CN107682308B - Electronic evidence preservation system based on block chain latent channel technology - Google Patents

Abstract

The invention discloses an electronic evidence preservation system based on block chain latent channel technology, including: a client end, which is used for offline collection and processing, online management, and evidence collection of user electronic evidence; a server end, which generates the existence of evidence Proof; trusteeship and recovery of evidence on the chain according to the user address; audit terminal, used to audit the evidence on the chain and generate corresponding transactions on the blockchain, and construct audit proofs to maintain the integrity and timeliness of audit results and non-repudiation; the network terminal is used to synchronize the status of user evidence on the chain and obtain evidence in real time. The system can mine latent channels in the mature blockchain system to store electronic evidence and the cryptographic basis of audit results, and realize the safe processing and concealed storage of electronic evidence, thereby improving the security and timeliness of electronic evidence preservation. Effectively reduce storage costs.

Description

Electronic Evidence Preservation System Based on Blockchain Latent Channel Technology

technical field

The invention relates to the field of telecommunications information technology, in particular to an electronic evidence preservation system based on block chain latent channel technology.

Background technique

With the development of information technology and the popularization of computer networks, electronic evidence, as a derivative of a large number of electronic business activities and network communication activities, has played a role in the collection of evidence and related department management in copyright protection, commercial rights protection, virtual property, mobile office, etc. playing an increasingly important role. Among them, the main feature of electronic evidence is that it is attached to digital media, and has the convenience of rapid collection, convenient transmission, small storage space, and repeatability, so that electronic evidence can play an important role in future rights protection and law enforcement. Can be used as evidence to prove the relevant facts.

At present, most electronic evidence preservation architectures are based on third-party centralized cloud storage structures. In addition to the service experience problems such as high cost, high rights protection barriers, complex operations, and poor scalability, electronic evidence has unique features. Vulnerability, manifested in its ease of tampering and copying, errors and failures in rich format conversions, making electronic data less secure. Once the storage nodes of the third-party central architecture are invaded, it will lead to many serious problems such as information leakage, electronic evidence invalidation or forgery, and whether the service provider is credible, whether the cooperative institution is authoritative, the transparency of its operation, and standardization. The security and legality of electronic evidence will affect the security of electronic evidence. Moreover, the processing specifications and evidence collection interfaces of multiple third-party agencies are different, and the data is not interoperable and the services are not compatible, so as to establish electronic evidence for the judicial department. Dealing with standards has a negative impact.

Among related technologies, decentralized blockchain technology and its applications have been popular all over the world with its good data security and anonymity since the emergence of Bitcoin, and its cooperation with the consensus mechanism to achieve the application effect of "no need for trust". It perfectly solves the trust problem in many sensitive scenarios. However, the cost of storing electronic data in related technologies is high, and the timeliness is poor, which cannot meet the needs of most users and needs to be solved.

Contents of the invention

The present invention aims to solve one of the technical problems in the related art at least to a certain extent.

Therefore, the purpose of the present invention is to propose an electronic evidence preservation system based on blockchain latent channel technology, which can improve the security and timeliness of electronic data preservation, and effectively reduce the preservation cost.

In order to achieve the above purpose, the embodiment of the present invention proposes an electronic evidence preservation system based on blockchain latent channel technology, including: a client for offline collection and processing of user electronic evidence, online management and evidence collection; service The end is used for user authentication, key distribution and online electronic evidence management, and according to the service type, the user evidence is latently encoded and uploaded to the blockchain network to build a user evidence chain and generate proof of existence of evidence ;Based on the custody and restoration of the evidence on the chain according to the user address; the audit terminal is used to audit the evidence on the chain and generate corresponding transactions on the blockchain, constructing audit certificates to maintain the integrity, timeliness and Non-repudiation; and network terminals for state synchronization and real-time forensics of user evidence on the chain.

The electronic evidence preservation system based on blockchain latent channel technology in the embodiment of the present invention can collect and process user electronic evidence offline, and according to the service type, perform latent channel encoding on user evidence and upload it to the blockchain network for construction The user evidence chain generates proof of the existence of evidence, and excavates latent channels in the mature blockchain system to preserve the cryptographic basis of electronic evidence and audit results, so as to realize the safe processing and concealed preservation of electronic evidence, thereby improving the security of electronic evidence. The security and timeliness of data storage can effectively reduce storage costs.

In addition, the electronic evidence preservation system based on blockchain latent channel technology according to the above-mentioned embodiments of the present invention may also have the following additional technical features:

Further, in one embodiment of the present invention, the client is specifically used to obtain the electronic evidence file or the pre-calculated security summary of the evidence file, wherein, if the submitted electronic evidence file is a source file, the security summary of the electronic evidence file is performed Processing, if the electronic evidence contains multiple files, calculate the total digest of multiple files by constructing a Merkle tree to protect the integrity of the source file as a whole, finally obtain the security digest H ₁ of the source file, and convert the electronic evidence The relevant information is used as part of the electronic evidence to participate in subsequent evidence collection and audit work, and all information is encoded and serialized into a file with evi as the suffix, and the security summary H ₂ of the file is calculated, and the security summary H ₂ and The security summary H ₁ is concatenated, and the security summary H ₃ is obtained by calculating the series results through the same security summary algorithm, which is used as the final summary representing the integrity of the electronic evidence, and is ready to be uploaded to the mature blockchain network in subsequent work.

Furthermore, in one embodiment of the present invention, the server is specifically used to authenticate the user, wherein, by submitting brief personal information, a new user uses the mailbox he owns as the ID, and sets the user password K _u , the server Cooperate with the user to complete the registration through email authentication, and use the key derivation algorithm to salt and hash the user password K _u , and derive multiple high-strength and random keys K _x1 , K according to different initial parameters _x2 …K _xn , as the basis for password authentication, is stored in the database of the server; at the client and the audit end, it is used as a seed to generate an AES key for user data encryption. After the user successfully registers, the server randomly generates a For a legal and mature blockchain system key pair (Sk _u , Pk _u ), the private key Sk _u is encrypted by the corresponding user-derived key K _xi and stored in the server database, and the public key Pk _u is converted into a transaction address After Addr _{u is} sent to the client as the user address, it is used to assist the user in supervising the uploading of electronic evidence and constructing an evidence chain; among them, after passing the server-side authentication, the offline evidence management can be performed through the server, and the electronic evidence added offline It will be automatically imported into the local evidence library, and the generated AES key will be encrypted and saved to view the detailed information of the evidence, restore the auxiliary file of the evidence, delete the local evidence that has not been uploaded, add new offline evidence, and back up the evidence data to the cloud .

Further, in one embodiment of the present invention, you can choose to upload the evidence to the server, select the offline evidence to be uploaded, the service type for depositing the certificate, and send the request for depositing the certificate, and the client will send the encrypted auxiliary information of the evidence to Info _evi , the service type information Info _serve , the user address Addr _u and the final summary H ₃ of the evidence are sent to the server through the SSL protocol, wherein, for the evidence service on the chain, the server decrypts it according to the user-derived key K _xi of the user password K _u The corresponding user address private key Sk _u is converted into a standard address and compared with the user address Addr _u sent by the client. At the same time, the service type information Info _serve , user address Addr _u and the final summary H ₃ of the evidence are encoded as The standard transaction script ScriptPbkey of the blockchain system, and constructs evidence transactions to save evidence summaries, links between evidences, and identify user addresses; for aggregation evidence services, the server will include the final summaries H ₃ of all evidence within a preset time into the aggregation In the abstract set {H _i }, after reaching the time node, the server generates a random vector H _rand of the same length and adds it to the set, and calculates the root abstract H _root of the entire set by constructing a Merkle tree, and the server will The root summary H _root of the entire set is written into the NullData channel script of the blockchain transaction, and the final complete transaction script is generated after adding inputs and redemption outputs, and the complete aggregated summary set {H _i } is sent to each participation request client.

