[go: up one dir, main page]

CN113449338B - Information encryption storage method and system based on blockchain - Google Patents

Information encryption storage method and system based on blockchain Download PDF

Info

Publication number
CN113449338B
CN113449338B CN202110725687.5A CN202110725687A CN113449338B CN 113449338 B CN113449338 B CN 113449338B CN 202110725687 A CN202110725687 A CN 202110725687A CN 113449338 B CN113449338 B CN 113449338B
Authority
CN
China
Prior art keywords
information
encrypted
cloud server
terminal
dimension
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110725687.5A
Other languages
Chinese (zh)
Other versions
CN113449338A (en
Inventor
苏许栋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Youlai Beijing Technology Co ltd
Original Assignee
Youlai Beijing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Youlai Beijing Technology Co ltd filed Critical Youlai Beijing Technology Co ltd
Priority to CN202110725687.5A priority Critical patent/CN113449338B/en
Publication of CN113449338A publication Critical patent/CN113449338A/en
Application granted granted Critical
Publication of CN113449338B publication Critical patent/CN113449338B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了基于区块链的信息加密存储方法及系统,方法包括:第一终端接收登录信息并发送至云服务器进行验证,若验证通过则对用户输入的敏感信息进行加密得到加密敏感信息发送至云服务器,云服务器将加密敏感信息上传至区块链网络进行分段存储,第二终端接收用户登录信息并发送至云服务器进行验证,若验证通过则生成信息获取请求发送至云服务器,云服务器获取与信息获取请求对应的加密信息反馈至第二终端,第二终端根据用户登录信息对加密信息进行解密得到解密敏感信息。本发明属于区块链加密技术领域,可将敏感信息加密并上传至区块链网络进行分段存储,避免用户敏感信息被泄露,提高了对用户敏感信息进行存储的安全性。

The present invention discloses a method and system for information encryption storage based on blockchain, the method comprising: a first terminal receives login information and sends it to a cloud server for verification, if the verification is passed, the sensitive information input by the user is encrypted to obtain encrypted sensitive information and sent to the cloud server, the cloud server uploads the encrypted sensitive information to the blockchain network for segmented storage, a second terminal receives user login information and sends it to the cloud server for verification, if the verification is passed, an information acquisition request is generated and sent to the cloud server, the cloud server obtains the encrypted information corresponding to the information acquisition request and feeds it back to the second terminal, the second terminal decrypts the encrypted information according to the user login information to obtain decrypted sensitive information. The present invention belongs to the field of blockchain encryption technology, and can encrypt sensitive information and upload it to the blockchain network for segmented storage, thereby avoiding leakage of user sensitive information and improving the security of storing user sensitive information.

Description

基于区块链的信息加密存储方法及系统Information encryption storage method and system based on blockchain

技术领域Technical Field

本发明涉及区块链加密技术领域,属于智慧城市中基于区块链网络对信息进行加密存储的应用场景,尤其涉及一种基于区块链的信息加密存储方法及系统。The present invention relates to the field of blockchain encryption technology, and belongs to an application scenario in which information is encrypted and stored based on a blockchain network in a smart city, and in particular to a blockchain-based information encryption storage method and system.

背景技术Background technique

随着信息技术的发展,越来越多的业务可以在互联网中进行线上办理,在互联网上进行线上办理业务经常涉及用户敏感信息的使用,为避免对用户敏感信息进行获取的过程中造成信息泄露,可通过加密方法对用户敏感信息进行加密存储,然而现有的技术方法通常采用参数加密和数据库存储,这种方式导致用户敏感信息容易被泄露,信息存储的安全性较低。因此,现有的技术方法中的用户敏感信息存储方法存在安全性较低的问题。With the development of information technology, more and more businesses can be handled online on the Internet. Handling businesses online on the Internet often involves the use of user sensitive information. In order to avoid information leakage in the process of obtaining user sensitive information, user sensitive information can be encrypted and stored through encryption methods. However, existing technical methods usually use parameter encryption and database storage, which makes user sensitive information easy to be leaked and the security of information storage is low. Therefore, the user sensitive information storage method in the existing technical method has the problem of low security.

发明内容Summary of the invention

本发明实施例提供了一种基于区块链的信息加密存储方法及系统,旨在解决现有技术方法中用户敏感信息存储方法所存在的安全性较低的问题。The embodiments of the present invention provide a blockchain-based information encryption storage method and system, which aims to solve the problem of low security of user sensitive information storage methods in the prior art methods.

第一方面,本发明实施例提供了一种基于区块链的信息加密存储方法,其包括:In a first aspect, an embodiment of the present invention provides a method for encrypting and storing information based on blockchain, which includes:

若所述第一终端接收到用户输入的登录信息,发送所述登录信息至所述云服务器以获取所述云服务器对所述登录信息进行验证所得到的验证结果;If the first terminal receives the login information input by the user, the first terminal sends the login information to the cloud server to obtain a verification result obtained by the cloud server verifying the login information;

若所述第一终端接收到所述云服务器反馈的验证结果为验证通过,根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器;If the verification result fed back by the cloud server received by the first terminal is that the verification is passed, the sensitive information input by the user is encrypted according to the preset encryption rule and the login information to obtain encrypted sensitive information and send it to the cloud server;

若所述云服务器接收到所述加密敏感信息,将所述加密敏感信息上传至所述区块链网络进行分段存储;If the cloud server receives the encrypted sensitive information, it uploads the encrypted sensitive information to the blockchain network for segmented storage;

若所述第二终端接收到用户输入的用户登录信息,发送所述用户登录信息至所述云服务器以获取所述云服务器对所述用户登录信息进行验证所得到的验证结果;If the second terminal receives the user login information input by the user, the second terminal sends the user login information to the cloud server to obtain a verification result obtained by the cloud server verifying the user login information;

若所述第二终端接收到所述云服务器反馈的验证结果为验证通过,发送与所述用户登录信息对应的信息获取请求至所述云服务器;If the verification result fed back by the cloud server received by the second terminal is that the verification is passed, sending an information acquisition request corresponding to the user login information to the cloud server;

若所述云服务器接收到所述信息获取请求,从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端;If the cloud server receives the information acquisition request, it obtains encrypted information matching the information acquisition request from the blockchain network and feeds it back to the second terminal;

若所述第二终端接收到所述云服务器根据所述信息获取请求反馈的加密信息,根据所述用户登录信息对所述加密信息进行解密得到对应的解密敏感信息。If the second terminal receives the encrypted information fed back by the cloud server according to the information acquisition request, the encrypted information is decrypted according to the user login information to obtain the corresponding decrypted sensitive information.

第二方面,本发明实施例提供了一种基于区块链的信息加密存储系统,其包括第一终端、第二终端及区块链网络,所述第一终端及所述第二终端同时与所述区块链网络中的云服务器通过网络连接以进行数据信息的传输;In a second aspect, an embodiment of the present invention provides an information encryption storage system based on blockchain, which includes a first terminal, a second terminal and a blockchain network, wherein the first terminal and the second terminal are simultaneously connected to a cloud server in the blockchain network through a network to transmit data information;

所述第一终端用于:The first terminal is used for:

若接收到用户输入的登录信息,发送所述登录信息至所述云服务器以获取所述云服务器对所述登录信息进行验证所得到的验证结果;If the login information input by the user is received, the login information is sent to the cloud server to obtain a verification result obtained by the cloud server verifying the login information;

若接收到所述云服务器反馈的验证结果为验证通过,根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器;If the verification result fed back by the cloud server is that the verification is passed, the sensitive information input by the user is encrypted according to the preset encryption rules and the login information to obtain encrypted sensitive information and send it to the cloud server;

所述云服务器用于:The cloud server is used for:

若接收到所述加密敏感信息,将所述加密敏感信息上传至所述区块链网络进行分段存储;If the encrypted sensitive information is received, uploading the encrypted sensitive information to the blockchain network for segmented storage;

若接收到所述信息获取请求,从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端;If the information acquisition request is received, the encrypted information matching the information acquisition request is obtained from the blockchain network and fed back to the second terminal;

所述第二终端用于:The second terminal is used for:

若接收到用户输入的用户登录信息,发送所述用户登录信息至所述云服务器以获取所述云服务器对所述用户登录信息进行验证所得到的验证结果;If user login information input by the user is received, the user login information is sent to the cloud server to obtain a verification result obtained by the cloud server verifying the user login information;

若接收到所述云服务器反馈的验证结果为验证通过,发送与所述用户登录信息对应的信息获取请求至所述云服务器;If the verification result fed back by the cloud server is that the verification is passed, sending an information acquisition request corresponding to the user login information to the cloud server;

若接收到所述云服务器根据所述信息获取请求反馈的加密信息,根据所述用户登录信息对所述加密信息进行解密得到对应的解密敏感信息。If the encrypted information fed back by the cloud server according to the information acquisition request is received, the encrypted information is decrypted according to the user login information to obtain the corresponding decrypted sensitive information.

第三方面,本发明实施例又提供了一种基于区块链的信息加密存储系统,其包括第一终端、第二终端及区块链网络,所述第一终端及所述第二终端同时与所述区块链网络中的云服务器通过网络连接以进行数据信息的传输,所述第一终端包括第一存储器、第一处理器及存储在所述第一存储器上并可在所述第一处理器上运行的第一计算机程序,所述第二终端包括第二存储器、第二处理器及存储在所述第二存储器上并可在所述第二处理器上运行的第二计算机程序,所述云服务器包括第三存储器、第三处理器及存储在所述第三存储器上并可在所述第三处理器上运行的第三计算机程序,所述第一处理器执行所述第一计算机程序、所述第二处理器执行所述第二计算机程序且所述第三处理器执行所述第三计算机程序以共同实现如上述第一方面所述的基于区块链的信息加密存储方法。In the third aspect, an embodiment of the present invention further provides an information encryption storage system based on blockchain, which includes a first terminal, a second terminal and a blockchain network. The first terminal and the second terminal are simultaneously connected to a cloud server in the blockchain network through a network to transmit data information. The first terminal includes a first memory, a first processor and a first computer program stored in the first memory and executable on the first processor. The second terminal includes a second memory, a second processor and a second computer program stored in the second memory and executable on the second processor. The cloud server includes a third memory, a third processor and a third computer program stored in the third memory and executable on the third processor. The first processor executes the first computer program, the second processor executes the second computer program and the third processor executes the third computer program to jointly implement the information encryption storage method based on blockchain as described in the first aspect above.

第四方面,本发明实施例还提供了一种计算机可读存储介质,其中所述计算机可读存储介质存储有第一计算机程序、第二计算机程序或第三计算机程序,当所述第一计算机程序被第一处理器执行、所述第二计算机程序被第二处理器执行且所述第三计算机程序被第三处理器执行时共同实现如上述第一方面所述的基于区块链的信息加密存储方法。In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, wherein the computer-readable storage medium stores a first computer program, a second computer program, or a third computer program, which, when the first computer program is executed by a first processor, the second computer program is executed by a second processor, and the third computer program is executed by a third processor, jointly implements the blockchain-based information encryption storage method as described in the first aspect above.

