[go: up one dir, main page]

CN111221569B - Document updating method and server - Google Patents

Document updating method and server Download PDF

Info

Publication number
CN111221569B
CN111221569B CN202010014151.8A CN202010014151A CN111221569B CN 111221569 B CN111221569 B CN 111221569B CN 202010014151 A CN202010014151 A CN 202010014151A CN 111221569 B CN111221569 B CN 111221569B
Authority
CN
China
Prior art keywords
homomorphic
updated
subfiles
sub
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010014151.8A
Other languages
Chinese (zh)
Other versions
CN111221569A (en
Inventor
田新雪
肖征荣
马书惠
杨子文
董慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202010014151.8A priority Critical patent/CN111221569B/en
Publication of CN111221569A publication Critical patent/CN111221569A/en
Application granted granted Critical
Publication of CN111221569B publication Critical patent/CN111221569B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/73Program documentation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Library & Information Science (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a document updating method and a server, wherein the method comprises the following steps: generating homomorphic calculation functions and homomorphic parameters according to content information to be updated, wherein the content information to be updated is obtained by comparing an original document with the document to be updated; determining the identification of a sub-file to be updated according to the content information to be updated, wherein the sub-file to be updated is a file to be updated in the divided sub-file, and the divided sub-file is a file obtained by dividing an original document; generating an updated parameter according to a homomorphic calculation function, a parameter encryption result and an identifier and a number corresponding to a sub-file to be updated, wherein the parameter encryption result is obtained by homomorphic encryption of the homomorphic parameter by adopting a homomorphic encryption public key; and sending the update parameters to the blockchain network so that the storage node server updates the split subfiles stored by the storage node server according to the update parameters. The working efficiency is improved, and the waste of resources is avoided.

Description

文档更新方法和服务器Document update method and server

技术领域technical field

本发明涉及计算机应用技术领域,具体涉及一种文档更新方法和服务器。The invention relates to the technical field of computer applications, in particular to a document update method and server.

背景技术Background technique

软件文档或者源代码文档是指与软件系统及其软件工程过程有关联的文本。软件文档的类型包括软件需求文档,设计文档,测试文档和用户手册等。其中的需求文档、设计文档和测试文档一般是在软件开发过程中由开发者撰写的,而用户手册等非过程类文档是由专门的非技术类写作人员撰写的。软件文档能提高软件开发的效率,保证软件的质量,而且在软件的使用过程中能够指导、帮助开发人员对软件进行更新,同时,在软件更新及测试的过程中,对应的软件文档也需要同步更新。Software documentation or source code documentation refers to the text associated with a software system and its software engineering process. Types of software documentation include software requirements documents, design documents, test documents, and user manuals, etc. Among them, requirements documents, design documents and test documents are generally written by developers during the software development process, while non-process documents such as user manuals are written by specialized non-technical writers. Software documentation can improve the efficiency of software development, ensure the quality of software, and can guide and help developers update the software during the use of the software. At the same time, in the process of software updating and testing, the corresponding software documentation also needs to be updated synchronously.

通常,在软件文档的更新过程中,都需要对软件文档的内容进行加密,以保证更新内容的安全性;而在对加密后的软件文档的内容进行再次更新时,必须重新上传该软件文档的全部内容至服务器,对于只需更新部分章节的软件文档,这样操作就降低了工作效率,同时也造成了资源的浪费。Usually, during the updating process of the software documentation, the content of the software documentation needs to be encrypted to ensure the security of the updated content; and when the content of the encrypted software documentation is updated again, the entire content of the software documentation must be re-uploaded to the server. For software documentation that only needs to update some chapters, this operation reduces work efficiency and also causes a waste of resources.

发明内容Contents of the invention

为此,本发明提供一种文档更新方法和服务器,以解决现有技术中由于对加密后的软件文档的内容进行再次更新时,必须重新将软件文档的全部内容上传至服务器而导致的工作效率低下、浪费资源的问题。Therefore, the present invention provides a document update method and server to solve the problems of low work efficiency and waste of resources in the prior art due to the need to re-upload the entire content of the software document to the server when the content of the encrypted software document is updated again.

为了实现上述目的,本发明第一方面提供一种文档更新方法,方法包括:依据待更新内容信息生成同态计算函数和同态参数,待更新内容信息为对比原始文档和待更新文档获得的信息;依据待更新内容信息确定待更新子文件的标识,待更新子文件是分割子文件中待更新的文件,分割子文件是对原始文档进行分割获得的文件;依据同态计算函数、参数加密结果、待更新子文件对应的标识和编号,生成更新参数,参数加密结果是采用同态加密公钥对同态参数进行同态加密获得的结果;发送更新参数至区块链网络中,以使存储节点服务器根据更新参数更新存储节点服务器存储的分割子文件。In order to achieve the above object, the first aspect of the present invention provides a document updating method, the method includes: generating a homomorphic calculation function and a homomorphic parameter based on the content information to be updated, the content information to be updated is the information obtained by comparing the original document and the document to be updated; determining the identification of the subfile to be updated according to the content information to be updated, the subfile to be updated is the file to be updated in the split subfile, and the split subfile is a file obtained by dividing the original document; the update parameter is generated according to the homomorphic calculation function, the parameter encryption result, and the identification and number corresponding to the subfile to be updated. The key is the result obtained by homomorphically encrypting the homomorphic parameters; sending the update parameters to the blockchain network, so that the storage node server can update the split sub-files stored by the storage node server according to the update parameters.

在一些实施方式中,在根据待更新内容信息生成同态计算函数步骤之前,还包括:对原始文档进行分割,获得N个分割子文件,并为分割子文件分配对应的标识和编号,N为大于或等于1的整数;建立N个分割子文件与哈希树结构除根节点外所有叶子节点之间的映射关系;采用同态加密公钥分别对N个分割子文件进行同态加密,并将获得的N个加密后的分割子文件传送至区块链网络中,以使存储节点服务器存储分割子文件,同态加密公钥是根据同态密钥生成算法生成的秘钥。In some implementations, before the step of generating the homomorphic calculation function according to the content information to be updated, it also includes: dividing the original document, obtaining N divided sub-files, and assigning corresponding identifiers and numbers for the divided sub-files, N being an integer greater than or equal to 1; establishing a mapping relationship between the N divided sub-files and all leaf nodes of the hash tree structure except the root node; using a homomorphic encryption public key to perform homomorphic encryption on the N divided sub-files, and transferring the obtained N encrypted divided sub-files to the blockchain network, so that the storage node server stores the divided sub-files file, the homomorphic encryption public key is a secret key generated according to the homomorphic key generation algorithm.

在一些实施方式中,在发送更新参数至区块链网络中,以使存储节点服务器根据更新参数更新存储节点服务器存储的分割子文件步骤之后,还包括:从区块链网络中,获取到存储节点服务器存储的分割子文件、分割子文件对应的编号和分割子文件对应的哈希树的叶子节点的值;将叶子节点的值根据编号依次相加,获得加和结果,编号是连续的数字;使用同态加密私钥对加和结果进行同态解密,获得更新后的文档,同态加密私钥是根据同态密钥生成算法生成的秘钥。In some implementations, after sending the update parameters to the blockchain network so that the storage node server updates the split sub-files stored by the storage node server according to the update parameters, it further includes: obtaining from the blockchain network the split sub-files stored by the storage node server, the numbers corresponding to the split sub-files, and the values of the leaf nodes of the hash tree corresponding to the split sub-files; adding the values of the leaf nodes in sequence according to the numbers to obtain the addition result, and the numbers are continuous numbers; The key is a secret key generated according to the homomorphic key generation algorithm.

在一些实施方式中,哈希树的根节点的值是将哈希树包括的所有叶子节点的值相加获得的值,叶子节点的值是使用同态加密公钥对分割子文件进行同态加密获得的值,且,叶子节点的值是将其下属的所有子叶子节点的值按照编号顺序依次相加获得的值。In some implementations, the value of the root node of the hash tree is the value obtained by adding the values of all the leaf nodes included in the hash tree, the value of the leaf node is the value obtained by homomorphically encrypting the sub-files using the homomorphic encryption public key, and the value of the leaf node is the value obtained by sequentially adding the values of all the child leaf nodes under it in order of number.

在一些实施方式中,依据待更新内容信息生成同态计算函数步骤,包括:根据待更新内容信息生成同态计算函数和同态参数,同态计算函数和同态参数满足如下规则:使用同态计算函数,对分割子文件和对应的同态参数进行计算,获得与分割子文件对应的待更新子文件。In some embodiments, the step of generating a homomorphic calculation function according to the content information to be updated includes: generating a homomorphic calculation function and a homomorphic parameter according to the content information to be updated, the homomorphic calculation function and the homomorphic parameter satisfy the following rules: use the homomorphic calculation function to calculate the split sub-file and the corresponding homomorphic parameter, and obtain the sub-file to be updated corresponding to the split sub-file.

为了实现上述目的,本发明第二方面提供一种文档更新方法,方法包括:从区块链网络中获取到用户节点服务器发送的更新参数,更新参数包括同态计算函数、参数加密结果,待更新子文件对应的标识和编号,参数加密结果是用户节点服务器采用同态加密公钥对待更新子文件对应的同态参数进行同态加密获得的结果,待更新子文件是分割子文件中待更新的文件,分割子文件是对原始文档进行分割获得的文件;根据同态加密计算函数,对更新参数进行计算,获得待更新子文件;根据标识和编号,使用待更新子文件更新本地存储的分割子文件。In order to achieve the above object, the second aspect of the present invention provides a method for updating a document. The method includes: obtaining the update parameters sent by the user node server from the blockchain network. The update parameters include a homomorphic calculation function, a parameter encryption result, and the identification and number corresponding to the subfile to be updated. The parameter encryption result is the result obtained by the user node server using a homomorphic encryption public key to perform homomorphic encryption on the homomorphic parameters corresponding to the subfile to be updated. The subfile to be updated is the file to be updated in the split subfile. Perform calculations to obtain subfiles to be updated; use the subfiles to be updated to update the split subfiles stored locally according to the identifier and number.

在一些实施方式中,根据同态加密计算函数,对更新参数进行计算,获得待更新子文件步骤,包括:根据同态加密计算函数对更新参数进行计算,获得计算结果;采样同态加密私钥,对计算结果进行同态解密,获得待更新子文件,同态加密私钥是根据同态密钥生成算法生成的秘钥。In some implementations, the step of calculating the update parameters according to the homomorphic encryption calculation function to obtain the subfile to be updated includes: calculating the update parameter according to the homomorphic encryption calculation function to obtain a calculation result; sampling the homomorphic encryption private key, and performing homomorphic decryption on the calculation result to obtain the subfile to be updated. The homomorphic encryption private key is a secret key generated according to a homomorphic key generation algorithm.

