有5个,如此继续划分,直到记录完数据包经过的所有执行终端节点。Steps of generating a trusted tree: According to the transaction operation process of the terminal node to the data packet, the trusted tree of the processing process of the data packet is generated according to the node level. The trusted tree here refers to the operation process of all the execution terminal nodes that the data packet passes through. Referring to FIG. 5, FIG. 5 is a schematic diagram of a trusted tree formed by a transaction operation process of a data packet. In this embodiment, the node-level confirmation method is to first confirm the root node, and take the execution terminal node of the initial operation data packet as the root Next, confirm the child nodes. The confirmation method is that the root node is the first level node, and the next level node of the root node is the second level node. With reference to Figure 5, the execution terminal node of the initial data packet is the root node. In this embodiment, the initial data packet is divided into data packet 0 and data packet 1, then the second-level node has two execution terminal nodes to operate the two packet data packets respectively. The next-level node of the node is the third-level node, and the third-level node splits the data packet 0 into three data packets, namely data packet 01, data packet 02 and data packet 03, and splits the data packet 1 again. There are two data packets, namely data packet 11 and data packet 12, that is, there are 5 third-level nodes in FIG. 5, and the division continues until all execution terminal nodes passed by the data packet are recorded.
可信树加密步骤:对可信树中的每个交易操作进行加密,具体加密方式本申请不作具体限定。The trusted tree encryption step: encrypting each transaction operation in the trusted tree, and the specific encryption method is not specifically limited in this application.
可信树验证步骤:对每个执行终端节点的交易操作进行验证,判断是否存在恶意操作。Trust tree verification step: verify the transaction operation of each execution terminal node to determine whether there is any malicious operation.
可信树存储步骤:如果存在恶意操作,记录恶意操作对应的执行终端节点,说明该执行终端节点的操作不可信,后期如果有集合签名验证不通过的情况时,很可能是此恶意节点未通过验证,记录每个执行终端节点的加密和验证过程,按照预置时间阶段性存储可信树,例如可以在数据包交易完成后存储可信树,也可以在数据包交易过程中进行阶段性存储,可根据数据包的交易繁琐程度进行预先设置。Trust tree storage steps: If there is a malicious operation, record the execution terminal node corresponding to the malicious operation, indicating that the operation of the execution terminal node is untrustworthy. If the set signature verification fails later, it is likely that the malicious node failed. Verify, record the encryption and verification process of each execution terminal node, and store the trust tree periodically according to the preset time. For example, the trust tree can be stored after the data packet transaction is completed, or it can be stored in stages during the data packet transaction process. , which can be preset according to the transaction complexity of the data package.
基于上述生成可信树的实施例,本申请还可以按照可信树对数字签名进行集合签名,需要说明的是,集合签名可以对一个用户即一个执行终端节点的多个数字签名进行集合签名,也可以对多个用户即多个执行终端节点的多个数字签名进行集合签名,在可信树存储步骤中,已记录恶意操作对应的执行终端节点,在可信树的基础上构建集合签名,一旦出现集合签名验证未通过的情况,那么最先查找的就应该是有恶意操作记录的执行终端节点,这样就免去了逐一排查、溯源的工作,大大提高了效率,同时通过可信树也可以清晰的展示出整个数据包的处理流程。Based on the above embodiment of generating a trusted tree, the present application can also perform collective signatures on digital signatures according to the trusted tree. It should be noted that the collective signature can perform collective signatures on multiple digital signatures of a user, that is, an execution terminal node, It is also possible to collectively sign multiple digital signatures of multiple users, that is, multiple execution terminal nodes. In the trusted tree storage step, the execution terminal nodes corresponding to malicious operations have been recorded, and the collective signature is constructed on the basis of the trusted tree. Once the set signature verification fails, the first search should be the execution terminal node with malicious operation records, which saves the work of checking and tracing the source one by one, greatly improving the efficiency. The processing flow of the entire data packet can be clearly displayed.