Furthermore, in one embodiment of the present invention, the user evidence chain connects multiple evidence transactions and audit transactions, wherein, with the modification of evidence operators, the horizontal direction represents the connection between electronic evidences, and the vertical direction represents the relationship between electronic evidences. The audit relationship is uniformly identified by the trace blockchain currency output facing the user address, and the loose blockchain currency transaction is converted into a user evidence network to manage and verify the evidence on the chain.

Further, in one embodiment of the present invention, the server converts the generated standard transaction script ScriptPbkey into a transaction and broadcasts it to the blockchain network, and at the same time sends the index TxHash of the transaction to the corresponding client, and then the broadcasted The transaction is confirmed and monitored for a preset number of times. For evidence transactions whose depth is greater than or equal to the preset threshold, it is determined that it cannot be tampered with, and the corresponding block entry time T of the transaction is recorded, and sent to the client as the timestamp of the evidence carried. Proof of the existence of the evidence is generated, and the status of the uploaded evidence is updated in real time according to the information of the server, and the link to the third-party blockchain query interface is generated by the transaction index TxHash, so as to access the third-party blockchain browser at any time. All information is verified in real time.

Further, in one embodiment of the present invention, the audit terminal is specifically used to introduce the public key system in the blockchain network, and generate a blockchain key that can represent the identity of the audit terminal by constructing a key to generate a transaction certificate. Then use the blockchain key to sign the audit result file, so that when the user needs to audit the legal effect of the evidence on the chain, submit the evidence audit request through a stable public channel, and send the audited evidence source file and auxiliary The file is sent to the audit terminal through a secure channel to verify the existence proof based on the information on the chain. If the verification is correct, the auxiliary information Info _evi of the evidence will be decoded, and the authenticity of the evidence will be audited according to the content of the evidence.

Further, in one embodiment of the present invention, generating the audit key includes the following steps: randomly generating n new blockchain currency keys, and obtaining the root digest H _{n_key} according to the n new blockchain currency keys , sign the root digest H _{n_key} through the identity authentication private key S _{k_audit} , and calculate the digest H _sig for the signature result Sig; generate and broadcast a new blockchain currency transaction, with an Op_Return output containing H _sig , in the accepted area After the block chain network is successfully confirmed, send to the server: the index TxHash of the transaction, the public key set {Pk ₁ , Pk ₂ ...Pk _n } of all newly generated audit keys and its root abstract H _{n_key} , and the constructed signature Sig; The terminal determines the integrity of the signature Sig based on the summary H _sig extracted by the transaction index TxHash, and verifies the validity of the signature signature Sig for the root summary H _{n_key} ; the reconstructed Merkle tree uses the root summary H _{n_key} to prove n blockchain currencies The integrity of the key to finally prove the legitimacy of the newly generated n audit keys.

Further, in one embodiment of the present invention, the audit terminal is also used to select one of the audit key pairs {Sk _x , Pk _x } to perform auditing on the audit result file after generating the audit result file File _audit of the corresponding electronic evidence. Signature, convert the signature result into Der coded form Sig _audit to construct audit transactions facing the blockchain network, which has an Op_Return output containing the audit result signature Sig _audit to generate and maintain the integrity of the audit results, timeliness and Non-repudiation audit proof, and a micro-amount output flowing to the user address Addr _ux to identify the proof flow and construct the user evidence chain, the audit end broadcasts to the blockchain network and monitors the transaction, and the selected audit key public key Pk _x , the security summary H _audit of the audit result file and the audit transaction index TxHash _audit are sent to the server, and the complete audit result file is sent to the corresponding user.

Further, in one embodiment of the present invention, the user establishes his own evidence chain to submit the corresponding user address Addr _ux and the corresponding blockchain system key pair (Sk _u ,Pk _u ) to restore or escrow the evidence chain, the server checks the validity of (Sk _u ,Pk _u ) and the consistency of the key to the user address Addr _ux , and the transaction corresponding to the user address Addr _ux follows the evidence transaction The structure of the corresponding evidence is checked, and the existence proof of the corresponding evidence and the structure of the evidence chain are synchronized.

Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.

Description of drawings

The above and/or additional aspects and advantages of the present invention will become apparent and easy to understand from the following description of the embodiments in conjunction with the accompanying drawings, wherein:

1 is a schematic structural diagram of an electronic evidence preservation system based on blockchain latent channel technology according to an embodiment of the present invention;

2 is a schematic structural diagram of an electronic evidence preservation system based on blockchain latent channel technology according to an embodiment of the present invention;

FIG. 3 is a schematic structural diagram of a workflow of a client according to an embodiment of the present invention;

FIG. 4 is a schematic structural diagram of a workflow of a server according to an embodiment of the present invention;

FIG. 5 is a schematic structural diagram of a key derivation model according to an embodiment of the present invention;

Fig. 6 is a schematic structural diagram of an evidence transaction generating proof of existence according to an embodiment of the present invention;

FIG. 7 is a schematic structural diagram of a processing flow of an aggregation upload request according to an embodiment of the present invention;

FIG. 8 is a schematic structural diagram of a method for constructing a chain of evidence according to an embodiment of the present invention;

FIG. 9 is a schematic structural diagram of the workflow of the audit terminal according to an embodiment of the present invention;

FIG. 10 is a schematic structural diagram of an audit transaction generating an audit certificate according to an embodiment of the present invention;

FIG. 11 is a schematic structural diagram of an Internet with an overall frame structure according to an embodiment of the present invention.

Detailed ways

Embodiments of the present invention are described in detail below, and examples of the embodiments are shown in the drawings, wherein the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary and are intended to explain the present invention and should not be construed as limiting the present invention.

The following describes an electronic evidence preservation system based on blockchain latent channel technology according to an embodiment of the present invention with reference to the accompanying drawings.

Figure 1 is a schematic structural diagram of an electronic evidence preservation system based on blockchain latent channel technology according to an embodiment of the present invention.

As shown in FIG. 1 , the electronic evidence preservation system 10 based on blockchain latent channel technology includes: a client 100 , a server 200 , an auditing terminal 300 and a network terminal 400 .

Among them, the client terminal 100 is used for off-line collection and processing, online management, and forensic collection of user electronic evidence. The server 200 is used for user authentication, key distribution, and online electronic evidence management, and according to the type of service, latent channel coding is performed on user evidence and uploaded to the blockchain network to build a user evidence chain to generate the existence of evidence Proof; trusteeship and recovery of on-chain proofs based on user addresses. The audit terminal 300 is used to audit the evidence on the chain, generate corresponding transactions on the blockchain, and construct audit proofs to maintain the integrity, timeliness and non-repudiation of audit results. The network terminal 400 is used to synchronize the status of user evidence on the chain and obtain evidence in real time. The system 10 of the embodiment of the present invention can improve the security and timeliness of electronic data storage, and effectively reduce storage costs.

It can be understood that the system 10 of the embodiment of the present invention realizes the safe processing and concealed storage of the electronic evidence held by the user by digging latent channels in the mature blockchain system to store the electronic evidence and the cryptographic basis of the audit results. And give proof of the integrity, timeliness and legal effect of electronic evidence. The system 10 of the embodiment of the present invention can provide a convenient, efficient, transparent and open evidence collection interface and audit interface, complete real-time evidence collection and verification, and perfectly solve the trust problem in the preservation of electronic evidence, and add a service classification design to balance the system cost At the same time, the management efficiency of electronic evidence is optimized through the construction of the evidence chain structure, thereby improving the scalability and data interoperability of the system, and it is concise yet rigorous, and fully utilizes the decentralized blockchain network. While avoiding the privacy and trust issues involved in traditional evidence processing, it greatly reduces the time and resource costs of related work, thereby improving the security of electronic evidence preservation and the efficiency of access to evidence.