本发明实施例提供了一种基于区块链的信息加密存储方法及系统。第一终端接收登录信息并发送至云服务器进行验证,若验证通过则对用户输入的敏感信息进行加密得到加密敏感信息发送至云服务器,云服务器将加密敏感信息上传至区块链网络进行分段存储,第二终端接收用户登录信息并发送至云服务器进行验证,若验证通过则生成信息获取请求发送至云服务器,云服务器获取与信息获取请求对应的加密信息反馈至第二终端,第二终端根据用户登录信息对加密信息进行解密得到解密敏感信息。通过上述方法,可将敏感信息加密并上传至区块链网络进行分段存储,避免用户敏感信息被泄露,提高了对用户敏感信息进行存储的安全性。The embodiment of the present invention provides a method and system for information encryption and storage based on blockchain. The first terminal receives login information and sends it to a cloud server for verification. If the verification is successful, the sensitive information input by the user is encrypted to obtain encrypted sensitive information and sent to the cloud server. The cloud server uploads the encrypted sensitive information to the blockchain network for segmented storage. The second terminal receives the user login information and sends it to the cloud server for verification. If the verification is successful, an information acquisition request is generated and sent to the cloud server. The cloud server obtains the encrypted information corresponding to the information acquisition request and feeds it back to the second terminal. The second terminal decrypts the encrypted information according to the user login information to obtain decrypted sensitive information. Through the above method, sensitive information can be encrypted and uploaded to the blockchain network for segmented storage, which prevents the user's sensitive information from being leaked and improves the security of storing user sensitive information.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

为了更清楚地说明本发明实施例技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the accompanying drawings required for use in the description of the embodiments will be briefly introduced below. Obviously, the accompanying drawings described below are some embodiments of the present invention. For ordinary technicians in this field, other accompanying drawings can be obtained based on these accompanying drawings without paying any creative work.

图1为本发明实施例提供的基于区块链的信息加密存储方法的流程示意图;FIG1 is a schematic diagram of a flow chart of a blockchain-based information encryption storage method provided by an embodiment of the present invention;

图2为本发明实施例提供的基于区块链的信息加密存储方法的应用场景示意图;FIG2 is a schematic diagram of an application scenario of a blockchain-based information encryption storage method provided by an embodiment of the present invention;

图3为本发明实施例提供的基于区块链的信息加密存储方法的子流程示意图;FIG3 is a schematic diagram of a sub-process of a blockchain-based information encryption storage method provided by an embodiment of the present invention;

图4为本发明实施例提供的基于区块链的信息加密存储方法的另一子流程示意图;FIG4 is a schematic diagram of another sub-process of the blockchain-based information encryption storage method provided by an embodiment of the present invention;

图5为本发明实施例提供的基于区块链的信息加密存储方法的另一子流程示意图;FIG5 is a schematic diagram of another sub-process of the blockchain-based information encryption storage method provided by an embodiment of the present invention;

图6为本发明实施例提供的基于区块链的信息加密存储方法的另一子流程示意图;FIG6 is a schematic diagram of another sub-process of the blockchain-based information encryption storage method provided by an embodiment of the present invention;

图7为本发明实施例提供的基于区块链的信息加密存储方法的另一子流程示意图;FIG7 is a schematic diagram of another sub-process of the information encryption storage method based on blockchain provided by an embodiment of the present invention;

图8为本发明实施例提供的基于区块链的信息加密存储方法的另一子流程示意图;FIG8 is a schematic diagram of another sub-process of the blockchain-based information encryption storage method provided by an embodiment of the present invention;

图9为本发明实施例提供的基于区块链的信息加密存储系统的示意性框图;FIG9 is a schematic block diagram of a blockchain-based information encryption storage system provided by an embodiment of the present invention;

图10为本发明实施例提供的计算机设备的示意性框图。FIG10 is a schematic block diagram of a computer device provided in an embodiment of the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will be combined with the drawings in the embodiments of the present invention to clearly and completely describe the technical solutions in the embodiments of the present invention. Obviously, the described embodiments are part of the embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by ordinary technicians in this field without creative work are within the scope of protection of the present invention.

应当理解,当在本说明书和所附权利要求书中使用时,术语“包括”和“包含”指示所描述特征、整体、步骤、操作、元素和/或组件的存在,但并不排除一个或多个其它特征、整体、步骤、操作、元素、组件和/或其集合的存在或添加。It should be understood that when used in this specification and the appended claims, the terms "include" and "comprises" indicate the presence of described features, integers, steps, operations, elements and/or components, but do not exclude the presence or addition of one or more other features, integers, steps, operations, elements, components and/or combinations thereof.

还应当理解,在此本发明说明书中所使用的术语仅仅是出于描述特定实施例的目的而并不意在限制本发明。如在本发明说明书和所附权利要求书中所使用的那样,除非上下文清楚地指明其它情况,否则单数形式的“一”、“一个”及“该”意在包括复数形式。It should also be understood that the terms used in this specification of the present invention are only for the purpose of describing specific embodiments and are not intended to limit the present invention. As used in the specification of the present invention and the appended claims, unless the context clearly indicates otherwise, the singular forms "a", "an" and "the" are intended to include plural forms.

还应当进一步理解,在本发明说明书和所附权利要求书中使用的术语“和/或”是指相关联列出的项中的一个或多个的任何组合以及所有可能组合,并且包括这些组合。It should be further understood that the term "and/or" used in the present description and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.

请参阅图1及图2,图1是本发明实施例提供的基于区块链的信息加密存储方法的流程示意图;图2为本发明实施例提供的基于区块链的信息加密存储方法的应用场景示意图;该基于区块链的信息加密存储方法应用于基于区块链的信息加密存储系统中,系统包括第一终端10、第二终端20及区块链网络30,该方法通过安装于第一终端10、第二终端20及区块链网络30的云服务器31中的应用软件进行执行,第一终端10及第二终端20同时与区块链网络30中的云服务器31通过网络连接以进行数据信息的传输,第一终端10即是用于接收登录信息及敏感信息并对敏感信息进行加密处理的终端设备,如台式电脑、笔记本电脑、平板电脑或手机等;第二终端20即是用于接收用户登录信息并对接收到的加密信息进行解密处理的终端设备,如台式电脑、笔记本电脑、平板电脑或手机等,区块链网络30即是互联网中由多台终端设备及云服务器31基于智能合约所组成的数据处理网络,云服务器31即是接入区块链网络并对第一终端10及第二终端20输入的信息进行处理以提供相应服务的服务器端,如企业或政府部门所构建的服务器。如图1所示,该方法包括步骤S110~S170。Please refer to Figures 1 and 2. Figure 1 is a flow chart of the information encryption storage method based on blockchain provided by an embodiment of the present invention; Figure 2 is a schematic diagram of an application scenario of the information encryption storage method based on blockchain provided by an embodiment of the present invention; the information encryption storage method based on blockchain is applied to an information encryption storage system based on blockchain, the system includes a first terminal 10, a second terminal 20 and a blockchain network 30, the method is executed by application software installed in the first terminal 10, the second terminal 20 and the cloud server 31 of the blockchain network 30, the first terminal 10 and the second terminal 20 are simultaneously connected to the cloud server 31 in the blockchain network 30 through a network to transmit data information, The first terminal 10 is a terminal device for receiving login information and sensitive information and encrypting sensitive information, such as a desktop computer, a laptop computer, a tablet computer or a mobile phone; the second terminal 20 is a terminal device for receiving user login information and decrypting the received encrypted information, such as a desktop computer, a laptop computer, a tablet computer or a mobile phone, etc. The blockchain network 30 is a data processing network composed of multiple terminal devices and a cloud server 31 based on smart contracts in the Internet. The cloud server 31 is a server end that accesses the blockchain network and processes the information input by the first terminal 10 and the second terminal 20 to provide corresponding services, such as a server built by an enterprise or a government department. As shown in Figure 1, the method includes steps S110 to S170.

S110、若所述第一终端接收到用户输入的登录信息,发送所述登录信息至所述云服务器以获取所述云服务器对所述登录信息进行验证所得到的验证结果。S110: If the first terminal receives the login information input by the user, the first terminal sends the login information to the cloud server to obtain a verification result obtained by the cloud server verifying the login information.

若所述第一终端接收到用户输入的登录信息,发送所述登录信息至所述云服务器以获取所述云服务器对所述登录信息进行验证所得到的验证结果。用户可输入登录信息至第一终端,则第一终端可将用户输入的登录信息发送至云服务器进行验证,具体的,云服务器中存储有与每一已注册用户对应的密码信息,可对登录信息中的登录密码与云服务器中所存储的与该用户对应的密码信息是否相同进行验证,从而验证登录信息是否验证通过。若登录信息的验证结果为验证通过,则继续执行后续步骤,若验证结果为验证不通过,则云服务器可反馈验证不通过的提示信息至第一终端。If the first terminal receives the login information input by the user, the login information is sent to the cloud server to obtain the verification result obtained by the cloud server verifying the login information. The user can input the login information to the first terminal, and the first terminal can send the login information input by the user to the cloud server for verification. Specifically, the cloud server stores the password information corresponding to each registered user, and can verify whether the login password in the login information is the same as the password information corresponding to the user stored in the cloud server, so as to verify whether the login information is verified. If the verification result of the login information is verification passed, the subsequent steps will be continued. If the verification result is verification failed, the cloud server can feedback the prompt information of verification failure to the first terminal.

S120、若所述第一终端接收到所述云服务器反馈的验证结果为验证通过,根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器。S120: If the verification result fed back by the cloud server received by the first terminal is that the verification is passed, the sensitive information input by the user is encrypted according to the preset encryption rule and the login information to obtain encrypted sensitive information and send it to the cloud server.

若所述第一终端接收到的验证结果为验证通过,根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器。登录信息的验证结果为验证通过,则第一终端可接收用户所输入的敏感信息,敏感信息可以是用户的身份证号、手机号、住址、银行卡号等包含个人隐私的信息,可根据加密规则及登录信息对用户输入的敏感信息进行加密处理得到对应的加密敏感信息,加密规则即为对敏感信息进行加密的具体规则,登录信息可作为秘钥及加密敏感信息中与该用户对应的标识信息。If the verification result received by the first terminal is verification passed, the sensitive information input by the user is encrypted according to the preset encryption rules and the login information to obtain encrypted sensitive information and send it to the cloud server. If the verification result of the login information is verification passed, the first terminal can receive the sensitive information input by the user. The sensitive information can be the user's ID number, mobile phone number, address, bank card number and other information containing personal privacy. The sensitive information input by the user can be encrypted according to the encryption rules and login information to obtain the corresponding encrypted sensitive information. The encryption rules are the specific rules for encrypting sensitive information. The login information can be used as the secret key and the identification information corresponding to the user in the encrypted sensitive information.

在一实施例中,如图3所示,步骤S120包括子步骤S121、S122、S123和S124。In one embodiment, as shown in FIG. 3 , step S120 includes sub-steps S121 , S122 , S123 , and S124 .

S121、根据所述加密规则包含的维度类型对所述敏感信息进行拆分得到每一维度类型对应的拆分信息。S121. Split the sensitive information according to the dimension types included in the encryption rule to obtain split information corresponding to each dimension type.

加密规则中包含多个维度类型,可根据维度类型对敏感信息进行拆分以得到每一维度类型对应的拆分信息,如维度类型可以是身份证号、手机号、住址、银行卡号等,则可从敏感信息中分别获取与每一维度类型对应的信息作为相应的拆分信息。The encryption rules include multiple dimension types. Sensitive information can be split according to the dimension type to obtain the split information corresponding to each dimension type. For example, the dimension type can be ID number, mobile phone number, address, bank card number, etc., then the information corresponding to each dimension type can be obtained from the sensitive information as the corresponding split information.

S122、根据所述登录信息及每一所述维度类型的维度标识生成与每一所述维度类型对应的维度加密秘钥。S122. Generate a dimension encryption key corresponding to each dimension type according to the login information and the dimension identifier of each dimension type.