在一些实施方式中,在从区块链网络中获取到用户节点服务器发送的更新参数步骤之前,还包括:从区块链网络中获取到用户节点服务器发送的N个加密后的分割子文件,加密后的分割子文件是用户节点服务器采用同态加密公钥对分割子文件进行同态加密获得的文件,且N个分割子文件与除根节点外的哈希树的所有叶子节点之间存在映射关系,N为大于或等于1的整数;分别对N个加密后的分割子文件进行同态解密,对应获得N个分割子文件;根据存储空间的容量,从N个分割子文件中选择M个分割子文件存储至本地,存储空间的容量大于文件存储容量,文件存储容量是将M个分割子文件的文件大小相加获得的容量,M为大于或等于1的整数,且M小于或等于N。In some embodiments, before obtaining the update parameter step sent by the user node server from the blockchain network, it also includes: obtaining from the blockchain network N encrypted split sub-files sent by the user node server, the encrypted split sub-files are files obtained by the user node server using a homomorphic encryption public key to homomorphically encrypt the split sub-files, and there is a mapping relationship between the N split sub-files and all leaf nodes of the hash tree except the root node, and N is an integer greater than or equal to 1; perform homomorphic decryption on the N encrypted split sub-files respectively , to obtain N split sub-files; according to the capacity of the storage space, select M split sub-files from the N split sub-files and store them locally. The capacity of the storage space is greater than the file storage capacity.

为了实现上述目的,本发明第三方面提供一种用户节点服务器,包括:函数生成模块,用于根据待更新内容信息生成同态计算函数和同态参数,待更新内容信息为对比原始文档和待更新文档获得的信息;确定模块,用于根据待更新内容信息确定待更新子文件的标识,待更新子文件是分割子文件中待更新的文件,分割子文件是对原始文档进行分割获得的文件;更新参数生成模块,用于依据同态计算函数、参数加密结果、待更新子文件对应的标识和编号,生成更新参数,参数加密结果是采用同态加密公钥对同态参数进行同态加密获得的结果;In order to achieve the above object, the third aspect of the present invention provides a user node server, including: a function generation module, which is used to generate a homomorphic calculation function and a homomorphic parameter according to the content information to be updated. The content information to be updated is information obtained by comparing the original document and the document to be updated; a determination module, which is used to determine the identification of the subfile to be updated according to the content information to be updated. , to generate update parameters, and the parameter encryption result is the result obtained by homomorphically encrypting the homomorphic parameters with the homomorphic encryption public key;

发送模块,用于发送更新参数至区块链网络中,以使存储节点服务器根据更新参数更新存储节点服务器存储的分割子文件。The sending module is configured to send the update parameter to the block chain network, so that the storage node server updates the split sub-file stored by the storage node server according to the update parameter.

为了实现上述目的,本发明第四方面提供一种存储节点服务器,包括:获取模块,用于从区块链网络中获取到用户节点服务器发送的更新参数,更新参数包括同态计算函数、参数加密结果,待更新子文件对应的标识和编号,参数加密结果是用户节点服务器采用同态加密公钥对待更新子文件对应的同态参数进行同态加密获得的结果,待更新子文件是分割子文件中待更新的文件,分割子文件是对原始文档进行分割获得的文件;计算模块,用于根据同态加密计算函数,对更新参数进行计算,获得待更新子文件;更新模块,用于根据标识和编号,使用待更新子文件更新本地存储的分割子文件。In order to achieve the above object, the fourth aspect of the present invention provides a storage node server, including: an acquisition module, which is used to obtain the update parameters sent by the user node server from the blockchain network. The update parameters include a homomorphic calculation function, a parameter encryption result, and an identification and number corresponding to the subfile to be updated. The parameter encryption result is the result obtained by the user node server using a homomorphic encryption public key to perform homomorphic encryption on the homomorphic parameters corresponding to the subfile to be updated. The subfile to be updated is the file to be updated in the split subfile. The encryption calculation function calculates the update parameters to obtain the sub-file to be updated; the update module is used to update the locally stored split sub-file with the sub-file to be updated according to the identifier and number.

本发明具有如下优点:通过对比原始文档和待更新文档,获得待更新内容信息,使得能够根据待更新内容信息生成同态计算函数和同态参数,再依据待更新内容信息确定待更新子文件的标识,将同态计算函数、采用同态加密公钥对同态参数进行同态加密获得的参数加密结果、待更新子文件的标识和对应的编号作为更新参数发送至区块链网络中,使得存储节点服务器能够接收到该更新参数,并根据该更新参数更新对应的分割子文件,避免了将待更新文档的全部内容都上传至服务器才能更新原始文档,只需更新存储节点服务器存储的待更新子文件就可以完成对原始文档的更新,提高了工作效率,避免资源的浪费。The present invention has the following advantages: by comparing the original document and the document to be updated, the content information to be updated is obtained, so that the homomorphic calculation function and the homomorphic parameter can be generated according to the content information to be updated, and then the identification of the sub-file to be updated is determined according to the content information to be updated, and the homomorphic calculation function, the parameter encryption result obtained by homomorphic encryption of the homomorphic parameter using the homomorphic encryption public key, the identification of the sub-file to be updated and the corresponding number are sent to the blockchain network as update parameters, so that the storage node server can receive the update parameter, and update the corresponding split sub-file according to the update parameter, avoiding The original document can only be updated by uploading all the content of the document to be updated to the server, and the update of the original document can be completed only by updating the sub-file to be updated stored on the storage node server, which improves work efficiency and avoids waste of resources.

附图说明Description of drawings

附图是用来提供对本发明的进一步理解,并且构成说明书的一部分,与下面的具体实施方式一起用于解释本发明,但并不构成对本发明的限制。The accompanying drawings are used to provide a further understanding of the present invention, and constitute a part of the description, together with the following specific embodiments, are used to explain the present invention, but do not constitute a limitation to the present invention.

图1为本发明第一实施方式中提供的一种文档更新方法流程图。Fig. 1 is a flowchart of a document updating method provided in the first embodiment of the present invention.

图2为本发明第二实施方式中提供的一种文档更新方法流程图。Fig. 2 is a flowchart of a document updating method provided in the second embodiment of the present invention.

图3为本发明第三实施方式中提供的一种文档更新方法流程图。Fig. 3 is a flowchart of a document updating method provided in the third embodiment of the present invention.

图4为本发明第四实施方式中提供的一种基于区块链技术的文档更新方法流程图。Fig. 4 is a flow chart of a document updating method based on blockchain technology provided in the fourth embodiment of the present invention.

图5为本发明第五实施方式中提供的一种采用Markle哈希树的文档更新方法流程图。FIG. 5 is a flowchart of a document update method using a Markle hash tree provided in the fifth embodiment of the present invention.

图6为本发明第五实施方式中提供的Markle哈希树的分支结构图。FIG. 6 is a branch structure diagram of the Markle hash tree provided in the fifth embodiment of the present invention.

图7为本发明第六实施方式中提供的一种用户节点服务器的组成方框图。Fig. 7 is a block diagram of a user node server provided in the sixth embodiment of the present invention.

图8为本发明第七实施方式中提供的一种存储节点服务器的组成方框图。FIG. 8 is a block diagram of a storage node server provided in a seventh embodiment of the present invention.

在附图中:In the attached picture:

4010:用户节点服务器 4020:存储节点服务器4010: user node server 4020: storage node server

4021:存储节点服务器A 4022:存储节点服务器B4021: storage node server A 4022: storage node server B

701:生成模块 702:确定模块701: generate module 702: determine module

703:发送模块 801:获取模块703: send module 801: get module

802:计算模块 803:更新模块802: Calculation module 803: Update module

具体实施方式Detailed ways

以下结合附图对本发明的具体实施方式进行详细说明。应当理解的是,此处所描述的具体实施方式仅用于说明和解释本发明,并不用于限制本发明。Specific embodiments of the present invention will be described in detail below in conjunction with the accompanying drawings. It should be understood that the specific embodiments described here are only used to illustrate and explain the present invention, and are not intended to limit the present invention.

本发明的第一实施方式涉及一种文档更新方法。用于提高文档更新的效率,避免资源的浪费。The first embodiment of the present invention relates to a document updating method. It is used to improve the efficiency of document updating and avoid waste of resources.

下面对本实施方式中的文档更新方法的实现细节进行具体的说明,以下内容仅为方便理解本方案的实现细节,并非实施本方案的必须。The implementation details of the document update method in this embodiment will be described in detail below. The following content is only for the convenience of understanding the implementation details of the solution, and is not necessary for implementing the solution.

图1为本实施方式中的文档更新方法的流程图,该方法可用于用户节点服务器。该方法可包括如下步骤。FIG. 1 is a flow chart of a document updating method in this embodiment, which can be used in a user node server. The method may include the following steps.

在步骤101中,依据待更新内容信息生成同态计算函数和同态参数。In step 101, a homomorphic calculation function and homomorphic parameters are generated according to the content information to be updated.

其中,待更新内容信息为对比原始文档和待更新文档获得的信息。Wherein, the content information to be updated is information obtained by comparing the original document and the document to be updated.

例如,需要将原始文档c更新为待更新文档c+时,对比原始文档c和待更新文档c+,可获知待更新内容信息包括原始文档c的第一章和第四章的内容,则依据第一章和第四章的内容,生成同态计算函数f和同态参数ca。具体实现时,其中的同态计算函数f和同态参数ca满足如下关系:f(c,ca)=c+。即使用同态计算函数f,对原始文件c和对应的同态参数ca进行计算,可获得与该原始文档c对应的待更新文档c+。For example, when it is necessary to update the original document c to the document c+ to be updated, compare the original document c and the document c+ to be updated, and know that the content information to be updated includes the contents of the first chapter and the fourth chapter of the original document c, then generate the homomorphic calculation function f and the homomorphic parameter ca according to the contents of the first chapter and the fourth chapter. During specific implementation, the homomorphic calculation function f and the homomorphic parameter ca satisfy the following relationship: f(c, ca)=c+. That is, using the homomorphic calculation function f to calculate the original document c and the corresponding homomorphic parameter ca, the document c+ to be updated corresponding to the original document c can be obtained.

在步骤102中,依据待更新内容信息确定待更新子文件的标识。In step 102, the identification of the sub-file to be updated is determined according to the content information to be updated.

其中,待更新子文件是分割子文件中待更新的文件,分割子文件是对原始文档进行分割获得的文件。例如,将原始文档A分割为5份,即可获得5个分割子文件:A1、A2、A3、A4和A5。若依据待更新内容信息确定需要更新分割子文件A2和分割子文件A3,则待更新子文件即为分割子文件A2和分割子文件A3,对应的待更新子文件的标识就是A2和A3。Wherein, the sub-file to be updated is a file to be updated in the split sub-file, and the split sub-file is a file obtained by splitting the original document. For example, if the original document A is divided into 5 parts, 5 divided sub-files can be obtained: A1, A2, A3, A4 and A5. If it is determined according to the content information to be updated that the split sub-file A2 and the split sub-file A3 need to be updated, then the sub-file to be updated is the split sub-file A2 and the split sub-file A3, and the identifiers of the corresponding sub-files to be updated are A2 and A3.

