CN111639124B

CN111639124B - Secure time synchronization method, system, storage medium, program, smart device

Info

Publication number: CN111639124B
Application number: CN202010357196.5A
Authority: CN
Inventors: 樊凯; 杨韩哲; 孙士礼; 黄沛; 史泽宇; 史一杰; 李晖
Original assignee: Xidian University
Current assignee: Xidian University
Priority date: 2020-04-29
Filing date: 2020-04-29
Publication date: 2023-02-24
Anticipated expiration: 2040-04-29
Also published as: CN111639124A

Abstract

The invention belongs to the technical field of information processing of the Internet of Things, discloses a safe time synchronization method, system, storage medium, program, and intelligent equipment, and uses decentralized blockchain technology to ensure the authenticity of information in distributed ledgers; The consensus mechanism based on the proof of stability ensures that the system can efficiently and safely elect the best and most stable representative node in the entire network; the terminal device only needs to visit the directly connected time node to obtain the connection of the current representative node, and use the existing The NTP protocol can complete the time synchronization work, which is very simple and convenient. The authorization center exists as an identity authentication center, that is, if a node needs to join the blockchain system, the authorization center needs to perform security authentication on the identity information submitted by it, and only nodes that pass the verification of the authorization center can join the blockchain system as a time node. Alliance; guarantees the credibility of the time nodes in the system, can remove malicious nodes in time, and ensures the stability of the system.

Description

Secure time synchronization method, system, storage medium, program, smart device

技术领域technical field

本发明属于物联网信息处理技术领域，尤其涉及一种安全时间同步方法、系统、存储介质、程序、智能设备。The invention belongs to the technical field of Internet of Things information processing, and in particular relates to a secure time synchronization method, system, storage medium, program, and intelligent device.

背景技术Background technique

目前，随着智能设备和高速网络的迅猛发展，以资源受限的低功耗有损网络(LLN)为基础发展而来的物联网(IoT)概念已经受到了各界的接受和欢迎。智能设备在接入物联网后能够完成各种任务其中的许多操作(例如智能家居管理和手术进行状况监视)都需要满足高可靠性和实时传输。如果时钟同步出现问题，轻则影响日常生活，如定时做饭、清扫房间等受到影响，给人们带来诸多烦恼，重则影响人们的生命财产安全，如蓄电池定时充电、汽车实时追踪等。目前的时间同步方案主要有：基于树的时间同步协议、图形拓扑时钟时间同步协议以及基于拜占庭容错(BFT)的时钟同步方案。基于树的时间同步协议中，时间源作为树的根节点存在，从根节点一层一层的向下传递时间，以达到时间同步的目的，但是此种方法存在的一个显著问题是当某一个节点发生错误的时候，错误会被传递下去，导致错误的节点以指数形式增长，即健壮性不足。图型拓扑时钟同步协议通过让各个节点互相连通，将时间数据在邻接节点间传递，从而具有较好的鲁棒性和可伸缩性，但仍未解决安全性问题。而基于BFT的时钟同步方案则主要侧重于分布式系统中时钟同步的稳定性，不适用于IoT系统。物联网中大多数设备的计算能力是有限的，并且BFT协议的完整应用将降低整个系统的效率。At present, with the rapid development of smart devices and high-speed networks, the concept of the Internet of Things (IoT) developed on the basis of resource-constrained low-power lossy networks (LLNs) has been accepted and welcomed by all walks of life. Smart devices can complete various tasks after being connected to the Internet of Things, and many of these operations (such as smart home management and surgical monitoring) need to meet high reliability and real-time transmission. If there is a problem with clock synchronization, it will affect daily life at least, such as timing cooking and cleaning the room, which will bring many troubles to people, and seriously affect people's life and property safety, such as timing battery charging, real-time tracking of cars, etc. The current time synchronization schemes mainly include: tree-based time synchronization protocols, graph topology clock time synchronization protocols, and clock synchronization schemes based on Byzantine Fault Tolerance (BFT). In the tree-based time synchronization protocol, the time source exists as the root node of the tree, and the time is passed down from the root node layer by layer to achieve the purpose of time synchronization. However, a significant problem in this method is that when a certain When a node makes an error, the error will be passed on, resulting in an exponential increase in the number of wrong nodes, that is, insufficient robustness. The graph topology clock synchronization protocol has better robustness and scalability by connecting each node to each other and transferring time data between adjacent nodes, but it has not yet solved the security problem. The BFT-based clock synchronization scheme mainly focuses on the stability of clock synchronization in distributed systems, and is not suitable for IoT systems. The computing power of most devices in the Internet of Things is limited, and the complete application of the BFT protocol will reduce the efficiency of the entire system.

通过上述分析，现有技术存在的问题及缺陷为：物联网中各个节点都有同步时间的需求，但因为本身物联网系统是开放的系统，系统中的节点不稳定且非常容易受到攻击，影响系统的时钟安全同步。现有的分布式系统时钟同步方案无法适应物联网系统，不能利用物联网中的有限的设备性能更高效安全地完成时钟同步。Through the above analysis, the problems and defects of the existing technology are: each node in the Internet of Things has the requirement of synchronizing time, but because the Internet of Things system itself is an open system, the nodes in the system are unstable and very vulnerable to attacks, affecting The system's clocks are securely synchronized. Existing distributed system clock synchronization solutions cannot adapt to the Internet of Things system, and cannot use the limited device performance in the Internet of Things to complete clock synchronization more efficiently and safely.

解决以上问题及缺陷的难度为：防止不稳定的节点或被攻击的恶意节点影响系统中的时间同步，同时又要在物联网基础设备性能受限的前提下完成高效安全且稳定的时钟同步任务，这是现有的物联网时钟同步方法中的主要难点。The difficulty in solving the above problems and defects is: to prevent unstable nodes or attacked malicious nodes from affecting the time synchronization in the system, and at the same time to complete efficient, safe and stable clock synchronization tasks under the premise of limited performance of IoT infrastructure equipment , which is the main difficulty in existing IoT clock synchronization methods.