当可信树记载了整个数据包的交易流程后,验证节点进一步配置有如下步骤:After the trust tree records the transaction process of the entire data packet, the verification node is further configured with the following steps:
数据包存储步骤:如果数据包可信,即验证节点对集合签名的验证结果为通过验证,则在验证节点存储此数据包,此时的数据包即为可信数据包,其中,存储的数据包中包含数字签名及集合签名的操作,具体地,数据包存储步骤具体包括以下步骤:Data packet storage step: If the data packet is credible, that is, the verification result of the verification node on the set signature is verified, the data packet is stored in the verification node, and the data packet at this time is a trusted data packet, in which the stored data The operation of digital signature and collective signature is included in the package. Specifically, the data package storage step specifically includes the following steps:
数据包拆分步骤:对可信数据包进行拆分,得到多个分组数据包。The data packet splitting step: splitting the trusted data packet to obtain a plurality of grouped data packets.
分组数据包加密步骤:对每个分组数据包进行加密。Packet data packet encryption step: encrypt each packet data packet.
加密数据包存储步骤:将每个加密后的分组数据包存储到验证节点,以备后用。Encrypted data packet storage step: store each encrypted packet data packet to the verification node for later use.
由以上技术方案可知,本申请提供一种数字资产数据包的可信性验证系统,包括若干执行终端节点、若干集合节点以及若干验证节点,执行终端节点包括多个执行数字资产数据包操作的不同主链或子链上的节点,集合节点为预先赋予对应集合功能角色的节点,验证节点为预先赋予对应验证功能角色的节点,首先验证节点向执行终端节点发送对数字资产数据包的可信性验证请求,执行终端节点接收验证请求,利用执行终端节点各自的私钥对数据包进行数字签名,验证节点对数字签名进行验证,如果每个数字签名都通过验证,触发集合节点对数字签名进行集合,集合节点对数字签名进行集合操作,生成集合签名,验证节点对集合签名结果进行验证,如果通过验证,所述数据包可信。集合签名不用每次都对所有的数字签名进行验证,通过一次验证就可以,大大减少验证签名的成本,而且,由于将多个签名聚合为一个签名,可以大大节约对执行终端节点存储空间的占用,提供了一种资源消耗少,且高效的数字资产数据包的可信性验证系统。同时,执行终端节点还配置有生成可信树步骤,一旦出现集合签名验证未通过的情况,那么最先查找的就应该是有恶意操作记录的执行终端节点,这样就免去了逐一排查、溯源的工作,大大提高了效率,同时通过可信树也可以清晰的展示出整个数据包的处理流程。It can be seen from the above technical solutions that the present application provides a credibility verification system for digital asset data packets, including several execution terminal nodes, several aggregation nodes and several verification nodes, and the execution terminal nodes include a plurality of different types of performing digital asset data packet operations. Nodes on the main chain or sub-chain, the collection node is the node that is pre-assigned the corresponding collection function role, and the verification node is the node that is pre-assigned the corresponding verification function role. First, the verification node sends the trustworthiness of the digital asset data package to the execution terminal node. To verify the request, the execution terminal node receives the verification request, uses the private key of the execution terminal node to digitally sign the data packet, and the verification node verifies the digital signature. If each digital signature passes the verification, trigger the collection node to collect the digital signatures , the collection node performs a collection operation on the digital signature, generates a collection signature, and the verification node verifies the collection signature result. If the verification is passed, the data packet is credible. The collective signature does not need to verify all digital signatures every time. It can be verified by one time, which greatly reduces the cost of verifying signatures. Moreover, because multiple signatures are aggregated into one signature, the storage space of the execution terminal node can be greatly saved. , which provides a low-resource consumption and efficient digital asset data package credibility verification system. At the same time, the execution terminal node is also configured with the step of generating a trusted tree. Once the collective signature verification fails, the first search should be the execution terminal node with malicious operation records, which eliminates the need for one-by-one investigation and traceability. It greatly improves the efficiency, and at the same time, the processing flow of the entire data packet can be clearly displayed through the trusted tree.