在步骤103中,依据同态计算函数、参数加密结果、待更新子文件对应的标识和编号,生成更新参数。In step 103, an update parameter is generated according to the homomorphic calculation function, the parameter encryption result, and the identification and number corresponding to the subfile to be updated.

需要说明的是,参数加密结果是采用同态加密公钥对同态参数进行同态加密获得的结果,其中的同态加密公钥是根据同态密钥生成算法生成的秘钥。It should be noted that the result of parameter encryption is the result of homomorphic encryption of homomorphic parameters using a homomorphic encryption public key, where the homomorphic encryption public key is a secret key generated according to a homomorphic key generation algorithm.

在步骤104中,发送更新参数至区块链网络。In step 104, update parameters are sent to the blockchain network.

当区块链网络中的存储节点服务器通过区块链网络获取到用户节点服务器发送的更新参数时,会根据该更新参数更新存储节点服务器存储的分割子文件。使得存储节点服务器上存储的分割子文件是最新的子文件,方便后续用户节点获取最新的子文件。When the storage node server in the blockchain network obtains the update parameter sent by the user node server through the blockchain network, it will update the split sub-file stored by the storage node server according to the update parameter. The split sub-file stored on the storage node server is the latest sub-file, which is convenient for subsequent user nodes to obtain the latest sub-file.

在一些实施方式中,根据待更新内容信息生成同态计算函数和同态参数,同态计算函数和同态参数满足如下规则:使用同态计算函数,对分割子文件和对应的同态参数进行计算,获得与分割子文件对应的待更新子文件。In some implementations, a homomorphic calculation function and a homomorphic parameter are generated according to the content information to be updated, and the homomorphic calculation function and the homomorphic parameter meet the following rules: use the homomorphic calculation function to calculate the split sub-file and the corresponding homomorphic parameter, and obtain the sub-file to be updated corresponding to the split sub-file.

例如,分割子文件A1对应的同态参数是ca1,分割子文件A2对应的同态参数是ca2,则使用同态计算函数f对分割子文件A1对应的同态参数是ca1,获得待更新子文件A1+,即满足以下关系:f(A1,ca1)=A1+;同样地,使用同态计算函数f对分割子文件A2对应的同态参数是ca2,获得待更新子文件A2+,也需满足以下关系:f(A2,ca2)=A2+。For example, the homomorphic parameter corresponding to the split sub-file A1 is ca1, and the corresponding homomorphic parameter of the split sub-file A2 is ca2, then the homomorphic parameter corresponding to the split sub-file A1 is ca1 using the homomorphic calculation function f, and the sub-file A1+ to be updated is obtained, which satisfies the following relationship: f(A1, ca1)=A1+; similarly, using the homomorphic calculation function f to split the corresponding homomorphic parameter of the sub-file A2 is ca2, and obtaining the sub-file A2+ to be updated also needs to satisfy the following relationship: f(A2 , ca2)=A2+.

在本实施方式中,通过对比原始文档和待更新文档,获得待更新内容信息,使得能够根据待更新内容信息生成同态计算函数和同态参数,再依据待更新内容信息确定待更新子文件的标识,将同态计算函数、采用同态加密公钥对同态参数进行同态加密获得的参数加密结果、待更新子文件的标识和对应的编号作为更新参数发送至区块链网络中,使得存储节点服务器能够接收到该更新参数,并根据该更新参数更新对应的分割子文件,避免了将待更新文档的全部内容都上传至服务器才能更新原始文档,只需更新存储节点服务器存储的待更新子文件就可以完成对原始文档的更新,提高了工作效率,避免资源的浪费。In this embodiment, the content information to be updated is obtained by comparing the original document with the document to be updated, so that the homomorphic calculation function and homomorphic parameters can be generated according to the content information to be updated, and then the identity of the sub-file to be updated is determined according to the content information to be updated, and the homomorphic calculation function, the parameter encryption result obtained by homomorphic encryption of the homomorphic parameter using the homomorphic encryption public key, the identification of the sub-file to be updated and the corresponding number are sent to the blockchain network as update parameters, so that the storage node server can receive the update parameter, and update the corresponding split sub-file according to the update parameter, avoiding The original document can only be updated by uploading all the content of the document to be updated to the server, and the update of the original document can be completed only by updating the sub-file to be updated stored on the storage node server, which improves work efficiency and avoids waste of resources.

本发明的第二实施方式涉及一种文档更新方法。第二实施方式与第一实施方式大致相同,主要区别之处在于:建立Markle哈希树来与各个分割子文档之间的映射关系,提高更新文档的更新效率。The second embodiment of the present invention relates to a document updating method. The second embodiment is roughly the same as the first embodiment, the main difference is that: a Markle hash tree is established to map each segmented sub-document, so as to improve the update efficiency of the updated document.

图2为本实施方式中文档更新方法的流程图,该方法可用于用户节点服务器。该方法可包括如下步骤。Fig. 2 is a flow chart of the document update method in this embodiment, which can be used in the user node server. The method may include the following steps.

在步骤201中,对原始文档进行分割,获得N个分割子文件,并为分割子文件分配对应的标识和编号。In step 201, the original document is segmented to obtain N segmented sub-files, and corresponding identifiers and numbers are assigned to the segmented sub-files.

其中,N为大于或等于1的整数。例如,对原始文档C进行分割,分割为n个分割子文件,对应获得每个分割子文件的标识和分割编号:C1、C2、C3、……、Cn,并且C=C1+C2+C3+…+Cn。Wherein, N is an integer greater than or equal to 1. For example, the original document C is divided into n divided sub-files, and the identifier and division number of each divided sub-file are correspondingly obtained: C1, C2, C3, ..., Cn, and C=C1+C2+C3+...+Cn.

在步骤202中,建立N个分割子文件与哈希树结构除根节点外所有叶子节点之间的映射关系。In step 202, a mapping relationship between N split sub-files and all leaf nodes except the root node of the hash tree structure is established.

需要说明的是,其中的映射关系包括:哈希树的根节点的值是将哈希树包括的所有叶子节点的值相加获得的值,叶子节点的值是使用同态加密公钥对分割子文件进行同态加密获得的值,且,叶子节点的值是将其下属的所有子叶子节点的值按照编号顺序依次相加获得的值。It should be noted that the mapping relationship includes: the value of the root node of the hash tree is the value obtained by adding the values of all the leaf nodes included in the hash tree, the value of the leaf node is the value obtained by homomorphically encrypting the sub-files using the homomorphic encryption public key, and the value of the leaf node is the value obtained by adding the values of all child leaf nodes under it in sequence according to the numbering order.

例如,原始文档C被分成n个分割子文件,对应获得每个分割子文件的标识和分割编号:C1、C2、C3、……、Cn,并且C=C1+C2+C3+…+Cn。在该Markle哈希树中,Markle哈希树的每个叶子节点的值是使用同态加密公钥对对应的分割子文件进行同态加密获得的值,例如,每个叶子节点分别对应记录了Enc(C1)、Enc(C2)、Enc(C3)…Enc(Cn),其中,Enc(C1)表示用户节点服务器4010使用同态加密公钥对分割子文件C1进行同态加密的值,Enc(C2)表示用户节点服务器4010使用同态加密公钥对分割子文件C2进行同态加密的值,Enc(C3)表示用户节点服务器4010使用同态加密公钥对分割子文件C3进行同态加密的值,……,Enc(Cn)表示用户节点服务器4010使用同态加密公钥对分割子文件Cn进行同态加密的值。并且,该Markle哈希树的根节点的值是将Markle哈希树包括的所有叶子节点的值(即Enc(C1)、Enc(C2)、Enc(C3)…Enc(Cn))相加获得的值,任何一个叶子节点的值是将其下属的所有子叶子节点的值按照分割编号顺序依次相加获得的值。For example, the original document C is divided into n split sub-files, correspondingly obtain the identifier and split number of each split sub-file: C1, C2, C3, ..., Cn, and C=C1+C2+C3+...+Cn. In the Markle hash tree, the value of each leaf node of the Markle hash tree is the value obtained by homomorphically encrypting the corresponding split sub-files using the homomorphic encryption public key. For example, each leaf node corresponds to record Enc (C1), Enc (C2), Enc (C3) ... Enc (Cn), wherein, Enc (C1) represents the value that the user node server 4010 performs homomorphic encryption on the split sub-file C1 using the homomorphic encryption public key, and Enc (C2) represents the value of the user node server 4 010 uses the homomorphic encryption public key to carry out the value of homomorphic encryption to the split sub-file C2, Enc (C3) represents the value that the user node server 4010 uses the homomorphic encryption public key to carry out homomorphic encryption to the split sub-file C3, ..., Enc (Cn) represents the value that the user node server 4010 uses the homomorphic encryption public key to carry out homomorphic encryption to the split sub-file Cn. And, the value of the root node of the Markle hash tree is the value obtained by adding the values of all leaf nodes included in the Markle hash tree (i.e. Enc(C1), Enc(C2), Enc(C3)...Enc(Cn)), and the value of any leaf node is the value obtained by adding the values of all sub-leaf nodes under it in sequence according to the division number order.

在步骤203中,采用同态加密公钥分别对N个分割子文件进行同态加密,并将获得的N个加密后的分割子文件传送至区块链网络。In step 203, the homomorphic encryption is performed on the N split sub-files respectively by using the homomorphic encryption public key, and the obtained N encrypted split sub-files are transmitted to the blockchain network.

当区块链网络至的存储节点服务器,从区块链网络中获取到用户节点服务器发送的N个加密后的分割子文件后,会根据自己的本地存储空间大小,选择其中的一个或者多个分割子文件进行存储。When the storage node server connected to the blockchain network obtains N encrypted split sub-files sent by the user node server from the blockchain network, it will select one or more split sub-files according to the size of its own local storage space for storage.

例如,N等于7时,即用户节点服务器将原始文档C分割为7个不同的分割子文件,分别是B1、B2、B3、B4、B5、B6和B7:第一存储节点服务器可能选择分割子文件B1、B2和B3进行存储;第二存储节点服务器可能选择分割子文件B4、B5、B6和B7进行存储。For example, when N is equal to 7, the user node server divides the original document C into seven different sub-files, namely B1, B2, B3, B4, B5, B6, and B7: the first storage node server may select the sub-files B1, B2, and B3 for storage; the second storage node server may select the sub-files B4, B5, B6, and B7 for storage.

在步骤204中,依据待更新内容信息生成同态计算函数和同态参数。In step 204, a homomorphic calculation function and homomorphic parameters are generated according to the content information to be updated.

在步骤205中,依据待更新内容信息确定待更新子文件的标识。In step 205, the identification of the sub-file to be updated is determined according to the content information to be updated.

在步骤206中,依据同态计算函数、参数加密结果、待更新子文件对应的标识和编号,生成更新参数。In step 206, an update parameter is generated according to the homomorphic calculation function, the parameter encryption result, and the identification and number corresponding to the subfile to be updated.

在步骤207中,发送更新参数至区块链网络。In step 207, update parameters are sent to the blockchain network.

需要说明的是,本实施例中的步骤204~207,与第一实施方式中的步骤101~104的内容相同,在此不再赘述。It should be noted that steps 204 to 207 in this embodiment are the same as steps 101 to 104 in the first embodiment, and will not be repeated here.