解决以上问题及缺陷的意义为：提高了物联网场景下时钟同步的稳定性与安全性，能够及时发现问题节点并控制影响范围。在物联网基础设备性能受限的前提下提出了一个低消耗且更安全高效地时钟同步方案，将原有的稳定度共识方案进行了改进，在保证安全的前提下将共识通信复杂度降低了一个数量级，大大降低了对系统内同步时间节点的资源限制，降低了网络通信开销。The significance of solving the above problems and defects is to improve the stability and security of clock synchronization in the Internet of Things scenario, and to be able to detect problem nodes in time and control the scope of influence. Under the premise of limited performance of IoT basic equipment, a low-consumption, safer and more efficient clock synchronization scheme is proposed, the original stability consensus scheme is improved, and the complexity of consensus communication is reduced under the premise of ensuring safety. An order of magnitude greatly reduces the resource constraints on the synchronization time nodes in the system and reduces the network communication overhead.

发明内容Contents of the invention

针对现有技术存在的问题，本发明提供了一种安全时间同步方法、系统、存储介质、程序、智能设备。Aiming at the problems existing in the prior art, the present invention provides a secure time synchronization method, system, storage medium, program, and intelligent device.

本发明是这样实现的，一种安全时间同步方法，所述安全时间同步方法包括：The present invention is achieved in this way, a safe time synchronization method, the safe time synchronization method comprising:

第一步，时间节点在Running状态下组网、更新节点信息、处理新节点加入网络、同步区块信息，由代表节点负责授时工作，其它节点负责路由寻址工作；In the first step, the time node forms a network in the Running state, updates node information, processes new nodes to join the network, and synchronizes block information. The representative node is responsible for the timing work, and other nodes are responsible for the routing and addressing work;

第二步，时间节点在WaitingNegotiation状态下处理节点连接信息更新、连接质量测试更新，准备开始共识；In the second step, the time node processes node connection information updates and connection quality test updates in the WaitingNegotiation state, and is ready to start consensus;

第三步，时间节点在Negotiation状态下发送共识开始请求；In the third step, the time node sends a consensus start request in the Negotiation state;

第四步，时间节点在WaitingACK状态下回应共识开始请求；In the fourth step, the time node responds to the consensus start request in the WaitingACK state;

第五步，收集足够数量回应的时间节点进入WritingVBlock状态并广播VBlock；The fifth step is to collect a sufficient number of time nodes to enter the WritingVBlock state and broadcast VBlock;

第六步，节点进入WaitingVACK状态并向稳定指数列表中的节点发送VACK，同时收集其它节点发来的VACK；In the sixth step, the node enters the WaitingVACK state and sends VACK to the nodes in the stability index list, and collects VACKs from other nodes at the same time;

第七步，收集足够数量VACK的节点进入WritingBlock状态打包VACK并签名，产生Block并广播，其它节点接收Block后，本节点即成为本轮代表节点，结束本轮共识随即进入Running状态；The seventh step is to collect a sufficient number of VACK nodes to enter the WritingBlock state to package VACK and sign, generate a Block and broadcast it. After other nodes receive the Block, this node becomes the representative node of this round, and enters the Running state after the end of this round of consensus;

第八步，处于WaitingBlock状态的节点在响应VACK的同时若接收到正确Block则结束本轮共识，进入Running状态。In the eighth step, the node in the WaitingBlock state will end the current round of consensus and enter the Running state if it receives the correct Block while responding to the VACK.

进一步，所述安全时间同步方法还包括：Further, the secure time synchronization method also includes:

(1)Running(1)Running

1)此状态下代表节点负责授时工作，其他节点负责路由寻址操作，同步设备向最近的时间节点获取代表节点连接，与代表节点利用NTP协议同步时间；1) In this state, the representative node is responsible for time service, and other nodes are responsible for routing and addressing operations. The synchronization device obtains the representative node connection from the nearest time node, and uses the NTP protocol to synchronize time with the representative node;

2)各个节点会更新此时网络中的节点信息；2) Each node will update the node information in the network at this time;

3)各个节点处理新节点加入网络，新节点先向授权中心验证身份，获取入网许可与安全证书，然向网络中的处于Running状态的节点发送入网请求，加入网络；3) Each node processes a new node to join the network. The new node first verifies its identity to the authorization center, obtains a network access license and a security certificate, and then sends a network access request to a node in the running state in the network to join the network;

4)各个节点同步各个节点间的区块信息等，此时若是收到共识消息会自动忽略；4) Each node synchronizes the block information between each node, etc. At this time, if it receives a consensus message, it will automatically ignore it;

(2)WaitingNegotiation(2) Waiting Negotiation

1)当时间节点进入到时间段(tp，tc)时，其状态就会转化为WaitingNegotiation状态；每个共识周期开始时间点是tp，经过时间P1后达到时间点tc，再经过时间P2后达到时间点te；1) When the time node enters the time period (tp, tc), its state will be transformed into WaitingNegotiation state; the start time point of each consensus cycle is tp, after time P1 reaches time point tc, and then after time P2 reaches time point te;

2)此状态下节点会准备一些共识需要的资源如节点总数的更新，与其他节点之间连接质量的测试；2) In this state, the node will prepare some resources needed for consensus, such as the update of the total number of nodes, and the test of the connection quality with other nodes;

3)如果此时节点到达了tc状态，并且期间没有收到其他节点的共识消息，则其会转入Negotiation状态，并且向网络中所有节点广播开始共识请求；3) If the node reaches the tc state at this time and does not receive consensus messages from other nodes during this period, it will transfer to the Negotiation state and broadcast a consensus request to all nodes in the network;

4)如果此状态下收到共识开始请求，则表示已有其他节点进入到tc时间点，所以节点会广播ACK表示同意开始此轮共识，然后转入WaitingACK状态；4) If a consensus start request is received in this state, it means that other nodes have entered the tc time point, so the node will broadcast ACK to indicate that it agrees to start this round of consensus, and then transfer to the WaitingACK state;

5)如果此状态下收到最新的Block，并且经过校验成功，则说明此轮共识已经结束，并转入到Running状态；5) If the latest Block is received in this state and the verification is successful, it means that this round of consensus has ended and it will enter the Running state;

(3)Negotiation(3)Negotiation

1)时间节点在进入时间点tc时，进入此状态并广播共识开始请求，然后转入WaitingACK状态；1) When the time node enters the time point tc, it enters this state and broadcasts a consensus start request, and then transfers to the WaitingACK state;