Claims (10)

  1. 数字资产数据包的可信性验证系统,其特征在于,包括:若干执行终端节点、若干集合节点以及若干验证节点,所述执行终端节点包括多个执行所述数字资产数据包操作的不同主链或子链上的节点,所述集合节点为预先赋予对应集合功能角色的节点,所述验证节点为预先赋予对应验证功能角色的节点,其中:The reliability verification system of digital asset data package is characterized by comprising: several execution terminal nodes, several aggregation nodes and several verification nodes, and the execution terminal node includes a plurality of different main chains that perform operations on the digital asset data package. Or a node on a sub-chain, the collection node is a node that is pre-assigned a corresponding collection function role, and the verification node is a node that is pre-assigned a corresponding verification function role, wherein:
    所述验证节点配置有:The verification node is configured with:
    验证请求步骤:向所述执行终端节点发送对数字资产数据包的可信性验证请求;Verification request step: sending a credibility verification request to the digital asset data package to the execution terminal node;
    所述执行终端节点配置有:The execution terminal node is configured with:
    接收验证步骤:接收所述验证节点发送的验证请求;The step of receiving verification: receiving the verification request sent by the verification node;
    数字签名步骤:利用所述执行终端节点各自的私钥对所述数据包进行数字签名,所述数字签名至少为1个;Digital signature step: digitally sign the data packet by using the respective private keys of the execution terminal nodes, and the digital signature is at least one;
    所述验证节点进一步配置有:The verification node is further configured with:
    数字签名验证步骤:验证所述数字签名;Digital signature verification step: verifying the digital signature;
    集合触发步骤:如果每个所述数字签名通过验证,触发所述集合节点对所述数字签名进行集合;Aggregation triggering step: if each of the digital signatures passes the verification, triggering the aggregation node to aggregate the digital signatures;
    所述集合节点配置有:The collection node is configured with:
    集合签名步骤:对所述数字签名进行集合操作,生成集合签名;The collective signature step: performing a collective operation on the digital signature to generate a collective signature;
    所述验证节点进一步配置有:The verification node is further configured with:
    集合签名验证步骤:验证所述集合签名,如果通过验证,所述数据包可信。The collective signature verification step: verifying the collective signature, if the verification is passed, the data packet is credible.
  2. 根据权利要求1所述的数字资产数据包的可信性验证系统,其特征在于,所述执行终端节点进一步配置有:The reliability verification system of the digital asset data package according to claim 1, wherein the execution terminal node is further configured with:
    节点可信判断步骤:判断验证节点是否为可信节点,如果所述验证节点可信,接收所述可信性验证请求,如果所述验证节点不可信,拒绝所述可信性验证请求。Node credibility judgment step: determine whether the verification node is a trusted node, if the verification node is trusted, receive the credibility verification request, and if the verification node is not trusted, reject the credibility verification request.
  3. 根据权利要求1所述的数字资产数据包的可信性验证系统,其特征在于,所述集合节点进一步配置有:The reliability verification system of digital asset data package according to claim 1, is characterized in that, described collection node is further configured with:
    初次验证步骤:所述集合节点初次对所述数字签名进行集合时,对所有所述数字签名进行验证;The initial verification step: when the aggregation node assembles the digital signatures for the first time, it verifies all the digital signatures;
    集合结果验证步骤:如果所述数字签名全部通过验证,对初次集合签名结果进行验证,所述集合签名结果的验证方式通过所述验证节点预先确定。The step of verifying the collective result: if all the digital signatures pass the verification, the initial collective signature result is verified, and the verification method of the collective signature result is predetermined by the verification node.
  4. 根据权利要求1所述的数字资产数据包的可信性验证系统,其特征在于,所述执行终端节点进一步配置有:The reliability verification system of the digital asset data package according to claim 1, wherein the execution terminal node is further configured with:
    生成可信树步骤:根据所述执行终端节点对所述数据包的交易操作过程,按照节点级别生成所述数据包的处理过程可信树;The step of generating a trustworthy tree: generating a trustworthy tree of the processing process of the data packet according to the node level according to the transaction operation process of the data packet by the execution terminal node;