在一个具体实现中,在步骤207之后,还可以包括:从区块链网络中,获取到存储节点服务器存储的分割子文件、分割子文件对应的编号和分割子文件对应的哈希树的叶子节点的值;将叶子节点的值根据编号依次相加,获得加和结果,编号是连续的数字;使用同态加密私钥对加和结果进行同态解密,获得更新后的文档,同态加密私钥是根据同态密钥生成算法生成的秘钥。In a specific implementation, after step 207, it may further include: obtaining from the blockchain network the split sub-file stored by the storage node server, the number corresponding to the split sub-file, and the value of the leaf node of the hash tree corresponding to the split sub-file; adding the values of the leaf nodes in sequence according to the number to obtain the sum result, and the number is a continuous number; using the homomorphic encryption private key to perform homomorphic decryption on the sum result to obtain an updated document. The homomorphic encryption private key is a secret key generated according to a homomorphic key generation algorithm.

当用户节点服务器在完成了一次或多次文档的更新后,希望获取到最新的文档时,会根据分割子文件与哈希树之间的映射关系,从区块链网络中的各个存储节点服务器上,下载每一个存储节点服务器存储的最新的分割子文件分割子文件对应的编号和分割子文件对应的哈希树的叶子节点的值;然后将所有的连续编号一次相加,获得该哈希树的根节点的值,该根节点的值与最新的文档相对应,则只需对该根节点的值进行处理,例如,使用同态加密私钥对该根节点的值进行同态解密,即可获得最新的文档。When the user node server completes one or more document updates and wants to obtain the latest document, it will download the latest split subfile number corresponding to the split subfile and the leaf node value of the hash tree corresponding to the split subfile stored by each storage node server from each storage node server in the blockchain network according to the mapping relationship between the split subfile and the hash tree; then add all the consecutive numbers once to obtain the value of the root node of the hash tree. , for example, use the homomorphic encrypted private key to homomorphically decrypt the value of the root node to obtain the latest document.

具体获取更新文档时,也可以只获取原始文档更新最多的几个章节,或用户需求的对应的章节。例如,若需要更新原始文档的第1章和第8章,第1章对应的分割子文件为C3、C4、C5,第8章对应的分割子文件为C26、C27,那么用户节点服务器4010就需要对这两章内容进行分别处理,每个章节组成一个独立的小Markle哈希树,这两棵Markle哈希树的根节点的值分别是Enc(C3+)+Enc(C4+)+Enc(C5+)和Enc(C26+)+Enc(C27+),然后用户节点服务器4010使用自己的同态加密私钥进行计算,获得Dec(Enc(C3+)+Enc(C4+)+Enc(C5+)),即可得到第1章的最新文档。同样地,用户节点服务器4010使用自己的同态加密私钥进行计算,获得Dec(Enc(C26+)+Enc(C27+)),即可得到第8章的最新文档。When obtaining the updated document specifically, it is also possible to obtain only the most updated chapters of the original document, or the corresponding chapters required by the user. For example, if it is necessary to update Chapter 1 and Chapter 8 of the original document, the corresponding split sub-files of Chapter 1 are C3, C4, and C5, and the corresponding split sub-files of Chapter 8 are C26 and C27, then the user node server 4010 needs to process the contents of these two chapters separately, and each chapter forms an independent small Markle hash tree. The values of the root nodes of these two Markle hash trees are respectively Enc(C3+)+Enc(C4+)+Enc(C5+) and Enc(C5+) 26+)+Enc(C27+), and then the user node server 4010 uses its own homomorphic encryption private key to calculate and obtain Dec(Enc(C3+)+Enc(C4+)+Enc(C5+)), and the latest document of Chapter 1 can be obtained. Similarly, the user node server 4010 uses its own homomorphic encryption private key to calculate and obtain Dec(Enc(C26+)+Enc(C27+)), and then the latest document of Chapter 8 can be obtained.

在本实施方式中,通过根据哈希树的结构,将分割子文件与哈希树中除根节点外所有叶子节点之间建立映射关系,使得用户节点服务器能够根据哈希树更快捷的找到待更新子文件,加快了文档更新的速度,提高了工作效率,避免资源的浪费。使得用户在获取最新文档时,能够更快捷方便,提升用户体验度。In this embodiment, according to the structure of the hash tree, a mapping relationship is established between the split sub-file and all leaf nodes in the hash tree except the root node, so that the user node server can find the sub-file to be updated more quickly according to the hash tree, speed up the document update speed, improve work efficiency, and avoid waste of resources. This enables users to obtain the latest documents more quickly and conveniently, improving user experience.

本发明的第三实施方式涉及一种文档更新方法。图3为本实施方式中文档更新方法的流程图,该方法可用于存储节点服务器。该方法可包括如下步骤。The third embodiment of the present invention relates to a document updating method. FIG. 3 is a flow chart of the document update method in this embodiment, which can be used for storage node servers. The method may include the following steps.

在步骤301中,从区块链网络中获取到用户节点服务器发送的更新参数。In step 301, the update parameters sent by the user node server are obtained from the blockchain network.

其中,更新参数包括同态计算函数、参数加密结果,待更新子文件对应的标识和编号,参数加密结果是用户节点服务器采用同态加密公钥对待更新子文件对应的同态参数进行同态加密获得的结果,待更新子文件是分割子文件中待更新的文件,分割子文件是对原始文档进行分割获得的文件。Among them, the update parameters include the homomorphic calculation function, the parameter encryption result, the identification and number corresponding to the subfile to be updated, the parameter encryption result is the result obtained by the user node server using the homomorphic encryption public key to perform homomorphic encryption on the homomorphic parameters corresponding to the subfile to be updated, the subfile to be updated is the file to be updated in the split subfile, and the split subfile is the file obtained by splitting the original document.

在步骤302中,根据同态加密计算函数,对更新参数进行计算,获得待更新子文件。In step 302, the update parameters are calculated according to the homomorphic encryption calculation function to obtain the sub-file to be updated.

在一些实施方式中,根据同态加密计算函数对更新参数进行计算,获得计算结果;采样同态加密私钥,对计算结果进行同态解密,获得待更新子文件,同态加密私钥是根据同态密钥生成算法生成的秘钥。In some embodiments, the update parameters are calculated according to the homomorphic encryption calculation function to obtain the calculation result; the homomorphic encryption private key is sampled, and the calculation result is subjected to homomorphic decryption to obtain the sub-file to be updated. The homomorphic encryption private key is a secret key generated according to the homomorphic key generation algorithm.

需要说明的是,存储节点服务器所使用的同态加密私钥,与用户节点服务器所使用的的同态加密公钥是对应的,只有对应的存储节点服务器才能获取到用户节点服务器发送的更新参数,进而获得待更新子文件,提升文件信息在传输过程中的安全性。It should be noted that the homomorphic encryption private key used by the storage node server corresponds to the homomorphic encryption public key used by the user node server. Only the corresponding storage node server can obtain the update parameters sent by the user node server, and then obtain the sub-file to be updated, which improves the security of file information during transmission.

在步骤303中,根据标识和编号,使用待更新子文件更新本地存储的分割子文件。In step 303, according to the identifier and number, the subfile to be updated is used to update the locally stored split subfile.

需要说明的是,每个存储节点服务器都只获取与其本地存储的分割子文件的标识和编号一致的待更新子文件,使得待更新子文件能够在存储节点服务器上能够被更新,方便用户节点服务器快捷的获取到最新的分割子文件。例如,依据分割子文件C3的标识和分割编号,存储节点服务器会查找本地存储的分割子文件,获得与该标识和分割编号一致的分割子文件,再将存储节点服务器本地存储的分割子文件C3更新为待更新子文件C3+。It should be noted that each storage node server only obtains subfiles to be updated that are consistent with the identification and number of the split subfiles stored locally, so that the subfiles to be updated can be updated on the storage node server, which is convenient for the user node server to quickly obtain the latest split subfiles. For example, according to the identification and division number of the division sub-file C3, the storage node server will search for the division sub-file stored locally, obtain the division sub-file consistent with the identification and division number, and then update the division sub-file C3 locally stored in the storage node server to the sub-file C3+ to be updated.

在本实施方式中,通过存储节点服务器从区块链网络中获取到用户节点服务器发送的更新参数,使用同态加密计算函数对更新参数进行计算,获得待更新子文件,进而根据该待更新子文件对应的标识和编号,查找本地存储的分割子文件,使用待更新子文件更新本地存储的分割子文件,保证存储的分割子文件都是最新的,方便用户节点服务器在更新文档时,能够快速的获取到最新的文档,提高工作效率,提升用户体验度。In this embodiment, the storage node server obtains the update parameters sent by the user node server from the blockchain network, uses the homomorphic encryption calculation function to calculate the update parameters, and obtains the subfile to be updated, and then according to the identification and number corresponding to the subfile to be updated, finds the locally stored split subfile, uses the subfile to be updated to update the locally stored split subfile, and ensures that the stored split subfiles are all up-to-date, so that the user node server can quickly obtain the latest document when updating the document.

在一些实施方式中,在步骤301之前,还可以包括如下步骤:In some embodiments, before step 301, the following steps may also be included:

在步骤3011中,从区块链网络中获取到用户节点服务器发送的N个加密后的分割子文件。In step 3011, N encrypted sub-files sent by the user node server are obtained from the block chain network.

其中,加密后的分割子文件是用户节点服务器采用同态加密公钥对分割子文件进行同态加密获得的文件,且N个分割子文件与除根节点外的哈希树的所有叶子节点之间存在映射关系,N为大于或等于1的整数;Wherein, the encrypted split sub-file is a file obtained by performing homomorphic encryption on the split sub-file by the user node server using a homomorphic encryption public key, and there is a mapping relationship between N split sub-files and all leaf nodes of the hash tree except the root node, and N is an integer greater than or equal to 1;

在步骤3012中,分别对N个加密后的分割子文件进行同态解密,对应获得N个分割子文件。In step 3012, perform homomorphic decryption on the N encrypted sub-files respectively, and obtain N corresponding sub-files.

在步骤3013中,根据存储空间的容量,从N个分割子文件中选择M个分割子文件存储至本地,In step 3013, according to the capacity of the storage space, select M split sub-files from the N split sub-files and store them locally,

其中,存储空间的容量大于文件存储容量,文件存储容量是将M个分割子文件的文件大小相加获得的容量,M为大于或等于1的整数,且M小于或等于N。例如,某个存储节点服务器的存储空间的容量是30M,当该存储节点服务器从区块链网络中获取到多个分割子文件时,可能获取到如下大小的分割子文件,5M的分割子文件C1、15M的分割子文件C2、10M的分割子文件C3、20M的分割子文件C4等等,但该存储节点服务器最多只能存储30M大小的文件,因此,该存储节点服务器选择分割子文件C1、分割子文件C2和分割子文件C3进行存储,舍弃了分割子文件C4等其他分割子文件。Wherein, the capacity of the storage space is larger than the file storage capacity, and the file storage capacity is the capacity obtained by adding the file sizes of M divided sub-files, M is an integer greater than or equal to 1, and M is less than or equal to N. For example, the storage capacity of a certain storage node server is 30M. When the storage node server obtains multiple sub-files from the blockchain network, it may obtain sub-files of the following sizes: 5M sub-file C1, 15M sub-file C2, 10M sub-file C3, 20M sub-file C4, etc., but the storage node server can only store files with a maximum size of 30M. Therefore, the storage node server chooses sub-file C1, sub-file C2 and sub-file C 3 is stored, and other split sub-files such as the split sub-file C4 are discarded.