2)但是在转入下一状态之前如果收到最新的Block，则会直接进入Running状态结束本轮共识；2) However, if the latest Block is received before entering the next state, it will directly enter the Running state to end the current round of consensus;

(4)WaitingACK(4)WaitingACK

1)在收到并验证共识开始请求后，节点会进入此状态广播ACK并等待接收其他节点的ACK；1) After receiving and verifying the consensus start request, the node will enter this state to broadcast ACK and wait to receive ACK from other nodes;

2)每个节点都会确认在收到对方的开始共识请求后回复ACK，而在其他状态下节点会认为收到的ACK是无效的，然后丢弃；2) Each node will confirm that it will reply ACK after receiving the start consensus request from the other party, while in other states, the node will consider the received ACK to be invalid and discard it;

3)如果节点不广播ACK而只接收ACK；3) If the node does not broadcast ACK but only receives ACK;

4)如果收到的ACK数达到阈值，则转入WritingVBlock状态；4) If the number of ACKs received reaches the threshold, it will enter the WritingVBlock state;

5)如果收到最新的VBlock，则说明代表节点的竞争已经正式开始，则直接进入到WaitingVACK状态；5) If the latest VBlock is received, it means that the competition of the representative node has officially started, and it will directly enter the WaitingVACK state;

6)如果在此状态下收到最新的Block，则说明共识结束，直接转入Running状态；6) If the latest Block is received in this state, it means that the consensus is over and it will directly transfer to the Running state;

(5)WritingVBlock(5)WritingVBlock

1)进入此状态后，节点将获取并锁定虚区块，将收到的ACK以及其他信息打包成虚区块，并广播给其他节点，就会转入到WaitingVACK状态；1) After entering this state, the node will obtain and lock the virtual block, pack the received ACK and other information into a virtual block, and broadcast it to other nodes, then it will enter the WaitingVACK state;

2)但是如果在广播虚区块前就收到了其他节点的最新的VBlock，则放弃自己虚区块的打包发送，并转入状态WaitingBlock；2) However, if the latest VBlock of other nodes is received before broadcasting the virtual block, the packaging and sending of its own virtual block will be abandoned, and the status will be transferred to WaitingBlock;

3)如果此状态下收到最新的Block，则放弃当前的共识操作，直接进入Running状态；3) If the latest Block is received in this state, the current consensus operation is abandoned and directly enters the Running state;

(6)WaitingVACK(6) Waiting VACK

1)此状态下节点会发送VACK响应给稳定指数列表中的节点，等待接收其他节点的VACK；1) In this state, the node will send a VACK response to the nodes in the stability index list, waiting to receive VACK from other nodes;

2)当接收到的VACK达到阈值后，进入WritingBlock状态；2) When the received VACK reaches the threshold, enter the WritingBlock state;

3)如果此前就收到了最新的Block，则结束当前共识操作直接进入到Running状态；3) If the latest Block has been received before, end the current consensus operation and directly enter the Running state;

(7)WritingBlock(7)Writing Block

1)此状态下节点会将收到的VACK和自己的签名信息打包成新的区块Block并广播到整个区块链网络中，当区块被其他节点接收后此节点为经过共识选出的代表节点，进入到Running状态结束本轮共识；1) In this state, the node will package the received VACK and its own signature information into a new block Block and broadcast it to the entire blockchain network. When the block is received by other nodes, this node is selected by consensus On behalf of the node, enter the Running state to end the current round of consensus;

2)但是在发送最新打包的区块之前若是收到了来自其他节点的最新合法区块，则自己的区块就没有在打包的必要，停止共识的相关操作，直接进入到Running状态；2) However, if the latest legal block from other nodes is received before the latest packaged block is sent, then there is no need to package your own block, stop the consensus-related operations, and directly enter the Running state;

(8)WaitingBlock(8) Waiting Block

1)此状态下节点也会响应给其他节点VACK；1) In this state, the node will also respond to other nodes VACK;

2)在接收到最新的Block并执行校验等后续操作后即进入Running状态完成此轮共识。2) After receiving the latest Block and performing follow-up operations such as verification, it will enter the Running state to complete this round of consensus.

步骤一，授权中心认证身份，颁发、撤销、验证身份，节点入网；Step 1, the authorization center authenticates the identity, issues, revokes, and verifies the identity, and the node enters the network;

步骤二，基于稳定度证明的代表节点选举；Step 2, representative node election based on stability proof;

步骤三，代表节点发布新区块；Step 3, publish new blocks on behalf of the node;

步骤四，时间节点更新区块链；Step 4, the time node updates the blockchain;

步骤五，代表节点获取标准时间；Step 5, obtain the standard time on behalf of the node;

步骤六，同步设备同步时间。Step 6: Synchronize device to synchronize time.

进一步，所述步骤一授权中心认证身份，颁发、撤销、验证身份，节点入网包括：Further, said step 1 authorizes the center to authenticate the identity, issue, revoke, and verify the identity, and the node network includes:

1)认证、分发：如果时间节点想要加入本联盟链系统、参与共识，需要向授权中心发送自己的真实身份信息进行认证，如果认证通过，授权中心将记录该节点的身份信息并向其颁发一个安全证书，安全证书包括唯一的序列号、认证节点的公钥以及授权中心的签名，其中序列号代表认证节点的真实身份，公钥用于验证签名确认身份，授权中心的签名作为该安全证书合法性的证明；1) Authentication and distribution: If the time node wants to join the alliance chain system and participate in the consensus, it needs to send its real identity information to the authorization center for authentication. If the authentication passes, the authorization center will record the identity information of the node and issue it to it. A security certificate, the security certificate includes a unique serial number, the public key of the authentication node and the signature of the authorization center, where the serial number represents the real identity of the authentication node, the public key is used to verify the signature to confirm the identity, and the signature of the authorization center is used as the security certificate proof of legitimacy;