Optionally, as shown in FIG. 2 , the terminal device application, that is, the client 100 may consist of four modules: a registration and authentication module 101 , an offline evidence processing module 102 , an online evidence management module 103 and a verification and evidence collection module 104 .

Among them, the registration and authentication module 101 is responsible for the user's registration and authentication login and the generation of the system security key when the system is initialized. The offline evidence processing module 102 is responsible for receiving the electronic evidence provided by the user, performing information collection and summary processing on the electronic evidence, part of latent channel coding, and generation of evidence information files. The online evidence management module 103 is responsible for assisting users in managing submitted electronic evidence, including but not limited to adding and deleting evidence, uploading, synchronizing, obtaining certificates (existence, audit), restoring auxiliary files, and managing evidence chains. The verification and evidence collection module 104 is responsible for assisting users in obtaining evidence and querying the storage and proof of evidence on the chain through the evidence source file, and verifying the audit result file.

It should be noted that terminal equipment includes office equipment such as personal computers, mobile phones, tablets, and workstations, and terminal equipment applications refer to specific application software written on the platform of corresponding office equipment. This application software is responsible for providing electronic evidence to customers as the client 100 Evidence storage and management services, including information collection and offline processing of electronic evidence submitted by customers, assisting users in selecting evidence storage services and performing online evidence management, as well as collecting and verifying uploaded evidence and generated certificates.

Further, in one embodiment of the present invention, the client 100 is specifically configured to obtain an electronic evidence file or a pre-calculated security summary of the evidence file, wherein, if the submitted electronic evidence file is a source file, security Abstract processing, if the electronic evidence contains multiple files, the total abstract of multiple files is calculated by constructing a Merkle tree to protect the integrity of the source file as a whole, and finally the security abstract H ₁ of the source file is obtained, and the electronic The relevant information of the evidence is used as a part of the electronic evidence to participate in the subsequent evidence collection and audit work, and all information is encoded and serialized into a file with evi as the suffix, and the security summary H ₂ of the file is calculated, and the security summary H ₂ In series with the security summary H ₁ , the security summary H ₃ is obtained by calculating the series results through the same security summary algorithm, as the final summary representing the integrity of the electronic evidence, which is ready to be uploaded to the mature blockchain network in subsequent work.

It can be understood that, as shown in FIG. 3 , first, the user needs to submit a complete electronic evidence file or a pre-calculated security summary of the evidence file through the client 100. If the electronic evidence file itself is submitted, the offline evidence processing module 102 will process the The source file is processed with a security summary. If the electronic evidence contains multiple files, the offline evidence processing module 102 will calculate the total summary of all files by constructing a Merkle tree to protect the overall integrity of the source file, and finally obtain the source file. Security Summary H ₁ . The security digest algorithm refers to the hash cryptographic algorithm that meets the standards of the National Commercial Cryptography Management Office and has no risk of collision creation, such as: SHA-2, SM3, etc. The user needs to fill in the relevant information of the submitted electronic evidence on the client 100, including but not limited to: evidence name, evidence type, generation time, method of use, evidence-related personnel, submitter information, additional explanations, etc., after this part of information is submitted It will be used as part of the electronic evidence to participate in the follow-up evidence collection and audit work. Users can selectively fill in the information according to the need for supplementary information. All the information that is finally filled in will be encoded and serialized into a file with the suffix ".evi". Available for users to download locally. The offline evidence processing module 102 will calculate the security digest H ₂ of the file, and concatenate the obtained digests H ₁ , and finally calculate the digest H ₃ from the concatenated results through the same security digest algorithm, so as to serve as the final digest representing the integrity of the electronic evidence, It is ready to be uploaded to the mature blockchain network in the follow-up work. As the workflow of the offline electronic evidence processing module 102 of the client 100, all its work is carried out in the local offline environment, which not only ensures the integrity of the electronic evidence but also maintains the privacy of the user. The design of the module considers the electronic evidence itself It is convenient for users to add important information to electronic evidence and take it as a part of electronic evidence, which is conducive to the realization of the legal effect of evidence.

It should be noted that, as a service system, the server 200 is responsible for accepting the user's evidence service request and acting as an agent to complete the interaction with the blockchain system to complete the preservation of electronic evidence, and at the same time supervise the correctness of the auditing process of the auditing terminal 300 and report to the user Synchronize key information. Unlike traditional service organizations, the server 200 in this system does not involve any sensitive information processing. The authenticity of all service results can be verified in real time through a third-party blockchain browser, which greatly eases the Data security pressure and trust pressure faced by traditional institutions. As shown in FIG. 2 , the server 200 can be composed of the following six modules: an identity authentication module 201 , a latent channel coding module 202 , a transaction module 203 , a network communication module 204 , a fee statistics and collection module 205 and a data storage module 206 .

Among them, the identity authentication module 201 is responsible for cooperating with the data server to process user registration requests, distribution of user keys, and identity authentication of users and audit institutions. The latent channel coding module 202 is responsible for performing latent channel coding on the final evidence summary, evidence chain relationship information, user address and other information contained in the user's evidence upload request according to the service type, and transforming it into a standardized standard transaction script. The transaction module 203 is transformed from a blockchain wallet, which publishes transaction scripts containing evidence information in the form of transactions and monitors and synchronizes the block information of transactions related to synchronization, and further converts them into existence proofs and audit proofs. The network communication module 204 is responsible for the communication between the server 200, the client 100 and the auditing terminal 300, including data synchronization and request processing. The fee statistics and collection module 205 is responsible for statistics of the fees required to implement the user's request to release the transaction and collect it from the user through the client terminal 100 . The data storage module 206 is deployed on the data server, and is used to store key data required by each module for work.

Further, in one embodiment of the present invention, the server 200 is specifically used to authenticate the user, wherein, a new user submits brief personal information, uses the mailbox he owns as the ID, and sets the user password K _u , the service The terminal 200 cooperates with the user to complete the registration through email authentication, and uses the key derivation algorithm to salt and hash the user password K _u , and derives multiple high-strength and random keys K _x1 according to different initial parameters , K _x2 ... K _xn , as the basis for password authentication, is stored in the server 200 database; at the client 100 and the audit terminal 300, it is used as a seed to generate an AES key for user data encryption. After the user successfully registers, The server 200 randomly generates a pair of legitimate mature blockchain system key pairs (Sk _u , Pk _u ), encrypts the private key Sk _u with the corresponding user-derived key K _xi and stores it in the database of the server 200. The key Pk _u is converted into the transaction address Addr _u and then sent to the client 100 as the user address, which is used to assist the user in supervising the uploading of electronic evidence and constructing an evidence chain. Among them, after being authenticated by the server 200, offline evidence management can be performed through the server 200, and the electronic evidence added offline will be automatically imported into the local evidence library, and the generated AES key will be encrypted and saved to view the detailed information of the evidence and recover Evidence auxiliary files, delete local evidence that has not been uploaded, add new offline evidence, and back up evidence data to the cloud.