    可信树加密步骤:对所述可信树中的每个交易操作进行加密;Trusted tree encryption step: encrypting each transaction operation in the trusted tree;
    可信树验证步骤:对所述每个交易操作进行验证,判断是否存在恶意操作;Trust tree verification step: verifying each transaction operation to determine whether there is a malicious operation;
    可信树存储步骤:如果存在恶意操作,记录所述恶意操作对应的执行终端节点,按照预置时间阶段性存储所述可信树。The step of storing the trusted tree: if there is a malicious operation, record the execution terminal node corresponding to the malicious operation, and periodically store the trusted tree according to a preset time.
  5. 根据权利要求4所述的数字资产数据包的可信性验证系统,其特征在于,所述集合签名为,按照所述可信树对所述数字签名进行集合签名。The reliability verification system of the digital asset data package according to claim 4, wherein the collective signature is that the digital signature is collectively signed according to the trust tree.
  6. 根据权利要求4所述的数字资产数据包的可信性验证系统,其特征在于,所述节点级别的确认步骤包括:The reliability verification system for digital asset data packets according to claim 4, wherein the step of confirming at the node level comprises:
    根节点确认步骤:以初次操作所述数据包的执行终端节点为根节点;Root node confirmation step: take the execution terminal node that operates the data packet for the first time as the root node;
    子节点确认步骤:以所述根节点作为第一级别节点,所述根节点的下一级节点作为第二级别节点,以所述第二级别节点的下一级节点作为第三级别节点,直到记录完所述数据包经过的所有节点。Sub-node confirmation step: take the root node as a first-level node, the next-level node of the root node as a second-level node, and the next-level node of the second-level node as a third-level node, until All nodes that the data packet passes through are recorded.
  7. 根据权利要求1所述的数字资产数据包的可信性验证系统,其特征在于,所述数字签名步骤具体包括:The reliability verification system of a digital asset data package according to claim 1, wherein the digital signature step specifically comprises:
    摘要生成步骤:对所述数据包原始数据通过哈希计算生成数字摘要;The step of generating a digest: generating a digital digest by hashing the original data of the data packet;
    摘要加密步骤:用所述数据包所在节点的私钥对所述数字摘要进行加密,得到数字签名;The step of encrypting the digest: encrypting the digital digest with the private key of the node where the data packet is located to obtain a digital signature;
    数字签名发送步骤:将所述数字签名和所述数据包的原始数据一起发送至所述验证节点。The digital signature sending step: sending the digital signature together with the original data of the data packet to the verification node.
  8. 根据权利要求1所述的数字资产数据包的可信性验证系统,其特征在于,所述数字签名验证的方式通过所述验证节点和所述执行终端节点预先协商确定。The reliability verification system for digital asset data packets according to claim 1, wherein the digital signature verification method is pre-negotiated and determined by the verification node and the execution terminal node.
  9. 根据权利要求1所述的数字资产数据包的可信性验证系统,其特征在于,所述若干验证节点至少包括一个可信节点。The reliability verification system for digital asset data packages according to claim 1, wherein the plurality of verification nodes include at least one trusted node.
  10. 根据权利要求1所述的数字资产数据包的可信性验证系统,其特征在于,所述验证节点进一步配置有:The reliability verification system of digital asset data package according to claim 1, is characterized in that, described verification node is further configured with:
    数据包存储步骤:如果所述数据包可信,在所述验证节点存储所述数据包,所述数据包存储步骤具体包括:The data packet storage step: if the data packet is credible, the data packet is stored in the verification node, and the data packet storage step specifically includes:
    数据包拆分步骤:对所述可信数据包进行拆分,得到多个分组数据包;Data packet splitting step: splitting the trusted data packet to obtain a plurality of grouped data packets;
    分组数据包加密步骤:对每个所述分组数据包进行加密;Packet data packet encryption step: encrypting each of the packet data packets;
    加密数据包存储步骤:将每个所述加密后的分组数据包存储到所述验证节点。The step of storing encrypted data packets: storing each encrypted packet data packet to the verification node.
PCT/CN2020/134330 2020-09-21 2020-12-07 Credibility verification system for digital asset data packet WO2022057106A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010991382.4 2020-09-21
CN202010991382.4A CN111833062B (en) 2020-09-21 2020-09-21 Credibility verification system for digital asset data packet