2)撤销：授权中心维护有一个证书撤销列表，如果某个时间节点出现了作恶行为被网络共识决定开除，或某个时间节点的私钥遭到泄露以及某个时间节点需要退出网络，授权中心将该时间节点的安全证书号添加到证书撤销列表，提供给网络中的节点查阅；2) Revocation: The authorization center maintains a certificate revocation list. If there is a malicious behavior at a certain time node and the network consensus decides to expel it, or the private key of a certain time node is leaked and a certain time node needs to withdraw from the network, the authorization center Add the security certificate number of the time node to the certificate revocation list and provide it to the nodes in the network for reference;

3)验证：在同步设备初次连接时间节点或时间节点之间相互确认身份时，首先查看要验证节点的安全证书，验证安全证书的合法性，即授权中心的签名是否正确，然后再查看授权中心的证书撤销列表，查验该安全证书是否已经被撤销，如果安全证书合法且未被撤销，该节点则通过了身份验证，通过证书中的公钥来确认该时间节点的身份；3) Verification: When the synchronization device connects to the time node for the first time or confirms the identity between time nodes, first check the security certificate of the node to be verified, verify the validity of the security certificate, that is, whether the signature of the authorization center is correct, and then check the authorization center Check the certificate revocation list to check whether the security certificate has been revoked. If the security certificate is legal and has not been revoked, the node has passed the identity verification, and the identity of the node at this time is confirmed through the public key in the certificate;

4)入网：如果是时间节点要加入网络，其向网络中的某一个时间节点申请入网，被连接的时间节点在验证通过其身份后，会将其广播到链上其它所有的节点从而使其身份被网络知晓。连接成功后新加入网络的节点会从网络中获取到最新的虚拟链数据以及时间链数据，验证并同步链信息后即可同步自己的时钟信息；4) Network access: If a time node wants to join the network, it applies to a certain time node in the network to join the network. After the connected time node passes its identity verification, it will broadcast it to all other nodes on the chain so that it can The identity is known by the network. After the connection is successful, the new nodes that join the network will obtain the latest virtual chain data and time chain data from the network, and after verifying and synchronizing the chain information, they can synchronize their own clock information;

所述步骤二基于稳定度证明的代表节点选举包括：The second step, the election of representative nodes based on proof of stability includes:

1)网络中首先进入周期视图中t_c时间点的时间节点准备开始本周期视图的共识，其首先计算出当前网络中其可连接的稳定节点的总数N，向节点发送自己的共识开始请求消息；1) The time node that first enters the _tc time point in the cycle view in the network is ready to start the consensus of this cycle view. It first calculates the total number N of stable nodes that can be connected to it in the current network, and sends its own consensus start request message to the node ;

2)其它节点在收到节点共识开始请求消息后，先检查自身的运行状态，如果正好处于周期视图中的(tp，tc)时间段内，即等待共识开始状态，则验证共识开始请求的节点是否为网络中的节点，如果是网络中的节点，则验证其签名身份，如果通过签名身份验证，则查询发送共识开始请求的节点的稳定度，按照从高到低的顺序回复带有自己签名的ACK消息，对于超过5个周期内均处于稳定度列表后10％的节点不予回复消息；2) After receiving the node consensus start request message, other nodes first check their own running status. If they are in the (tp, tc) time period in the cycle view, that is, waiting for the consensus start state, they will verify the consensus start request node Whether it is a node in the network, if it is a node in the network, verify its signature identity, if it passes the signature identity verification, query the stability of the node that sent the consensus start request, and reply with its own signature in order from high to low ACK message, no reply message will be given to nodes that are in the bottom 10% of the stability list for more than 5 cycles;

3)发起开始共识请求的节点在收到ACK消息后，先判断自己的运行状态，是否在等待ACK响应阶段，如果处于此阶段，则验证ACK消息的签名身份，如果该ACK消息通过签名身份验证，则收集起来并计数。如果发起开始共识请求的节点收到了超过网络节点总数2/3数量的合法ACK消息，则将ACK消息打包到VBlock中广播给其它节点；3) After receiving the ACK message, the node that initiates the consensus request first judges its own running status, whether it is waiting for the ACK response stage, if it is in this stage, then verifies the signature identity of the ACK message, if the ACK message passes the signature authentication , are collected and counted. If the node that initiates the consensus request receives legal ACK messages that exceed 2/3 of the total number of network nodes, it will package the ACK messages into VBlocks and broadcast them to other nodes;

4)其它节点在收到VBlock后验证其正确与合法性，如果通过验证则将VBlock写入虚拟链，并向发送VBlock的时间节点发送带有自己签名的VACK消息；4) After receiving the VBlock, other nodes verify its correctness and legitimacy. If it passes the verification, it will write the VBlock into the virtual chain, and send a VACK message with its own signature to the time node that sent the VBlock;

5)发送VBlock的节点在收到VACK消息后验证VACK合法性与正确性，如果通过则收集起来并计数，如果该节点收到了超过网络节点总数2/3数量的合法VACK消息，则当选为本周期视图共识的代表节点；5) The node sending the VBlock verifies the legitimacy and correctness of the VACK after receiving the VACK message. If it passes, it will be collected and counted. If the node receives a number of legal VACK messages exceeding 2/3 of the total number of network nodes, it will be elected as this The representative node of the periodic view consensus;

所述步骤三代表节点发布新区块包括：The step three represents that the node publishes a new block including:

1)代表节点将获得的超过网络节点总数2/3的合法VACK消息打包到新的区块newBlock中；1) The representative node packs the legal VACK messages obtained by more than 2/3 of the total number of network nodes into the new block newBlock;

2)代表节点将打包好的新区块newBlock广播给全网节点；2) The representative node broadcasts the packaged new block newBlock to the entire network nodes;

所述步骤四时间节点更新区块链包括：The step 4 time node update block chain includes:

1)所有时间节点在收到本周期视图共识的代表节点发来的新区块newBlock后，验证newBlock及其中内容的合法性与正确性；1) All time nodes verify the legitimacy and correctness of the newBlock and its contents after receiving the new block newBlock sent by the representative node of the current cycle view consensus;

2)如果newBlock通过验证，则将其写入本节点的时间链中，本轮代表选举完成；2) If the newBlock passes the verification, it will be written into the time chain of this node, and the current round of representative election is completed;

所述步骤五代表节点获取标准时间包括：The step five represents that the node obtains the standard time including:

1)代表节点向时间源发送时间同步请求，时间源验证代表节点的身份；1) The representative node sends a time synchronization request to the time source, and the time source verifies the identity of the representative node;