每一维度类型还分别对应一个维度标识,可根据登录信息及每一维度类型的维度标识生成相应的维度加密秘钥,具体的,登录信息中包含登录密码,每一维度类型均对应一个维度标识,维度标识均为英文字母,如与“身份证号”对应的维度标识为“SFZH”,则可将登录密码与每一维度标识分别进行组合后基于ASCII编码进行十六进制转换,得到与每一维度类型对应的维度加密秘钥,所得到的维度加密秘钥为16字节(128bit)或32字节(256bit)。Each dimension type also corresponds to a dimension identifier. The corresponding dimension encryption key can be generated according to the login information and the dimension identifier of each dimension type. Specifically, the login information includes a login password. Each dimension type corresponds to a dimension identifier. The dimension identifiers are all English letters. For example, the dimension identifier corresponding to the "ID number" is "SFZH". The login password can be combined with each dimension identifier and converted into hexadecimal based on ASCII encoding to obtain the dimension encryption key corresponding to each dimension type. The obtained dimension encryption key is 16 bytes (128 bits) or 32 bytes (256 bits).

S123、根据所述加密规则及每一所述维度加密秘钥对相应维度类型对应的拆分信息分别进行加密处理,得到每一所述维度类型对应的加密拆分信息。S123. Encrypt the split information corresponding to the corresponding dimension type according to the encryption rule and each dimension encryption key to obtain the encrypted split information corresponding to each dimension type.

每一维度加密秘钥即与一个维度类型相对应,每一维度类型对应一份拆分信息,则可根据加密规则及每一维度加密秘钥对每一维度加密秘钥对应维度类型的拆分信息分别进行加密处理,得到与每一维度类型对应的加密拆分信息。Each dimensional encryption key corresponds to a dimensional type, and each dimensional type corresponds to a piece of split information. The split information of the dimensional type corresponding to each dimensional encryption key can be encrypted separately according to the encryption rules and each dimensional encryption key to obtain the encrypted split information corresponding to each dimensional type.

在一实施例中,如图4所示,步骤S123包括子步骤S1231、S1232和S1233。In one embodiment, as shown in FIG. 4 , step S123 includes sub-steps S1231 , S1232 , and S1233 .

S1231、根据所述加密规则中的编码转换信息对每一所述拆分信息进行编码转换得到对应的编码字符串。S1231. Perform encoding conversion on each of the split information according to the encoding conversion information in the encryption rule to obtain a corresponding encoding string.

具体的,可根据加密规则中的编码转换信息对拆分信息分别进行编码转换,具体的,可判断每一拆分信息的字符类型,若拆分信息的字符类型为数字、字母或数字与字母组合,则可通过编码转换信息中的基础转换编码进行十六进制编码转换,得到对应的编码字符串,基础转换编码可以是ASCII编码,若拆分信息的字符类型为中文字符,则可通过编码转换信息中的中文字符转换编码进行十六进制编码转换,得到对应的编码字符串,中文字符转换编可以是GB2312编码。Specifically, the split information can be encoded and converted respectively according to the encoding conversion information in the encryption rule. Specifically, the character type of each split information can be determined. If the character type of the split information is numbers, letters, or a combination of numbers and letters, the hexadecimal encoding conversion can be performed through the basic conversion code in the encoding conversion information to obtain the corresponding encoding string. The basic conversion code can be ASCII encoding. If the character type of the split information is Chinese characters, the hexadecimal encoding conversion can be performed through the Chinese character conversion code in the encoding conversion information to obtain the corresponding encoding string. The Chinese character conversion code can be GB2312 encoding.

S1232、根据每一所述维度类型对应的维度加密秘钥进行秘钥扩展,得到每一所述维度加密秘钥对应的加密秘钥数组。S1232. Perform key expansion according to the dimensional encryption key corresponding to each of the dimensional types to obtain an encryption key array corresponding to each of the dimensional encryption keys.

由于在进行加密过程中,需要对编码字符串进行多轮加密,则可对每一维度类型的维度加密秘钥进行秘钥扩展得到对应的加密秘钥数组,每一轮加密过程均可从加密秘钥数组中获取相应秘钥数值进行加密处理。具体的,可对每一维度加密秘钥进行拆分,如将16字节(128bit)的维度加密秘钥拆分为四段,每一秘钥段均包含4个字节(32bit),即W[0]、W[1]、W[2]、W[3]。通过公式(1)及公式(2)进行循环求解依次得到W[j],j=4、5……43,则所得到的每一维度类型对应的44个秘钥段即组合为对应的加密秘钥数组。Since the encoded string needs to be encrypted multiple times during the encryption process, the dimensional encryption key of each dimensional type can be expanded to obtain the corresponding encryption key array. In each round of encryption, the corresponding key value can be obtained from the encryption key array for encryption. Specifically, each dimensional encryption key can be split, such as splitting a 16-byte (128-bit) dimensional encryption key into four segments, each of which contains 4 bytes (32 bits), namely W[0], W[1], W[2], and W[3]. By looping through formulas (1) and (2), W[j] is obtained in turn, j=4, 5...43, and the 44 key segments corresponding to each dimensional type are combined into the corresponding encryption key array.

其中,g为对秘钥段中每一字节分别进行S盒映射后将映射结果与一32bits的常量(RC[j/4],0,0,0)进行异或运算,其中RC为一个一维数组,RC={00,01,02,04,08,10,20,40,80,1B,36},即为异或运算标识符。Where g is the XOR operation of the mapping result after S-box mapping each byte in the secret key segment and a 32-bit constant (RC[j/4], 0, 0, 0), where RC is a one-dimensional array, RC = {00, 01, 02, 04, 08, 10, 20, 40, 80, 1B, 36}, It is the XOR operator identifier.

S1233、根据每一所述加密秘钥数组分别对与每一所述加密秘钥数组对应的编码字符串进行加密处理,得到与每一所述编码字符串对应的加密拆分信息。S1233. Encrypt the encoded character string corresponding to each of the encryption key arrays according to each of the encryption key arrays to obtain encrypted split information corresponding to each of the encoded character strings.

每一维度类型的编码字符串即为明文,在对明文进行轮密钥加之前,可将明文拆分为16字节的明文片段(若编码字符串不大于16字节则不拆分,大于则拆分),并将每一明文片段转换为对应的4×4的矩阵,之后每次轮密钥加都是与对应维度类型的加密秘钥数组进行异或运算。具体的,对矩阵中每一字节分别进行S盒映射,S盒为预置的一个16×16数组,S盒映射的过程可采用公式(3)进行表示:The encoded string of each dimension type is the plaintext. Before the plaintext is added with the round key, the plaintext can be split into 16-byte plaintext segments (if the encoded string is not larger than 16 bytes, it is not split; if it is larger, it is split), and each plaintext segment is converted into a corresponding 4×4 matrix. After that, each round key addition is an XOR operation with the encryption key array of the corresponding dimension type. Specifically, each byte in the matrix is mapped with an S-box, which is a preset 16×16 array. The S-box mapping process can be expressed by formula (3):

S(28)=S[24][24] (3);S(2 8 )=S[2 4 ][2 4 ] (3);

其中,a28即为进行S盒映射的原始字节a,原始字节a由8位2进制数进行表示,S[24][24]即表示根据原始字节a在S盒中获取相应位置数值的具体操作。S[24][24]的前一个24表示原始字节a中前4位2进制数,后一个24表示原始字节a中后4位2进制数。例如,对原始字节13进行S盒映射的过程可表示为:S(13)=S[1][3]。Wherein, a2 8 is the original byte a for S-box mapping, and the original byte a is represented by an 8-bit binary number. S[2 4 ][2 4 ] represents the specific operation of obtaining the value of the corresponding position in the S-box according to the original byte a. The first 2 4 of S[2 4 ][2 4 ] represents the first 4 binary digits of the original byte a, and the second 2 4 represents the last 4 binary digits of the original byte a. For example, the process of S-box mapping the original byte 13 can be expressed as: S(13)=S[1][3].

对的4×4的矩阵中每一字节分别进行S盒映射后,对映射得到的矩阵进行行位移和列混淆处理得到最终处理后的加密矩阵。对同一编码字符串对应的一个或多个加密矩阵进行组合,即可得到与每一编码字符串对应的加密拆分信息。After performing S-box mapping on each byte in the 4×4 matrix, the mapped matrix is subjected to row shift and column confusion processing to obtain the final processed encryption matrix. By combining one or more encryption matrices corresponding to the same coded string, the encrypted split information corresponding to each coded string can be obtained.

S124、对所述加密拆分信息与所述登录信息进行组合得到与所述敏感信息对应的加密敏感信息。S124. Combine the encrypted split information and the login information to obtain encrypted sensitive information corresponding to the sensitive information.

具体的,可对加密拆分信息及登录信息进行组合,组合得到的信息中即包含与登录信息相对应的标识信息,该标识信息可用于对组合后的信息进行唯一标识,将组合后得到的信息作为与敏感信息对应的加密敏感信息发送至云服务器。Specifically, the encrypted split information and login information can be combined, and the combined information contains identification information corresponding to the login information. The identification information can be used to uniquely identify the combined information, and the combined information is sent to the cloud server as encrypted sensitive information corresponding to the sensitive information.

在一实施例中,如图5所示,步骤S124包括子步骤S1241和S1242。In one embodiment, as shown in FIG. 5 , step S124 includes sub-steps S1241 and S1242 .

S1241、根据所述加密规则中的签名规则对所述登录信息中的用户标识信息进行签名得到对应的标识签名信息。S1241. Sign the user identification information in the login information according to the signature rule in the encryption rule to obtain corresponding identification signature information.

具体的,可根据签名规则对登录信息中的用户标识信息进行签名,用户标识信息即为登录信息中与用户唯一对应的标识信息,且用户标识信息一经生成无法进行更改,用户标识信息可以是由数字、字母或数字与字母组合构成,具体的,签名可基于哈希运算(Hash)实现,如安全散列算法256(SHA256)。Specifically, the user identification information in the login information can be signed according to the signature rules. The user identification information is the identification information in the login information that uniquely corresponds to the user, and the user identification information cannot be changed once generated. The user identification information can be composed of numbers, letters, or a combination of numbers and letters. Specifically, the signature can be implemented based on a hash operation (Hash), such as the Secure Hash Algorithm 256 (SHA256).

在本实施例中,即Hash(用户标识信息)=标识签名信息,例如Hash(ID=“0715443286317579”)=0x57F319BD30A72E9F3C63E8F10A7B29C6,即对用户标识信息进行哈希运算后会得到一个摘要信息,摘要信息即为对应的标识签名信息。对于任意长度(按bit计算)的消息,SHA256(安全散列算法256)都会产生一个32个字节长度数据,SHA256始终把消息当成一个位(bit)字符串来处理。当接收到数据信息的时候,与该数据信息对应的摘要信息可以用于验证数据信息是否发生改变,即验证其完整性。In this embodiment, Hash (user identification information) = identification signature information, for example, Hash (ID = "0715443286317579") = 0x57F319BD30A72E9F3C63E8F10A7B29C6, that is, after performing a hash operation on the user identification information, a summary information will be obtained, and the summary information is the corresponding identification signature information. For messages of any length (calculated in bits), SHA256 (Secure Hash Algorithm 256) will generate a 32-byte length data, and SHA256 always treats the message as a bit string. When receiving data information, the summary information corresponding to the data information can be used to verify whether the data information has changed, that is, to verify its integrity.

S1242、将所述标识签名信息与所述敏感信息的每一加密拆分信息进行组合,将组合后得到的与每一所述加密拆分信息对应的加密组合信息作为所述加密敏感信息。S1242. Combine the identification signature information with each encrypted split information of the sensitive information, and use the encrypted combination information corresponding to each encrypted split information obtained after the combination as the encrypted sensitive information.

将标识签名信息与每一加密敏感信息的每一加密拆分信息分别进行组合,则标识签名信息与一个加密拆分信息进行组合即可得到对应的加密组合信息,每一加密拆分信息对应的加密组合信息即可组合得到对应的加密敏感信息,第一终端即可将获取到加密敏感信息发送至云服务器。Combine the identification signature information with each encrypted split information of each encrypted sensitive information respectively. The identification signature information can be combined with one encrypted split information to obtain the corresponding encrypted combination information. The encrypted combination information corresponding to each encrypted split information can be combined to obtain the corresponding encrypted sensitive information. The first terminal can then send the obtained encrypted sensitive information to the cloud server.

S130、若所述云服务器接收到所述加密敏感信息,将所述加密敏感信息上传至所述区块链网络进行分段存储。S130. If the cloud server receives the encrypted sensitive information, the encrypted sensitive information is uploaded to the blockchain network for segmented storage.

若所述云服务器接收到所述加密敏感信息,将所述加密敏感信息上传至所述区块链网络进行分段存储。云服务器接收到第一终端发送的加密敏感信息后,即可对该加密敏感信息进行存储,本实施例中采用将加密敏感信息上传至区块链网络的方式进行存储,采用区块链网络对加密敏感信息进行分布式存储,可杜绝加密敏感信息被篡改,因此大幅提高了对加密敏感信息存储的安全性和可靠性。If the cloud server receives the encrypted sensitive information, it uploads the encrypted sensitive information to the blockchain network for segmented storage. After the cloud server receives the encrypted sensitive information sent by the first terminal, it can store the encrypted sensitive information. In this embodiment, the encrypted sensitive information is uploaded to the blockchain network for storage. The blockchain network is used to perform distributed storage of the encrypted sensitive information, which can prevent the encrypted sensitive information from being tampered with, thereby greatly improving the security and reliability of the storage of the encrypted sensitive information.

在一实施例中,如图6所示,步骤S130包括子步骤S131和S132。In one embodiment, as shown in FIG. 6 , step S130 includes sub-steps S131 and S132 .

S131、根据所述加密信息中每一所述加密组合信息对应的维度类型获取预存的节点数据库中与每一所述加密组合信息对应的区块链节点信息。S131. Obtain blockchain node information corresponding to each encrypted combination information in a pre-stored node database according to the dimension type corresponding to each encrypted combination information in the encrypted information.

节点数据库即为云服务器中所配置的用于对区块链节点信息进行存储的数据库,节点数据库中包含与每一维度类型对应的节点信息,则区块链网络中包含多个存储通道,每一存储通道即与一维度类型相对应,则每一存储通道可对相应的一种维度类型的信息进行存储。加密敏感信息中包含多个加密组合信息,每一加密组合信息均与一个维度类型相对应,则可根据每一加密组合信息对应的维度类型,从节点数据库中获取与相应维度类型对应的节点信息作为与每一加密组合信息对应的区块链节点信息。The node database is a database configured in the cloud server for storing blockchain node information. The node database contains node information corresponding to each dimension type. The blockchain network contains multiple storage channels, each storage channel corresponds to a dimension type, and each storage channel can store information of a corresponding dimension type. The encrypted sensitive information contains multiple encrypted combination information, each encrypted combination information corresponds to a dimension type. According to the dimension type corresponding to each encrypted combination information, the node information corresponding to the corresponding dimension type can be obtained from the node database as the blockchain node information corresponding to each encrypted combination information.

S132、根据所述区块链节点信息将每一所述加密组合信息分别上传至相应区块链节点信息对应的区块链节点进行存储。S132. According to the blockchain node information, each encrypted combination of information is uploaded to the blockchain node corresponding to the corresponding blockchain node information for storage.

可根据每一加密组合信息对应的区块链节点信息,区块链节点信息即包含相应区块链节点的网络地址,则将每一加密组合信息分别上传至与相应区块链节点信息对应的区块链节点中进行存储,也即实现了对每一加密组合信息分别进行分布式存储的目的,由于加密敏感信息拆分为多个加密组合信息分别进行分布式存储,这一存储过程也即是对加密敏感信息进行分段存储。According to the blockchain node information corresponding to each encrypted combination information, the blockchain node information includes the network address of the corresponding blockchain node. Then, each encrypted combination information can be uploaded to the blockchain node corresponding to the corresponding blockchain node information for storage, thereby achieving the purpose of distributed storage of each encrypted combination information. Since the encrypted sensitive information is split into multiple encrypted combination information for distributed storage, this storage process is also segmented storage of the encrypted sensitive information.

S140、若所述第二终端接收到用户输入的用户登录信息,发送所述用户登录信息至所述云服务器以获取所述云服务器对所述用户登录信息进行验证所得到的验证结果。S140: If the second terminal receives the user login information input by the user, the second terminal sends the user login information to the cloud server to obtain a verification result obtained by the cloud server verifying the user login information.

若所述第二终端接收到用户输入的用户登录信息,发送所述用户登录信息至所述云服务器以获取所述云服务器对所述用户登录信息进行验证所得到的验证结果。第二终端同样可接收用户输入的用户登录信息,则第二终端可将用户输入的用户登录信息发送至云服务器进行验证,具体的,对用户登录信息进行验证的过程与对第一终端所接收到的登录信息进行验证的过程相同。若用户登录信息的验证结果为验证通过,则继续执行后续步骤,若验证结果为验证不通过,则云服务器可反馈验证不通过的提示信息至第二终端。If the second terminal receives the user login information input by the user, the user login information is sent to the cloud server to obtain the verification result obtained by the cloud server verifying the user login information. The second terminal can also receive the user login information input by the user, so the second terminal can send the user login information input by the user to the cloud server for verification. Specifically, the process of verifying the user login information is the same as the process of verifying the login information received by the first terminal. If the verification result of the user login information is verification passed, the subsequent steps are continued. If the verification result is verification failed, the cloud server can feedback a prompt message of verification failure to the second terminal.

S150、若所述第二终端接收到所述云服务器反馈的验证结果为验证通过,发送与所述用户登录信息对应的信息获取请求至所述云服务器。S150: If the verification result fed back by the cloud server received by the second terminal is that the verification is passed, send an information acquisition request corresponding to the user login information to the cloud server.

若所述第二终端接收到所述云服务器反馈的验证结果为验证通过,发送与所述用户登录信息对应的信息获取请求至所述云服务器。若对用户登录信息的验证结果为验证通过,则第二终端可基于用户登录信息生成对应的信息获取请求并发送至云服务器。If the verification result fed back by the cloud server received by the second terminal is that the verification is passed, an information acquisition request corresponding to the user login information is sent to the cloud server. If the verification result of the user login information is that the verification is passed, the second terminal can generate a corresponding information acquisition request based on the user login information and send it to the cloud server.

在一实施例中,如图7所示,步骤S150包括子步骤S151和S152。In one embodiment, as shown in FIG. 7 , step S150 includes sub-steps S151 and S152 .

S151、根据所述签名规则对所述用户登录信息中的用户标识信息进行签名得到对应的用户标识签名信息。S151. Sign the user identification information in the user login information according to the signature rule to obtain corresponding user identification signature information.

具体的,可根据签名规则对用户登录信息中包含的用户标识信息进行签名,对用户登录信息的用户标识信息进行签名的具体过程与对登录信息的用户标识信息进行签名的过程相同。则采用相同方法对用户登录信息中的用户标识信息进行签名后,即可得到对应的用户标识签名信息。Specifically, the user identification information included in the user login information can be signed according to the signature rule, and the specific process of signing the user identification information of the user login information is the same as the process of signing the user identification information of the login information. After the user identification information in the user login information is signed by the same method, the corresponding user identification signature information can be obtained.

S152、根据所述用户标识签名信息生成对应的信息获取请求并发送至所述云服务器。S152: Generate a corresponding information acquisition request according to the user identification signature information and send it to the cloud server.

可基于用户标识签名信息生成对应的信息获取请求,则所生成的信息获取请求可以包括用户标识签名信息、时间戳、终端网络地址信息等,时间戳即为生成信息获取请求的具体时间信息,终端网络地址信息即为第二终端对应的网络地址(IP地址)。A corresponding information acquisition request can be generated based on the user identification signature information, and the generated information acquisition request can include user identification signature information, timestamp, terminal network address information, etc. The timestamp is the specific time information for generating the information acquisition request, and the terminal network address information is the network address (IP address) corresponding to the second terminal.

S160、若所述云服务器接收到所述信息获取请求,从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端。S160. If the cloud server receives the information acquisition request, it obtains encrypted information matching the information acquisition request from the blockchain network and feeds it back to the second terminal.

若所述云服务器接收到所述信息获取请求,从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端。云服务器接收到信息获取请求后,可判断信息获取请求是否满足相应的获取条件。若所述信息获取请求满足所述获取条件,则执行所述从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端的步骤;若所述信息获取请求不满足所述获取条件,反馈信息获取失败的提示信息至所述第二终端。If the cloud server receives the information acquisition request, it obtains the encrypted information matching the information acquisition request from the blockchain network and feeds it back to the second terminal. After receiving the information acquisition request, the cloud server can determine whether the information acquisition request meets the corresponding acquisition conditions. If the information acquisition request meets the acquisition conditions, the step of obtaining the encrypted information matching the information acquisition request from the blockchain network and feeding it back to the second terminal is executed; if the information acquisition request does not meet the acquisition conditions, a prompt message indicating that the information acquisition failed is fed back to the second terminal.

具体的,获取条件中可包含预设时间及网络地址黑名单;判断所述信息获取请求是否满足预置的获取条件,包括:判断所述信息获取请求的时间戳是否超出所述预设时间;判断所述信息获取请求的终端网络地址信息是否不包含于所述网络地址黑名单中;若所述时间戳未超出所述预设时间且所述终端网络地址信息不包含于所述网络地址黑名单中,判定所述信息获取请求是否满足所述获取条件。Specifically, the acquisition conditions may include a preset time and a network address blacklist; judging whether the information acquisition request satisfies the preset acquisition conditions includes: judging whether the timestamp of the information acquisition request exceeds the preset time; judging whether the terminal network address information of the information acquisition request is not included in the network address blacklist; if the timestamp does not exceed the preset time and the terminal network address information is not included in the network address blacklist, judging whether the information acquisition request satisfies the acquisition conditions.

可首先对时间戳是否超出预设时间进行判断,之后可再判断终端网络地址信息是否为合法地址信息,如预设时间可以是2分钟,则可判断时间戳是否为当前时间之前2分钟以内的时间点,若时间戳为当前时间之前2分钟以内的时间点则判断时间戳未超出预设时间,否则判断时间戳超出了预设时间,如获取条件中可配置网络地址黑名单,验证信息获取请求中的终端网络地址信息是否不包含于网络地址黑名单中,以判断终端网络地址信息是否为合法地址信息。若判断得到时间戳未超出预设时间且终端网络地址信息为合法地址信息,则可判定该信息获取请求满足获取条件,即可根据信息获取请求中的用户标识签名信息从区块链网络中获取与该用户标识签名信息相匹配的加密信息,并根据该信息获取请求中的终端网络地址信息将该加密信息发送至相应终端。若判断得到时间戳超出预设时间或终端网络地址信息不为合法地址信息,则可判定该信息获取请求不满足获取条件,此时可反馈信息获取失败的提示信息至所述第二终端。First, it can be judged whether the timestamp exceeds the preset time, and then it can be judged whether the terminal network address information is legal address information. If the preset time can be 2 minutes, it can be judged whether the timestamp is a time point within 2 minutes before the current time. If the timestamp is a time point within 2 minutes before the current time, it is judged that the timestamp does not exceed the preset time. Otherwise, it is judged that the timestamp exceeds the preset time. If the network address blacklist can be configured in the acquisition condition, it is verified whether the terminal network address information in the information acquisition request is not included in the network address blacklist to determine whether the terminal network address information is legal address information. If it is judged that the timestamp does not exceed the preset time and the terminal network address information is legal address information, it can be judged that the information acquisition request meets the acquisition condition, and the encrypted information matching the user identification signature information can be obtained from the blockchain network according to the user identification signature information in the information acquisition request, and the encrypted information is sent to the corresponding terminal according to the terminal network address information in the information acquisition request. If it is judged that the timestamp exceeds the preset time or the terminal network address information is not legal address information, it can be judged that the information acquisition request does not meet the acquisition condition, and at this time, a prompt message of information acquisition failure can be fed back to the second terminal.

S170、若所述第二终端接收到所述云服务器根据所述信息获取请求反馈的加密信息,根据所述用户登录信息对所述加密信息进行解密得到对应的解密敏感信息。S170: If the second terminal receives the encrypted information fed back by the cloud server according to the information acquisition request, the encrypted information is decrypted according to the user login information to obtain corresponding decrypted sensitive information.

若第二终端接收到所述云服务器根据所述信息获取请求反馈的加密信息,根据所述用户登录信息对所述加密信息进行解密得到对应的解密敏感信息。第二终端接收到加密信息后,即可根据用户输入第二终端的用户登录信息对加密信息进行解密,得到相应的解密敏感信息。If the second terminal receives the encrypted information fed back by the cloud server according to the information acquisition request, the encrypted information is decrypted according to the user login information to obtain the corresponding decrypted sensitive information. After the second terminal receives the encrypted information, it can decrypt the encrypted information according to the user login information input by the user into the second terminal to obtain the corresponding decrypted sensitive information.

在一实施例中,如图8所示,步骤S170包括子步骤S171、S172和S173。In one embodiment, as shown in FIG. 8 , step S170 includes sub-steps S171 , S172 , and S173 .

S171、根据所述用户登录信息及每一所述维度类型的维度标识生成与每一所述维度类型对应的维度解密秘钥。S171. Generate a dimension decryption key corresponding to each dimension type according to the user login information and the dimension identifier of each dimension type.

用户登录信息中包含相应的用户登录密码,可将用户登录密码与每一维度类型的维度标识分别进行组合,以生成与每一维度类型对应的维度解密秘钥,获取维度解密秘钥的具体过程与获取维度加密秘钥的具体过程相同,在此不做赘述。The user login information includes the corresponding user login password. The user login password can be combined with the dimension identifier of each dimension type to generate a dimension decryption key corresponding to each dimension type. The specific process of obtaining the dimension decryption key is the same as the specific process of obtaining the dimension encryption key, which will not be repeated here.

S172、根据所述加密规则及每一所述维度解密秘钥对所述加密信息中与相应维度类型对应的加密段信息分别进行解密处理,得到与每一所述维度类型对应的解密信息。S172. Decrypt the encrypted segment information corresponding to the corresponding dimensional type in the encrypted information according to the encryption rule and each dimensional decryption key to obtain decrypted information corresponding to each dimensional type.

可根据加密规则及每一维度类型的维度解密秘钥对加密信息进行解密处理,得到每一维度类型对应的解密信息。具体的,可根据每一所述维度类型对应的维度解密秘钥进行秘钥扩展,得到每一所述维度解密秘钥对应的解密秘钥数组,获取解密秘钥数组的过程与获取加密秘钥数组的过程相同,在此不作赘述。之后即可基于每一维度类型对应的解密秘钥数组对每一维度类型的加密段信息分别进行解密处理,解密处理即为加密处理的逆运算过程,再次不作赘述。对每一加密信息段分别进行解密处理后即可得到与每一加密信息段对应的解密字符串,对解密字符串进行你编码转换,即可将以16进制表示的解密字符串还原为具体的解密信息。The encrypted information can be decrypted according to the encryption rules and the dimensional decryption key of each dimensional type to obtain the decrypted information corresponding to each dimensional type. Specifically, the key expansion can be performed according to the dimensional decryption key corresponding to each dimensional type to obtain the decryption key array corresponding to each dimensional decryption key. The process of obtaining the decryption key array is the same as the process of obtaining the encryption key array, which will not be described in detail here. After that, the encrypted segment information of each dimensional type can be decrypted separately based on the decryption key array corresponding to each dimensional type. The decryption process is the inverse operation process of the encryption process, which will not be described in detail again. After decrypting each encrypted information segment separately, the decrypted string corresponding to each encrypted information segment can be obtained. The decrypted string can be converted to the code, and the decrypted string represented in hexadecimal can be restored to the specific decrypted information.

S173、将每一所述维度类型对应的解密信息进行组合得到所述解密敏感信息。S173. Combine the decrypted information corresponding to each dimension type to obtain the decrypted sensitive information.

对每一维度类型所得到的解密信息进行组合,即可得到解密敏感信息,则解密敏感信息中包含一个用户完整的敏感信息。By combining the decrypted information obtained from each dimension type, the decrypted sensitive information can be obtained, and the decrypted sensitive information contains complete sensitive information of a user.

本申请中的技术方法可应用于智慧政务/智慧城管/智慧社区/智慧安防/智慧物流/智慧医疗/智慧教育/智慧环保/智慧交通等包含基于区块链网络对信息进行加密存储的场景中,从而推动智慧城市的建设。The technical method in this application can be applied to scenarios such as smart government affairs/smart urban management/smart communities/smart security/smart logistics/smart medical care/smart education/smart environmental protection/smart transportation that involve encrypted storage of information based on blockchain networks, thereby promoting the construction of smart cities.

在本发明实施例所提供的基于区块链的信息加密存储方法中,第一终端接收登录信息并发送至云服务器进行验证,若验证通过则对用户输入的敏感信息进行加密得到加密敏感信息发送至云服务器,云服务器将加密敏感信息上传至区块链网络进行分段存储,第二终端接收用户登录信息并发送至云服务器进行验证,若验证通过则生成信息获取请求发送至云服务器,云服务器获取与信息获取请求对应的加密信息反馈至第二终端,第二终端根据用户登录信息对加密信息进行解密得到解密敏感信息。通过上述方法,可将敏感信息加密并上传至区块链网络进行分段存储,避免用户敏感信息被泄露,提高了对用户敏感信息进行存储的安全性。In the information encryption storage method based on blockchain provided in the embodiment of the present invention, the first terminal receives the login information and sends it to the cloud server for verification. If the verification is successful, the sensitive information input by the user is encrypted to obtain the encrypted sensitive information and sent to the cloud server. The cloud server uploads the encrypted sensitive information to the blockchain network for segmented storage. The second terminal receives the user login information and sends it to the cloud server for verification. If the verification is successful, an information acquisition request is generated and sent to the cloud server. The cloud server obtains the encrypted information corresponding to the information acquisition request and feeds it back to the second terminal. The second terminal decrypts the encrypted information according to the user login information to obtain the decrypted sensitive information. Through the above method, sensitive information can be encrypted and uploaded to the blockchain network for segmented storage, which prevents the user's sensitive information from being leaked and improves the security of storing user sensitive information.

本发明实施例还提供一种基于区块链的信息加密存储系统,该基于区块链的信息加密存储系统用于执行前述的基于区块链的信息加密存储方法的任一实施例,具体地,请参阅图9,图9为本发明实施例提供的基于区块链的信息加密存储系统的示意性框图。An embodiment of the present invention also provides a blockchain-based information encryption storage system, which is used to execute any embodiment of the aforementioned blockchain-based information encryption storage method. Specifically, please refer to Figure 9, which is a schematic block diagram of the blockchain-based information encryption storage system provided by an embodiment of the present invention.

如图9所示,基于区块链的信息加密存储系统100包括第一终端10、第二终端20及区块链网络30,所述第一终端10及所述第二终端20同时与所述区块链网络30中的云服务器31通过网络连接以进行数据信息的传输。其中,所述第一终端10包括:登录信息验证单元11,用于若接收到用户输入的登录信息,发送所述登录信息至所述云服务器以获取所述云服务器对所述登录信息进行验证所得到的验证结果;敏感信息加密单元12,用于若接收到所述云服务器反馈的验证结果为验证通过,根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器;所述云服务器31包括:信息存储单元311,用于若接收到所述加密敏感信息,将所述加密敏感信息上传至所述区块链网络进行分段存储;加密信息反馈单元312,用于若接收到所述信息获取请求,从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端;所述第二终端20包括:用户登录信息验证单元21,用于若接收到用户输入的用户登录信息,发送所述用户登录信息至所述云服务器以获取所述云服务器对所述用户登录信息进行验证所得到的验证结果;信息获取请求发送单元22,用于若接收到所述云服务器反馈的验证结果为验证通过,发送与所述用户登录信息对应的信息获取请求至所述云服务器;加密信息解密单元23,用于若接收到所述云服务器根据所述信息获取请求反馈的加密信息,根据所述用户登录信息对所述加密信息进行解密得到对应的解密敏感信息。As shown in FIG9 , the information encryption storage system 100 based on blockchain includes a first terminal 10, a second terminal 20 and a blockchain network 30. The first terminal 10 and the second terminal 20 are simultaneously connected to the cloud server 31 in the blockchain network 30 through a network to transmit data information. Among them, the first terminal 10 includes: a login information verification unit 11, which is used to send the login information to the cloud server to obtain the verification result obtained by the cloud server for verifying the login information if the login information input by the user is received; a sensitive information encryption unit 12, which is used to encrypt the sensitive information input by the user according to the preset encryption rules and the login information to obtain encrypted sensitive information and send it to the cloud server if the verification result fed back by the cloud server is that the verification is passed; the cloud server 31 includes: an information storage unit 311, which is used to upload the encrypted sensitive information to the blockchain network for segmented storage if the encrypted sensitive information is received; an encrypted information feedback unit 312, which is used to obtain the encrypted sensitive information from the blockchain if the information acquisition request is received. The second terminal 20 comprises: a user login information verification unit 21, which is used to send the user login information to the cloud server to obtain the verification result obtained by the cloud server for verifying the user login information if the user login information input by the user is received; an information acquisition request sending unit 22, which is used to send the information acquisition request corresponding to the user login information to the cloud server if the verification result fed back by the cloud server is that the verification is passed; an encrypted information decryption unit 23, which is used to decrypt the encrypted information according to the user login information to obtain the corresponding decrypted sensitive information if the encrypted information fed back by the cloud server according to the information acquisition request is received.

在一实施例中,所述敏感信息加密单元12包括子单元:拆分信息获取单元,用于根据所述加密规则包含的维度类型对所述敏感信息进行拆分得到每一维度类型对应的拆分信息;维度加密秘钥获取单元,用于根据所述登录信息及每一所述维度类型的维度标识生成与每一所述维度类型对应的维度加密秘钥;加密拆分信息获取单元,用于根据所述加密规则及每一所述维度加密秘钥对相应维度类型对应的拆分信息分别进行加密处理,得到每一所述维度类型对应的加密拆分信息;加密敏感信息获取单元,用于对所述加密拆分信息与所述登录信息进行组合得到与所述敏感信息对应的加密敏感信息。In one embodiment, the sensitive information encryption unit 12 includes sub-units: a split information acquisition unit, which is used to split the sensitive information according to the dimension type included in the encryption rule to obtain split information corresponding to each dimension type; a dimension encryption key acquisition unit, which is used to generate a dimension encryption key corresponding to each dimension type according to the login information and the dimension identifier of each dimension type; an encrypted split information acquisition unit, which is used to encrypt the split information corresponding to the corresponding dimension type according to the encryption rule and each dimension encryption key to obtain encrypted split information corresponding to each dimension type; an encrypted sensitive information acquisition unit, which is used to combine the encrypted split information with the login information to obtain encrypted sensitive information corresponding to the sensitive information.

在一实施例中,所述加密拆分信息获取单元包括子单元:编码字符串获取单元,用于根据所述加密规则中的编码转换信息对每一所述拆分信息进行编码转换得到对应的编码字符串;加密秘钥数组获取单元,用于根据每一所述维度类型对应的维度加密秘钥进行秘钥扩展,得到每一所述维度加密秘钥对应的加密秘钥数组;加密处理单元,用于根据每一所述加密秘钥数组分别对与每一所述加密秘钥数组对应的编码字符串进行加密处理,得到与每一所述编码字符串对应的加密拆分信息。In one embodiment, the encrypted split information acquisition unit includes sub-units: a coding string acquisition unit, which is used to perform coding conversion on each of the split information according to the coding conversion information in the encryption rule to obtain a corresponding coding string; an encryption key array acquisition unit, which is used to perform key expansion according to the dimensional encryption key corresponding to each of the dimensional types to obtain an encryption key array corresponding to each of the dimensional encryption keys; an encryption processing unit, which is used to perform encryption processing on the coding strings corresponding to each of the encryption key arrays according to each of the encryption key arrays to obtain encrypted split information corresponding to each of the coding strings.

在一实施例中,所述加密敏感信息获取单元包括子单元:标识签名信息获取单元,用于根据所述加密规则中的签名规则对所述登录信息中的用户标识信息进行签名得到对应的标识签名信息;信息组合单元,用于将所述标识签名信息与所述敏感信息的每一加密拆分信息进行组合,将组合后得到的与每一所述加密拆分信息对应的加密组合信息作为所述加密敏感信息。In one embodiment, the encrypted sensitive information acquisition unit includes sub-units: an identification signature information acquisition unit, which is used to sign the user identification information in the login information according to the signature rule in the encryption rule to obtain corresponding identification signature information; an information combination unit, which is used to combine the identification signature information with each encrypted split information of the sensitive information, and use the encrypted combination information corresponding to each encrypted split information obtained after the combination as the encrypted sensitive information.

在一实施例中,所述信息存储单元311包括子单元:区块链节点信息获取单元,用于根据所述加密信息中每一所述加密组合信息对应的维度类型获取预存的节点数据库中与每一所述加密组合信息对应的区块链节点信息;加密组合信息上传单元,用于根据所述区块链节点信息将每一所述加密组合信息分别上传至相应区块链节点信息对应的区块链节点进行存储。In one embodiment, the information storage unit 311 includes sub-units: a blockchain node information acquisition unit, which is used to acquire the blockchain node information corresponding to each encrypted combination information in a pre-stored node database according to the dimension type corresponding to each encrypted combination information in the encrypted information; an encrypted combination information uploading unit, which is used to upload each encrypted combination information to the blockchain node corresponding to the corresponding blockchain node information for storage according to the blockchain node information.

在一实施例中,所述信息获取请求发送单元22包括子单元:用户标识签名信息获取单元,用于根据所述签名规则对所述用户登录信息中的用户标识信息进行签名得到对应的用户标识签名信息;请求发送单元,用于根据所述用户标识签名信息生成对应的信息获取请求并发送至所述云服务器。In one embodiment, the information acquisition request sending unit 22 includes sub-units: a user identification signature information acquisition unit, which is used to sign the user identification information in the user login information according to the signature rule to obtain the corresponding user identification signature information; a request sending unit, which is used to generate a corresponding information acquisition request according to the user identification signature information and send it to the cloud server.

在一实施例中,所述加密信息解密单元23包括子单元:维度解密秘钥获取单元,用于根据所述用户登录信息及每一所述维度类型的维度标识生成与每一所述维度类型对应的维度解密秘钥;解密信息获取单元,用于根据所述加密规则及每一所述维度解密秘钥对所述加密信息中与相应维度类型对应的加密段信息分别进行解密处理,得到与每一所述维度类型对应的解密信息;解密信息组合单元,用于将每一所述维度类型对应的解密信息进行组合得到所述解密敏感信息。In one embodiment, the encrypted information decryption unit 23 includes sub-units: a dimension decryption key acquisition unit, which is used to generate a dimension decryption key corresponding to each dimension type according to the user login information and the dimension identifier of each dimension type; a decryption information acquisition unit, which is used to decrypt the encrypted segment information corresponding to the corresponding dimension type in the encrypted information according to the encryption rule and each dimension decryption key, and obtain decrypted information corresponding to each dimension type; a decryption information combination unit, which is used to combine the decrypted information corresponding to each dimension type to obtain the decrypted sensitive information.

在本发明实施例所提供的基于区块链的信息加密存储系统应用上述基于区块链的信息加密存储方法,第一终端接收登录信息并发送至云服务器进行验证,若验证通过则对用户输入的敏感信息进行加密得到加密敏感信息发送至云服务器,云服务器将加密敏感信息上传至区块链网络进行分段存储,第二终端接收用户登录信息并发送至云服务器进行验证,若验证通过则生成信息获取请求发送至云服务器,云服务器获取与信息获取请求对应的加密信息反馈至第二终端,第二终端根据用户登录信息对加密信息进行解密得到解密敏感信息。通过上述方法,可将敏感信息加密并上传至区块链网络进行分段存储,避免用户敏感信息被泄露,提高了对用户敏感信息进行存储的安全性。The blockchain-based information encryption storage system provided in the embodiment of the present invention applies the above-mentioned blockchain-based information encryption storage method. The first terminal receives the login information and sends it to the cloud server for verification. If the verification is successful, the sensitive information input by the user is encrypted to obtain the encrypted sensitive information and sent to the cloud server. The cloud server uploads the encrypted sensitive information to the blockchain network for segmented storage. The second terminal receives the user login information and sends it to the cloud server for verification. If the verification is successful, an information acquisition request is generated and sent to the cloud server. The cloud server obtains the encrypted information corresponding to the information acquisition request and feeds it back to the second terminal. The second terminal decrypts the encrypted information according to the user login information to obtain the decrypted sensitive information. Through the above method, sensitive information can be encrypted and uploaded to the blockchain network for segmented storage, which prevents the user's sensitive information from being leaked and improves the security of storing user sensitive information.

上述基于区块链的信息加密存储系统可以实现为计算机程序的形式,该计算机程序可以在如图10所示的计算机设备上运行。The above-mentioned blockchain-based information encryption storage system can be implemented in the form of a computer program, which can be run on a computer device as shown in FIG10 .

请参阅图10,图10是本发明实施例提供的计算机设备的示意性框图。该计算机设备可以是用于执行基于区块链的信息加密存储方法以实现基于区块链网络对信息进行加密存储的第一终端10、用于执行基于区块链的信息加密存储方法以实现基于区块链网络对信息进行加密存储的第二终端20或者用于执行区块链的信息加密存储方法以实现基于区块链网络对信息进行加密存储的云服务器31。Please refer to Figure 10, which is a schematic block diagram of a computer device provided in an embodiment of the present invention. The computer device may be a first terminal 10 for executing a blockchain-based information encryption storage method to implement encrypted storage of information based on a blockchain network, a second terminal 20 for executing a blockchain-based information encryption storage method to implement encrypted storage of information based on a blockchain network, or a cloud server 31 for executing a blockchain-based information encryption storage method to implement encrypted storage of information based on a blockchain network.

参阅图10,该计算机设备500包括通过系统总线501连接的处理器502、存储器和网络接口505,其中,存储器可以包括存储介质503和内存储器504。10 , the computer device 500 includes a processor 502 , a memory, and a network interface 505 connected via a system bus 501 , wherein the memory may include a storage medium 503 and an internal memory 504 .

该存储介质503可存储操作系统5031和计算机程序5032。该计算机程序5032被执行时,可使得处理器502执行基于区块链的信息加密存储方法,其中,存储介质503可以为易失性的存储介质或非易失性的存储介质。The storage medium 503 can store an operating system 5031 and a computer program 5032. When the computer program 5032 is executed, the processor 502 can execute the information encryption storage method based on blockchain, wherein the storage medium 503 can be a volatile storage medium or a non-volatile storage medium.

该处理器502用于提供计算和控制能力,支撑整个计算机设备500的运行。The processor 502 is used to provide computing and control capabilities to support the operation of the entire computer device 500 .

该内存储器504为存储介质503中的计算机程序5032的运行提供环境,该计算机程序5032被处理器502执行时,可使得处理器502执行基于区块链的信息加密存储方法。The internal memory 504 provides an environment for the operation of the computer program 5032 in the storage medium 503. When the computer program 5032 is executed by the processor 502, the processor 502 can execute the information encryption storage method based on the blockchain.

该网络接口505用于进行网络通信,如提供数据信息的传输等。本领域技术人员可以理解,图10中示出的结构,仅仅是与本发明方案相关的部分结构的框图,并不构成对本发明方案所应用于其上的计算机设备500的限定,具体的计算机设备500可以包括比图中所示更多或更少的部件,或者组合某些部件,或者具有不同的部件布置。The network interface 505 is used for network communication, such as providing data information transmission, etc. Those skilled in the art can understand that the structure shown in FIG10 is only a block diagram of a part of the structure related to the solution of the present invention, and does not constitute a limitation on the computer device 500 to which the solution of the present invention is applied. The specific computer device 500 may include more or less components than those shown in the figure, or combine some components, or have a different arrangement of components.

其中,所述处理器502用于运行存储在存储器中的计算机程序5032,以实现上述的基于区块链的信息加密存储方法中对应的功能。The processor 502 is used to run a computer program 5032 stored in the memory to implement the corresponding functions in the above-mentioned blockchain-based information encryption storage method.

本领域技术人员可以理解,图10中示出的计算机设备的实施例并不构成对计算机设备具体构成的限定,在其他实施例中,计算机设备可以包括比图示更多或更少的部件,或者组合某些部件,或者不同的部件布置。例如,在一些实施例中,计算机设备可以仅包括存储器及处理器,在这样的实施例中,存储器及处理器的结构及功能与图10所示实施例一致,在此不再赘述。Those skilled in the art will appreciate that the embodiment of the computer device shown in FIG10 does not constitute a limitation on the specific composition of the computer device. In other embodiments, the computer device may include more or fewer components than shown in the figure, or combine certain components, or arrange the components differently. For example, in some embodiments, the computer device may only include a memory and a processor. In such an embodiment, the structure and function of the memory and the processor are consistent with the embodiment shown in FIG10, and will not be described in detail here.

应当理解,在本发明实施例中,处理器502可以是中央处理单元(CentralProcessing Unit,CPU),该处理器502还可以是其他通用处理器、数字信号处理器(DigitalSignal Processor,DSP)、专用集成电路(Application Specific Integrated Circuit,ASIC)、现成可编程门阵列(Field-Programmable Gate Array,FPGA)或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。其中,通用处理器可以是微处理器或者该处理器也可以是任何常规的处理器等。It should be understood that in the embodiment of the present invention, the processor 502 may be a central processing unit (CPU), and the processor 502 may also be other general-purpose processors, digital signal processors (DSP), application-specific integrated circuits (ASIC), field-programmable gate arrays (FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. Among them, the general-purpose processor may be a microprocessor or the processor may also be any conventional processor, etc.