It can be understood that, as shown in FIG. 4 , after the user completes the offline electronic evidence processing through the client 100, he needs to perform identity verification to the server 200 through the registration and login module. ID, and set a user password K _u with 8-12 numbers, symbols, and letters mixed, and the server 200 checks the mailbox and cooperates with the user to complete the registration through email verification. In order to ensure the security of the system and avoid the security risks that weak passwords may bring to the system, the method shown in Figure 5 is used to process user passwords. The user password K _u is salted and hashed, and multiple high-intensity and random keys K _x1 , K _x2 ... K _xn are derived according to different initial parameters. The keys are stored in the identity authentication module 201 of the server 200 As the basis for password authentication, it is stored in the server 200 database, and in the client 100 and the audit terminal 300, it is used as a generation seed to generate an AES key for user data encryption, thereby improving the security of the entire system and reducing Threats to the system such as side channel attacks and brute force cracking are eliminated. After the user successfully registers for the first time, the transaction module 203 of the server 200 will randomly generate a pair of legitimate mature blockchain system key pairs (Sk _u , Pk _u ), and derive its private key Sk _u through the corresponding user The key K _xi is encrypted and stored in the database of the server 200, and the public key Pk _u is converted into the transaction address Addr _u and then sent to the user's client 100 as the user address, which is used to assist the user in supervising the uploading of electronic evidence and constructing evidence chain. After the user logs in and is authenticated by the server 200, the offline evidence management can be performed through the online evidence management module 103 of the client 100. The electronic evidence added by the user offline will be automatically imported into the user's local evidence database, and the relevant data will be in accordance with the above-mentioned The generated AES key is encrypted and saved. The user can choose to view the detailed information of the evidence, restore the auxiliary file of the evidence, delete the local evidence that has not been uploaded, add a new offline evidence, or choose to back up the evidence data to the cloud.

Further, in one embodiment of the present invention, you can choose to upload the evidence to the server 200, select the offline evidence to be uploaded, the service type for depositing the certificate, and send the request for depositing the certificate, and the client 100 will send the encrypted auxiliary information of the evidence Info _evi , service type information Info _serve , user address Addr _u and the final summary H ₃ of the evidence are sent to the server 200 through the SSL protocol, wherein, for the evidence service on the chain, the server 200 derives the key according to the user password K _u K _xi is decrypted to obtain the corresponding user address private key Sk _u , which is converted into a standard address and compared with the user address Addr _u sent by the client 100. If they are the same, the service type information Info _serve , user address Addr _u and the final evidence Abstract H3 is coded as the standard transaction script _ScriptPbkey of the blockchain system, and constructs evidence transactions to save evidence summaries, links between evidences, and identify user addresses; The abstract H ₃ is included in the aggregation abstract set {H _i }. After reaching the time node, the server 200 generates a random vector H _rand of the same length to add to the collection, and calculates the root abstract of the entire collection by constructing a Merkle tree H _root , and the server 200 writes the root abstract H _root of the entire set into the NullData channel script of the blockchain transaction, and generates the final complete transaction script after adding input and redemption output, and writes the complete aggregation abstract set {H _i } sent to each client 100 participating in the request.

It is understandable that the user can choose to upload the evidence to the server 200, and the specific process is as follows: the user selects the offline evidence to be uploaded, selects the service type for depositing the certificate, and then sends a request for depositing the certificate, and the client 100 will encrypt the certificate. The auxiliary information Info _evi of the evidence, the service type information Info _serve , the user address Addr _u and the final summary H ₃ of the evidence are sent to the server 200 through the SSL protocol. Among them, the service types of deposit evidence are divided into two categories: on-chain evidence service and aggregated evidence service. If the service type selected by the user is on-chain evidence service, the server 200 will first decrypt the derived key K _xi of the password K _u to obtain the corresponding user address private key S _ku , convert it into a standard address and send it to the client 100. Addresses Addr _u are compared, if they are the same, Info _serve , Addr _u , H ₃ are encoded into the standard transaction script ScriptPbkey of the blockchain system through the latent channel encoding module 202, taking Bitcoin as an example, according to the survey results in Table 1, after Considering cost, efficiency, security, and transparency, the framework finally selects the Op_Return output script as the channel for saving the evidence summary; the LockTime (lock time) channel as the channel for encoding the evidence operator; the EcPubkey (Bitcoin public key) channel as the Identifies the channel of the user address. Among them, the evidence operator is a set of codes representing the service type of evidence, the social attribute relationship between evidence, and the type of evidence, so that the framework can accommodate more complex types of evidence and express the connection between evidence, such as version relationship, inheritance relationships, etc., thereby improving the extensibility of the framework. The final transaction form is shown in Figure 6, in which, the first input and output of the transaction are both from the existing address of the server 200 wallet, which is used to provide the cost of the transaction; the second output is a micro amount of bit The currency is output to the user address for the construction of the evidence chain and the management of the user's evidence; the third output saves the final summary H ₃ of the evidence, which is used to generate the existence proof of the evidence; if the uploaded new evidence is related to the existing For some evidence chains, there is a second input referencing the micro-bitcoin output from the end of the evidence chain to the user's address. For the user's aggregated evidence service request, the processing flow of the server 200 is shown in Figure 7. The server 200 will include the final abstract H ₃ of all evidence within a certain period of time into the aggregated abstract set {H _i } through the timing module. After reaching the time node, the server 200 will first generate a random vector H _rand of the same length and add it to the collection, and then calculate the root abstract H _root of the entire collection by constructing a Merkle tree. This summary maintains the integrity of all sub-evidences in the collection The latent channel encoding module 202 of the server 200 will write the H _root into the NullData channel script of the block chain transaction, and after adding the input and redemption output, the transaction module 203 will generate the final complete transaction script and write the complete {H _i } is sent to each client 100 participating in the request. Compared with the evidence service on the chain, this service weighs the relationship between system cost and efficiency, sacrifices part of the efficiency of entering blocks of evidence transactions, collects more evidence from users, and adopts the method of aggregating evidence to give multiple evidences at the same time through one transaction. It is proved that in theory, as long as the user is willing to wait for enough time, the cost of the service can be reduced infinitely. This lightweight evidence preservation service brings the advantages of richer user choices, low cost and high service throughput to the system.

It needs to be explained that Table 1 is the statistics and analysis of the characteristics of each latent channel of the most mature blockchain network——Bitcoin system latent channel, that is, Table 1 Statistics and analysis table of the characteristics of each latent channel of Bitcoin.

Table 1

Submarine channel name channel capacity Is it public key security Include more per transaction estimated cost Op_Return 80 Yes no effect 1 6020 EcPubkey 32 Yes powerful no 10190 EcPrikey 32 no weak no 4760 Tx Amount 3 Yes no effect no 47600 Lock Time 3 Yes no effect 1 —

Furthermore, in one embodiment of the present invention, the user evidence chain connects multiple evidence transactions and audit transactions, wherein, with the modification of evidence operators, the horizontal direction represents the connection between electronic evidences, and the vertical direction represents the relationship between electronic evidences. The audit relationship is uniformly identified by the trace blockchain currency output facing the user address, and the loose blockchain currency transaction is converted into a user evidence network to manage and verify the evidence on the chain.

It can be understood that the form of the constructed evidence chain is shown in Figure 8, in which, with the modification of the evidence operator, the connection between the electronic evidences is shown horizontally, and the audit relationship between the electronic evidences is shown vertically, which is unified to face the user address The trace block chain currency output is used as a mark, and the loose block chain currency transaction is transformed into a compact user evidence network, which is convenient for users and judicial departments to manage and verify the evidence on the chain; at the same time, the constructed evidence network has good data Interconnectivity and stability. There can be multiple servers 200 working at the same time in different regions. The import of all chain evidence of the same user only needs to retrieve the corresponding user address on the blockchain network. The import is convenient and there is no data compatibility. Problem; Even if there is a worst case such as a server 200 crash, all proofs that have occurred are still valid and data recovery is very convenient, and users will not have any losses.