2)如果时间源验证代表节点身份是正确的，则利用NTP协议向代表节点输出标准时间；2) If the time source verifies that the identity of the representative node is correct, then use the NTP protocol to output the standard time to the representative node;

3)代表节点通过NTP协议从时间源获得标准时间；3) The representative node obtains the standard time from the time source through the NTP protocol;

所述步骤六同步设备同步时间包括：The step 6 synchronizing device synchronization time includes:

1)需要同步时间的同步设备向其连接的时间节点发送时间同步请求；1) A synchronization device that needs to synchronize time sends a time synchronization request to its connected time node;

2)时间节点在收到同步设备发来的同步请求之后，向同步设备发送本周期视图内当前的代表节点连接；2) After receiving the synchronization request sent by the synchronization device, the time node sends the current representative node connection in the current cycle view to the synchronization device;

3)同步设备向代表节点申请时间同步，通过NTP协议同步设备从代表节点处获得标准时间。3) The synchronization device applies to the representative node for time synchronization, and the synchronization device obtains the standard time from the representative node through the NTP protocol.

步骤二，时间节点向组管理节点发送自己的稳定表；Step 2, the time node sends its own stability table to the group management node;

步骤三，组管理节点广播新区块；Step 3, the group management node broadcasts the new block;

步骤四，时间节点更新区块链，计算出本轮代表节点；Step 4, the time node updates the blockchain and calculates the current round representative node;

4)入网：如果是时间节点要加入网络，其向网络中的某一个时间节点申请入网，被连接的时间节点在验证通过其身份后，将其广播到链上其它所有的节点从而使其身份被网络知晓；连接成功后新加入网络的节点会从网络中获取到最新的时间链数据，验证并同步链信息后即可同步自己的时钟信息；4) Network access: If a time node wants to join the network, it applies to a certain time node in the network to join the network. After the connected time node passes its identity verification, it broadcasts it to all other nodes on the chain to make its identity Known by the network; after the connection is successful, the new node that joins the network will obtain the latest time chain data from the network, and after verifying and synchronizing the chain information, it can synchronize its own clock information;

所述步骤二时间节点向组管理节点发送自己的稳定表包括：In the step 2, the time node sends its own stability table to the group management node including:

1)时间节点进入每个周期的t_c时间点时，准备开始本周期的共识，其首先计算出当前网络中各个节点与本节点之间的稳定程度，得到本节点的稳定度表；1) When the time node enters the t _c time point of each cycle, it is ready to start the consensus of this cycle. It first calculates the degree of stability between each node in the current network and the node, and obtains the stability table of the node;

2)将稳定度表、本轮周期序号、自己的节点ID打包为共识消息，并使用自己的私钥进行签名，将打包并签名后的共识消息发送给组管理节点；2) Pack the stability table, the cycle number of this round, and your own node ID into a consensus message, sign it with your own private key, and send the packaged and signed consensus message to the group management node;

所述步骤三组管理节点广播新区块包括：组管理节点收集网络中所有节点的共识消息后将所有消息打包到新区块的区块体中，将本区块索引Index，前一个区块的Hash值，当前共识周期编号No，当前时间戳TimeStamp以及本区块的Hash值填入区块头中，将新区块广播到网络中。The steps of three groups of management nodes broadcasting new blocks include: the group management nodes collect the consensus messages of all nodes in the network and pack all the messages into the block body of the new block, index this block, and the Hash of the previous block value, the current consensus cycle number No, the current timestamp TimeStamp and the Hash value of this block are filled in the block header, and the new block is broadcast to the network.

所述步骤四时间节点更新区块链，计算出本轮代表节点包括：时间节点收到新区块后，验证区块头是否合法，再取出区块体中的共识消息验证消息签名与消息内容是否合法，根据合法消息内容中的各个节点的稳定度表汇总出全网中综合稳定度最高的节点，该节点即当选为本轮共识选举出的代表节点；In the step 4, the time node updates the blockchain, and the calculation of the representative node of this round includes: after the time node receives the new block, it verifies whether the block header is legal, and then takes out the consensus message in the block body to verify whether the message signature and message content are legal , according to the stability table of each node in the legal message content, the node with the highest comprehensive stability in the whole network is summarized, and this node is elected as the representative node elected by this round of consensus;

1)时间节点通过新区块计算出自己当选为本轮共识选举出的代表节点；1) The time node calculates through the new block that it is elected as the representative node elected by this round of consensus;

2)代表节点将新区块作为自己的当选证明发送给时间源，经时间源验证通过后与时间源同步精确时间，成为本轮的授时节点；2) The representative node sends the new block as its own proof of election to the time source, and after passing the verification of the time source, it will synchronize the precise time with the time source and become the timing node of this round;

所述步骤六同步设备向代表节点获取时间同步包括：In step six, the synchronizing device obtains time synchronization from the representative node including:

2)时间节点在收到同步设备发来的同步请求之后，向同步设备发送本周期内当前的代表节点连接；2) After receiving the synchronization request sent by the synchronization device, the time node sends the current representative node connection in this period to the synchronization device;

本发明的另一目的在于提供一种计算机设备，所述计算机设备包括存储器和处理器，所述存储器存储有计算机程序，所述计算机程序被所述处理器执行时，使得所述处理器执行如下步骤：Another object of the present invention is to provide a computer device, the computer device includes a memory and a processor, the memory stores a computer program, and when the computer program is executed by the processor, the processor performs the following step:

本发明的另一目的在于提供一种计算机可读存储介质，存储有计算机程序，所述计算机程序被处理器执行时，使得所述处理器执行如下步骤：Another object of the present invention is to provide a computer-readable storage medium storing a computer program. When the computer program is executed by a processor, the processor performs the following steps:

本发明的另一目的在于提供一种运行所述安全时间同步方法的安全时间同步系统，所述安全时间同步系统包括：Another object of the present invention is to provide a secure time synchronization system for running the secure time synchronization method, the secure time synchronization system comprising:

网络、同步区块信息加入模块，用于实现时间节点在Running状态下组网、更新节点信息、处理新节点加入网络、同步区块信息；The network and synchronous block information adding module are used to realize the time node networking in the Running state, update node information, process new nodes to join the network, and synchronize block information;