在本实施方式中,通过对N个加密后的分割子文件进行同态解密,对应获得N个分割子文件,进而根据存储节点服务器自身的存储空间的容量,选择合适的分割子文件进行存储,保证分割子文件的完整性,方便用户节点服务器灵活的获取对应的分割子文件,提升文档更新的速度,提高工作效率。In this embodiment, by performing homomorphic decryption on N encrypted sub-files, N corresponding sub-files are obtained, and then according to the capacity of the storage node server's own storage space, an appropriate sub-file is selected for storage to ensure the integrity of the sub-files.

本发明的第四实施方式涉及一种文档更新方法。图4为本实施方式中基于区块链技术的文档更新方法流程图。当文档的大小不超过预设阈值时,则不对文档进行分割,即分割子文件的个数是1。具体地,通过用户节点服务器4010和存储节点服务器4020组成文档更新系统,并且该文档更新系统通过区块链网络来进行通信。文档更新步骤如下。A fourth embodiment of the present invention relates to a document updating method. Fig. 4 is a flow chart of a document update method based on blockchain technology in this embodiment. When the size of the document does not exceed the preset threshold, the document is not divided, that is, the number of divided sub-files is 1. Specifically, the document update system is composed of the user node server 4010 and the storage node server 4020, and the document update system communicates through the block chain network. Document update steps are as follows.

在步骤401中,用户节点服务器4010根据同态密钥生成算法生成同态加密公钥和同态加密私钥。例如,假设该文档为c。用户节点服务器4010准备好文档c后,对该文档c进行同态加密,获得文档c的同态加密结果Enc(c)。In step 401, the user node server 4010 generates a homomorphic encryption public key and a homomorphic encryption private key according to a homomorphic key generation algorithm. For example, suppose the document is c. After the user node server 4010 prepares the document c, it performs homomorphic encryption on the document c to obtain the homomorphic encryption result Enc(c) of the document c.

在步骤402中,用户节点服务器4010使用自己的区块链私钥对Enc(c)进行签名,并将签名后的Enc(c)广播到区块链网络中。In step 402, the user node server 4010 signs Enc(c) with its own blockchain private key, and broadcasts the signed Enc(c) to the blockchain network.

在步骤403中,当用户节点服务器4010需要将该文档c更新为文档c+时,对比文档c和文档c+,获得待更新内容信息,再根据该待更新内容信息生成同态计算函数f和同态参数ca,该生成同态计算函数f和同态参数ca满足如下关系:f(c,ca)=c+。即使用同态计算函数f,对原文档c和对应的同态参数ca进行计算,可获得更新后的文档c+。In step 403, when the user node server 4010 needs to update the document c to document c+, compare the document c and document c+ to obtain the content information to be updated, and then generate a homomorphic calculation function f and a homomorphic parameter ca according to the content information to be updated. The generated homomorphic calculation function f and the homomorphic parameter ca satisfy the following relationship: f(c, ca)=c+. That is, use the homomorphic calculation function f to calculate the original document c and the corresponding homomorphic parameter ca to obtain the updated document c+.

在步骤404中,用户节点服务器4010根据文档c的标识、同态计算函数f和同态加密结果Enc(ca),生成更新参数。然后使用用户节点服务器4010的区块链私钥对该更新参数进行签名,并发送签名后的更新参数到区块链网络中。In step 404, the user node server 4010 generates update parameters according to the identification of the document c, the homomorphic computation function f and the homomorphic encryption result Enc(ca). Then use the block chain private key of the user node server 4010 to sign the update parameters, and send the signed update parameters to the block chain network.

其中,同态加密结果Enc(ca)是用户节点服务器4010对同态参数ca进行同态加密获得的结果。Wherein, the homomorphic encryption result Enc(ca) is the result obtained by the user node server 4010 performing homomorphic encryption on the homomorphic parameter ca.

在步骤405中,存储文档c的存储节点服务器4020在接收到步骤404中发送的签名后的更新参数后,对该签名的私钥进行验证,在验证通过后,存储节点服务器4020使用同态加密计算函数对更新参数进行处理,获得并存储计算结果至本地,即存储文档c++至本地。In step 405, after receiving the signed update parameters sent in step 404, the storage node server 4020 storing document c verifies the private key of the signature. After the verification is passed, the storage node server 4020 uses a homomorphic encryption calculation function to process the update parameters, obtains and stores the calculation results locally, that is, stores document c++ locally.

其中,同态加密计算函数可表示为c++=Evaluate(f,Enc(c),Enc(ca);其中,f表示同态计算函数,Enc(c)表示对文档c进行同态加密获得的结果,Enc(ca)表示对同态参数ca进行同态加密获得的结果,ca表示同态参数,c++表示存储在存储节点服务器4020上的更新后的文档。Wherein, the homomorphic encryption computing function can be expressed as c++=Evaluate(f, Enc(c), Enc(ca); wherein, f represents the homomorphic computing function, Enc(c) represents the result obtained by performing homomorphic encryption on the document c, Enc(ca) represents the result obtained by performing homomorphic encryption on the homomorphic parameter ca, ca represents the homomorphic parameter, and c++ represents the updated document stored on the storage node server 4020.

在步骤406中,当用户节点服务器4010想从区块链网络中获取更新后的文档时,可从存储节点服务器4020上将文档c++下载到用户节点服务器4010本地,然后,使用同态解密算法函数对文档c++进行计算,获得Dec(c++),由于同态加密的特点,c++应该等于Enc(c+),Dec(c++)应该等于c+;即可获得更新后的文档c+。In step 406, when the user node server 4010 wants to obtain an updated document from the blockchain network, it can download the document c++ from the storage node server 4020 to the local user node server 4010, and then use the homomorphic decryption algorithm function to calculate the document c++ to obtain Dec(c++). Due to the characteristics of homomorphic encryption, c++ should be equal to Enc(c+), and Dec(c++) should be equal to c+; the updated document c+ can be obtained.

在本实施方式中,通过对比原始文档和待更新文档,获得待更新内容信息,使得能够根据待更新内容信息生成同态计算函数和同态参数,再依据待更新内容信息确定待更新子文件的标识,将同态计算函数、采用同态加密公钥对同态参数进行同态加密获得的参数加密结果、待更新子文件的标识和对应的编号作为更新参数发送至区块链网络中,使得存储节点服务器能够接收到该更新参数,并根据该更新参数更新对应的分割子文件,避免了将待更新文档的全部内容都上传至服务器才能更新原始文档,只需更新存储节点服务器存储的待更新子文件就可以完成对原始文档的更新,提高了工作效率,避免资源的浪费。In this embodiment, the content information to be updated is obtained by comparing the original document with the document to be updated, so that the homomorphic calculation function and homomorphic parameters can be generated according to the content information to be updated, and then the identity of the sub-file to be updated is determined according to the content information to be updated, and the homomorphic calculation function, the parameter encryption result obtained by homomorphic encryption of the homomorphic parameter using the homomorphic encryption public key, the identification of the sub-file to be updated and the corresponding number are sent to the blockchain network as update parameters, so that the storage node server can receive the update parameter, and update the corresponding split sub-file according to the update parameter, avoiding The original document can only be updated by uploading all the content of the document to be updated to the server, and the update of the original document can be completed only by updating the sub-file to be updated stored on the storage node server, which improves work efficiency and avoids waste of resources.

本发明的第五实施方式涉及一种文档更新方法。图5为采用Markle哈希树的文档更新方法流程图。当文档的大小超过了预设阈值时,则对文档进行分割,获得N个分割子文件,并建立Markle哈希树与N个分割子文件之间的映射关系,提升文档更新的效率。具体地,通过用户节点服务器4010、存储节点服务器A4021和存储节点服务器B4022等多个存储节点服务器组成文档更新系统,并且该文档更新系统通过区块链网络来进行通信。文档更新步骤如下。A fifth embodiment of the present invention relates to a document updating method. Fig. 5 is a flowchart of a document updating method using a Markle hash tree. When the size of the document exceeds the preset threshold, the document is divided to obtain N divided sub-files, and the mapping relationship between the Markle hash tree and the N divided sub-files is established to improve the efficiency of document updating. Specifically, multiple storage node servers such as user node server 4010, storage node server A4021, and storage node server B4022 form a document update system, and the document update system communicates through a blockchain network. Document update steps are as follows.

在步骤501中,用户节点服务器4010根据同态密钥生成算法生成同态加密公钥和同态加密私钥,例如,假设该文档为C,用户节点服务器4010将文档C通过Markle哈希树进行碎片化获得N个分割子文件。In step 501, the user node server 4010 generates a homomorphic encryption public key and a homomorphic encryption private key according to a homomorphic key generation algorithm. For example, assuming that the document is C, the user node server 4010 fragments the document C through a Markle hash tree to obtain N split sub-files.

例如,图6为Markle哈希树的分支结构图,其中,文档C被分成n个分割子文件,对应获得每个分割子文件的标识和分割编号:C1、C2、C3、……、Cn,并且C=C1+C2+C3+…+Cn。在该Markle哈希树中,Markle哈希树的每个叶子节点的值是使用同态加密公钥对对应的分割子文件进行同态加密获得的值,例如,每个叶子节点分别对应记录了Enc(C1)、Enc(C2)、Enc(C3)…Enc(Cn),其中,Enc(C1)表示用户节点服务器4010使用同态加密公钥对分割子文件C1进行同态加密的值,Enc(C2)表示用户节点服务器4010使用同态加密公钥对分割子文件C2进行同态加密的值,Enc(C3)表示用户节点服务器4010使用同态加密公钥对分割子文件C3进行同态加密的值,……,Enc(Cn)表示用户节点服务器4010使用同态加密公钥对分割子文件Cn进行同态加密的值。并且,该Markle哈希树的根节点的值是将Markle哈希树包括的所有叶子节点的值(即Enc(C1)、Enc(C2)、Enc(C3)…Enc(Cn))相加获得的值,任何一个叶子节点的值是将其下属的所有子叶子节点的值按照分割编号顺序依次相加获得的值。For example, Fig. 6 is a branch structure diagram of a Markle hash tree, wherein the document C is divided into n split sub-files, correspondingly obtaining the identification and split number of each split sub-file: C1, C2, C3, ..., Cn, and C=C1+C2+C3+...+Cn. In the Markle hash tree, the value of each leaf node of the Markle hash tree is the value obtained by homomorphically encrypting the corresponding split sub-files using the homomorphic encryption public key. For example, each leaf node corresponds to record Enc (C1), Enc (C2), Enc (C3) ... Enc (Cn), wherein, Enc (C1) represents the value that the user node server 4010 performs homomorphic encryption on the split sub-file C1 using the homomorphic encryption public key, and Enc (C2) represents the value of the user node server 4 010 uses the homomorphic encryption public key to carry out the value of homomorphic encryption to the split sub-file C2, Enc (C3) represents the value that the user node server 4010 uses the homomorphic encryption public key to carry out homomorphic encryption to the split sub-file C3, ..., Enc (Cn) represents the value that the user node server 4010 uses the homomorphic encryption public key to carry out homomorphic encryption to the split sub-file Cn. And, the value of the root node of the Markle hash tree is the value obtained by adding the values of all leaf nodes included in the Markle hash tree (i.e. Enc(C1), Enc(C2), Enc(C3)...Enc(Cn)), and the value of any leaf node is the value obtained by adding the values of all sub-leaf nodes under it in sequence according to the division number order.