在本发明的另一实施例中提供计算机可读存储介质。该计算机可读存储介质可以为易失性或非易失性的计算机可读存储介质。该计算机可读存储介质存储有第一计算机程序、第二计算机程序或第三计算机程序,当所述第一计算机程序被第一处理器执行、所述第二计算机程序被第二处理器执行且所述第三计算机程序被第三处理器执行时共同实现如上述的基于区块链的信息加密存储方法。In another embodiment of the present invention, a computer-readable storage medium is provided. The computer-readable storage medium may be a volatile or non-volatile computer-readable storage medium. The computer-readable storage medium stores a first computer program, a second computer program, or a third computer program, and when the first computer program is executed by a first processor, the second computer program is executed by a second processor, and the third computer program is executed by a third processor, the above-mentioned blockchain-based information encryption storage method is jointly implemented.

所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,上述描述的设备、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、计算机软件或者二者的结合来实现,为了清楚地说明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各示例的组成及步骤。这些功能究竟以硬件还是软件方式来执行取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本发明的范围。Those skilled in the art can clearly understand that, for the convenience and simplicity of description, the specific working process of the above-described equipment, devices and units can refer to the corresponding process in the aforementioned method embodiment, and will not be repeated here. Those of ordinary skill in the art can appreciate that the units and algorithm steps of each example described in conjunction with the embodiments disclosed herein can be implemented with electronic hardware, computer software or a combination of the two. In order to clearly illustrate the interchangeability of hardware and software, the composition and steps of each example have been generally described in the above description according to the function. Whether these functions are executed in hardware or software depends on the specific application and design constraints of the technical solution. Professional and technical personnel can use different methods to implement the described functions for each specific application, but such implementation should not be considered to exceed the scope of the present invention.

在本发明所提供的几个实施例中,应该理解到,所揭露的设备、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为逻辑功能划分,实际实现时可以有另外的划分方式,也可以将具有相同功能的单元集合成一个单元,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另外,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口、装置或单元的间接耦合或通信连接,也可以是电的,机械的或其它的形式连接。In the several embodiments provided by the present invention, it should be understood that the disclosed equipment, devices and methods can be implemented in other ways. For example, the device embodiments described above are only schematic. For example, the division of the units is only a logical function division. There may be other division methods in actual implementation. Units with the same function may also be combined into one unit. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. In addition, the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interfaces, devices or units, or may be an electrical, mechanical or other form of connection.

所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本发明实施例方案的目的。The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place or distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the embodiments of the present invention.

另外,在本发明各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以是两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit. The above-mentioned integrated unit may be implemented in the form of hardware or in the form of software functional units.

所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分,或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个计算机可读存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的计算机可读存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention is essentially or the part that contributes to the prior art, or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a computer-readable storage medium, including a number of instructions for a computer device (which can be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method described in each embodiment of the present invention. The aforementioned computer-readable storage medium includes: various media that can store program codes, such as a USB flash drive, a mobile hard disk, a read-only memory (ROM, Read-Only Memory), a magnetic disk or an optical disk.

以上所述,仅为本发明的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本发明揭露的技术范围内,可轻易想到各种等效的修改或替换,这些修改或替换都应涵盖在本发明的保护范围之内。因此,本发明的保护范围应以权利要求的保护范围为准。The above is only a specific embodiment of the present invention, but the protection scope of the present invention is not limited thereto. Any person skilled in the art can easily think of various equivalent modifications or substitutions within the technical scope disclosed by the present invention, and these modifications or substitutions should be included in the protection scope of the present invention. Therefore, the protection scope of the present invention shall be based on the protection scope of the claims.

Claims (8)

1.一种基于区块链的信息加密存储方法,其特征在于,所述方法应用于基于区块链的信息加密存储系统,所述系统包括第一终端、第二终端及区块链网络,所述第一终端及所述第二终端同时与所述区块链网络中的云服务器通过网络连接以进行数据信息的传输,所述方法包括:1. A blockchain-based information encryption storage method, characterized in that the method is applied to a blockchain-based information encryption storage system, the system comprising a first terminal, a second terminal and a blockchain network, the first terminal and the second terminal are simultaneously connected to a cloud server in the blockchain network through a network to transmit data information, the method comprising: 若所述第一终端接收到用户输入的登录信息,发送所述登录信息至所述云服务器以获取所述云服务器对所述登录信息进行验证所得到的验证结果;If the first terminal receives the login information input by the user, the first terminal sends the login information to the cloud server to obtain a verification result obtained by the cloud server verifying the login information; 若所述第一终端接收到所述云服务器反馈的验证结果为验证通过,根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器;If the verification result fed back by the cloud server received by the first terminal is that the verification is passed, the sensitive information input by the user is encrypted according to the preset encryption rule and the login information to obtain encrypted sensitive information and send it to the cloud server; 若所述云服务器接收到所述加密敏感信息,将所述加密敏感信息上传至所述区块链网络进行分段存储;If the cloud server receives the encrypted sensitive information, it uploads the encrypted sensitive information to the blockchain network for segmented storage; 若所述第二终端接收到用户输入的用户登录信息,发送所述用户登录信息至所述云服务器以获取所述云服务器对所述用户登录信息进行验证所得到的验证结果;If the second terminal receives the user login information input by the user, the second terminal sends the user login information to the cloud server to obtain a verification result obtained by the cloud server verifying the user login information; 若所述第二终端接收到所述云服务器反馈的验证结果为验证通过,发送与所述用户登录信息对应的信息获取请求至所述云服务器;If the verification result fed back by the cloud server received by the second terminal is that the verification is passed, sending an information acquisition request corresponding to the user login information to the cloud server; 若所述云服务器接收到所述信息获取请求,从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端;If the cloud server receives the information acquisition request, it obtains encrypted information matching the information acquisition request from the blockchain network and feeds it back to the second terminal; 若所述第二终端接收到所述云服务器根据所述信息获取请求反馈的加密信息,根据所述用户登录信息对所述加密信息进行解密得到对应的解密敏感信息;其中,If the second terminal receives the encrypted information fed back by the cloud server according to the information acquisition request, the encrypted information is decrypted according to the user login information to obtain the corresponding decrypted sensitive information; wherein, 所述根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器,包括:The step of encrypting the sensitive information input by the user according to the preset encryption rule and the login information to obtain the encrypted sensitive information and sending the encrypted sensitive information to the cloud server includes: 根据所述加密规则包含的维度类型对所述敏感信息进行拆分得到每一维度类型对应的拆分信息;Splitting the sensitive information according to the dimension types included in the encryption rule to obtain split information corresponding to each dimension type; 根据所述登录信息及每一所述维度类型的维度标识生成与每一所述维度类型对应的维度加密秘钥;Generate a dimension encryption key corresponding to each dimension type according to the login information and the dimension identifier of each dimension type; 根据所述加密规则及每一所述维度加密秘钥对相应维度类型对应的拆分信息分别进行加密处理,得到每一所述维度类型对应的加密拆分信息;According to the encryption rule and each dimension encryption key, the split information corresponding to the corresponding dimension type is encrypted respectively to obtain the encrypted split information corresponding to each dimension type; 对所述加密拆分信息与所述登录信息进行组合得到与所述敏感信息对应的加密敏感信息;其中,The encrypted split information and the login information are combined to obtain encrypted sensitive information corresponding to the sensitive information; wherein, 所述根据所述加密规则及每一所述维度加密秘钥对相应维度类型对应的拆分信息分别进行加密处理,得到每一所述维度类型对应的加密拆分信息,包括:The encryption process is performed on the split information corresponding to the corresponding dimension type according to the encryption rule and each dimension encryption key to obtain the encrypted split information corresponding to each dimension type, including: 根据所述加密规则中的编码转换信息对每一所述拆分信息进行编码转换得到对应的编码字符串;Performing encoding conversion on each of the split information according to the encoding conversion information in the encryption rule to obtain a corresponding encoding string; 根据每一所述维度类型对应的维度加密秘钥进行秘钥扩展,得到每一所述维度加密秘钥对应的加密秘钥数组;Perform key expansion according to the dimension encryption key corresponding to each dimension type to obtain an encryption key array corresponding to each dimension encryption key; 根据每一所述加密秘钥数组分别对与每一所述加密秘钥数组对应的编码字符串进行加密处理,得到与每一所述编码字符串对应的加密拆分信息。According to each of the encryption key arrays, the coded character string corresponding to each of the encryption key arrays is encrypted to obtain the encrypted split information corresponding to each of the coded character strings. 2.根据权利要求1所述的基于区块链的信息加密存储方法,其特征在于,所述对所述加密拆分信息与所述登录信息进行组合得到与所述敏感信息对应的加密敏感信息,包括:2. The method for encrypted information storage based on blockchain according to claim 1, characterized in that the step of combining the encrypted split information with the login information to obtain encrypted sensitive information corresponding to the sensitive information comprises: 根据所述加密规则中的签名规则对所述登录信息中的用户标识信息进行签名得到对应的标识签名信息;Signing the user identification information in the login information according to the signature rule in the encryption rule to obtain corresponding identification signature information; 将所述标识签名信息与所述敏感信息的每一加密拆分信息进行组合,将组合后得到的与每一所述加密拆分信息对应的加密组合信息作为所述加密敏感信息。The identification signature information is combined with each encrypted split information of the sensitive information, and the encrypted combination information corresponding to each encrypted split information obtained after the combination is used as the encrypted sensitive information. 3.根据权利要求1所述的基于区块链的信息加密存储方法,其特征在于,所述将所述加密敏感信息上传至所述区块链网络进行分段存储,包括:3. The method for encrypted information storage based on blockchain according to claim 1, characterized in that uploading the encrypted sensitive information to the blockchain network for segmented storage comprises: 根据所述加密信息中每一所述加密组合信息对应的维度类型获取预存的节点数据库中与每一所述加密组合信息对应的区块链节点信息;According to the dimension type corresponding to each of the encrypted combination information in the encrypted information, obtain the blockchain node information corresponding to each of the encrypted combination information in the pre-stored node database; 根据所述区块链节点信息将每一所述加密组合信息分别上传至相应区块链节点信息对应的区块链节点进行存储。According to the blockchain node information, each of the encrypted combination information is uploaded to the blockchain node corresponding to the corresponding blockchain node information for storage. 4.根据权利要求2所述的基于区块链的信息加密存储方法,其特征在于,所述发送与所述用户登录信息对应的信息获取请求至所述云服务器,包括:4. The method for encrypted information storage based on blockchain according to claim 2, characterized in that the sending of the information acquisition request corresponding to the user login information to the cloud server comprises: 根据签名规则对所述用户登录信息中的用户标识信息进行签名得到对应的用户标识签名信息;Signing the user identification information in the user login information according to the signature rule to obtain corresponding user identification signature information; 根据所述用户标识签名信息生成对应的信息获取请求并发送至所述云服务器。A corresponding information acquisition request is generated according to the user identification signature information and sent to the cloud server. 5.根据权利要求1所述的基于区块链的信息加密存储方法,其特征在于,所述根据所述用户登录信息对所述加密信息进行解密得到对应的解密敏感信息,包括:5. The method for encrypted information storage based on blockchain according to claim 1, characterized in that the decrypting of the encrypted information according to the user login information to obtain the corresponding decrypted sensitive information comprises: 根据所述用户登录信息及每一所述维度类型的维度标识生成与每一所述维度类型对应的维度解密秘钥;Generate a dimension decryption key corresponding to each dimension type according to the user login information and the dimension identifier of each dimension type; 根据所述加密规则及每一所述维度解密秘钥对所述加密信息中与相应维度类型对应的加密段信息分别进行解密处理,得到与每一所述维度类型对应的解密信息;Decrypt the encrypted segment information corresponding to the corresponding dimension type in the encrypted information according to the encryption rule and each dimension decryption key to obtain decrypted information corresponding to each dimension type; 将每一所述维度类型对应的解密信息进行组合得到所述解密敏感信息。The decrypted information corresponding to each dimension type is combined to obtain the decrypted sensitive information. 6.根据权利要求1所述的基于区块链的信息加密存储方法,其特征在于,所述从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端之前,还包括:6. The method for encrypted information storage based on blockchain according to claim 1, characterized in that before obtaining the encrypted information matching the information acquisition request from the blockchain network and feeding it back to the second terminal, it also includes: 判断所述信息获取请求是否满足预置的获取条件;Determining whether the information acquisition request meets a preset acquisition condition; 若所述信息获取请求满足所述获取条件,执行所述从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端的步骤;If the information acquisition request satisfies the acquisition condition, the step of acquiring encrypted information matching the information acquisition request from the blockchain network and feeding it back to the second terminal is performed; 若所述信息获取请求不满足所述获取条件,反馈信息获取失败的提示信息至所述第二终端。If the information acquisition request does not meet the acquisition condition, a prompt message indicating that the information acquisition failed is fed back to the second terminal. 7.根据权利要求6所述的基于区块链的信息加密存储方法,其特征在于,所述获取条件包括预设时间及网络地址黑名单,所述判断所述信息获取请求是否满足预置的获取条件,包括:7. The method for encrypted information storage based on blockchain according to claim 6, wherein the acquisition condition includes a preset time and a network address blacklist, and the step of determining whether the information acquisition request satisfies the preset acquisition condition includes: 判断所述信息获取请求的时间戳是否超出所述预设时间;Determine whether the timestamp of the information acquisition request exceeds the preset time; 判断所述信息获取请求的终端网络地址信息是否不包含于所述网络地址黑名单中;Determining whether the terminal network address information of the information acquisition request is not included in the network address blacklist; 若所述时间戳未超出所述预设时间且所述终端网络地址信息不包含于所述网络地址黑名单中,判定所述信息获取请求是否满足所述获取条件。If the timestamp does not exceed the preset time and the terminal network address information is not included in the network address blacklist, it is determined whether the information acquisition request satisfies the acquisition condition. 8.一种基于区块链的信息加密存储系统,其特征在于,所述系统包括第一终端、第二终端及区块链网络,所述第一终端及所述第二终端同时与所述区块链网络中的云服务器通过网络连接以进行数据信息的传输;8. An information encryption storage system based on blockchain, characterized in that the system includes a first terminal, a second terminal and a blockchain network, and the first terminal and the second terminal are simultaneously connected to a cloud server in the blockchain network through a network to transmit data information; 所述第一终端用于:The first terminal is used for: 若接收到用户输入的登录信息,发送所述登录信息至所述云服务器以获取所述云服务器对所述登录信息进行验证所得到的验证结果;If the login information input by the user is received, the login information is sent to the cloud server to obtain a verification result obtained by the cloud server verifying the login information; 若接收到所述云服务器反馈的验证结果为验证通过,根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器;If the verification result fed back by the cloud server is that the verification is passed, the sensitive information input by the user is encrypted according to the preset encryption rules and the login information to obtain encrypted sensitive information and send it to the cloud server; 所述云服务器用于:The cloud server is used for: 若接收到所述加密敏感信息,将所述加密敏感信息上传至所述区块链网络进行分段存储;If the encrypted sensitive information is received, uploading the encrypted sensitive information to the blockchain network for segmented storage; 若接收到所述信息获取请求,从所述区块链网络中获取与所述信息获取请求相匹配的加密信息并反馈至所述第二终端;If the information acquisition request is received, the encrypted information matching the information acquisition request is obtained from the blockchain network and fed back to the second terminal; 所述第二终端用于:The second terminal is used for: 若接收到用户输入的用户登录信息,发送所述用户登录信息至所述云服务器以获取所述云服务器对所述用户登录信息进行验证所得到的验证结果;If user login information input by the user is received, the user login information is sent to the cloud server to obtain a verification result obtained by the cloud server verifying the user login information; 若接收到所述云服务器反馈的验证结果为验证通过,发送与所述用户登录信息对应的信息获取请求至所述云服务器;If the verification result fed back by the cloud server is that the verification is passed, sending an information acquisition request corresponding to the user login information to the cloud server; 若接收到所述云服务器根据所述信息获取请求反馈的加密信息,根据所述用户登录信息对所述加密信息进行解密得到对应的解密敏感信息;其中,If the encrypted information fed back by the cloud server according to the information acquisition request is received, the encrypted information is decrypted according to the user login information to obtain the corresponding decrypted sensitive information; wherein, 所述根据预置的加密规则及所述登录信息对用户输入的敏感信息进行加密得到加密敏感信息并发送至所述云服务器,包括:The step of encrypting the sensitive information input by the user according to the preset encryption rule and the login information to obtain the encrypted sensitive information and sending the encrypted sensitive information to the cloud server includes: 根据所述加密规则包含的维度类型对所述敏感信息进行拆分得到每一维度类型对应的拆分信息;Splitting the sensitive information according to the dimension types included in the encryption rule to obtain split information corresponding to each dimension type; 根据所述登录信息及每一所述维度类型的维度标识生成与每一所述维度类型对应的维度加密秘钥;Generate a dimension encryption key corresponding to each dimension type according to the login information and the dimension identifier of each dimension type; 根据所述加密规则及每一所述维度加密秘钥对相应维度类型对应的拆分信息分别进行加密处理,得到每一所述维度类型对应的加密拆分信息;According to the encryption rule and each dimension encryption key, the split information corresponding to the corresponding dimension type is encrypted respectively to obtain the encrypted split information corresponding to each dimension type; 对所述加密拆分信息与所述登录信息进行组合得到与所述敏感信息对应的加密敏感信息;其中,The encrypted split information and the login information are combined to obtain encrypted sensitive information corresponding to the sensitive information; wherein, 所述根据所述加密规则及每一所述维度加密秘钥对相应维度类型对应的拆分信息分别进行加密处理,得到每一所述维度类型对应的加密拆分信息,包括:The encryption process is performed on the split information corresponding to the corresponding dimension type according to the encryption rule and each dimension encryption key to obtain the encrypted split information corresponding to each dimension type, including: 根据所述加密规则中的编码转换信息对每一所述拆分信息进行编码转换得到对应的编码字符串;Performing encoding conversion on each of the split information according to the encoding conversion information in the encryption rule to obtain a corresponding encoding string; 根据每一所述维度类型对应的维度加密秘钥进行秘钥扩展,得到每一所述维度加密秘钥对应的加密秘钥数组;Perform key expansion according to the dimension encryption key corresponding to each dimension type to obtain an encryption key array corresponding to each dimension encryption key; 根据每一所述加密秘钥数组分别对与每一所述加密秘钥数组对应的编码字符串进行加密处理,得到与每一所述编码字符串对应的加密拆分信息。According to each of the encryption key arrays, the coded character string corresponding to each of the encryption key arrays is encrypted to obtain the encrypted split information corresponding to each of the coded character strings.
CN202110725687.5A 2021-06-29 2021-06-29 Information encryption storage method and system based on blockchain Active CN113449338B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110725687.5A CN113449338B (en) 2021-06-29 2021-06-29 Information encryption storage method and system based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110725687.5A CN113449338B (en) 2021-06-29 2021-06-29 Information encryption storage method and system based on blockchain