共识开始模块，用于时间节点在WaitingNegotiation状态下处理节点连接信息更新、连接质量测试更新，准备开始共识；Consensus start module, which is used for time nodes to process node connection information updates and connection quality test updates in the WaitingNegotiation state, and prepare to start consensus;

共识请求发送模块，用于实现时间节点在Negotiation状态下发送共识开始请求；The consensus request sending module is used to realize the time node sending the consensus start request in the Negotiation state;

共识请求回应模块，用于实现时间节点在WaitingACK状态下回应共识开始请求；The consensus request response module is used to realize that the time node responds to the consensus start request in the WaitingACK state;

状态调整模块，用于收集足够数量回应的时间节点进入WritingVBlock状态并广播VBlock；The state adjustment module is used to collect a sufficient number of response time nodes to enter the WritingVBlock state and broadcast VBlock;

状态收集模块，用于实现节点进入WaitingVACK状态并向稳定指数列表中的节点发送VACK，同时收集其它节点发来的VACK；The state collection module is used to realize that the node enters the WaitingVACK state and sends VACK to the nodes in the stability index list, and collects VACKs sent by other nodes at the same time;

本轮共识模块，用于收集足够数量VACK的节点进入WritingBlock状态打包VACK并签名，产生Block并广播，其它节点接收Block后，本节点即成为本轮代表节点，结束本轮共识随即进入Running状态；处于WaitingBlock状态的节点在响应VACK的同时若接收到正确Block则结束本轮共识，进入Running状态。This round of consensus module is used to collect a sufficient number of VACK nodes to enter the WritingBlock state to package VACK and sign, generate a Block and broadcast it. After other nodes receive the Block, this node becomes the representative node of this round, and enters the Running state after the end of this round of consensus; Nodes in the WaitingBlock state will end the current round of consensus and enter the Running state if they receive the correct Block while responding to VACK.

本发明的另一目的在于提供一种智能设备，所述智能设备搭载所述的安全时间同步系统。Another object of the present invention is to provide a smart device equipped with the secure time synchronization system.

结合上述的所有技术方案，本发明所具备的优点及积极效果为：本发明基于区块链的数据结构和同步方式，以实现时间的安全、高效同步，利用基于稳定度证明的共识方式，以实现抵抗恶意节点的攻击同时避免不稳定节点影响时间同步。区块链是一个时序的链式数据结构，也就是说，区块的添加确认是以时间顺序作为基准的。另一方面，基于稳定度证明的共识机制保证了，所选举出的稳定节点得到了系统中绝大部分节点的认可，恶意节点或不稳定节点无法将错误时间在系统内部同步。Combining all the above-mentioned technical solutions, the advantages and positive effects of the present invention are as follows: the present invention is based on the blockchain data structure and synchronization method to achieve safe and efficient synchronization of time, and utilizes the consensus method based on stability proof to Resist attacks from malicious nodes and prevent unstable nodes from affecting time synchronization. The blockchain is a time-series chain data structure, that is to say, the addition and confirmation of blocks is based on time order. On the other hand, the consensus mechanism based on the proof of stability ensures that the elected stable nodes are recognized by most nodes in the system, and malicious nodes or unstable nodes cannot synchronize the wrong time within the system.

本发明使用的去中心化的区块链技术保证了分布式账本中的信息的真实性。账本上的哈希值保证了选举结果的完整性以及不可篡改性。如果时间节点被攻击，攻击者如果篡改本地账本记录，以影响该节点管理的终端设备，则账本中记录的哈希值将发生变化，使得攻击者发动的攻击能被立刻识别出来；账本公开可验证的特性保证了任何用户可以自由查看账本明文信息。如果账本内容受损可以向网络中获取最新的正确的分布式账本。因此本发明可以及时发现被攻击节点并且即时恢复正确数据信息。The decentralized blockchain technology used in the present invention ensures the authenticity of the information in the distributed ledger. The hash value on the ledger ensures the integrity and immutability of the election results. If the time node is attacked, if the attacker tampers with the local ledger records to affect the terminal equipment managed by the node, the hash value recorded in the ledger will change, so that the attack launched by the attacker can be identified immediately; The verification feature ensures that any user can freely view the plaintext information of the ledger. If the content of the ledger is damaged, the latest correct distributed ledger can be obtained from the network. Therefore, the present invention can discover the attacked node in time and restore correct data information immediately.

本发明基于稳定度证明的共识机制保证了系统内可以高效安全地选举出全网中性能最好最稳定的代表节点。网络中的每个时间节点维护有网络中各个节点设备与自己之间的稳定度，当共识开始时，所有节点将各自的稳定度表汇总，最终选出网络性能较高，稳定度高的节点作为代表节点。即使恶意节点没有按照共识规则向稳定度高的节点投票，只要恶意节点和无法工作的节点不超过全网节点的1/3，就无法影响最终的选举结果。因此本发明可以有效抵制恶意节点对系统的攻击，利用物联网设备有限的性能高效地完成网络共识选择出最优质最稳定的代表节点，同时因为直接通过组管理节点完成了稳定度表的汇总并选举出代表节点，大大降低了网络中共识需要的通信开销。The consensus mechanism based on the proof of stability of the present invention ensures that the representative node with the best and most stable performance in the entire network can be efficiently and safely elected in the system. Each time node in the network maintains the stability between each node device in the network and itself. When the consensus starts, all nodes summarize their respective stability tables, and finally select nodes with higher network performance and high stability as a representative node. Even if malicious nodes do not vote for highly stable nodes according to the consensus rules, as long as malicious nodes and inoperable nodes do not exceed 1/3 of the entire network nodes, they cannot affect the final election results. Therefore, the present invention can effectively resist the attack of malicious nodes on the system, utilize the limited performance of the Internet of Things equipment to efficiently complete the network consensus to select the best quality and most stable representative nodes, and at the same time, because the group management nodes directly complete the summary of the stability table and Electing representative nodes greatly reduces the communication overhead required for consensus in the network.