在步骤502中,用户节点服务器4010使用自己的区块链私钥分别对Enc(C1)、Enc(C2)、Enc(C3)…Enc(Cn)进行签名,获得并发送签名后的Enc(C1)、签名后的Enc(C2)、签名后的Enc(C3)、……签名后的Enc(Cn)到区块链网络中。In step 502, the user node server 4010 uses its own blockchain private key to sign Enc(C1), Enc(C2), Enc(C3)...Enc(Cn) respectively, obtain and send signed Enc(C1), signed Enc(C2), signed Enc(C3),...signed Enc(Cn) to the blockchain network.

在步骤503中,存储节点服务器A4021和存储节点服务器B4022分别接收到502步骤中的各个签名后的并经过同态加密的分割子文件C1、C2、C3、……、Cn,然后对分别对签名后的Enc(c1)、签名后的Enc(c2)、签名后的Enc(c3)、……签名后的Enc(cn)的私钥签名进行验证,如果验证通过,再根据自己的本地存储空间大小,选择其中的一个或者多个分割子文件进行存储。In step 503, the storage node server A4021 and the storage node server B4022 respectively receive the homomorphically encrypted split sub-files C1, C2, C3, ..., Cn after each signature in step 502, and then verify the private key signatures of the signed Enc (c1), signed Enc (c2), signed Enc (c3), ... signed Enc (cn), and if the verification is passed, then according to the size of their local storage space , select one or more split sub-files for storage.

例如,n等于7,存储节点服务器A4021选择分割子文件C1、C2、C3进行存储;存储节点服务器B4022选择分割子文件C4、C5、C6、C7进行存储。For example, when n is 7, the storage node server A4021 selects the split subfiles C1, C2, and C3 for storage; the storage node server B4022 selects the split subfiles C4, C5, C6, and C7 for storage.

在步骤504中,当用户节点服务器4010需要将文档C更新为文档C+时,将文档C+与步骤501中的各个分割子文件C1、C2、C3、……、Cn进行对比,得知更新的部分只涉及到分割子文件C3和C6,只需将分割子文件C3更新为待更新子文件C3+,将分割子文件C6更新为待更新子文件C6+即可。用户节点服务器4010根据分割子文件C3和待更新子文件C3+之间的差别,以及分割子文件C6和待更新子文件C6+之间的差别,生成同态计算函数f和同态参数ca,该同态计算函数f和同态参数ca满足以下关系:f(C3,ca3)=C3+;f(C6,ca6)=C6+。In step 504, when the user node server 4010 needs to update document C to document C+, it compares document C+ with each divided sub-file C1, C2, C3, ..., Cn in step 501, and learns that the updated part only involves the divided sub-files C3 and C6, and only needs to update the divided sub-file C3 to the sub-file C3+ to be updated, and update the divided sub-file C6 to the sub-file C6+ to be updated. The user node server 4010 generates a homomorphic calculation function f and a homomorphic parameter ca according to the difference between the split subfile C3 and the subfile C3+ to be updated, and the difference between the split subfile C6 and the subfile C6+ to be updated. The homomorphic calculation function f and the homomorphic parameter ca satisfy the following relationship: f(C3, ca3)=C3+; f(C6, ca6)=C6+.

在步骤505中,用户节点服务器4010将同态参数ca3和同态参数ca6分别进行同态加密,获得同态加密结果Enc(ca3)和Enc(ca6),后,根据同态计算函数f、Enc(ca3)、文档分割子文件C3的标识和分割编号生成第一更新参数,再使用用户节点服务器4010自己的区块链私钥对该第一更新参数进行签名,发送签名后的第一更新参数到区块链网络中;同时,根据同态计算函数f、Enc(ca6)、分割子文件C6的标识和分割子文件的分割编号生成第二更新参数,再使用用户节点服务器4010自己的区块链私钥对该第二更新参数进行签名,发送签名后的第二更新参数到区块链网络中。使得存储了分割子文件C3和分割子文件C6的存储节点服务器能够分别获取到第一更新参数和第二更新参数。In step 505, the user node server 4010 performs homomorphic encryption on the homomorphic parameter ca3 and the homomorphic parameter ca6 respectively to obtain the homomorphic encryption results Enc (ca3) and Enc (ca6). Afterwards, the first update parameter is generated according to the homomorphic calculation function f, Enc (ca3), the identification of the document segmentation sub-file C3 and the segmentation number, and then the user node server 4010 uses its own block chain private key to sign the first update parameter, and sends the signed first update parameter to the blockchain network; State calculation function f, Enc (ca6), the identification of the split sub-file C6 and the split number of the split sub-file generate the second update parameter, then use the block chain private key of the user node server 4010 to sign the second update parameter, and send the signed second update parameter to the block chain network. The storage node server storing the split sub-file C3 and the split sub-file C6 can obtain the first update parameter and the second update parameter respectively.

在步骤506中,存储节点服务器A4021从区块链网络中获取到经过用户节点服务器4010的私钥签名后的第一更新参数,首先会对第一更新参数的私钥签名进行验证。在验证通过时,获得第一更新参数,即同态计算函数f、Enc(ca3)、分割子文件C3的标识和分割编号;然后,会运行同态加密计算函数C3++=Evaluate(f,Enc(C3),Enc(ca3)进行计算,获得待更新子文件C3++,然后,使用同态解密算法函数对待更新子文件C3++进行计算,获得Dec(C3++),由于同态加密的特点,C3++应该等于Enc(C3+),Dec(C3++)应该等于C3+;即可获得更新后的待更新子文件C3+;依据分割子文件C3的标识和分割编号,将本地存储的分割子文件C3更新为待更新子文件C3+。In step 506, the storage node server A4021 obtains the first update parameter signed by the private key of the user node server 4010 from the blockchain network, and first verifies the private key signature of the first update parameter. When the verification is passed, obtain the first update parameter, i.e. homomorphic calculation function f, Enc (ca3), the identification and the segmentation number of the sub-file C3; then, the homomorphic encryption calculation function C3++=Evaluate (f, Enc (C3), Enc (ca3) can be run to calculate, obtain the sub-file C3 ++ to be updated, then, use the homomorphic decryption algorithm function to calculate the sub-file C3 ++ to be updated, and obtain Dec (C3 ++), due to the characteristics of homomorphic encryption, C3 ++ should be equal to Enc ( C3+), Dec(C3++) should be equal to C3+; the updated sub-file C3+ to be updated can be obtained; according to the identification and the segmentation number of the split sub-file C3, the locally stored split sub-file C3 is updated to the sub-file C3+ to be updated.

同时,存储节点服务器B4022从区块链网络中获取到经过用户节点服务器4010的私钥签名后的第二更新参数,首先会对第二更新参数的私钥签名进行验证。在验证通过时,获得第二更新参数,即同态计算函数f、Enc(ca6)、分割子文件C6的标识和分割编号;然后,会运行同态加密计算函数C6++=Evaluate(f,Enc(C6),Enc(ca6)进行计算,获得待更新子文件C6++,然后,使用同态解密算法函数对待更新子文件C6++进行计算,获得Dec(C6++),由于同态加密的特点,C6++应该等于Enc(C6+),Dec(C6++)应该等于C6+;即可获得更新后的待更新子文件C6+;依据分割子文件C6的标识和分割编号,将本地存储的分割子文件C6更新为待更新子文件C6+。At the same time, the storage node server B 4022 obtains the second updated parameter signed by the private key of the user node server 4010 from the blockchain network, and first verifies the private key signature of the second updated parameter. When the verification is passed, obtain the second update parameter, i.e. homomorphic calculation function f, Enc (ca6), the identification and the segmentation number of the sub-file C6; then, the homomorphic encryption calculation function C6++=Evaluate (f, Enc (C6), Enc (ca6) can be run to calculate, obtain the sub-file C6 ++ to be updated, then use the homomorphic decryption algorithm function to calculate the sub-file C6 ++ to be updated, and obtain Dec (C6 ++), due to the characteristics of homomorphic encryption, C6 ++ should be equal to Enc ( C6+), Dec(C6++) should be equal to C6+; the updated sub-file C6+ to be updated can be obtained; according to the identification and the segmentation number of the split sub-file C6, the locally stored split sub-file C6 is updated to the sub-file C6+ to be updated.

在步骤507中,当该用户节点服务器4010想从区块链网络中获取更新后的文档时,用户节点服务器4010可以从不同的存储节点服务器来获取所有分割子文件的经过同态加密的存储值。然后,将这些存储值按照Markle哈希树的叶子节点的规律来排列,依次相加,得到整个Markle哈希树的根节点的值;用户节点服务器4010利用自己的同态加密私钥对根节点的值进行同态解密,得到最新的文档。In step 507, when the user node server 4010 wants to obtain updated documents from the blockchain network, the user node server 4010 can obtain the homomorphically encrypted storage values of all split sub-files from different storage node servers. Then, arrange these stored values according to the rules of the leaf nodes of the Markle hash tree, and add them up sequentially to obtain the value of the root node of the entire Markle hash tree; the user node server 4010 uses its own homomorphic encryption private key to perform homomorphic decryption on the value of the root node to obtain the latest document.

同样的,若用户节点服务器4010只需要更新原始文档的几个章节(例如,原始文档的前100页,或更新第三章和第六章等),则只需依据分割子文件的标识和分割编号,从区块链网络中的各个存储节点服务器上,下载需要更新的文档部分,然后将这些待更新子文件按照Markle树的组合方式进行组合,即可获得需要更新的文档章节。Similarly, if the user node server 4010 only needs to update a few chapters of the original document (for example, the first 100 pages of the original document, or update chapters 3 and 6, etc.), it only needs to download the document parts to be updated from each storage node server in the block chain network according to the identification and division number of the divided sub-files, and then combine these sub-files to be updated according to the combination of Markle trees to obtain the document chapters to be updated.