Publications (1)

Publication Number Publication Date
WO2022057106A1 true WO2022057106A1 (en) 2022-03-24

Family

ID=72918532

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/134330 WO2022057106A1 (en) 2020-09-21 2020-12-07 Credibility verification system for digital asset data packet

Country Status (4)

Country Link
JP (1) JP6911231B1 (en)
CN (1) CN111833062B (en)
GB (1) GB2593109A (en)
WO (1) WO2022057106A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111833062B (en) * 2020-09-21 2020-12-01 江苏傲为控股有限公司 Credibility verification system for digital asset data packet
CN113642028B (en) * 2021-10-12 2022-02-01 深圳市诚识科技有限公司 Trade data system for interfacing different data types and finishing filing and dividing
CN115051808B (en) * 2022-06-10 2024-08-23 上海万向区块链股份公司 Cross-chain transaction verification system and method based on ECDSA signature algorithm

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108833081A (en) * 2018-06-22 2018-11-16 中国人民解放军国防科技大学 Block chain-based equipment networking authentication method
US20190123895A1 (en) * 2017-10-23 2019-04-25 Cygnetise Limited Methods and apparatus for verifying a user transaction
CN111242617A (en) * 2020-01-02 2020-06-05 支付宝(杭州)信息技术有限公司 Method and apparatus for performing transaction correctness verification
CN111445334A (en) * 2020-03-30 2020-07-24 北京数字认证股份有限公司 Aggregation signature method and device for block chain system and storage medium
CN111833062A (en) * 2020-09-21 2020-10-27 江苏傲为控股有限公司 Credibility verification system for digital asset data packet

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107767266A (en) * 2016-08-16 2018-03-06 陈新 Intelligent digital currency and dynamic coding service system
CN106656974B (en) * 2016-10-17 2019-07-16 江苏通付盾科技有限公司 The grouping common recognition method and system of block chain
CN107807951B (en) * 2017-09-18 2020-10-13 联动优势科技有限公司 Block chain generation method, data verification method, node and system
CN108009810A (en) * 2017-12-27 2018-05-08 光载无限(北京)科技有限公司 A kind of Trusted Digital transaction in assets method
JP6921266B2 (en) * 2018-12-21 2021-08-18 アドバンスド ニュー テクノロジーズ カンパニー リミテッド Verifying the integrity of the data stored on the consortium blockchain using the public sidechain
JP7224653B2 (en) * 2020-02-13 2023-02-20 株式会社モールサービス Electronic ticket management system, electronic ticket management method and electronic ticket management program

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190123895A1 (en) * 2017-10-23 2019-04-25 Cygnetise Limited Methods and apparatus for verifying a user transaction
CN108833081A (en) * 2018-06-22 2018-11-16 中国人民解放军国防科技大学 Block chain-based equipment networking authentication method
CN111242617A (en) * 2020-01-02 2020-06-05 支付宝(杭州)信息技术有限公司 Method and apparatus for performing transaction correctness verification
CN111445334A (en) * 2020-03-30 2020-07-24 北京数字认证股份有限公司 Aggregation signature method and device for block chain system and storage medium
CN111833062A (en) * 2020-09-21 2020-10-27 江苏傲为控股有限公司 Credibility verification system for digital asset data packet

Also Published As

Publication number Publication date
JP6911231B1 (en) 2021-07-28
GB202108535D0 (en) 2021-07-28
CN111833062A (en) 2020-10-27
JP2022051652A (en) 2022-04-01
GB2593109A (en) 2021-09-15
CN111833062B (en) 2020-12-01

Similar Documents

Publication Publication Date Title
EP4120114A1 (en) Data processing method and apparatus, smart device and storage medium
US11842317B2 (en) Blockchain-based authentication and authorization
Leng et al. Blockchain security: A survey of techniques and research directions
US11695782B2 (en) Electronic interaction authentication and verification, and related systems, devices, and methods
WO2022057106A1 (en) Credibility verification system for digital asset data packet
WO2020211461A1 (en) Verifiable consensus method and system
CN112507363A (en) Data supervision method, device and equipment based on block chain and storage medium
CN111125781B (en) File signature method and device and file signature verification method and device
US11362836B2 (en) Consensus protocol for permissioned ledgers
CN109491965A (en) The storage method and its network and electronic equipment of purchase sale of electricity contract
CN109687965A (en) The real name identification method of subscriber identity information in a kind of protection network
CN111815321A (en) Transaction proposal processing method, device, system, storage medium and electronic device
US11676111B1 (en) Apparatuses and methods for determining and processing dormant user data in a job resume immutable sequential listing
CN111339116A (en) Block chain-based method for sharing open bank data
CN114760071B (en) Zero-knowledge proof based cross-domain digital certificate management method, system and medium
JP2024534315A (en) Privacy protection status reference
CN113328854B (en) Service processing method and system based on block chain
CN112926983A (en) Block chain-based deposit certificate transaction encryption system and method
WO2023231558A1 (en) Blockchain consensus method and apparatus, medium, electronic device, and program product
CN114742649A (en) Transaction data processing method and device and server
CN112241513B (en) Digital asset processing system to be authenticated
Rowland et al. Optimized Communication in Sharded Blockchain Networks
CN117829841A (en) Business transaction supervision method and device based on blockchain and electronic equipment
CN117439761A (en) Electronic proof processing method, device, computer equipment and storage medium
Gu et al. A game-theoretic model for analyzing fair exchange protocols

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20953962

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20953962

Country of ref document: EP

Kind code of ref document: A1