Optionally, in one embodiment of the present invention, the user establishes his own evidence chain to submit the corresponding user address Addr _ux and the corresponding blockchain system key pair to the server 200 through the client 100 or the network plug-in (Sk _u , Pk _u ) to restore or escrow the evidence chain, the server 200 checks the validity of (Sk _u , Pk _u ) and the consistency of the key to the user address Addr _ux , and checks the user address Addr _ux corresponding The transaction is checked according to the structure of the evidence transaction, and the existence proof of the corresponding evidence and the structure of the evidence chain are synchronized.

It can be understood that the user can establish his own evidence chain through the blockchain wallet, and then submit the corresponding user address Addr _ux and the corresponding blockchain system key pair (Sk _u ,Pk _u ) to restore/host the evidence chain, the server 200 will first check the validity of (Sk _u ,Pk _u ) and the consistency of the key pair user address Addr _ux , and then pass the transaction module 203 to the block chain The transaction corresponding to the network user address Addr _ux is checked according to the structure of the evidence transaction, and the existence proof of the corresponding evidence and the structure of the evidence chain are synchronized. The custody/recovery evidence can also obtain evidence collection, audit, and synchronization services according to the above steps.

Further, in one embodiment of the present invention, the server 200 converts the generated standard transaction script ScriptPbkey into a transaction and broadcasts it to the blockchain network, and at the same time sends the index TxHash of the transaction to the corresponding client 100, and then The broadcasted transaction is confirmed and monitored for a preset number of times. For evidence transactions whose depth is greater than or equal to the preset threshold, it is determined that it cannot be tampered with, and the corresponding block entry time T of the transaction is recorded, and sent to the client as the timestamp of the evidence carried Terminal 100 generates proof of the existence of evidence, and updates the status of the uploaded evidence in real time according to the information of server 200, and generates a link to the third-party blockchain query interface from the transaction index TxHash, so as to access the third-party area at any time. The block chain browser verifies all information in real time.

It can be seen that the wallet module of the server 200 converts the generated standard transaction script into a transaction and broadcasts it to the blockchain network, and at the same time sends the index TxHash of the transaction to the corresponding client 100, and then the wallet module converts the broadcasted transaction Carry out a preset number of confirmation monitoring, for example, 3 times of confirmation monitoring. For evidence transactions with a depth greater than or equal to the preset threshold, such as evidence transactions with a depth greater than or equal to 3, the system determines that it cannot be tampered with and records the transaction The corresponding block-entry time T is sent to the client 100 as the timestamp of the evidence carried, and the existence proof of the evidence is finally generated. The online evidence management module 103 will update the status of the uploaded evidence in real time according to the information of the server 200, and generate a link to the third-party blockchain query interface by the transaction index TxHash, and the user can access the third-party blockchain browser at any time. All information is verified in real time, and the server 200 does not have any chance of doing evil, and the whole process is transparent and safe without trust. Among them, if the wallet module of the server 200 detects the transaction ductility problem caused by the tampering of the signature script of the evidence transaction, it will update the index TxHash _new of the final block-entry transaction to the client 100 in time, and turn to monitor the transaction. The output script of the transaction cannot be tampered with, so it will not have a security impact on the service itself. It should be noted that those skilled in the art can set the preset number of times and the preset threshold according to actual conditions, which are not specifically limited here.

Optionally, as shown in FIG. 2 , the audit terminal 300 may consist of the following five modules: login module 301 , audit key management module 302 , forensics module 303 , audit module 304 and data storage module 305 .

Among them, the login module 301 is in charge of establishing the communication between the audit institution and the server 200, completing the login work and generating the initialization security key. The audit key management module 302 is responsible for the generation and management of the audit signature key. The evidence collection module 303 is responsible for obtaining evidence and verifying the user evidence on the chain. The audit module 304 is transformed from a blockchain wallet, responsible for performing cryptographic processing based on the audit results of the evidence and publishing them on the blockchain in the form of transactions, constructing audit certificates, and synchronizing the block information of related transactions. The data storage module 305 is deployed on the data server of the audit institution, and is used to save the key data required for the work of each module.

It can be understood that the user can use the forensics module 303 or the plug-in of the network terminal 400 to obtain evidence for any electronic evidence on the chain. The system 10 of the example calculates the final abstract H3 of the evidence and sends it to the server 200 through a secure channel. The server 200 retrieves the abstract of the evidence in the database, and stores the transaction index, credible time stamp, and evidence chain of the corresponding evidence. The construction status, evidence audit status, and obtained certificates are returned to the user. Similarly, the user can verify the accuracy of the information through a third-party blockchain browser. A legal institution with audit qualifications can verify the existence of the chain through the audit terminal 300. The specific work flow is shown in Figure 9. A qualified judicial institution submits an application for evidence on the audit chain to the server 200 through open channels, and must submit complete qualification certification documents, basic information of the institution, and The traditional PKI public key P _{k_audit} for identity authentication and stable public contact channels (websites, media), the server 200 will review the above information, and after reviewing its qualifications and the above information, it will make the above information public, and pass the SSL protocol and corresponding audit The audit terminal 300 establishes a two-way authentication security channel, and the audit institution needs to log in through the audit terminal 300 authentication according to the agreed password every time it works.

Further, in one embodiment of the present invention, the audit terminal 300 is specifically used to introduce the public key system in the blockchain network, and generate a blockchain key that can represent the identity of the audit terminal 300 by constructing a key to generate a transaction certificate. Key, and then use the blockchain key to sign the audit result file, so that when the user needs to audit the legal effect of the evidence on the chain, submit the evidence audit request through a stable public channel, and send the audited evidence source file and auxiliary files are sent to the audit terminal 300 through a secure channel to _verify the existence of the proof according to the information on the chain. audit.

Wherein, in one embodiment of the present invention, generating the audit key includes the following steps: randomly generating n new blockchain currency keys, and obtaining the root digest H _{n_key} according to the n new blockchain currency keys, Sign the root summary H _{n_key} through the identity authentication private key S _{k_audit} , and calculate the summary H _sig for the signature result Sig; generate and broadcast a new blockchain currency transaction, with an Op_Return output containing H _sig , which will be included in the block After the chain network is successfully confirmed, it sends to the server 200: the index TxHash of the transaction, the set of public keys {Pk ₁ , Pk ₂ ...Pk _n } of all newly generated audit keys and its root abstract H _{n_key} , and the constructed signature Sig; The terminal 200 determines the integrity of the signature Sig based on the digest H _sig extracted by the transaction index TxHash, and verifies the validity of the signature signature Sig for the root digest H _{n_key} ; reconstructs the Merkle tree and uses the root digest H _{n_key} to prove n blockchains The integrity of the currency key to finally prove the legitimacy of the newly generated n audit keys.

It can be understood that, in view of the need to prove the non-repudiation of the audit results on the chain, the public key system in the blockchain network is introduced to generate a blockchain key that can represent the identity of the audit terminal 300, and then pass these key pairs to audit The resulting file is signed, and the audit key generation process is as follows: ①The audit key management module 302 randomly generates n new blockchain currency keys, and sends the public keys {Pk ₁ , Pk ₂ ... Pk _n } Obtain the root abstract H _{n_key} that can represent the integrity of the key by constructing a Merkle tree. The audit agency signs the H _{n_key} through the identity authentication private key S _{k_audit} in the traditional PKI, and uses the security digest algorithm to verify the signature result Sig calculates the summary H _sig . ②The audit terminal 300 wallet generates and broadcasts a new blockchain currency transaction with an Op_Return output containing H _sig . After the transaction is successfully confirmed by the blockchain network, the audit terminal 300 sends to the server terminal 200: the transaction The index TxHash, all newly generated audit key public key set {Pk ₁ , Pk ₂ ... Pk _n } and its root digest H _{n_key} , the constructed signature Sig. ③ The server 200 determines the integrity of Sig according to the digest H _sig extracted from the incoming transaction by TxHash; verifies the validity of the signature Sig for H _{n_key} through P _{k_audit} ; reconstructs the Merkle tree and uses H _{n_key} to prove n blocks The integrity of the chain currency key. Through the above process, the validity of the newly generated n audit keys is finally proved, and its signature can represent the identity of the audit institution. ④ The data storage module 206 of the server 200 puts the transaction index TxHash, the public key set {P _k1 , P _k2 ... P _kn } of the newly generated audit key, and the signature Sig into the warehouse, and provides them to any user who accepts the service of the audit institution, It enables it to independently judge the legitimacy of the audit key based on the transaction information on the blockchain.