例如,更新后的文档的第三章存储在存储节点服务器A4021上,即分割子文件C3+;更新后的文档的第六章存储在存储节点服务器B4022上,即分割子文件C6+;则用户节点服务器4010只需要从存储节点服务器A4021上,下载获得分割子文件C3+;从存储节点服务器B4022上,下载获得分割子文件C6+。再依据分割子文件的标识和分割编号,对应的更新原始文档的章节即可。For example, the third chapter of the updated document is stored on the storage node server A4021, that is, the split sub-file C3+; the sixth chapter of the updated document is stored on the storage node server B4022, that is, the split sub-file C6+; then the user node server 4010 only needs to download the split sub-file C3+ from the storage node server A4021; download and obtain the split sub-file C6+ from the storage node server B4022. Then according to the identification and the division number of the division sub-file, the chapters of the original document can be updated correspondingly.

需要注意的是,若分割编号不是连续数字时,各个分割子文件的同态加密结果不可以直接相加,需要分别进行处理。例如,若需要更新原始文档的第1章和第12章,第1章对应的分割子文件为C3、C4、C5,第12章对应的分割子文件为C26、C27,那么用户节点服务器4010就需要对这两章内容进行分别处理,每个章节组成一个独立的小Markle哈希树,这两棵Markle哈希树的根节点的值分别是Enc(C3+)+Enc(C4+)+Enc(C5+)和Enc(C26+)+Enc(C27+),然后用户节点服务器4010使用自己的同态加密私钥进行计算,获得DeC(Enc(C3+)+Enc(C4+)+Enc(C5+)),即可得到第1章的最新文档。同样地,用户节点服务器4010使用自己的同态加密私钥进行计算,获得Dec(Enc(C26+)+Enc(C27+)),即可得到第12章的最新文档。It should be noted that if the split numbers are not consecutive numbers, the homomorphic encryption results of each split sub-file cannot be added directly, and need to be processed separately. For example, if Chapter 1 and Chapter 12 of the original document need to be updated, the sub-files corresponding to Chapter 1 are C3, C4, and C5, and the sub-files corresponding to Chapter 12 are C26 and C27, then the user node server 4010 needs to process the content of these two chapters separately, and each chapter forms an independent small Markle hash tree. (C26+)+Enc(C27+), and then the user node server 4010 uses its own homomorphic encryption private key to calculate and obtain DeC(Enc(C3+)+Enc(C4+)+Enc(C5+)), and then the latest document of Chapter 1 can be obtained. Similarly, the user node server 4010 uses its own homomorphic encryption private key to perform calculations to obtain Dec(Enc(C26+)+Enc(C27+)), and then the latest document of Chapter 12 can be obtained.

在本实施方式中,根据哈希树的结构,将分割子文件与哈希树中除根节点外所有叶子节点之间建立映射关系,使得用户节点服务器能够根据哈希树更快捷的找到待更新子文件,加快了文档更新的速度,提高了工作效率,避免资源的浪费。使得用户在获取最新文档时,能够更快捷方便,提升用户体验度。In this embodiment, according to the structure of the hash tree, a mapping relationship is established between the split sub-file and all leaf nodes in the hash tree except the root node, so that the user node server can find the sub-file to be updated more quickly according to the hash tree, speed up the document update speed, improve work efficiency, and avoid waste of resources. This enables users to obtain the latest documents more quickly and conveniently, improving user experience.

上面各种方法的步骤划分,只是为了描述清楚,实现时可以合并为一个步骤或者对某些步骤进行拆分,分解为多个步骤,只要包括相同的逻辑关系,都在本专利的保护范围内;对算法中或者流程中添加无关紧要的修改或者引入无关紧要的设计,但不改变其算法和流程的核心设计都在该专利的保护范围内。The division of the steps of the above methods is only for the sake of clarity. When implementing, they can be combined into one step or some steps can be split and decomposed into multiple steps. As long as they include the same logical relationship, they are all within the scope of protection of this patent; adding insignificant modifications to the algorithm or process or introducing insignificant designs, but not changing the core design of the algorithm and process are all within the scope of protection of this patent.

本发明的第六实施方式涉及一种用户节点服务器,该服务器的具体实施可参见第一实施方式的相关描述,重复之处不再赘述。值得说明的是,本实施方式中的服务器的具体实施也可参见第二实施方式的相关描述,还可以参见第四实施方式中的相关描述,但不局限于以上三个实施例,其他未说明的实施例也在本服务器的保护范围之内。The sixth embodiment of the present invention relates to a user node server. For the specific implementation of the server, reference may be made to the relevant description of the first embodiment, and repeated descriptions will not be repeated. It is worth noting that, for the specific implementation of the server in this embodiment, refer to the relevant descriptions of the second embodiment, and also refer to the relevant descriptions of the fourth embodiment, but it is not limited to the above three embodiments, and other undescribed embodiments are also within the scope of protection of this server.

如图7所示,该用户节点服务器主要包括:函数生成模块701用于根据待更新内容信息生成同态计算函数和同态参数,待更新内容信息为对比原始文档和待更新文档获得的信息;确定模块702用于根据待更新内容信息确定待更新子文件的标识,待更新子文件是分割子文件中待更新的文件,分割子文件是对原始文档进行分割获得的文件;更新参数生成模块703用于依据同态计算函数、参数加密结果、待更新子文件对应的标识和编号,生成更新参数,参数加密结果是采用同态加密公钥对同态参数进行同态加密获得的结果;发送模块704用于发送更新参数至区块链网络中,以使存储节点服务器根据更新参数更新存储节点服务器存储的分割子文件。As shown in Figure 7, the user node server mainly includes: a function generation module 701 is used to generate homomorphic calculation functions and homomorphic parameters according to the content information to be updated. The content information to be updated is information obtained by comparing the original document and the document to be updated; the determination module 702 is used to determine the identification of the subfile to be updated according to the content information to be updated. , to generate update parameters, and the result of parameter encryption is the result obtained by homomorphically encrypting the homomorphic parameters using the homomorphic encryption public key; the sending module 704 is used to send the update parameters to the blockchain network, so that the storage node server updates the split sub-files stored by the storage node server according to the update parameters.

本发明的第七实施方式涉及一种存储节点服务器,该服务器的具体实施可参见第三实施方式的相关描述,重复之处不再赘述。值得说明的是,本实施方式中的服务器的具体实施也可参见第四实施方式中的相关描述,但不局限于以上两个实施例,其他未说明的实施例也在本服务器的保护范围之内。The seventh embodiment of the present invention relates to a storage node server. For the specific implementation of the server, reference may be made to the relevant description of the third embodiment, and repeated descriptions will not be repeated. It is worth noting that, for the specific implementation of the server in this embodiment, refer to the relevant description in the fourth embodiment, but it is not limited to the above two embodiments, and other undescribed embodiments are also within the protection scope of this server.

如图8所示,该存储节点服务器主要包括:获取模块801用于从区块链网络中获取到用户节点服务器发送的更新参数,更新参数包括同态计算函数、参数加密结果,待更新子文件对应的标识和编号,参数加密结果是用户节点服务器采用同态加密公钥对待更新子文件进行同态加密获得的结果,待更新子文件是分割子文件中待更新的文件,分割子文件是对原始文档进行分割获得的文件;计算模块802用于根据同态计算函数,对参数加密结果进行计算,获得待更新子文件;更新模块803用于根据标识和编号,使用待更新子文件更新本地存储的分割子文件。As shown in Figure 8, the storage node server mainly includes: an acquisition module 801 used to obtain the update parameters sent by the user node server from the blockchain network. The update parameters include homomorphic calculation functions, parameter encryption results, and identification and numbers corresponding to the subfiles to be updated. The parameter encryption results are the results obtained by the user node server using the homomorphic encryption public key to perform homomorphic encryption on the subfiles to be updated. Perform calculations to obtain subfiles to be updated; the update module 803 is configured to use the subfiles to be updated to update locally stored split subfiles according to the identification and number.

值得一提的是,本实施方式中所涉及到的各模块均为逻辑模块,在实际应用中,一个逻辑单元可以是一个物理单元,也可以是一个物理单元的一部分,还可以以多个物理单元的组合实现。此外,为了突出本发明的创新部分,本实施方式中并没有将与解决本发明所提出的技术问题关系不太密切的单元引入,但这并不表明本实施方式中不存在其它的单元。It is worth mentioning that all the modules involved in this embodiment are logical modules. In practical applications, a logical unit can be a physical unit, or a part of a physical unit, or can be realized by a combination of multiple physical units. In addition, in order to highlight the innovative part of the present invention, units that are not closely related to solving the technical problems proposed by the present invention are not introduced in this embodiment, but this does not mean that there are no other units in this embodiment.

可以理解的是,以上实施方式仅仅是为了说明本发明的原理而采用的示例性实施方式,然而本发明并不局限于此。对于本领域内的普通技术人员而言,在不脱离本发明的精神和实质的情况下,可以做出各种变型和改进,这些变型和改进也视为本发明的保护范围。It can be understood that, the above embodiments are only exemplary embodiments adopted for illustrating the principle of the present invention, but the present invention is not limited thereto. For those skilled in the art, various modifications and improvements can be made without departing from the spirit and essence of the present invention, and these modifications and improvements are also regarded as the protection scope of the present invention.

Claims (9)