Publications (2)

Publication Number Publication Date
CN113449338A CN113449338A (en) 2021-09-28
CN113449338B true CN113449338B (en) 2024-07-26

Family

ID=77813795

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110725687.5A Active CN113449338B (en) 2021-06-29 2021-06-29 Information encryption storage method and system based on blockchain

Country Status (1)

Country Link
CN (1) CN113449338B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114598469A (en) * 2022-03-16 2022-06-07 辽宁达因信息服务有限公司 Personal information encryption transmission and storage method for public security industry
CN114666065B (en) * 2022-03-28 2023-05-30 深圳大学 Message encryption transmission method, device, equipment and medium based on block chain
CN116010925B (en) * 2023-03-30 2023-07-18 中孚安全技术有限公司 Safety authentication method and system based on finger vein recognition

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110601830A (en) * 2019-09-16 2019-12-20 腾讯科技(深圳)有限公司 Key management method, device, equipment and storage medium based on block chain
CN112035573A (en) * 2020-08-26 2020-12-04 深圳壹账通智能科技有限公司 Data processing method, device, node and storage medium based on block chain network

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20190132120A (en) * 2018-05-18 2019-11-27 주식회사 케이티 Simple login method and system using private domain name
CN112491549B (en) * 2020-12-08 2024-09-20 平安国际智慧城市科技股份有限公司 Data information encryption verification method, system and computer readable storage medium
CN112738051B (en) * 2020-12-24 2023-12-01 深圳赛安特技术服务有限公司 Data information encryption method, system and computer readable storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110601830A (en) * 2019-09-16 2019-12-20 腾讯科技(深圳)有限公司 Key management method, device, equipment and storage medium based on block chain
CN112035573A (en) * 2020-08-26 2020-12-04 深圳壹账通智能科技有限公司 Data processing method, device, node and storage medium based on block chain network

Also Published As

Publication number Publication date
CN113449338A (en) 2021-09-28

Similar Documents

Publication Publication Date Title
CN115225268B (en) Using Elliptic Curve Cryptography for Personal Device Security to Share Secrets
CN113449338B (en) Information encryption storage method and system based on blockchain
US10284372B2 (en) Method and system for secure management of computer applications
US8694467B2 (en) Random number based data integrity verification method and system for distributed cloud storage
CN110138739B (en) Data information encryption method and device, computer equipment and storage medium
CN111428254B (en) Key storage method, device, equipment and storage medium
CN110378139A (en) A kind of data key guard method, system and electronic equipment and storage medium
CN113688399A (en) Firmware digital signature protection method and device, computer equipment and storage medium
CN112738051B (en) Data information encryption method, system and computer readable storage medium
CN116866029B (en) Random number encryption data transmission method, device, computer equipment and storage medium
CN110401615A (en) An identity authentication method, device, equipment, system and readable storage medium
CN112469036A (en) Message encryption and decryption method and device, mobile terminal and storage medium
CN113610526A (en) Data trust method and device, electronic equipment and storage medium
WO2019196866A1 (en) Anonymization processing method, apparatus and device, and storage medium
WO2020140626A1 (en) Salt-based data possession verification method and terminal device
US20120017086A1 (en) Information security transmission system
CN112733180A (en) Data query method and device and electronic equipment
CN109474616B (en) Multi-platform data sharing method and device and computer readable storage medium
CN114443718A (en) A data query method and system
CN114329546A (en) File encryption method and device, and file decryption method
CN111294359B (en) Pressure testing method, pressure testing device, computer equipment and storage medium
US8995653B2 (en) Generating a secret key from an asymmetric private key
CN114143098B (en) Data storage method and data storage device
US10057054B2 (en) Method and system for remotely keyed encrypting/decrypting data with prior checking a token
CN118199992B (en) Data encryption method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20240624

Address after: Room 520, 5th Floor, Building 3, Courtyard 2, Binyu East Road, Tongzhou District, Beijing, 101100

Applicant after: Youlai (Beijing) Technology Co.,Ltd.

Country or region after: China

Address before: Floor 15, no.1333, Lujiazui Ring Road, pilot Free Trade Zone, Pudong New Area, Shanghai

Applicant before: Weikun (Shanghai) Technology Service Co.,Ltd.

Country or region before: China

GR01 Patent grant
GR01 Patent grant
PP01 Preservation of patent right

Effective date of registration: 20250922

Granted publication date: 20240726