The system 10 of the embodiment of the present invention can transplant the key function in the traditional public key infrastructure of the audit institution to the transaction key of the blockchain system by constructing a certificate, and endow it with the function of identity authentication, which will be used for auditing later. The resulting document construction non-repudiation proof establishes the basis. The system 10 of the embodiment of the present invention can avoid the verification complexity and data interoperability problems caused by the inconsistency of signature systems used by multiple audit institutions, and the generated identity authentication system interface based on the blockchain network public key system itself is unified and rigorous, which is convenient for encryption. The flexible distribution and update of the key, all the certification process is open in the blockchain currency transaction network, which is convenient for independent verification by users and supervision by the public, and has good transparency and versatility. When users need to audit the legal effects of evidence on the chain, they need to submit an evidence audit request to the corresponding judicial department through a stable public channel, and send the audited evidence source documents and auxiliary documents to the audit terminal 300 through a secure channel. The audit institution verifies the proof of existence of the evidence through the process of the evidence collection module 303 according to the information on the chain. If the verification is correct, the audit institution decodes the evidence auxiliary information Info _evi through the audit module 304, and verifies the evidence according to the content of the evidence. Audit for authenticity.

Optionally, in one embodiment of the present invention, the audit terminal 300 is also used to select one of the audit key pairs {S _kx , P _kx } for the audit result after generating the audit result file File _audit of the corresponding electronic evidence. The file is signed, and the signature result is converted into a Der encoding form Sig _audit to construct an audit transaction facing the blockchain network, which has an Op_Return output containing the audit result signature Sig _audit to generate and maintain the integrity and timeliness of the audit result Audit proof of authenticity and non-repudiation, and a micro-amount output flowing to the user address Addr _ux to identify the proof flow and construct a user evidence chain. The audit terminal 300 broadcasts and monitors transactions to the blockchain network, and sends the selected audit password The key public key P _kx , the security summary H _audit of the audit result file and the audit transaction index TxHash _audit are sent to the server 200, and the complete audit result file is sent to the corresponding user.

It can be understood that after the audit institution generates the audit result file File _audit for the corresponding electronic evidence, it selects one of the generated audit key pairs {S _kx , P _kx } through the audit module 304 to sign the audit result file, and the The signature result is transformed into Sig _audit in the form of Der encoding, and the wallet module constructs audit transactions facing the blockchain network according to the structure of Figure 10, which has an Op_Return output containing the audit result signature Sig _audit , which is used to generate and maintain the integrity of the audit results, Timeliness and non-repudiation audit proof, and a micro-amount output flowing to the user address Addr _ux , used to identify the proof flow and construct the user evidence chain. The audit terminal 300 wallet module broadcasts and monitors the transaction to the blockchain network, and sends the selected audit key public key P _kx , the security summary H _audit of the audit result file, and the audit transaction index TxHash _audit to the server 200, and the complete The audit result files are sent to the corresponding users. The transaction module 203 of the server 200 obtains the corresponding audit transaction from the blockchain network according to the index TxHash _audit , and detects the standardization of its structure and the validity of the signature. If the detection passes, the corresponding user evidence chain is updated, and the Evidence transactions are monitored, and H _audit , TxHash _audit , and P _kx are stored through the data storage module. The next time the user logs in to the client 100 to synchronize the evidence information, the audit information of the evidence will be updated, including the audit transaction index TxHash _audit , the audit key public key P _kx , the audit transaction confirmation, the basic information of the audit institution, and the generation of the audit key Transaction index TxHashkey, public key set {P _k1 , P _k2 ... P _kn } of the auditing key of the institution, PKI public key P _{k_audit} of the auditing institution. The user can verify the validity of the audit key P _kx through the client 100, and verify the integrity, timeliness and non-repudiation of the audit results according to the existing audit result files and on-chain audit transaction information, so as to realize the Audit proof of electronic evidence.

That is to say, the system 10 of the embodiment of the present invention generates audit certificates for electronic evidence through the blockchain system, which proves the legal effect of electronic evidence and solves the problem of poor data interoperability, chaotic norms, and lack of unification of multiple audit institutions under the traditional system. Interface, information is not transparent enough and other issues. The system 10 of the embodiment of the present invention has the advantages of ease of use, security, transparency, and data interoperability. During the implementation process, the service party, users, and audit institutions can supervise each other through the blockchain network, thereby improving the preservation of electronic evidence. security, while privacy security can also be protected. The server 200 is only used as a platform for supervision and information transmission, without access to specific audit result files and evidence files. This process improves the office efficiency of the audit institution, reduces the user's rights protection cost for electronic evidence, and establishes a fair and unified platform for the audit of evidence.

Optionally, the network terminal 400 includes all networkable devices such as computers, smart phones, and smart tablets. The network terminal 400 plug-in refers to a browser plug-in based on a specific Channel decoding module, and packaged the open query interface of blockchain application to realize real-time online evidence collection and verification. Users can obtain the synchronization status and existence of evidence by submitting corresponding complete electronic evidence source files and evidence auxiliary files. It can also verify the audit result files according to the security certificate, audit certificate and the structure of the evidence chain.

It should be noted that the system 10 of the embodiment of the present invention is a low-cost, high-security lightweight electronic evidence preservation system. The system 10 of the embodiment of the present invention consists of a client 100, a server 200, and an audit terminal 300. Participate in various entities, and provide real-time evidence collection, verification and query procedures on the browser side, and build a comprehensive and efficient electronic evidence protection and auditing platform on the existing mature blockchain network through the interaction and cooperation of the three terminals. The system 10 of the embodiment of the present invention combines the characteristics of a mature blockchain network, and on the basis of the existence proof scheme, fully considers the legal effect, verifiability, traceability of audit results, transparency of operation, Key features such as the crash resistance of the system. Cooperating with the use of latent channel technology, it greatly reduces the cost of depositing evidence in the system, transforms the original transaction chain in the blockchain into an evidence chain, is compatible with more complex evidence structures, enriches the service capabilities of applications, and finally designs a set of low-cost Lightweight electronic evidence preservation architecture with low cost, high security, and transparent and checkable operation. The system 10 of the embodiment of the present invention brings users a more transparent, credible, safe and efficient electronic evidence management tool, and at the same time helps the judicial department to establish more specific electronic evidence processing standards. The system 10 of the embodiment of the invention has good prospects and social value. The system 10 of the embodiment of the present invention implements a low-cost, high-security, and transparent and checkable lightweight electronic evidence storage architecture, using a stable and secure data storage environment in mature decentralized blockchain applications, natural, The unforgeable time stamp mechanism facilitates real-time query interface, builds a set of hidden data storage system, and provides real-time performance for various forms of electronic evidence generated in many application scenarios such as online e-commerce, copyright protection, domain name management, and online auctions. Integrity protection and timeliness proof to maintain its probative power, while providing a convenient and easy-to-use evidence collection and verification interface. On the one hand, it is convenient for users to obtain evidence and verify evidence at any time, and on the other hand, it can cooperate with the judicial department to conduct verification of the authenticity of evidence. Audit and verification, generate and store cryptographic evidence of relevant evidence audit results, so as to solve the problem of electronic evidence preservation safely and efficiently. The system 10 of the embodiment of the present invention provides a comprehensive system with high security, strong usability, low cost, high efficiency, and respect for user privacy, which is intended to lower the threshold of rights protection and also help the judicial department to establish more specific electronic evidence processing standards to create wider influence and social value.

That is to say, the electronic evidence storage system 10 based on blockchain latent channel technology designed and implemented in the embodiment of the present invention has better security and transparency, and users can check the electronic evidence without trust. Integrity, timeliness, and the non-repudiation of its legal effect are proved, and the proof process will not leak the privacy of users, avoiding the trust crisis caused by data corruption and sensitive operations in centralized institutions, and also solving the problem of centralized storage The security issues caused by attacks on nodes, and the system relies on the blockchain network to provide an efficient and convenient evidence collection and verification interface, which is simple to operate and easy to use, which reduces the user's rights protection threshold and is also conducive to the establishment of a more specific legal system. electronic evidence processing standards. Compared with the existing proof of existence service based on blockchain, the system provides more specific, rigorous and personalized services according to the characteristics of electronic evidence, adding auxiliary evidence information entry in the evidence processing part to facilitate users to verify the electronic evidence. Supplement the specific information; develop a convenient and unified audit interface, so that users can establish and maintain the legal effect of evidence through the blockchain; add service classification design, introduce aggregated evidence upload service, and weigh the relationship between system cost and efficiency. It expands the scope of services and carrying capacity while improving the flexibility of the system; optimizes the management efficiency of electronic evidence by constructing an evidence chain structure, making the system compatible with more complex evidence results and diverse evidence relationships, and has stronger reliability. Scalability, the positioning of user addresses makes the service stable and reliable, and facilitates the import and recovery of evidence. Even if there is an extreme situation where the service node crashes, it will not have any adverse effects on the security proof of the existing evidence.

In a specific embodiment of the present invention, as shown in Figure 11, the system 10 of the embodiment of the present invention can generate audit transactions and evidence transactions by constructing latent channels on the original data layer of mature blockchain networks, which are electronic evidence Provide transparent and reliable proof of existence and audit proof, and link transactions with user addresses and evidence operators to form multiple user evidence chains. The server 200 and the audit end 300 in different regions jointly construct and maintain the user's evidence proof data without trust and the interface is uniform and efficient. Users can seek evidence upload agents from the server 200 through the client 100, or through the blockchain The wallet constructs its own evidence chain and then submits it to the server 200 for hosting.

According to the electronic evidence preservation system based on the block chain latent channel technology proposed by the embodiment of the present invention, the user's electronic evidence is collected and processed offline, and according to the service type, the user evidence is encoded in the latent channel and uploaded to the block chain network Build user evidence chains on the basis of evidence, generate proof of existence of evidence, and mine hidden channels in mature blockchain systems to store electronic evidence and the cryptographic basis of audit results, so as to realize the safe processing and concealed preservation of electronic evidence, thus Improve the security and timeliness of electronic data storage, and effectively reduce storage costs.

In describing the present invention, it should be understood that the terms "center", "longitudinal", "transverse", "length", "width", "thickness", "upper", "lower", "front", " Back", "Left", "Right", "Vertical", "Horizontal", "Top", "Bottom", "Inner", "Outer", "Clockwise", "Counterclockwise", "Axial", The orientation or positional relationship indicated by "radial", "circumferential", etc. is based on the orientation or positional relationship shown in the drawings, and is only for the convenience of describing the present invention and simplifying the description, rather than indicating or implying the referred device or element Must be in a particular orientation, be constructed in a particular orientation, and operate in a particular orientation, and therefore should not be construed as limiting the invention.

In addition, the terms "first" and "second" are used for descriptive purposes only, and cannot be interpreted as indicating or implying relative importance or implicitly specifying the quantity of indicated technical features. Thus, the features defined as "first" and "second" may explicitly or implicitly include at least one of these features. In the description of the present invention, "plurality" means at least two, such as two, three, etc., unless otherwise specifically defined.

In the present invention, unless otherwise clearly specified and limited, terms such as "installation", "connection", "connection" and "fixation" should be understood in a broad sense, for example, it can be a fixed connection or a detachable connection , or integrated; it may be mechanically connected or electrically connected; it may be directly connected or indirectly connected through an intermediary, and it may be the internal communication of two components or the interaction relationship between two components, unless otherwise specified limit. Those of ordinary skill in the art can understand the specific meanings of the above terms in the present invention according to specific situations.

In the present invention, unless otherwise clearly specified and limited, the first feature may be in direct contact with the first feature or the first and second feature may be in direct contact with the second feature through an intermediary. touch. Moreover, "above", "above" and "above" the first feature on the second feature may mean that the first feature is directly above or obliquely above the second feature, or simply means that the first feature is higher in level than the second feature. "Below", "beneath" and "beneath" the first feature may mean that the first feature is directly below or obliquely below the second feature, or simply means that the first feature is less horizontally than the second feature.

In the description of this specification, descriptions with reference to the terms "one embodiment", "some embodiments", "example", "specific examples", or "some examples" mean that specific features described in connection with the embodiment or example , structure, material or feature is included in at least one embodiment or example of the present invention. In this specification, the schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the described specific features, structures, materials or characteristics may be combined in any suitable manner in any one or more embodiments or examples. In addition, those skilled in the art can combine and combine different embodiments or examples and features of different embodiments or examples described in this specification without conflicting with each other.

Although the embodiments of the present invention have been shown and described above, it can be understood that the above embodiments are exemplary and should not be construed as limiting the present invention, those skilled in the art can make the above-mentioned The embodiments are subject to changes, modifications, substitutions and variations.

Claims (10)

1. An electronic evidence preservation system based on a block chain latent channel technology, comprising:

The client is used for carrying out off-line collection and processing, on-line management and evidence obtaining work on the electronic evidence of the user;

The server is used for carrying out salt hash on a user password to derive a plurality of random keys for password authentication and user data encryption, carrying out latent channel coding on the user evidence according to the service type to construct evidence transaction, uploading the evidence transaction to a block chain network to construct a user evidence chain, and generating an evidence existence certificate; hosting and recovering evidence on the chain according to the user address, wherein the latent channel code is as follows: encoding the service type information, the user address, the final abstract of the evidence and the evidence chain relation information into a standard transaction script Pbkey of a block chain system;

The audit end is used for generating an audit key by using the block chain currency key, auditing the evidence on the chain and generating corresponding audit transaction on the block chain, constructing the audit certification of the evidence to maintain the integrity, timeliness and non-repudiation of the audit result, wherein the user evidence chain is connected with a plurality of evidence transactions and audit transactions, represents the relation between electronic evidence and the audit relation between electronic evidence, uniformly takes the output of trace block chain currency facing to a user address as an identifier, and converts loose block chain currency transactions into a user evidence network; and

And the network terminal is used for synchronizing the state of the evidence of the user on the chain and obtaining evidence in real time.

2. The electronic evidence saving system based on the block chain latent channel technology according to claim 1, characterized in that the client is specifically configured to obtain an electronic evidence file or a pre-computed security digest of an evidence file, wherein if the submitted electronic evidence file is a source file, the electronic evidence file is subjected to security digest processing, and if the electronic evidence contains a plurality of files, the total digest of the plurality of files is computed by constructing a merkel tree to protect the integrity of the whole source file, and finally the security digest H of the source file is obtained₁And the related information of the electronic evidence is taken as a part of the electronic evidence to participate in subsequent evidence obtaining and auditing work, all information is coded and serialized into a file with evi as a suffix, and a security abstract H of the file is calculated₂And will secure the summary H₂And safety abstract H₁Serially connecting, and calculating the serial result by the same safety abstract algorithm to obtain a safety abstract H₃As a final digest representing the integrity of the electronic evidence for subsequent uploading to a mature blockchain networkThe above.

3. The system for storing electronic evidence based on the blockchain latent channel technology according to claim 2, wherein the server is specifically configured to authenticate the user, wherein the new user submits the brief personal information, uses the owned mailbox as the ID, and sets the user password K_uThe server side completes registration by matching with the user in a mail authentication mode and carries out user password K through a key derivation algorithm_uperforming salt hash to derive multiple keys K with high strength and randomness according to different initial parameters_x1，K_x2…K_xnAs the basis of password authentication, storing the password authentication in a server database; the AES key used for user data encryption is generated by taking the AES key as a generation seed at the client and the audit end, and after the user successfully registers, the server randomly generates a pair of legal mature block chain system key pairs (Sk)_u,Pk_u) The private key Sk_uDeriving the key K by the corresponding user_xiStoring the encrypted data in server database, and storing public key Pk_uConversion to transaction Address Addr_uAnd then sending the key K to a client as a user address for assisting a user in monitoring the uploading condition of the electronic evidence and constructing an evidence chain, wherein the user derived key K is used for_xiBelonging to a plurality of keys K with high strength and randomness_x1，K_x2…K_xn；

After the evidence is authenticated by the server, offline evidence management can be performed through the server, the electronic evidence added offline can be automatically introduced into the local evidence library, the generated AES key is encrypted and stored, so that evidence detailed information can be checked, an evidence auxiliary file can be restored, the local evidence which is not uploaded yet can be deleted, new offline evidence can be added, and evidence data can be backed up to the cloud.

4. The electronic evidence preservation system based on the blockchain latent channel technology as claimed in claim 3, wherein the client can select to upload the evidence to the server, select the off-line evidence to be uploaded, the service type of the evidence preservation and send the evidence preservation requestSide-to-side encrypted evidence auxiliary information Info_eviService type information Info_serveUser address Addr_uAnd final summary of evidence H₃And sending the data to the server through the SSL protocol, wherein,

For the on-chain certification service, the server side is used for verifying the service according to the user password K_uOf the user derived key K_xiDecrypting to obtain a corresponding private key Sk of the user address_uAnd the address is converted into a standard address and then is sent to a user address Addr sent by a client_uComparing, when the service type information is the same, the service type information Info is sent_serveUser address Addr_uAnd final summary of evidence H₃coding the standard transaction script Pbkey of the block chain system, and constructing evidence transaction to store evidence abstract, the relation between the evidence and the identification user address;

For the aggregated evidence service, the server side summarizes the final summaries H of all the evidences in a preset time₃Including aggregate digest set { H }_iIn the method, after a time node is reached, a server generates a random vector H with the same length_randAdding the root abstract H into the set, and calculating the root abstract H of the whole set by constructing the Merck tree_rootAnd the server side abstracts the root abstract H of the whole set_rootWriting into NullData channel script of block chain transaction, generating final complete transaction script after adding input and redeeming output, and collecting complete aggregate abstract set { H_iIt is sent to each client participating in the request.

5. The electronic evidence preservation system based on the blockchain latent channel technology according to claim 4, wherein a user evidence chain connects a plurality of evidence transactions and audit transactions, wherein modification of evidence operators is matched to horizontally represent the connection between electronic evidence and vertically represent the audit relationship between electronic evidence, and the loose blockchain currency transaction is converted into a user evidence network by uniformly using the microscale blockchain currency output facing to the user address as an identifier, so as to manage and verify the evidence on the chain.

6. The system for storing electronic evidence based on blockchain latent channel technology according to claim 4, wherein the server converts the generated standard transaction script Pbkey into transaction and broadcasts to the blockchain network, meanwhile, the index TxHash of the transaction is sent to the corresponding client, and then confirmation monitoring is carried out on the broadcasted transaction for preset times, for evidence transaction with depth greater than or equal to a preset threshold value, the evidence transaction is determined to be not falsifiable, corresponding block entry time T of the transaction is recorded and sent to a client as a timestamp of the carried evidence to generate evidence existence proof, and updating the state of the uploaded evidence in real time according to the information of the server, generating a link facing a third party block chain query interface by the index TxHash of the transaction, and all information can be verified in real time by accessing the third-party blockchain browser at any time.

7. The electronic evidence preservation system based on the block chain latent channel technology as claimed in claim 4, characterized in that the audit end is specifically used for introducing a public key system in a block chain network, a block chain key capable of representing the identity of the audit end is generated by constructing a key to generate a transaction proof, and then the audit result file is signed by the block chain key, so that when a user needs to examine the legal effect of the evidence on the chain, an evidence audit request is submitted to the audit organization through a stable public channel, and an audited evidence source file and an audited auxiliary file are sent to the audit end through a secure channel to verify the existence proof according to the information on the chain, if the verification is error-free, the auxiliary information Info of the evidence is verified_eviDecoding is performed and the authenticity of the evidence is audited according to the content of the evidence.

8. The system for preservation of electronic evidence based on blockchain latent channel technique according to claim 7, characterized in that the generation of the audit key comprises the following steps:

Randomly generating n new blockchain currency keys, and obtaining a root abstract H according to the n new blockchain currency keys_{n_key}Passing the identity authentication private key S_{k_audit}To root abstract H_{n_key}Signing and calculating abstract H for signature result Sig_sig；

Generating and broadcasting a new blockchain currency transaction with a block containing H_sigafter successful confirmation by the blockchain network, the Op _ Return output of (1) sends to the server: index TxHash of transaction, set of public keys { Pk ] of all newly generated audit keys₁,Pk_2…Pk_nAnd its root abstract H_{n_key}A constructed signature Sig;

The server extracts the abstract H according to the index TxHash of the transaction_sigDetermining the integrity of the signature Sig and verifying the signature Sig against the root digest H_{n_key}The effectiveness of (a); restructuring the Mercker Tree Using root Abstract H_{n_key}And verifying the integrity of the n blockchain currency keys to finally verify the validity of the n newly generated audit keys.

9. The electronic evidence preservation system based on the blockchain latent channel technology according to claim 1, wherein the auditing end is further configured to generate an auditing result File for the corresponding electronic evidence_auditthereafter, one of the audit key pairs { Sk }is selected_x，Pk_xSigning the audit result file, and converting the signature result into a Der coding form Sig_auditTo construct an audit transaction facing the blockchain network, wherein, a signature Sig containing the audit result is carried_auditTo generate an audit trail maintaining audit result integrity, timeliness and non-repudiation, and a stream user address Addr_uxOutputting the micro amount of money to identify the flow direction of the certificate and construct a user evidence chain, broadcasting and monitoring the transaction to a block chain network by an audit terminal, and selecting an audit key public key Pk_xSafety abstract H of audit result file_auditAnd audit transaction index TxHash_auditAnd sending the audit result file to a server side, and sending the complete audit result file to a corresponding user.

10. An electronic evidence preservation system based on blockchain latent channel technology according to claim 5 characterised in that the user establishes his own chain of evidenceTo submit the corresponding user address Addr to the server through the client or the network plug-in_uxAnd a corresponding blockchain system key pair (Sk)_u,Pk_u) To restore or host the chain of evidence, the service pair (Sk)_u,Pk_u) Validity of and key to user address Addr_uxIs checked for consistency and the user address Addr is checked_uxThe corresponding transaction is verified according to the structure of the evidence transaction, and the existence proof of the corresponding evidence and the evidence chain structure are synchronized.