1. A method of document updating, the method comprising:
generating homomorphic calculation functions and homomorphic parameters according to content information to be updated, wherein the content information to be updated is obtained by comparing an original document with the document to be updated;
determining the identification of a sub-file to be updated according to the content information to be updated, wherein the sub-file to be updated is a file to be updated in a divided sub-file, and the divided sub-file is a file obtained by dividing an original document;
generating an update parameter according to the homomorphic calculation function, a parameter encryption result and the identifier and the number corresponding to the sub-file to be updated, wherein the parameter encryption result is obtained by homomorphic encryption of the homomorphic parameter by adopting a homomorphic encryption public key;
transmitting the update parameters to a blockchain network so that a storage node server updates the split subfiles stored by the storage node server according to the update parameters;
Before the step of generating the homomorphic calculation function according to the content information to be updated, the method further comprises the following steps:
dividing the original document to obtain N divided subfiles, and distributing corresponding identifiers and numbers for the divided subfiles, wherein N is an integer greater than or equal to 1;
establishing mapping relations between the N divided subfiles and all leaf nodes except a root node of the hash tree structure;
and carrying out homomorphic encryption on the N split sub-files respectively by adopting homomorphic encryption public keys, and transmitting the obtained N encrypted split sub-files to a blockchain network so as to enable a storage node server to store the split sub-files, wherein the homomorphic encryption public keys are secret keys generated according to a homomorphic key generation algorithm.
2. The method of claim 1, further comprising, after the step of sending update parameters to a blockchain network to cause a storage node server to update split subfiles stored by the storage node server according to the update parameters:
obtaining the split sub-file, the number corresponding to the split sub-file and the value of the leaf node of the hash tree corresponding to the split sub-file stored by a storage node server from a blockchain network;
Sequentially adding the values of the leaf nodes according to the numbers, and obtaining an addition result, wherein the numbers are continuous numbers;
and homomorphic decryption is carried out on the addition result by using a homomorphic encryption private key, so that an updated document is obtained, wherein the homomorphic encryption private key is a secret key generated according to a homomorphic key generation algorithm.
3. The method according to claim 2, wherein the value of the root node of the hash tree is a value obtained by adding values of all leaf nodes included in the hash tree, the value of the leaf node is a value obtained by homomorphic encrypting the split subfile using a homomorphic encryption public key, and the value of the leaf node is a value obtained by sequentially adding values of all cotyledon child nodes subordinate thereto in the order of numbers.
4. The method of claim 1, wherein the step of generating a homomorphic calculation function from the content information to be updated comprises:
generating homomorphic calculation functions and homomorphic parameters according to the content information to be updated, wherein the homomorphic calculation functions and the homomorphic parameters meet the following rules:
and calculating the split subfiles and the corresponding homomorphic parameters by using the homomorphic calculation function to obtain subfiles to be updated corresponding to the split subfiles.
5. A method of document updating, the method comprising:
the method comprises the steps that updating parameters sent by a user node server are obtained from a blockchain network, the updating parameters comprise homomorphic calculation functions and parameter encryption results, identifiers and numbers corresponding to subfiles to be updated, the parameter encryption results are obtained by homomorphic encryption of homomorphic parameters corresponding to subfiles to be updated by the user node server through homomorphic encryption public keys, the subfiles to be updated are files to be updated in segmentation subfiles, and the segmentation subfiles are files obtained by segmenting original documents;
calculating the update parameters according to homomorphic encryption calculation functions to obtain the subfiles to be updated;
updating the locally stored divided subfiles by using the subfiles to be updated according to the identification and the number;
wherein, before the step of generating the homomorphic calculation function, the method further comprises:
dividing the original document to obtain N divided subfiles, and distributing corresponding identifiers and numbers for the divided subfiles, wherein N is an integer greater than or equal to 1;
establishing mapping relations between the N divided subfiles and all leaf nodes except a root node of the hash tree structure;
And carrying out homomorphic encryption on the N split sub-files respectively by adopting homomorphic encryption public keys, and transmitting the obtained N encrypted split sub-files to a blockchain network so as to enable a storage node server to store the split sub-files, wherein the homomorphic encryption public keys are secret keys generated according to a homomorphic key generation algorithm.
6. The method according to claim 5, wherein the step of calculating the update parameter according to a homomorphic encryption calculation function to obtain the subfile to be updated comprises:
calculating the update parameters according to the homomorphic encryption calculation function to obtain a calculation result;
and sampling a homomorphic encryption private key, and homomorphic decrypting the calculation result to obtain the subfiles to be updated, wherein the homomorphic encryption private key is a secret key generated according to a homomorphic key generation algorithm.
7. The method according to claim 5 or 6, further comprising, prior to the step of obtaining the update parameters sent by the user node server from the blockchain network:
obtaining N encrypted split subfiles sent by the user node server from a blockchain network, wherein the encrypted split subfiles are files obtained by homomorphic encryption of the split subfiles by the user node server through homomorphic encryption public keys, and mapping relations exist between the N split subfiles and all leaf nodes of a hash tree except a root node, and N is an integer greater than or equal to 1;
Homomorphic decryption is carried out on the N encrypted divided sub-files respectively, and N divided sub-files are correspondingly obtained;
and selecting M divided subfiles from the N divided subfiles according to the capacity of a storage space, wherein the capacity of the storage space is larger than the file storage capacity, the file storage capacity is obtained by adding the file sizes of the M divided subfiles, M is an integer greater than or equal to 1, and M is smaller than or equal to N.
8. A user node server, comprising:
the function generation module is used for generating homomorphic calculation functions and homomorphic parameters according to content information to be updated, wherein the content information to be updated is obtained by comparing an original document with the document to be updated;
the determining module is used for determining the identification of the subfiles to be updated according to the content information to be updated, wherein the subfiles to be updated are files to be updated in the segmentation subfiles, and the segmentation subfiles are files obtained by segmenting the original document;
the updating parameter generating module is used for generating updating parameters according to the homomorphic calculation function, the parameter encryption result and the identifier and the number corresponding to the sub-file to be updated, wherein the parameter encryption result is obtained by homomorphic encrypting the homomorphic parameters by adopting a homomorphic encryption public key
The sending module is used for sending the update parameters to the blockchain network so that the storage node server updates the split subfiles stored by the storage node server according to the update parameters;
before the step of generating the homomorphic calculation function according to the content information to be updated, the method further comprises the following steps:
dividing the original document to obtain N divided subfiles, and distributing corresponding identifiers and numbers for the divided subfiles, wherein N is an integer greater than or equal to 1;
establishing mapping relations between the N divided subfiles and all leaf nodes except a root node of the hash tree structure;
and carrying out homomorphic encryption on the N split sub-files respectively by adopting homomorphic encryption public keys, and transmitting the obtained N encrypted split sub-files to a blockchain network so as to enable a storage node server to store the split sub-files, wherein the homomorphic encryption public keys are secret keys generated according to a homomorphic key generation algorithm.
9. A storage node server, comprising:
the system comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring update parameters sent by a user node server from a blockchain network, the update parameters comprise homomorphic calculation functions, parameter encryption results, identifiers and numbers corresponding to subfiles to be updated, the parameter encryption results are obtained by homomorphic encryption of homomorphic parameters corresponding to the subfiles to be updated by the user node server through homomorphic encryption public keys, the subfiles to be updated are files to be updated in segmentation subfiles, and the segmentation subfiles are files obtained by segmenting original documents;
The computing module is used for computing the updating parameters according to the homomorphic encryption computing function to obtain the subfiles to be updated;
the updating module is used for updating the locally stored divided subfiles by using the subfiles to be updated according to the identification and the number;
wherein, before the step of generating the homomorphic calculation function, the method further comprises:
dividing the original document to obtain N divided subfiles, and distributing corresponding identifiers and numbers for the divided subfiles, wherein N is an integer greater than or equal to 1;
establishing mapping relations between the N divided subfiles and all leaf nodes except a root node of the hash tree structure;
and carrying out homomorphic encryption on the N split sub-files respectively by adopting homomorphic encryption public keys, and transmitting the obtained N encrypted split sub-files to a blockchain network so as to enable a storage node server to store the split sub-files, wherein the homomorphic encryption public keys are secret keys generated according to a homomorphic key generation algorithm.
CN202010014151.8A 2020-01-07 2020-01-07 Document updating method and server Active CN111221569B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010014151.8A CN111221569B (en) 2020-01-07 2020-01-07 Document updating method and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010014151.8A CN111221569B (en) 2020-01-07 2020-01-07 Document updating method and server

Publications (2)

Publication Number Publication Date
CN111221569A CN111221569A (en) 2020-06-02
CN111221569B true CN111221569B (en) 2023-07-25

Family

ID=70831030

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010014151.8A Active CN111221569B (en) 2020-01-07 2020-01-07 Document updating method and server

Country Status (1)

Country Link
CN (1) CN111221569B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112686004B (en) * 2020-12-30 2023-04-11 海南大学 Block chain-based single-document multi-interface editing method
CN112929464B (en) * 2021-02-22 2022-06-24 中国电子信息产业集团有限公司第六研究所 Identification analysis method, device, system, dynamic adapter and readable storage medium
CN115470506B (en) * 2022-10-28 2023-03-10 山东华翼微电子技术股份有限公司 Homomorphic mapping-based secure file system implementation method

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110417781A (en) * 2019-07-30 2019-11-05 中国工商银行股份有限公司 File encryption management method, client and server based on block chain

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102196429B (en) * 2011-04-27 2014-08-06 暨南大学 Encrypted data fusion method for wireless sensor network
US8635465B1 (en) * 2012-03-28 2014-01-21 Emc Corporation Counter-based encryption of stored data blocks
CN105320899B (en) * 2014-07-22 2018-01-09 北京大学 A kind of user oriented cloud storage data completeness protection method
US9729312B2 (en) * 2015-04-28 2017-08-08 The United States Of America As Represented By The Secretary Of The Navy System and method for high-assurance data storage and processing based on homomorphic encryption
US10554385B2 (en) * 2015-09-04 2020-02-04 Nec Corporation Method for providing encrypted data in a database and method for searching on encrypted data
CN107770154B (en) * 2017-09-22 2019-08-27 中国科学院信息工程研究所 Blockchain reliable data storage method, terminal and system based on cloud storage
CN108777613A (en) * 2018-06-01 2018-11-09 杭州电子科技大学 The deblocking method for secure storing of heat transfer agent Virtual Service in Internet of Things
CN109615378B (en) * 2019-01-24 2021-06-15 上海点融信息科技有限责任公司 Block chain-based secure multi-party computing method and device and readable storage medium
CN109861829B (en) * 2019-03-15 2021-10-26 上海海事大学 Cloud data justice auditing system supporting dynamic updating and auditing method thereof
CN110276684B (en) * 2019-05-20 2021-04-23 创新先进技术有限公司 Receipt storage method and node combining transaction type and event function type
CN110390212B (en) * 2019-07-31 2021-09-24 中国工商银行股份有限公司 Supply monitoring method based on block chain and node device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110417781A (en) * 2019-07-30 2019-11-05 中国工商银行股份有限公司 File encryption management method, client and server based on block chain

Also Published As

Publication number Publication date
CN111221569A (en) 2020-06-02

Similar Documents

Publication Publication Date Title
KR102277289B1 (en) Blockchain World State Merkle Patricia Tree Subtree Configuration
CN111221569B (en) Document updating method and server
CN113572618A (en) Fabric and IPFS combined decentralized storage system and data storage method thereof
CN104735164A (en) Method and device for saving file information
CN112800445A (en) Boolean query method for forward and backward security and verifiability of ciphertext data
CN110175169B (en) Encrypted data deduplication method, system and related device
KR20020004828A (en) Device and method for updating code
CN115225409B (en) Cloud data safety duplicate removal method based on multi-backup joint verification
CN107592202A (en) Application signature method, apparatus, system, computing device and storage medium
EP2235651A2 (en) Distributed indexing of file content
US9886448B2 (en) Managing downloads of large data sets
CN113094334B (en) Digital service method, device, equipment and storage medium based on distributed storage
CN114186264A (en) Data random encryption and decryption method, device and system
JP2015526757A (en) Generation and verification of alternative data with a specific format
CN107094075A (en) A kind of data block dynamic operation method based on convergent encryption
Liu et al. Analysis of RIPEMD-160: new collision attacks and finding characteristics with MILP
CN109783456B (en) Deduplication structure construction method, deduplication method, file retrieval method, deduplication system
EP2286610B1 (en) Techniques for peforming symmetric cryptography
CN109831405B (en) File protection method and device on cloud platform
CN112732789A (en) Searchable encryption method based on block chain and electronic equipment
CN114428661A (en) Mirror image management method and device
CN117786751A (en) Symmetrical searchable encryption method, device, equipment and medium
CN117786742A (en) Document management system and method based on distributed control and blockchain
CN115510490A (en) Method, device, system and equipment for inquiring encrypted data shared by non-secret keys
CN113761585B (en) Data processing method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant