CN110602138B - Data processing method and device for block chain network, electronic equipment and storage medium - Google Patents

Abstract

The invention provides a data processing method, a data processing device, electronic equipment and a storage medium of a block chain network; the method comprises the following steps: receiving an original key sent by a client through an intelligent contract in a node of a block chain network, and calling a white box key library deployed in the node to generate a white box key corresponding to the original key in the white box key library; receiving a transaction submitted by a client for updating data, and packaging the received transaction into a new block; carrying out consensus verification on the new blocks; when the consensus verification passes, calling the white-box key library deployed in the node to symmetrically encrypt the new block based on the white-box key, and updating the account book of the node through the new block symmetrically encrypted by the white-box key. The method and the device can ensure the safety of the sensitive data uplink.

Description

Data processing method, device, electronic device and storage medium of blockchain network

technical field

The present invention relates to block chain technology, in particular to a data processing method, device, electronic device and storage medium of a block chain network.

Background technique

The blockchain network was originally designed to conduct encrypted digital currency transactions, and has now developed into a universal service supporting various application scenarios, such as a chain-as-a-service platform (BaaS, Blockchain as a Service) relying on cloud services. , through the smart contract deployed in the blockchain network, it is possible to support the client to upload the data in the form of submitting transactions, perform business logic-related processing for the data, and query the data on the chain, and realize the data in the process. Non-tamperable and traceable properties are increasingly used in different industries.

Sensitive data is data that can only be disclosed to some (but not all) clients accessing the blockchain network for various security reasons, such as data involving personal information, business secrets, etc.

In practical applications, there will be scenarios where sensitive data is uploaded on the chain. Since sensitive data is stored in a distributed manner in the blockchain network, in order to ensure the security of sensitive data, the related technology adopts the scheme of uploading the summary of sensitive data to the chain instead of The scheme of directly uploading sensitive data to the chain results in that the blockchain network can only provide the client with the function of verifying sensitive data, but cannot directly provide reliable sensitive data, which will cause great harm to the client's application based on sensitive data. Limitation, because the client has to turn to other databases or file systems to obtain sensitive data and verify it, and if the sensitive data is encrypted with symmetric or asymmetric encryption and uploaded to the chain, when the key is leaked, the sensitive data will be lost. Security cannot be guaranteed.

SUMMARY OF THE INVENTION

The embodiments of the present invention provide a data processing method, device, electronic device and storage medium of a blockchain network, which can effectively ensure the security of sensitive data on the chain.

The technical solution of the embodiment of the present invention is realized as follows:

Embodiments of the present invention provide a data processing method for a blockchain network, including:

Through the smart contract in the node of the blockchain network, the original key sent by the client is received, and the white-box keystore deployed in the node is called to generate a corresponding original key in the white-box keystore. the white-box key for the key;

Receive the transaction for performing the data update operation submitted by the client, and package the received transaction into a new block;

Perform consensus verification on the new block;

When the consensus verification is passed, the white-box keystore deployed in the node is called to perform symmetric encryption on the new block in the following way: through the white-box key and the white-box key algorithm, all The transaction in the new block is symmetrically encrypted to replace the original transaction in the new block; the key-value pair data of the update operation is read from the transaction in the new block, and the key-value pair data of the update operation is read from the transaction of the new block, and the The white-box key algorithm performs symmetric encryption on the key-value pair data;

The node's ledger is updated with a new block symmetrically encrypted by the white-box key.

An embodiment of the present invention provides a data processing device for a blockchain network, including:

Smart contracts, white-box keystores and consensus services deployed in nodes of a blockchain network; among them,

The smart contract is used to receive the original key sent by the client, and call the white-box keystore deployed in the node to generate a key corresponding to the original key in the white-box keystore. white box key;

The smart contract is configured to receive a transaction submitted by the client for performing a data update operation, and invoke the consensus service to perform the following operations: package the received transaction into a new block, and perform the following operations on the new block. Perform consensus verification;

The smart contract is used to call the white-box keystore to symmetrically encrypt the new block based on the white-box key when the consensus verification is passed, and call the consensus service to pass the The new block encrypted with the white-box key symmetric updates the node's ledger.

In the above solution, when the smart contract is also used to call the white-box keystore deployed in the node to generate a white-box key corresponding to the original key, the following implementation method is adopted: calling the white-box key in the node. The white-box key library is used to perform the following operations: determine the transformation mode corresponding to the original key according to the value of each field in the original key; perform the following operations on the original key according to the determined transformation mode. Transform to get the corresponding white-box key.

In the above solution, when the smart contract is also used to call the white-box keystore in the node, the following operations are performed: according to the values of each field in the original key, it is determined when the white-box key algorithm is transformed The calculation method used is such that when the white-box key algorithm is transformed for different original keys, there are differences in the calculation method used.

In the above solution, when the smart contract is also used to receive the transaction submitted by the client for performing the data update operation, the following implementation method is adopted: calling the transmission secret in the node through the smart contract in the node. keystore to perform the following operations: perform digital certificate-based authentication with the client, and perform a negotiation operation after the authentication is passed to determine the encrypted socket key algorithm and transmission key used; receive all A transaction of the client for performing a data update operation, the transaction is symmetrically encrypted by the client through the encrypted socket key algorithm and the transmission key.

In the above solution, when the smart contract is also used to call the consensus service to package the received transaction into a new block, the following implementation method is adopted: the multiple transactions corresponding to each channel received in the blockchain network are The timestamps of the multiple transactions are sorted and packaged into new blocks for the corresponding channels.

In the above scheme, the smart contract is also used to call the consensus service to perform consensus verification on the new block, and the following implementation methods are adopted: perform the following verification operations on the transactions in the new block: the transaction format is correct; the digital signature is legal; The endorsement policy is complied with; the node that received the new block joins the channel indicated in the transaction.

In the above solution, when the smart contract is also used to call the transmission key store for negotiation operation to determine the encrypted socket key algorithm and transmission key used, the following implementation methods are adopted: transmits a handshake message through the Hypertext Transport Security Protocol, so that both the node and the client obtain the same random number and encrypted socket key algorithm through the handshake operation message, and pass the encrypted socket The key algorithm performs symmetric encryption on the random number to obtain the transmission key.

In the above solution, when the smart contract is also used to call the white-box key store to perform symmetric encryption on the new block based on the white-box key, the following implementation method is adopted: calling the white-box key in the node The library is used to perform the following operations: symmetrically encrypt the transactions in the new block through the white-box key and the white-box key algorithm to replace the original transactions in the new block; In the transaction, the key-value pair data of the update operation is read, and the key-value pair data is symmetrically encrypted by the white-box key and the white-box key algorithm.

In the above solution, the smart contract is also used to call the transmission key store in the node before calling the white box key store to symmetrically encrypt the transactions in the new block to encrypt the socket key. The algorithm and the transmission key decrypt the transactions in the new block; wherein the transactions in the new block are symmetrically encrypted by the client through the encrypted socket key algorithm and the transmission key.

In the above solution, the smart contract is also used to call the white-box keystore, so that the following implementation methods are used to symmetrically encrypt the transactions in the new block through the white-box key and the white-box key algorithm. : Map the binary data in the plaintext form of the transaction through the white-box key and the white-box key algorithm, and according to the calculation method used for transforming the white-box key algorithm, the The mapping is transformed to obtain binary data in ciphertext form corresponding to the transaction.

In the above solution, the smart contract is also used to call the white-box key store, so that the key-value pair data is symmetrically encrypted by the white-box key and the white-box key store, and the following implementation methods are adopted: The white-box key and the white-box key algorithm map the plaintext binary data of the key-value pair data, and according to the calculation method used for transforming the white-box key algorithm, the The mapping is transformed to obtain binary data in the form of ciphertext corresponding to the key-value pair data.

In the above solution, the smart contract is also used to invoke a consensus service to update the ledger of the node through a new block symmetrically encrypted by the white-box key, using the following implementation method: A new block symmetrically encrypted with the white-box key algorithm is added to the end of the blockchain in the ledger of the node; the key-value pair data corresponding to the update operation in the transaction of the new block is updated to the A state database in a node's ledger, wherein the key-value pair data is symmetrically encrypted by the white-box key and the white-box key algorithm.

In the above solution, before the smart contract is also used to receive the original key sent by the client, when the instance of the smart contract in the node is deployed, receive the white-box keystore and transmission submitted by the client. keystore transaction, and invoke the chaincode service in the node to deploy the white-box keystore and the transport keystore into the virtualized runtime environment of the node; or, in response to the The transaction submitted by the client for deploying the smart contract image file, and the chaincode service in the node is called to deploy the smart contract, white box keystore and transmission keystore included in the smart contract image file. into the virtualized operating environment of the node.

In the above solution, the smart contract is also used to call the consensus service to receive the transaction proposal submitted by the client for querying data; call the consensus service to execute against the state database in the node's ledger. The query operation obtains the corresponding key-value pair data; through the original key carried in the transaction proposal, the white-box keystore in the node is called to transform the original key to obtain the white-box. box key, and decrypt the queried key-value data through the white box key; call the transmission key store in the node to pair the transmission key and the encrypted socket key algorithm with the The decrypted key-value pair data is symmetrically encrypted; the consensus service is invoked, the encrypted key-value pair data is constructed as a proposal response, and returned to the client.

In the above solution, the smart contract is also used to call the consensus service to perform endorsement verification on the transaction proposal before performing the query operation on the state database in the ledger of the node, and the endorsement verification includes the following: At least one of: the digital certificate carried by the transaction proposal is issued by a trusted certification center; the digital signature of the transaction proposal is valid; the format of the transaction proposal is correct; the transaction proposal has not been submitted repeatedly.

In the above solution, the smart contract is further configured to receive the transaction proposal submitted by the client for updating the data before receiving the transaction for updating the data submitted by the client, and calling the transaction proposal for updating the data. The consensus service performs the following operations: verifies the transaction proposal and passes the verification, and simulates the update operation on the state database of the ledger in the node after the verification is passed to obtain the corresponding key-value pair data;

Invoke the transport keystore in the node to symmetrically encrypt the key-value pair data with the transport key and encrypted socket key algorithm, construct a proposal response and return to the client to enable the The client constructs the transaction from the transaction proposal and the proposal response.

An embodiment of the present invention provides an electronic device for running a node in a blockchain network, including:

memory for storing executable instructions;

The processor is configured to implement the data processing method of the blockchain network provided by the embodiment of the present invention when executing the executable instructions stored in the memory.

The embodiment of the present invention provides a storage medium storing executable instructions for implementing the data processing method of the blockchain network provided by the embodiment of the present invention when the processor is caused to execute.

The embodiment of the present invention has the following beneficial effects:

By deploying a white-box keystore in the blockchain network to maintain the white-box key of the corresponding client, the data that the client needs to be updated on the chain can be encrypted without the original key. The key, even when the client is in a white box environment, can effectively ensure the security of the original key, which ensures the security of sensitive data after being uploaded to the chain, and facilitates the client to directly perform various business logic based on the sensitive data on the chain.

Description of drawings

1A is a schematic diagram of a static white-box keystore provided by the related art;

1B is a schematic diagram of the principle of a dynamic white-box keystore applied in an embodiment of the present invention;

FIG. 2 is a schematic structural diagram of an exemplary application system 100 of a blockchain network 200 provided by an embodiment of the present invention;

FIG. 3 is a schematic diagram of the principle of transaction processing based on the blockchain network 200 provided by an embodiment of the present invention;

4 is a schematic diagram of a transaction processing flow of a blockchain network for non-sensitive data provided by an embodiment of the present invention;

5 is a schematic diagram of a logical functional architecture of a node in a blockchain network 200 provided by an embodiment of the present invention;

6 is a schematic structural diagram of an electronic device for running a consensus node in a blockchain network 200 provided by an embodiment of the present invention;

7 is a schematic flowchart of a data processing method for a blockchain network provided by an embodiment of the present invention;

8 is a schematic diagram of a key system provided by an embodiment of the present invention;

FIG. 9 is a schematic diagram of the principle of uploading sensitive data to the chain according to an embodiment of the present invention.

Detailed ways

In order to make the purpose, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings. All other embodiments obtained under the premise of creative work fall within the protection scope of the present invention.

In the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is understood that "some embodiments" can be the same or a different subset of all possible embodiments, and Can be combined with each other without conflict.

Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terms used herein are for the purpose of describing the embodiments of the present invention only, and are not intended to limit the present invention.

Before further describing the embodiments of the present invention in detail, the terms and terms involved in the embodiments of the present invention are described. The terms and terms involved in the embodiments of the present invention are applicable to the following explanations.

1) White Box attack, which refers to the attacker in the white box environment (that is, the operating environment that is visible to the attacker, for example, the operating environment of a smartphone has various clients, which are visible to the attacker. ) can have complete control over the device, and can observe and change the internal data when the program is running.

2) White-box keystore, a technology used to defend against white-box attacks. By confusing the key with the key algorithm used for symmetric encryption (ie, the white-box key algorithm), the attacker cannot know the specific The encryption and decryption process prevents attackers from obtaining the original key in a white-box environment, thereby ensuring data security. White-box keystores include static white-box keystores and dynamic white-box keystores. The white-box keystore can run in various forms in the device, such as a dynamic link library of an operating system, a static link library, or a software development kit (SDK, Software Development Kit) built into the client.

3) Static white-box keystore, which combines the original key with the white-box keystore key algorithm (such as Advanced Encryption Standard (AES, Advanced Encryption Standard) algorithm, Data Encryption (DES, Data Encryption Standard) algorithm, triple data encryption (TDES, Triple Data Encryption Standard) algorithm and block cipher (SM4) algorithm and other standard key algorithms) are bound together for obfuscation library files. For example, it includes transforming the mapping from plaintext to ciphertext based on the original key and the key algorithm to obtain a library file in the form of a lookup table.

Referring to FIG. 1A , FIG. 1A is a schematic diagram of the principle of a static white-box key store provided by the related art. When the static white-box key store is run, it has a key function, including: using the original key and the white-box key algorithm to encrypt the plaintext , and decrypt the plaintext from the ciphertext, so that the attacker cannot analyze the original key from the lookup table, and effectively protect the security of the original key in the white-box attack environment. The static white-box keystore is generated from the original key, so the static white-box keystore needs to be regenerated when the original key is updated.

4) Dynamic white-box keystore, which is used for invocation by smart contracts in nodes to transform the original key into a white-box different from the original key after being processed by the white-box keystore technology (such as obfuscation coding and other transformation technologies). The key, on the basis of transforming the original key, can also transform the mapping from plaintext to ciphertext based on the white-box key and key algorithm. The dynamic white-box keystore can be used to realize the above transformation. The library file in the form of a lookup table supports the above transformation by means of a lookup table.

Referring to FIG. 1B, FIG. 1B is a schematic diagram of the principle of the dynamic white-box key store applied in the embodiment of the present invention. At any stage of the operation of the dynamic white-box key store, the original key is completely integrated into the encryption and decryption process, that is, only the You can input the plaintext and whitebox key to the dynamic whitebox keystore to get the ciphertext, or you can input the ciphertext and the whitebox key to the dynamic whitebox keystore to get the plaintext. At the same time, since the encryption/decryption process is decoupled from the original key, the original key can be dynamically replaced while keeping the dynamic white-box keystore unchanged; at the same time, even if the dynamic white-box keystore is attacked The white box key is leaked, and the security of the original key can also be guaranteed.

5) Transport keystore, used for calls by smart contracts in nodes to negotiate with clients the symmetric key algorithm (also known as transport symmetric key algorithm) to use for transmitted messages (such as messages for transactions and transaction proposals) and key (also called transport key).

6) A transaction proposal (Proposal) is a request to execute a smart contract call included in a transaction (hereinafter referred to as executing a transaction), including the identification of the channel that receives the transaction, the identification of the smart contract to be invoked in the channel, and the identification of the smart contract that needs to be called in the channel. The parameter information passed by the calling smart contract.

7) Transaction, also known as transaction request, is equivalent to the computer term transaction (Transaction), which includes the operations that need to be submitted to the blockchain network for execution, as well as the corresponding transaction results. It does not only refer to a transaction in a business context, and since the term "transaction" is conventionally used in the blockchain technology, the embodiment of the present invention follows this convention.

For example, a transaction may include a Deploy transaction for placing a smart contract into a node of the blockchain network and ready to be invoked, and an Invoke transaction for reconciling the state in the ledger The database performs query operations (ie read operations), update operations (including write operations (add and modify) and delete operations).

8) Blockchain is a storage structure for encrypted and chained transactions formed by blocks. The header of each block can include not only the hash values of all transactions in the block, but also the hash values of all transactions in the previous block, so as to realize tamper-proof and anti-tampering of transactions in the block based on the hash value. Forgery; newly generated transactions are added to the block and after the consensus of the nodes in the blockchain network, they will be appended to the end of the blockchain to form a chain growth.

9) Blockchain Network, a set of nodes that incorporate new blocks into the blockchain through consensus.

10) Ledger is a general term for the blockchain (also known as ledger data) and the state database synchronized with the blockchain. Among them, the blockchain records transactions in the form of files in the file system; the state database records transactions in the blockchain in the form of different types of key (Key) value (Value) pairs to support Quick lookup of transactions in the blockchain.

11) Smart Contracts, also known as Chaincode or application code, are programs deployed in the nodes of the blockchain network, which carry the business logic related to transactions, and the smart contracts of different nodes run in isolation from each other. in a virtualized runtime environment (such as a container or virtual machine).

12) Consensus is a process in the blockchain network used to reach agreement on the transactions in the block among the multiple nodes involved, and the agreed block will be appended to the end of the blockchain . The mechanisms for achieving consensus include Proof of Work (PoW, Proof of Work), Proof of Stake (PoS, Proof of Stake), Proof of Delegated Proof-of-Stake (DPoS, Delegated Proof-of-Stake), Proof of Elapsed Time (PoET, Proof of Elapsed) Time), etc.

13) Member, also known as business subject, represents a specific entity identity (such as a company, enterprise and social group, etc.), has its own root certificate in the blockchain network, and the nodes in the blockchain belong to A member, the same member can have multiple nodes in the same channel.

14) Organization, a domain formed by some members (a subset of all members accessing the blockchain network) to achieve a specific business (without the participation of all members), the members in the organization have the same root certificate.

15) Channel, a private isolation environment provided to the nodes of members of the organization in the blockchain network. The channel is a logical structure composed of various nodes that exist physically; the smart contracts and ledgers in the channel are only valid for joining ( Also known as subscription) channel members are visible to nodes, the same node can join multiple channels and maintain a ledger corresponding to each channel.

The following describes an exemplary application of the blockchain network provided by the embodiment of the present invention. Referring to FIG. 2, FIG. 2 is a schematic diagram of the architecture of the exemplary application system 100 of the blockchain network 200 provided by the embodiment of the present invention, including the blockchain network. Network 200 (including multiple nodes), clients 510/410 and Certificate Authority (CA, Certificate Authority) 300 .

A node in the blockchain network 200 has one or more functions, where the ledger is the default function of the node; in some embodiments, the node may also be deployed with consensus services, smart contracts, white-box keystores, and transport keystores one or more of.

The type of the blockchain network 200 is flexible and diverse, for example, it can be any one of a public chain, a private chain or a consortium chain. Taking the public chain as an example, the terminal of any business entity or the client running in the server can access the blockchain network 200 without authorization and become a special kind of node, called client node; Taking the blockchain as an example, after a business entity is authorized to become a member of the blockchain network 200, the corresponding client can access the blockchain network 200 and become a client node. For the convenience of description, the client node is also referred to as a client in the following. end.

As an example, the client can be an application for various purposes related to the business of the business entity, such as a social network client, a logistics client; the client can be an application on various platforms, such as a mobile APP (Android APP and iOS APP) , desktop software (Widow system software and MAC system software) and so on.

It should be pointed out that there is no limit to the number of client nodes belonging to the same business entity. FIG. 2 shows a client 510 used by the business entity 500 and can access the blockchain network 200 to become a client node. Therefore, a client 410 used by the business entity 400 can access the blockchain network 200 to become a client node.

The client node is a special kind of node that is different from the native accounting node in the blockchain network 200. By default, the account book owned by the native accounting node in the blockchain network 200 can be defaulted, thereby reducing the development difficulty of the client and not Realize the lightweight of the client. The transmission of events between the client and the blockchain network 200 is supported. For example, the client can monitor/subscribe events related to smart contract calls in the operation of the blockchain network 200, such as the event of generating a new block, so that when the blockchain When a specific event occurs in the network 200, the relevant business logic of the local or external system is triggered.

In some embodiments, the operations performed by the client on the ledger in the blockchain network 200 mainly include two types of ledger query and ledger update. For the ledger query, the client initiates a transaction proposal to the blockchain network 200, and the transaction data in the transaction proposal (ie, the smart contract invocation related to the query operation) is executed by the nodes of the blockchain network 200 included in the transaction proposal. The smart contract is called to query the ledger, and the queried data is carried in the proposal response as the transaction result to return to the client.

For the ledger update, the client node initiates a transaction proposal to the blockchain network 200, and the transaction data includes the smart contract calls related to the update operation of the state database (including the operation of adding, deleting and modifying key-value pair data), The nodes of the blockchain network 200 simulate the execution of the ledger (that is, the ledger will not be changed) the transaction data included in the transaction proposal, and carry the key-value pair obtained by the simulated execution as the transaction result in the proposal response to return to the client, the client The end node then constructs the transaction proposal and the proposal response into a transaction, and submits it to the blockchain network 200, and the nodes of the blockchain network 200 record the transaction in the ledger.

The authentication center 300 outside the blockchain network 200 is used to respond to the registration application of the client 410/510 (hereinafter referred to as the client), and return the registration key for logging in, so as to obtain the identity information used to declare the member to which the client belongs. digital certificate. As an alternative to the certificate authority (CA, Certificate Authority) 300 , a CA node may be set in the blockchain network 200 to implement the function of the certificate authority (CA, Certificate Authority) 300 .

In some embodiments, the accounting nodes in the blockchain network 200 can be divided into different types according to the functions implemented outside the ledger and consensus services, as the division of the blockchain network 200 shown in FIG. 2 is different For an example of the type, see FIG. 3. FIG. 3 is a schematic diagram of the principle of transaction processing based on the blockchain network 200 provided by the embodiment of the present invention. Except for the client node (client 410/510), the nodes in the blockchain network 200 By default, they all have consensus services and ledger functions. The nodes that only have the functions of verifying transactions and accounting are called account nodes (Committer) or consensus nodes, and also include some special types of account nodes: Endorser nodes with endorsement services (Endorser) ), an orderer with an ordering service (Orderer), and a leader peer (Leader Peer) that represents the accounting node in the channel and the orderer channel.

The above-mentioned nodes in the blockchain network 200 can join the channels of different organizations, and the channels of each organization (organization 1 and organization 2) include multiple accounting nodes belonging to the members of the organization, as shown in FIG. 3 to carry out different services. In the blockchain network 200, the nodes belonging to the members of Organization 1/2 can join the channels of Organization 1/2 correspondingly, and the nodes in each channel receive business-related services submitted by clients of the organization to which they belong. , and transfer the transaction to the ledger, which is isolated from nodes outside the channel.

In some embodiments, a software development kit (SDK, Software Development Kit) is built in the client to realize the interaction by the blockchain network 200, so that the native code of the client can only focus on implementing business-related logic, ignoring the blockchain network 200 internal operation details to reduce the development difficulty of the client.

As an example, the SDK provides the client with a series of application programming interfaces (APIs, Application Programming Interfaces) based on remote procedure call (RPC, Remote Procedure Call) connections between nodes of the blockchain network 200 for the client Manage and use the functions of the blockchain network 200 including: identity management, ledger management, transaction management, smart contracts, transaction management, membership management, consensus services, smart contract services, security and key services, and event processing, etc., The above-mentioned functions will be described in detail below.

Embodiments of the present invention provide a solution for a client to submit non-sensitive data and sensitive data to a blockchain network, where non-sensitive data is data disclosed by any client that can access the blockchain network. It is understandable that non-sensitive data and The way of distinguishing sensitive data is flexible and diverse, depending on the business needs of the members accessing the blockchain network. For example, the business attributes of the members require the protection of users’ personal information, business secrets, etc., these data need to be on the chain and Only open query permissions to clients belonging to members themselves, then these data are sensitive data; data whose business attributes of members do not require protection, such as business scope and business introduction information, these data also need to be stored on the chain, then these data for non-sensitive data.

In the following, in conjunction with FIG. 4 , taking as an example a transaction for submitting a transaction based on non-sensitive data to update the state database of the blockchain network and a transaction for submitting a query for non-sensitive data in the state database of the blockchain network to the blockchain network, An example illustrating transaction management for a blockchain network.

In some embodiments, the operation of the client submitting the non-sensitive data to update the state database of the blockchain network includes two stages: submitting a transaction proposal and submitting a transaction. Operations on sensitive data include a stage of submitting a transaction proposal.

Referring to FIG. 4, FIG. 4 is a schematic diagram of a transaction processing flow of a blockchain network for non-sensitive data provided by an embodiment of the present invention. Combined with the two-stage processing process of transaction proposal and transaction submission shown in FIG. The function of the node is explained.

The client initiates a transaction proposal to an endorsing node in one or more channels in the blockchain network 200, and the transaction proposal includes a transaction number, a timestamp (the time when the transaction proposal was initiated), and transaction data. The transaction data includes: the identification (such as the serial number or name) of the channel that executes the transaction (that is, the channel where the smart contract called in the transaction is located), and the status database/queries that need to be executed in the channel and updated based on non-sensitive data Smart contract calls for sensitive data in the state database (including updating the state database/querying sensitive data in the state database based on non-sensitive data, the identification of the smart contract that needs to be called, such as the name or serial number, the version of the smart contract, and the need to pass to the smart contract. parameter information, etc.). Smart contracts and parameters are related to the operations that the client needs to perform. For example, smart contracts can be used to add, delete, query or modify operations, and parameter information can be data for adding, deleting, querying or modifying operations.

The transaction proposal also carries the client digital certificate issued to the client by the certification center, and the digital signature signed by the client for the transaction data in the transaction proposal. The client digital certificate includes: the identity information of the member to which the client belongs, the client's public key, The authentication center uses the authentication center's private key (corresponding to the public key in the root certificate that the client and the node request from the authentication center in advance) to sign the client's identity information and the client's public key. The client digital certificate is used to declare the identity information of the member to which the client belongs, and the client digital signature is used to prove that the transaction data in the transaction proposal has not been tampered with.

After receiving the transaction proposal, the endorsement node will perform some endorsement verification according to the endorsement strategy, including: whether the digital certificate carried by the transaction proposal is issued by a trusted certification center; whether the digital signature of the transaction proposal is valid; whether the format of the transaction proposal is correct; Whether the transaction proposal has been submitted repeatedly; whether the client has been authorized to have write permission in the channel requesting to execute the smart contract call. When the judgments are all yes, the endorsement verification is successful.

In some embodiments, when the endorsement node verifies that the transaction proposal is successful, the endorsement node simulates the execution of transaction data based on the state database of the ledger maintained locally, that is, executes the smart contract invocation included in the transaction proposal to obtain the transaction result. The endorsement node uses its own private key to sign the transaction result (that is, endorsement), and combines the endorsement node's digital signature with the endorsement node's digital certificate (including the endorsement node's public key, and the certification center uses the certification center's private key to endorse the node's signature). The digital signature signed by the public key and identity information), and other related information are constructed as a proposal response (Proposal Response), and then returned to the client.

As an example, when a transaction proposal includes a smart contract invocation for query operations on non-sensitive data, the transaction result is a read set (Read Set), which contains key-value pairs read from the ledger database during the simulation execution process; when the transaction proposal When a smart contract is invoked that includes an update operation for non-sensitive data, the transaction result is that the Write Set also contains a list of unique keys, as well as the key-value pairs written to the ledger database during the simulation execution. .

As an example, other relevant information described above may include: a success code (indicating that the verification of the transaction proposal was successful), a timestamp (the time the proposal response was generated), the identification of the channel that received the transaction (eg, serial number or name), and the transaction The hash value of the proposal (used to bind one-to-one with the transaction proposal to avoid the transaction being tampered by the client during the commit transaction phase).

In some embodiments, when the endorsement node fails to verify the transaction proposal, it will return to the client a proposal response with a failure code (indicating the error type of the failure to verify the transaction proposal).

When the client receives the proposal response, it first confirms the validity of the proposal response by verifying the digital certificate and digital signature carried by the transaction proposal. When the client collects a sufficient number (predetermined number) of proposal responses from endorsing nodes, and the transaction results in the proposal responses are consistent, a transaction will be constructed based on the transaction proposal and the proposal responses.

As an example, a transaction includes: a timestamp (the time the transaction was constructed), the identity of the channel that received the transaction, the identity of the smart contract that needs to be invoked in the channel (such as a name or serial number), the version of the smart contract, and the information passed to the smart contract. Parameters, etc. and transaction results (such as read/write sets), and the digital signature of the endorsing node for the transaction results.

It should be pointed out that if the smart contract invocation in the transaction proposal submitted by the client is only used to query the ledger (and not to update the ledger), the client will not construct the transaction, and only use the transaction result in the proposal response as the ledger query result to complete related business logic.

After the client constructs the transaction, it broadcasts the transaction to the ordering node in the blockchain network 200. For the received transaction, the ordering node reads the identifier of the channel to which the transaction belongs from the transaction, and according to the timestamp in the transaction (such as initiating a transaction proposal) The order of the timestamp of the corresponding channel and the timestamp of generating the proposal response), construct the block of the corresponding channel corresponding to the transaction received by each channel, and send the block to the master node in the corresponding channel.

Taking Figure 3 as an example, when the ordering node receives a transaction, it determines whether the channel that needs to receive the transaction is the channel of Organization 1 or the channel of Organization 2 according to the identifier of the channel in the transaction. The block of the channel of organization 1 and the block corresponding to the channel of organization 2 correspond to the master node in the channel of organization 1/organization 2.

The master node is the node that communicates with the ordering node on behalf of other accounting nodes in the channel, and is used to obtain the latest block from the ordering node and synchronize within the channel; the master node can be set by force or dynamically elected .

The accounting nodes in the channel each perform consensus verification on each transaction in the received block, and append to the end of the blockchain they maintain after passing the verification, and update the ledger database with the transaction result of the transaction in the block.

In some embodiments, the consensus verification of the transaction in the block by the accounting node includes: whether the transaction format is correct and whether there is a legal signature (including the digital signature of the client and the digital signature of the endorsing node), that is, verifying whether the transaction content has been tampered with ; Whether the accounting node joins the channel indicated in the transaction to receive the transaction; whether the transaction complies with the endorsement policy. The endorsement policy is the rule for the endorsement node to endorse the transaction, specifying the organization from which the endorsement required for a transaction before it is submitted, the type of nodes in the corresponding organization, and the number of valid endorsements. When the judgment results are all yes, it means that the consensus verification is passed.

The following describes an exemplary logical functional architecture of a node in a blockchain network provided by an embodiment of the present invention. Referring to FIG. 5, FIG. 5 is a schematic diagram of a logical functional architecture of a node in a blockchain network 200 provided by an embodiment of the present invention. Be explained.

The upper layer of the node in the blockchain network 200 is connected to the client. The client 410/510 provides a standard RPC interface, and encapsulates the SDK on the basis of the API, so that developers can develop blockchain-based development in the SDK. various business logics; the client's event mechanism enables the client to execute a predefined callback function when receiving various events of the blockchain network 200, such as when receiving an event of creating a new block or executing a smart contract , so that the execution time for reaching a consensus among each node is shortened as much as possible.

In some embodiments, from the perspective of the top layer of the blockchain network 200 connecting to the client, the functions of the nodes in the blockchain network 200 include identity management, ledger management, transaction management and smart contracts, which will be described separately below.

(1) Identity management

After the client's user registers and logs in to the certification center, the client obtains the member's digital certificate (ECert), and all other operations need to be signed with the private key associated with the digital certificate. The message recipient and the member hold the same certificate from the certification center. The root certificate of the message recipient will first perform signature and digital certificate verification before proceeding with subsequent message processing. Nodes will also use digital certificates issued by the certification center. For example, when members accessing the blockchain network start the system of the nodes under their jurisdiction and manage the nodes under their jurisdiction, the identity management function will authenticate and verify the identity information of the members. authorized.

(2) Ledger management

Maintain the ledger and authorize members accessing the blockchain network 200 to query the ledger, which can be queried in various ways, including querying blocks based on block numbers, querying blocks based on block hashes, querying blocks based on transaction numbers, and querying blocks based on transaction numbers. The transaction number can be used to query the transaction, and the queried blockchain can also be obtained according to the channel name.

(3) Transaction management

The ledger can only be updated by submitting transactions. The client submits a transaction proposal through the transaction management function of the blockchain network 200, and after obtaining the endorsement of the transaction, submits the transaction to the ordering node, and then the ordering node constructs a block.

(4) Smart Contract

Implement "Programmable Ledger", execute transactions through smart contract calls, and implement blockchain-based smart contract business logic, such as executing updates in transactions or querying key-value pair data in the state database. Contract invocation; another example, executing a smart contract invocation in a transaction that is related to a whitebox keystore or a transport keystore.

In some embodiments, from the perspective of connecting the blockchain network 200 to the bottom layer, the functions of the blockchain network 200 include member management, consensus service, chain code service, security and key service, which will be described separately below.

(1) Member management

Through the Root of Trust Certificate system, use (PKI, Public Key Infrastructure) to authenticate members' identity information and verify members' digital signatures. Combined with the certification center or third-party certification center within the blockchain network, it provides members' registration functions and manages members' digital certificates, such as certificate addition and revocation. Exemplarily, digital certificates are divided into registration certificate (ECert), transaction certificate (TCert) and TLS certificate (TLS Cert), which are respectively used for user identity, transaction signature and TransportLayer Security Protocol (TLS, TransportLayer Security Protocol) transmission. .

(2) Consensus service

The consensus service consists of 3 stages: the client submits a proposal to the endorsement node (providing endorsement verification) to obtain an endorsement, and after the client obtains the endorsement, it submits the transaction to the ordering node (providing the ordering service) to sort and generate blocks, and then broadcast to the bookkeeping. After the node verifies the transaction in the block, it is written into the local ledger of the accounting node.

(3) Chain code service

Provides a secure virtualized runtime environment for smart contracts, such as containers (Docker) or virtual machines, to ensure secure execution and isolation of user data; it can respond to the smart contract image file specified in the deployment transaction and read from the image file repository Take the smart contract image file, deploy it on the node and instantiate the smart contract.

(4) Security and Key Services

Implement basic functions such as key generation, hash operation, signature verification, encryption and decryption.

The following describes an exemplary structure of an electronic device for running a node of a blockchain network provided by an embodiment of the present invention. Referring to FIG. 6 , FIG. 6 is a structure of an electronic device for running a node in the blockchain network 200 provided by an embodiment of the present invention. In the schematic diagram, the electronic device can be a terminal (eg PC), a server or a cluster of servers, providing a virtualized node operating environment, the electronic device 600 shown in FIG. 6 includes: at least one processor 610 , memory 650 and at least one network interface 620 . The various components in the electronic device are coupled together by a bus system 640 . It can be understood that the bus system 640 is used to implement the connection communication between these components.

The processor 610 may be an integrated circuit chip with signal processing capabilities, such as a general-purpose processor, a digital signal processor (DSP, Digital Signal Processor), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc., where a general-purpose processor may be a microprocessor or any conventional processor or the like.

Memory 650 may be removable, non-removable, or a combination thereof. Memory 650 includes volatile memory or non-volatile memory, and may also include both volatile and non-volatile memory.

In some embodiments, memory 650 is capable of storing data to support various operations, examples of such data including programs, modules, and data structures, or subsets or supersets thereof, such as operating system 651, via one or more (wired or wireless) ) network interface 620 to the communication module 652 of the other computing device.

In some embodiments, the data processing apparatus 655 of the blockchain network provided by the embodiments of the present invention may be implemented in software. FIG. 6 shows the data processing apparatus 655 of the blockchain network stored in the memory 650, which may It is software in the form of programs and plug-ins, including the following software modules: smart contracts, white-box keystores and consensus services deployed in the nodes of the blockchain network; these modules are logical and therefore can be Make any combination or split further. The function of each module will be explained below.

In the following, the data processing method of the blockchain network provided by the embodiment of the present invention will be described by taking as an example initiating a transaction for updating the state database based on sensitive data and submitting a transaction for querying the sensitive data in the state database to the blockchain network. Example of transaction management for sensitive data. It should be pointed out that, compared with the transaction management scheme related to non-sensitive data, in the transaction management scheme related to sensitive data, in addition to involving the smart contract, white box keystore and transmission keystore in the node, the process of transaction management The implementation of the involved consensus services (such as the endorsement service and the ordering service) is similar, so the details related to the consensus service are omitted below.

Referring to FIG. 7, FIG. 7 is a schematic flowchart of a data processing method of a blockchain network provided by an embodiment of the present invention. Nodes in the blockchain network (such as a sorting node, a master node in a channel added by a client, accounting Nodes and Endorsing Nodes) are deployed with smart contracts, white-box keystores and transmission keystores as an example to illustrate.

In step 101, the client sends the original key to the smart contract in the node of the blockchain network.

In some embodiments, when the client needs to upload sensitive data related to its own business on the chain, it initializes the original key for encrypting the sensitive data, and sends it to the nodes in the blockchain network (for example, including ordering nodes, The master node, billing node and endorsement node in the channel that the client joins) to receive the original key through step 101 .

For example, a setting interface for raw keys is provided in the client to receive the raw keys set by users for sensitive data; or, by running a library that automatically generates keys to generate raw keys, users can set up a key to protect sensitive data. The length and character type of the original key.

In some embodiments, in order to ensure the security of the original key transmission (not to be intercepted by an attacker), before step 101, the client may negotiate with the node to determine an encrypted socket for symmetric encryption of the original key The word key algorithm and the corresponding transmission key, and use the encrypted socket key algorithm and the transmission key to symmetrically encrypt the original key, and transmit the encrypted original key to the node's smart contract. When the node's smart contract is in When the encrypted original key is received in step 101, the encrypted socket key algorithm and the encrypted original key can be used for decryption by calling the transmission key store.

For example, when the smart contract in the node negotiates with the client by calling the transmission keystore deployed in the node to determine the symmetric key algorithm and the corresponding transmission key, it can be implemented in this way: the smart contract in the node communicates with the client The handshake message through the HyperText Transfer Protocol Secure (HTTPS, HyperText Transfer ProtocolSecure) is transmitted between the peers, and the random number and the encrypted socket key algorithm (among which, the encrypted socket is exchanged between the node and the client through the handshake message transaction) The key algorithm is any symmetric encryption algorithm exchanged based on the Secure Sockets Layer (SSL, Secure Sockets Layer), so that both the node and the client obtain the same random number and encrypted socket key algorithm, so that through The encrypted socket key algorithm calculates the random number to obtain the transmission key.

As an example, the encrypted socket key algorithm and transmission key used to encrypt the original key negotiated by the node through the smart contract with the client may be permanently valid, or may be renegotiated periodically for renewal, or, when the transmission When the actual number of key uses reaches the threshold, renegotiation is performed to update, thereby ensuring the security of the original key.

Before step 101, it also involves the instantiation of the white box keystore and the instantiation of the transmission keystore in the blockchain network, which will be described below.

In some embodiments, the whitebox keystore and the transport keystore may be built into the blockchain network, and the instantiation of the whitebox keystore and the transport keystore may be done synchronously with the instantiation of the smart contract in the node.

For example, a client can submit a transaction for deploying a smart contract image file to a blockchain network node (ie, a deployment transaction, carrying the ID of the smart contract image file to be deployed), and the chaincode service in the node can retrieve the image file from the image file repository. Read the corresponding smart contract image file (the smart contract image file includes the smart contract and the white-box cryptographic library), and deploy it in the virtualized operating environment of the node. At this point, the instantiation of the smart contract and the white-box keystore is completed.

It is understandable that the transmission keystore can also be integrated in the smart contract image file, using a similar instantiation method as above, so that once the smart contract is deployed in the node, the white box keystore and the transmission keystore are also synchronized on the node. It is instantiated in the system to improve deployment efficiency.

Of course, the instantiation of the white-box keystore and the transmission keystore can be independent of the instantiation process of the smart contract, and the image file warehouse can include the transmission keystore image file and the white-box keystore image file, so that customers can By submitting a deployment transaction, the terminal can make the chaincode service deploy the transmission keystore image file and the white-box keystore image file to the virtualized operating environment of the node, so as to complete the instance of the transmission keystore and the white-box keystore. change.

In other embodiments, the white-box keystore can be established by the client (or obtained from an off-chain image file repository) and uploaded to the chaincode service in the node, and the white-box keystore can be deployed by the chaincode service In the environment where the virtualization of the node takes place to complete the instantiation.

For example, a smart contract image file can only include smart contracts, and the chaincode service in the node responds to the transaction submitted by the client for deploying the smart contract image file, according to the ID of the smart contract image file carried in the transaction. Read the corresponding smart contract image file in the node, and deploy it in the virtualized operating environment of the node to complete the instantiation of the smart contract; the client continues to submit a deployment transaction to the node for deploying the transmission key image file (carrying the transmission key The ID of the keystore image file), the chaincode service is called by the smart contract to deploy the corresponding transmission keystore image file in the image file warehouse to the virtual operating environment of the node to complete the instantiation of the transmission keystore; Understandably, the transmission keystore can be integrated with the smart contract in the smart contract image file, so that the smart contract is deployed to the virtualized runtime environment of the node in synchronization with the smart contract to complete the instantiation.

Continuing the above example, the smart contract in the node calls the transmission keystore to negotiate the encrypted socket key algorithm and the encrypted socket key algorithm with the client, after which the client will use the negotiated transmission key and encrypted socket key algorithm Encrypt deployment transaction, which includes the white-box keystore to be uploaded by the client, and send the encrypted deployment transaction to the node, which is invoked by the smart contract in the node to transmit the keystore to utilize the encrypted socket key algorithm and transmission The key decryption deployment transaction obtains the white-box keystore, and continues to call the chaincode service to deploy the white-box keystore uploaded by the client to the virtualized operating environment of the node, thus completing the instantiation of the white-box keystore.

In step 102, the smart contract in the blockchain network node invokes the white-box keystore deployed in the node to generate a white-box key corresponding to the original key in the white-box keystore.

In some embodiments, the smart contract invokes the white-box keystore deployed in the nodes of the blockchain network to perform the following operations: determine to generate the white-box key by using the original key according to the values of each field in the original key method, that is, the transformation method (also called the generation method); the original key is transformed according to the determined transformation method to obtain the corresponding white-box key.

The white box key is obtained by transforming the original key, and there is a difference between the original key in at least one dimension of length and character type. The embodiment of the present invention does not limit the specific transformation method. For example, it can be Transformation methods such as logical calculation (including XOR, permutation, substitution and shift), scrambling coding and insertion of scrambling information are adopted.

For example, when the binary data of the to-be-transformed field of the original key is 1, the corresponding transformation method is: the XOR of the to-be-transformed field and (the previous bit or the next bit); when the field is 0, the corresponding transformation method is the adjacent bit and or; then traverse each field of the original key to transform to obtain the white-box key.

Since the transformation of the original key is realized by the values of the various fields of the original key, the original key is ideally obfuscated. Even if the white-box environment is invaded by an attacker and the white-box key is obtained, the It is difficult to restore the original key from the white-box key, thus ensuring the security of the original key.

In some embodiments, calling the white-box keystore through the smart contract in step 102 not only generates the white-box key corresponding to the original key, but also determines the calculation method used to transform the key algorithm, that is, for the combined key The key algorithm and the white-box key pair the mapping of plaintext (ie, the binary data of the plaintext of the transaction) to the ciphertext, and determine the calculation method used to transform the mapping.

For example, the smart contract calls the white-box keystore to perform the following operations: for different original keys submitted by different clients, it is determined to use the same calculation method when transforming the key algorithm, and the unified calculation method can improve the encryption according to the efficiency.

For another example, the smart contract invokes the white-box keystore to perform the following operations: According to the value of each field in the original key, for the mapping from plaintext to ciphertext by combining the white-box key and the key algorithm, determine the mapping for the mapping. The calculation method to use when making the transformation.

As an example of determining the calculation method, various key algorithms provided in the related art include various calculation methods (such as XOR, permutation, substitution and shift) in the mapping from plaintext to ciphertext. The value of each field transforms the calculation methods that appear in sequence in the key algorithm. When the binary data of the first field of the original key is 1, the first occurrence of the calculation method in the key algorithm is transformed into an exclusive one. Or, when the binary data of the first field of the original key is 0, transform the calculation method of the first occurrence in the key algorithm into AND or, and so on until all the calculation methods in the key algorithm are transformed. , so as to obtain the calculation method used to transform the key algorithm.

Therefore, the calculation methods corresponding to different fields in the original key are different, and it is difficult for an attacker to rely on the cracked white-box key to crack the white-box keys of other clients, which improves the security.

The following describes the scheme of on-chain sensitive data and query of sensitive data through the transmission keystore and the white-box keystore.

In step 103, the node of the blockchain network receives the transaction submitted by the client for performing the data update operation through the smart contract.

In some embodiments, before a node in the blockchain network (eg, the master node of the channel to which the client joins) receives the transaction submitted by the client for performing the data update operation, the node in the blockchain network (eg, , the endorsement node in the channel joined by the client) receives the transaction proposal submitted by the client for the data update operation, and after the transaction proposal is verified and passed, the state database of the ledger in the node is simulated to execute the update operation in the transaction proposal , obtain the corresponding key-value pair data, such as at least one of the updated key-value pair data, the newly added key-value pair data, and the deleted key-value pair data; call the transmission keystore deployed in the node, through the transmission key The proposal response is encrypted and returned to the client, so that the client can construct a transaction based on the transaction proposal and the proposal response.

In some embodiments, the node in the blockchain network (for example, the master node in the channel joined by the client) receives the transaction submitted by the client for performing the data update operation, which can be implemented by the following methods: intelligent The contract calls the transport keystore in the node to perform the following operations: authenticate with the client through a digital certificate, and perform a negotiation operation after the authentication is passed to determine the encrypted socket key algorithm and transport key used ; to receive in step 103 the transaction encrypted by the client through the encrypted socket key algorithm and the transmission key and used for performing the data update operation.

As an example of a negotiation operation to determine the encrypted socket key algorithm and transport key to use, the smart contract in the node calls the transport keystore to transmit the handshake message over the Hypertext Transport Security Protocol with the client , the random number and encrypted socket key algorithm are exchanged between the node and the client through the handshake operation message, so that the node and the client both obtain the same random number and encrypted socket key algorithm, and encrypt the socket The key algorithm calculates the random number to obtain the transmission key.

As an example, the encrypted socket key algorithm and transport key for encrypted transaction proposals/transactions negotiated by the node and the client through the smart contract may be permanently valid, or may be periodically re-agreed to update, or, when When the actual usage times of the transmission key reaches the threshold, renegotiation is performed to update, so as to ensure the security of the original key.

It should be pointed out that the encrypted socket key algorithm and transmission key negotiated by the node and the client through the smart contract for encrypting the transaction proposal/transaction are the same as the encrypted socket key algorithm and transmission key negotiated by the node and the client through the smart contract described above. The encrypted socket key algorithm for the raw key and the transport key can be the same or different.

In step 104, the nodes of the blockchain network package the received transaction into a new block.

In some embodiments, a node (eg, ordering node) of the blockchain network will sort (eg, ascending or descending) multiple transactions received by each channel in the blockchain network according to the timestamps of the multiple transactions. , and packaged as a new block for the corresponding channel.

In particular, when the transaction is symmetrically encrypted by the client based on the encrypted socket key algorithm and the transport key, the node can call the transport keystore to pair the transaction based on the same encrypted socket key algorithm and transport key. Packing after decryption; of course, the encrypted socket key algorithm and transmission key encrypted transaction can also be directly packed into a new block.

In step 105, the nodes of the blockchain network perform consensus verification on the new block.

In some embodiments, the ordering node in the blockchain network packages the received transaction into a new block for each channel, and sends it to the master node in the channel to which the transaction belongs in the new block, and the master node stores the new block. Broadcast to each accounting node in the channel, each node in the channel (including the master node and the accounting node) performs the following verification operations on the transaction in the new block: the transaction format is correct; the digital signature is legal; it conforms to the endorsement policy; received The node of the new block joins the channel indicated in the transaction.

Understandably, for the case where the transaction in the new block is encrypted by the encrypted socket key algorithm and the transport key in step 104, in step 105, the node can call the local transport keystore to The encrypted socket key algorithm and transport key are decrypted, followed by consensus verification.

In step 106, when the consensus verification of the new block is passed, the node of the blockchain network invokes the white-box keystore deployed in the node through the smart contract to symmetrically encrypt the new block based on the white-box key.

In some embodiments, a smart contract in a blockchain network node invokes a white-box keystore deployed in the node to perform the following operations: perform the following operations on transactions in a new block through a white-box key and a white-box key algorithm Symmetric encryption to replace the original transaction in the new block; read the key-value pair data of the update operation from the transaction of the new block, and use the white-box key and the white-box key algorithm for the The key-value pair encrypts the data symmetrically.

As an example of encrypting a transaction in a new block, through the white-box key and the white-box key algorithm, the binary data (which may be transaction data, transaction proposal, or all data) in plaintext form of the transaction is performed. mapping, and transform the mapping according to the calculation method used to transform the white-box key algorithm to obtain binary data in the form of ciphertext corresponding to the transaction; wherein, the encrypted binary data in the transaction can be It is the transaction result in the proposal response of the transaction, that is, the key-value pair data, or the proposal response, or all the binary data of the transaction.

As an example of encrypting key-value pair data, the white-box key and the white-box key algorithm are used to map the plaintext binary data of the key-value pair data, and according to the white-box encryption The key algorithm is used to transform the calculation method, and the mapping is transformed to obtain binary data in the form of ciphertext corresponding to the key-value pair data.

As an example of encrypting the decrypted transaction with a white-box key, the white-box key and the key algorithm are used to map the binary data of the transaction in the form of plaintext, and according to the encryption of the key algorithm The calculation method used for the transformation transforms the mapping to obtain binary data in the form of ciphertext corresponding to the transaction.

In step 107, the node in the blockchain network updates the node's ledger with the new block symmetrically encrypted by the white-box key.

In some embodiments, a new block symmetrically encrypted by the white-box key and the white-box key algorithm is added to the end of the blockchain in the ledger of the node; the transaction of the new block corresponds to The key-value pair data of the update operation is updated to the state database in the ledger of the node, wherein the key-value pair data is performed by the white-box key and the white-box key algorithm in the white-box key store. symmetric encryption.

In some embodiments, the blockchain network also supports the client to query the sensitive data stored in the ledger. For example, in step 108, the client submits a data query to the nodes of the blockchain network for querying the data. The transaction proposal, the transaction proposal can also be encrypted using the transmission key and the encrypted socket key algorithm; in step 109, when a node in the blockchain network (such as an endorsing node) receives the encrypted transaction proposal, it calls the transmission The keystore is used to decrypt the transaction proposal through the encrypted socket key algorithm and the transmission key, so that the decrypted transaction proposal can be endorsed and verified.

As an example of an endorsement of a transaction proposal, at least one of the following verification operations is performed: the digital certificate carried by the transaction proposal is issued by a trusted certification authority; the digital signature of the transaction proposal is valid; the format of the transaction proposal is correct; the transaction proposal has not been submitted repeatedly.

In step 110, when the endorsement verification for the transaction proposal is passed, the nodes of the blockchain network simulate the query operation against the state database in the local ledger to obtain the corresponding key-value pair data (ie read set).

In step 111, the node of the blockchain network calls the white-box keystore deployed in the node to decrypt the queried key-value data through the white-box key and the white-box key algorithm; in step 112 , the node of the blockchain network constructs the decrypted key-value pair data, the node's digital signature for the key-value pair data, and the node's digital certificate as a proposal response, and calls the transmission keystore deployed in the node to use the transmission The key and encrypted socket key algorithm encrypts the proposal response, and then sends the encrypted proposal response to the client in step 113.

For example, the node in the blockchain network constructs the key-value pair data, the node's digital signature for the key-value pair data, and the node's digital certificate as a proposal response and returns it to the client; in step 114, the client decrypts the proposal response and verifies the proposal. The digital certificate and digital signature carried in the response are compared to whether the key-value pair data carried in multiple proposal responses are consistent. If they are consistent, the key-value pair data is determined as the target data of the query operation. For example, after collecting the proposal responses from multiple nodes, the client first decrypts the proposal responses according to the encrypted socket key algorithm and transmission key obtained through negotiation, and then verifies the digital certificate and digital signature carried in the proposal responses. , continue to compare the key-value pair data carried in the multiple proposal responses to see if they are consistent, and if they are consistent, determine that the key-value pair data is the target data of the query operation; related business logic in the terminal.

It can be seen that in the process of updating the ledger based on sensitive data, the smart contract itself does not hold the white-box key, and the encryption and decryption operations based on the white-box key are realized by the smart contract calling the white-box keystore, so as to utilize the white-box key. The box keystore effectively avoids white box attacks. Even if the white box key is leaked, it will not cause security risks to the original key generated by the client.

The following describes the data processing solution of the blockchain network provided by the embodiment of the present invention in conjunction with a specific blockchain network. The related technology needs to summarize the data on the chain, and can only compare whether the sensitive data has changed, which has great restrictions on the business itself; conventional data security methods cannot meet this demand, because the data on the chain has been disclosed for a long time. The possibility of asymmetric encryption has the problem of inefficiency, and the symmetric encryption has the risk of being cracked. The technical solution of the embodiment of the present invention proposes a blockchain security solution through a white box key, which can effectively solve the data storage security problem in the blockchain and the state database.

Referring to FIG. 8, FIG. 8 is a schematic diagram of a key system provided by an embodiment of the present invention. Asymmetric keys (including public and private keys) are used to form digital signatures in message transmission between clients and nodes. The certificate is used to ensure the reliability of the message. For example, the message transmitted from the client to the node carries the digital signature and digital certificate signed by the client based on the private key, for the node to verify that the message is from the client and has not been tampered with.

Continuing to refer to FIG. 9 , FIG. 9 is a schematic diagram of the principle of uploading sensitive data to the chain provided by an embodiment of the present invention. An embodiment of the present invention deploys a white-box key in a virtualized operating environment (ie, a smart contract VM) of a node of a blockchain network. library, transmission keystore and smart contract to ensure the security of the data on the client chain, even if the data in the blockchain or state database is visible to the outside world, since the sensitive data is encrypted based on the white box key, it is guaranteed that only Clients with the original key can decrypt and use sensitive data, keeping the data secure. The following description will be made.

The white-box keystore is built into the basic image file of the blockchain smart contract, or the client uploads its own white-box keystore to instantiate it into the nodes of the blockchain network. When the client uploads the data on the chain, it transmits the original key of the data to the smart contract deployed in the blockchain network node. Before the client transmits the original key, it can use the encrypted socket key algorithm and transmission key negotiated based on the transmission keystore to perform symmetric encryption. After the smart contract receives the encrypted original key, it can use the encrypted socket key algorithm based on the encrypted socket key algorithm. And the transmission key is decrypted to get the original key.

The smart contract calls the white-box keystore in the virtual operating environment of the node, processes the original key to obtain the white-box key, and uses the white-box key algorithm and the white-box key to symmetrically encrypt the data on the client chain. And stored in the blockchain and state database in the ledger, other clients have no way to crack the data encrypted by the white box key through the original key, thus ensuring the security of the data on the chain.

The white-box key store can be a dynamic white-box key store, which can use different white-box key generation methods and encryption calculation methods according to different original keys (that is, the mapping of the white-box key algorithm from plaintext to ciphertext). how the transformation is calculated).

When the node's smart contract is instantiated, the client initializes an original key, uploads the original key to the node's smart contract, and calls the white-box keystore through the smart contract to transform the original key to generate a white-box key; There are many ways to implement the white-box keystore. Generally, standard white-box key algorithms such as AES/DES are transformed according to the fields of the original key. For example, the first field of the original key is 0. The calculation method used by the key algorithm to transform the mapping from plaintext to ciphertext can be XOR, the first field is 1, and the calculation method used by the key algorithm to transform the mapping from plaintext to ciphertext can be AND operation. It should be pointed out that the embodiments of the present invention do not limit the specific method of generating the white-box key of the white-box key store and the specific implementation of transforming the white-box key algorithm.

The client uses the digital certificate to negotiate the transfer key tk (using symmetric encryption) and the encrypted socket key algorithm with the node where the smart contract is installed, which is used to secure the transmission of sensitive data to the smart contract, the transfer key and the encrypted socket The key algorithm can be updated periodically.

The smart contract trans-encrypts the sensitive data encrypted with tk: after decrypting the sensitive data with tk, symmetric encryption is performed using the white-box key wk and the white-box key algorithm.

Save sensitive data encrypted with white-box keys to the blockchain and state database of the ledger, specifically, package the transactions used to store sensitive data into new blocks, agree and append to the end of the blockchain, and store the new block The key-value pair data in the transaction result (ie write set) of the transaction in the block is used to update the state database. At this point, the process of uploading sensitive data to the chain ends.

In the process of uploading sensitive data to the chain, the sensitive data has only appeared in the memory of the smart contract, and the sensitive data after the chain is encrypted based on the white box key. Since there is no way to be cracked by other clients, the sensitive data is guaranteed. security.

When the client needs to use the data, the original key is submitted to the smart contract, and the smart contract calls the white-box keystore to convert the original key into a white-box key, and the sensitive data queried from the state database is based on the white-box key The key wk and the white box key algorithm are decrypted, and then symmetric encryption is performed using the transport key tk and the encrypted socket key algorithm, and transmitted to the client. Decryption, and then the relevant business logic can be executed based on the sensitive data.

The following continues to describe an exemplary structure in which the data processing apparatus 655 of the blockchain network provided by the embodiment of the present invention is implemented as a software module. In some embodiments, as shown in FIG. The software modules in the data processing device 655 may include: smart contracts, white-box keystores and consensus services deployed in the nodes of the blockchain network, which will be described respectively; and may also include transmission keystores and chaincode services, which are described below. Explain separately.

Smart contracts, white-box keystores and consensus services deployed in nodes of a blockchain network; among them,

The smart contract is used to generate the white-box key corresponding to the original key in the white-box keystore by receiving the original key sent by the client and calling the white-box keystore deployed in the node;

The smart contract is used to receive the transaction submitted by the client for data update operation, and call the consensus service to perform the following operations: package the received transaction into a new block, and perform consensus verification on the new block;

The smart contract is used to call the white-box keystore to symmetrically encrypt the new block based on the white-box key when the consensus verification is passed, and call the consensus service to update the node's ledger.

In the above scheme, the smart contract is also used to call the white-box keystore deployed in the node to generate the white-box key corresponding to the original key, using the following implementation method: calling the white-box keystore in the node to perform The following operations: determine the transformation mode corresponding to the original key according to the value of each field in the original key; transform the original key according to the determined transformation mode to obtain the corresponding white-box key.

In the above scheme, when the smart contract is also used to call the white-box keystore in the node, the following operations are performed: according to the value of each field in the original key, the calculation method used when transforming the white-box key algorithm is determined, In order to transform the white-box key algorithm for different original keys, there are differences in the calculation methods used.

In the above solution, when the smart contract is also used to receive the transaction submitted by the client for data update operation, the following implementation method is adopted: The smart contract in the node calls the transmission keystore in the node to perform the following operations: Perform digital certificate-based authentication with the client, and negotiate after the authentication is passed to determine the encrypted socket key algorithm and transmission key used; receive the client's transaction for data update operations , the transaction is symmetrically encrypted by the client through the encrypted socket key algorithm and the transport key.

In the above scheme, when the smart contract is also used to call the consensus service to package the received transaction into a new block, the following implementation method is adopted: the multiple transactions received by each channel in the corresponding blockchain network are processed according to the timestamps of the multiple transactions. Sorted and packed as new blocks for the corresponding channel.

In the above scheme, the smart contract is also used to call the consensus service to perform consensus verification on the new block, which is implemented in the following way: perform the following verification operations on the transactions in the new block: the transaction format is correct; the digital signature is legal; it conforms to the endorsement policy; The nodes of the new block join the channel indicated in the transaction.

In the above scheme, the smart contract is also used to call the transmission keystore for negotiation operation to determine the encrypted socket key algorithm and transmission key to be used. The handshake message of the transmission security protocol is used to enable the node and the client to obtain the same random number and encrypted socket key algorithm through the handshake operation message, and the random number is symmetrically encrypted by the encrypted socket key algorithm to obtain the transmission key. key.

In the above scheme, when the smart contract is also used to call the white-box keystore to encrypt the new block symmetrically based on the white-box key, the following implementation method is adopted: calling the white-box keystore in the node to perform the following operations: White-box key and white-box key algorithm, symmetrically encrypt the transaction in the new block to replace the original transaction in the new block; read the key-value pair data of the update operation from the transaction in the new block, and pass the white box Key and white-box key algorithms symmetric encryption of key-value pair data.

In the above scheme, the smart contract is also used to call the transmission keystore in the node before calling the white box keystore to symmetrically encrypt the transaction in the new block, so as to pass the encrypted socket key algorithm and the transmission key pair. The transaction in the new block is decrypted; the transaction in the new block is symmetrically encrypted by the client through the encrypted socket key algorithm and the transmission key.

In the above scheme, the smart contract is also used to call the white-box keystore, so as to encrypt the transactions in the new block symmetrically through the white-box key and the white-box key algorithm, the following implementation methods are adopted: through the white-box key And the white-box key algorithm, which maps the binary data in the plaintext form of the transaction, and transforms the mapping according to the calculation method used to transform the white-box key algorithm to obtain the binary data in the ciphertext form of the corresponding transaction.

In the above scheme, the smart contract is also used to call the white-box keystore to encrypt the key-value data symmetrically through the white-box key and the white-box keystore. The box key algorithm maps the plaintext binary data of the key-value pair data, and transforms the mapping according to the calculation method used to transform the white-box key algorithm to obtain the ciphertext binary data of the corresponding key-value pair data. data.

In the above scheme, the smart contract is also used to call the consensus service to update the ledger of the node through the new block symmetrically encrypted by the white-box key. The new block is added to the end of the blockchain in the node's ledger; the key-value pair data corresponding to the update operation in the transaction of the new block is updated to the state database in the node's ledger, wherein the key-value pair data is blanked The box key and white box key algorithms are encrypted symmetrically.

In the above solution, before the smart contract is also used to receive the original key sent by the client, when the deployment of the instance of the smart contract in the node is completed, it receives the information submitted by the client for deploying the white-box keystore and transmitting the keystore. transaction, and call the chaincode service in the node to deploy the white-box keystore and transport keystore to the node's virtualized runtime environment; or, in response to the transaction submitted by the client for deploying the smart contract image file , call the chaincode service in the node to deploy the smart contract, white box keystore and transmission keystore included in the smart contract image file to the virtualized operating environment of the node.

In the above solution, the smart contract is also used to call the consensus service to receive the transaction proposal submitted by the client for data query operation; call the consensus service to perform the query operation on the state database in the node's ledger to obtain the corresponding key value For data; through the original key carried by the transaction proposal, call the white-box keystore in the node to transform the original key to obtain the white-box key, and use the white-box key to query the key-value pair data. Decrypt; call the transmission keystore in the node to symmetrically encrypt the decrypted key-value pair data through the transmission key and encrypted socket key algorithm; call the consensus service to construct the encrypted key-value pair data Respond to the proposal and return it to the client.

In the above scheme, the smart contract is also used to call the consensus service to perform endorsement verification on the transaction proposal before performing the query operation on the state database in the ledger of the node. The endorsement verification includes at least one of the following: the digital certificate carried by the transaction proposal is trusted The digital signature of the transaction proposal is valid; the format of the transaction proposal is correct; the transaction proposal has not been submitted repeatedly.

In the above solution, the smart contract is also used to receive the transaction proposal submitted by the client for updating the data before receiving the transaction for updating the data submitted by the client, and call the consensus service to perform the following operations: The proposal is verified and passed, and after the verification is passed, the update operation is simulated on the state database of the ledger in the node to obtain the corresponding key-value pair data;

Invoke the transport keystore in the node to symmetrically encrypt the key-value pair data through the transport key and encrypted socket key algorithm, and construct it as a proposal response and return it to the client, so that the client can base the transaction on the proposal and the proposal The response constructs the transaction.

Embodiments of the present invention provide a storage medium storing executable instructions, where executable instructions are stored, and when the executable instructions are executed by a processor, the processor will cause the processor to execute the data of the blockchain network provided by the embodiments of the present invention Approach.

In some embodiments, the storage medium may be memory such as FRAM, ROM, PROM, EPROM, EEPROM, flash memory, magnetic surface memory, optical disk, or CD-ROM; it may also be various devices including one or any combination of the above-mentioned memories .

As an example, executable instructions may be deployed to be executed on one computing device, or on multiple computing devices located at one site, or alternatively, distributed across multiple sites and interconnected by a communication network execute on.

To sum up, the embodiments of the present invention adopt differentiated solutions for non-sensitive data and sensitive data, especially for the processing of sensitive data. The security of the different processing stages of the blockchain network solves the limitation of storing sensitive data on the client chain, which is more convenient for various business expansion of the client, and improves the security of sensitive data on the chain to prevent sensitive data from being stolen.

The above descriptions are merely examples of the present invention, and are not intended to limit the protection scope of the present invention. Any modifications, equivalent replacements and improvements made within the spirit and scope of the present invention are included in the protection scope of the present invention.

Claims (13)

1. A method of data processing in a blockchain network, the method comprising:

receiving an original key sent by a client through an intelligent contract in a node of a block chain network, and calling a white box key library deployed in the node to generate a white box key corresponding to the original key in the white box key library;

receiving a transaction submitted by the client and used for updating data, and packaging the received transaction into a new block;

carrying out consensus verification on the new blocks;

when consensus verification passes, invoking the white-box keystore deployed in the node to symmetrically encrypt the new chunk by:

mapping the binary data in the form of the plaintext of the transaction in the new block through the white-box key and the white-box key algorithm, and transforming the mapping according to a calculation mode used for transforming the white-box key algorithm to obtain the binary data in the form of the ciphertext corresponding to the transaction so as to replace the original transaction in the new block; reading the key value pair data of the updating operation from the transaction of the new block, mapping the binary data of the key value pair data in a plain text form through the white-box key and the white-box key algorithm, and transforming the mapping according to a calculation mode used for transforming the white-box key algorithm to obtain the binary data of the key value pair data in a cipher text form;

updating the ledger of the node with new blocks symmetrically encrypted by the white-box key.

2. The method of claim 1, wherein the invoking a white-box keystore deployed in the node to generate a white-box key in the white-box keystore corresponding to the original key comprises:

invoking a white-box keystore in the node to:

determining a transformation mode corresponding to the original key according to the value of each field in the original key;

and transforming the original key according to the determined transformation mode to obtain a corresponding white box key.

3. The method of claim 2, further comprising:

invoking a white-box keystore in the node to:

determining a calculation mode used for transforming a white box key algorithm according to the value of each field in the original key so as to ensure that

When the white-box key algorithm is transformed according to different original keys, the used calculation modes are different.

4. The method of claim 1, wherein receiving a transaction submitted by the client for performing an update operation on data comprises:

invoking, by a smart contract in the node, a transport keystore in the node to:

performing identity authentication based on a digital certificate with the client, and performing negotiation operation after the identity authentication is passed so as to determine a used transmission key algorithm and a used transmission key;

receiving a transaction of the client for updating data, wherein the transaction is symmetrically encrypted by the client through the transmission key algorithm and the transmission key;

said packaging said received transaction into a new block comprising:

sequencing a plurality of transactions received by each channel in the block chain network according to the timestamps of the plurality of transactions, and packaging the transactions into a new block of the corresponding channel;

the performing consensus verification on the new block comprises:

performing the following verification operations on the transaction in the new block:

the transaction format is correct; the digital signature is legal; the endorsement strategy is met; the node receiving the new tile joins the channel indicated in the transaction.

5. The method of claim 4, wherein negotiating to determine the transport key algorithm and transport key used comprises:

transmitting handshake messages with the client through a hypertext transfer security protocol, so that the node and the client obtain the same random number and encryption socket key algorithm through the handshake messages, and

and symmetrically encrypting the random number through the encryption socket key algorithm to obtain the transmission key.

6. The method of claim 1, wherein prior to symmetrically encrypting the transaction in the new block, the method further comprises:

calling a transmission key library in the node to decrypt the transaction in the new block through an encryption socket key algorithm and a transmission key;

wherein the transaction in the new chunk is symmetrically encrypted by the client through the secure socket key algorithm and the transport key.

7. The method of claim 1, wherein the updating the ledger of the node with the new block symmetrically encrypted by the white-box key comprises:

adding new blocks symmetrically encrypted through the white-box key and the white-box key algorithm to the tail of a block chain in the account book of the node;

and updating key value pair data corresponding to the updating operation in the transaction of the new block to a state database in an account book of the node, wherein the key value pair data is symmetrically encrypted by the white-box key and the white-box key algorithm.

8. The method of claim 1, wherein prior to receiving the original key sent by the client via the smart contract in the node of the blockchain network, the method further comprises:

when the instance deployment of the intelligent contract in the node is completed, receiving a transaction which is submitted by the client and comprises a white-box key library and a transmission key library through the intelligent contract, and calling a chain code service in the node to deploy the white-box key library and the transmission key library into a virtualized running environment of the node;

or, in response to a transaction submitted by the client for deploying the intelligent contract image file, invoking a chain code service in the node to deploy an intelligent contract, a white-box keystore and a transport keystore included in the intelligent contract image file into a virtualized operating environment of the node.

9. The method of claim 1, further comprising:

receiving a transaction proposal submitted by the client for data query operation;

executing the query operation aiming at a state database in an account book of the node to obtain corresponding key value pair data;

calling a white box key library in the node through the original key carried by the transaction proposal to transform the original key to obtain a white box key, and decrypting the inquired key value data through the white box key and a white box key algorithm;

calling a transmission key library in the node to symmetrically encrypt the decrypted key value to data through a transmission key and an encryption socket key algorithm;

constructing the symmetrically encrypted key value pair data into a proposal response, and returning the proposal response to the client;

before the query operation is performed on the state database in the ledger of the node, the method further comprises:

performing endorsement verification on the transaction proposal, the endorsement verification comprising at least one of:

the digital certificate carried by the transaction proposal is issued by a trusted authentication center;

the digital signature of the transaction proposal is valid;

the format of the transaction proposal is correct;

the transaction proposal is not repeatedly submitted.

10. The method of any of claims 1 to 9, wherein prior to receiving a transaction submitted by the client for performing an update operation on data, the method further comprises:

receiving a transaction proposal submitted by the client and used for updating data, simulating and executing the updating operation aiming at a state database of an account book in the node after the transaction proposal is verified, and obtaining corresponding key value pair data;

and calling a transmission key library in the node to symmetrically encrypt the key value pair data through a transmission key and an encryption socket key algorithm, constructing the encrypted key value pair data as a proposal response and returning the proposal response to the client, so that the client constructs the transaction according to the transaction proposal and the proposal response.

11. A data processing apparatus of a blockchain network, the apparatus comprising:

an intelligent contract, a white-box keystore, and a consensus service deployed in a node of a blockchain network; wherein,

the intelligent contract is used for receiving an original key sent by a client and calling the white-box key library to generate a white-box key corresponding to the original key;

the intelligent contract is used for receiving the transaction submitted by the client for updating the data and calling the consensus service to execute the following operations: packaging the received transaction into a new block, and carrying out consensus verification on the new block;

the intelligent contract is used for calling the white-box key library when the consensus verification is passed so as to symmetrically encrypt the new block in the following way:

mapping the binary data in the form of the plaintext of the transaction in the new block through the white-box key and the white-box key algorithm, and transforming the mapping according to a calculation mode used for transforming the white-box key algorithm to obtain the binary data in the form of the ciphertext corresponding to the transaction so as to replace the original transaction in the new block; reading the key value pair data of the updating operation from the transaction of the new block, mapping the binary data of the key value pair data in a plain text form through the white-box key and the white-box key algorithm, and transforming the mapping according to a calculation mode used for transforming the white-box key algorithm to obtain the binary data of the key value pair data in a cipher text form;

invoking the consensus service to update the ledger of the node with a new block symmetrically encrypted by the white-box key.

12. An electronic device for operating a node in a blockchain network, the electronic device comprising:

a memory for storing executable instructions;

a processor for implementing the data processing method of a blockchain network of any one of claims 1 to 10 when executing executable instructions stored in the memory.

13. A storage medium storing executable instructions for causing a processor to perform a method of data processing of a blockchain network according to any one of claims 1 to 10 when executed.

Images