本发明的终端设备只需要访问直连的时间节点，获取当前代表节点的连接，利用现有的NTP协议即可完成时间同步工作，非常简单便捷。授权中心作为身份认证中心存在，即如果某一节点需要加入到该区块链系统当中，需要授权中心对其提交的身份信息进行安全认证，只有通过授权中心验证的节点才可以作为时间节点加入该联盟。这就保证了系统内时间节点的可信度，同时能够及时剔除恶意节点，保证系统的稳定性。The terminal device of the present invention only needs to visit the directly connected time node to obtain the connection of the current representative node, and can complete the time synchronization work by using the existing NTP protocol, which is very simple and convenient. The authorization center exists as an identity authentication center, that is, if a node needs to join the blockchain system, the authorization center needs to perform security authentication on the identity information submitted by it, and only nodes that pass the verification of the authorization center can join the blockchain system as a time node. alliance. This ensures the credibility of the time nodes in the system, and at the same time removes malicious nodes in time to ensure the stability of the system.

本发明的设计与描述基于有限状态机，不仅令系统运行时序更加清晰直观，同时还囊括了每个节点各个状态所有情况的处理流程，明确了系统运行地边界，增强了系统的稳定性。The design and description of the present invention are based on a finite state machine, which not only makes the system running sequence clearer and more intuitive, but also includes the processing flow of all situations of each node and state, defines the boundary of the system operation, and enhances the stability of the system.

附图说明Description of drawings

为了更清楚地说明本申请实施例的技术方案，下面将对本申请实施例中所需要使用的附图做简单的介绍，显而易见地，下面所描述的附图仅仅是本申请的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动的前提下还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present application, the following will briefly introduce the accompanying drawings required in the embodiments of the present application. Obviously, the accompanying drawings described below are only some embodiments of the present application. Those of ordinary skill in the art can also obtain other drawings based on these drawings without making creative efforts.

图1是本发明实施例提供的安全时间同步方法流程图。Fig. 1 is a flowchart of a secure time synchronization method provided by an embodiment of the present invention.

图2是本发明实施例提供的安全时间同步系统的结构示意图；FIG. 2 is a schematic structural diagram of a secure time synchronization system provided by an embodiment of the present invention;

图中：1、网络、同步区块信息加入模块；2、共识开始模块；3、共识请求发送模块；4、共识请求回应模块；5、状态调整模块；6、状态收集模块；7、本轮共识模块。In the figure: 1. Network, synchronization block information adding module; 2. Consensus start module; 3. Consensus request sending module; 4. Consensus request response module; 5. Status adjustment module; 6. Status collection module; 7. Current round consensus module.

图3是本发明实施例提供的实施例1的实现流程图。Fig. 3 is an implementation flow chart of Embodiment 1 provided by the embodiment of the present invention.

图4是本发明实施例提供的实施例1的系统模型图。Fig. 4 is a system model diagram of Embodiment 1 provided by the embodiment of the present invention.

图5是本发明实施例提供的实施例1的系统流程图。Fig. 5 is a system flowchart of Embodiment 1 provided by the embodiment of the present invention.

图6是本发明实施例提供的实施例1的区块链账本结构图。Fig. 6 is a structure diagram of the blockchain ledger in Embodiment 1 provided by the embodiment of the present invention.

图7是本发明实施例提供的实施例2的方案架构图。FIG. 7 is a scheme architecture diagram of Embodiment 2 provided by the embodiment of the present invention.

图8是本发明实施例提供的实施例2的方案流程图。Fig. 8 is a flow chart of the solution of Embodiment 2 provided by the embodiment of the present invention.

图9是本发明实施例提供的实施例2的方案区块账本结构。Fig. 9 is the block ledger structure of the scheme of Embodiment 2 provided by the embodiment of the present invention.

图10是本发明实施例提供的实施例3的方案的架构图。FIG. 10 is a structural diagram of the solution of Embodiment 3 provided by the embodiment of the present invention.

图11是本发明实施例提供的实施例3的方案的方法流程图。Fig. 11 is a flow chart of the method of the solution of Embodiment 3 provided by the embodiment of the present invention.

图12是本发明实施例提供的实施例3的方案的区块数据结构图。Fig. 12 is a block data structure diagram of the solution of Embodiment 3 provided by the embodiment of the present invention.

图13是本发明实施例提供的Docker原理图。Fig. 13 is a schematic diagram of Docker provided by the embodiment of the present invention.

图14是本发明实施例提供的共识通讯复杂度实验结果图Figure 14 is a diagram of the experimental results of the consensus communication complexity provided by the embodiment of the present invention

具体实施方式Detailed ways

为了使本发明的目的、技术方案及优点更加清楚明白，以下结合实施例，对本发明进行进一步详细说明。应当理解，此处所描述的具体实施例仅仅用以解释本发明，并不用于限定本发明。In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

针对现有技术存在的问题，本发明提供了一种安全时间同步方法、系统、存储介质、程序、智能设备，下面结合附图对本发明作详细的描述。Aiming at the problems existing in the prior art, the present invention provides a secure time synchronization method, system, storage medium, program, and intelligent device. The present invention will be described in detail below in conjunction with the accompanying drawings.

如图1所示，本发明提供的安全时间同步方法包括以下步骤：As shown in Figure 1, the secure time synchronization method provided by the present invention includes the following steps:

S101：时间节点在Running状态下组网、更新节点信息、处理新节点加入网络、同步区块信息，由代表节点负责授时工作，其它节点负责路由寻址工作。S101: The time node forms a network in the Running state, updates node information, processes new nodes to join the network, and synchronizes block information. The representative node is responsible for the timing work, and other nodes are responsible for the routing and addressing work.

S102：时间节点在WaitingNegotiation状态下处理节点连接信息更新、连接质量测试更新，准备开始共识。S102: The time node processes node connection information update and connection quality test update in the WaitingNegotiation state, and is ready to start consensus.

S103：时间节点在Negotiation状态下发送共识开始请求。S103: The time node sends a consensus start request in the Negotiation state.

S104：时间节点在WaitingACK状态下回应共识开始请求。S104: The time node responds to the consensus start request in the WaitingACK state.

S105：收集足够数量回应的时间节点进入WritingVBlock状态并广播VBlock。S105: The time node that collects a sufficient number of responses enters the WritingVBlock state and broadcasts the VBlock.

S106：节点进入WaitingVACK状态并向稳定指数列表中的节点发送VACK，同时收集其它节点发来的VACK。S106: The node enters the WaitingVACK state and sends VACKs to the nodes in the stability index list, and collects VACKs sent by other nodes at the same time.

S107：收集足够数量VACK的节点进入WritingBlock状态打包VACK并签名，产生Block并广播，其它节点接收Block后，本节点即成为本轮代表节点，结束本轮共识随即进入Running状态。S107: Nodes that collect a sufficient number of VACKs enter the WritingBlock state to package VACKs and sign, generate Blocks and broadcast them. After other nodes receive the Blocks, this node becomes the representative node of this round, and enters the Running state immediately after the current round of consensus is completed.

S108：处于WaitingBlock状态的节点在响应VACK的同时若接收到正确Block则结束本轮共识，进入Running状态。S108: The node in the WaitingBlock state will end the current round of consensus and enter the Running state if it receives the correct Block while responding to the VACK.

如图2所示，本发明提供的安全时间同步系统包括：As shown in Figure 2, the secure time synchronization system provided by the present invention includes:

网络、同步区块信息加入模块1，用于实现时间节点在Running状态下组网、更新节点信息、处理新节点加入网络、同步区块信息。Adding module 1 for network and synchronous block information is used to implement time node networking in the Running state, update node information, process new nodes to join the network, and synchronize block information.

共识开始模块2，用于时间节点在WaitingNegotiation状态下处理节点连接信息更新、连接质量测试更新，准备开始共识。Consensus start module 2 is used to process node connection information updates and connection quality test updates when nodes are in the WaitingNegotiation state, and is ready to start consensus.

共识请求发送模块3，用于实现时间节点在Negotiation状态下发送共识开始请求。The consensus request sending module 3 is used to realize that the time node sends a consensus start request in the Negotiation state.

共识请求回应模块4，用于实现时间节点在WaitingACK状态下回应共识开始请求。The consensus request response module 4 is used to realize that the time node responds to the consensus start request in the WaitingACK state.

状态调整模块5，用于收集足够数量回应的时间节点进入WritingVBlock状态并广播VBlock。The state adjustment module 5 is used to collect a sufficient number of time nodes to enter the WritingVBlock state and broadcast VBlock.

状态收集模块6，用于实现节点进入WaitingVACK状态并向稳定指数列表中的节点发送VACK，同时收集其它节点发来的VACK。The state collection module 6 is used to realize that the node enters the WaitingVACK state and sends VACK to the nodes in the stability index list, and collects VACKs sent by other nodes at the same time.

本轮共识模块7，用于收集足够数量VACK的节点进入WritingBlock状态打包VACK并签名，产生Block并广播，其它节点接收Block后，本节点即成为本轮代表节点，结束本轮共识随即进入Running状态；处于WaitingBlock状态的节点在响应VACK的同时若接收到正确Block则结束本轮共识，进入Running状态This round of consensus module 7 is used to collect a sufficient number of VACK nodes to enter the WritingBlock state to package VACK and sign, generate a Block and broadcast it. After other nodes receive the Block, this node will become the representative node of this round. After the end of this round of consensus, it will enter the Running state ; If the node in the WaitingBlock state responds to VACK and receives the correct Block, it will end the current round of consensus and enter the Running state

下面结合附图对本发明的技术方案作进一步的描述。The technical scheme of the present invention will be further described below in conjunction with the accompanying drawings.

实施例1：Example 1:

如图3所示，本发明的主要实现步骤如下：As shown in Figure 3, the main implementation steps of the present invention are as follows:

步骤1：RunningStep 1: Running

步骤2：WaitingNegotiationStep 2: Waiting Negotiation

步骤3：NegotiationStep 3: Negotiation

步骤4：WaitingACKStep 4: WaitingACK

步骤5：WritingVBlockStep 5: WritingVBlock

步骤6：WaitingVACKStep 6: WaitingVACK

步骤7:WritingBlockStep 7: Writing Block

步骤8:WaitingBlockStep 8: Waiting Block

如图5所示，本发明的具体步骤做进一步描述如下：As shown in Figure 5, the specific steps of the present invention are further described as follows:

(1)Running(1)Running

1a)此状态下代表节点负责授时工作，其他节点负责路由寻址操作，同步设备向最近的时间节点获取代表节点连接，与代表节点利用NTP协议同步时间。1a) In this state, the representative node is responsible for time service, and other nodes are responsible for routing and addressing operations. The synchronization device obtains the representative node connection from the nearest time node, and uses the NTP protocol to synchronize time with the representative node.

1b)各个节点会更新此时网络中的节点信息。1b) Each node will update the node information in the network at this time.

1c)各个节点处理新节点加入网络。新节点先向授权中心验证身份，获取入网许可与安全证书，然后向网络中的处于Running状态的节点发送入网请求，加入网络。1c) Each node handles new nodes joining the network. The new node first verifies its identity to the authorization center, obtains the network access license and security certificate, and then sends a network access request to the node in the running state in the network to join the network.

1d)各个节点同步各个节点间的区块信息等，此时若是收到共识消息会自动忽略。1d) Each node synchronizes the block information between each node, etc. If it receives a consensus message at this time, it will automatically ignore it.

(2)WaitingNegotiation(2) Waiting Negotiation

2a)当时间节点进入到时间段(tp，tc)时，其状态就会转化为WaitingNegotiation状态。(假设每个共识周期开始时间点是tp，经过时间P1后达到时间点tc，再经过时间P2后达到时间点te)2a) When the time node enters the time period (tp, tc), its state will be transformed into WaitingNegotiation state. (Assume that each consensus cycle starts at tp, reaches time point tc after time P1, and reaches time point te after time P2)

2b)此状态下节点会准备一些共识需要的资源如节点总数的更新，与其他节点之间连接质量的测试等。2b) In this state, the node will prepare some resources needed for consensus, such as updating the total number of nodes, testing the connection quality with other nodes, etc.

2c)如果此时节点到达了tc状态，并且期间没有收到其他节点的共识消息，则其会转入Negotiation状态，并且向网络中所有节点广播开始共识请求。2c) If the node reaches the tc state at this time and does not receive consensus messages from other nodes during this period, it will transfer to the Negotiation state and broadcast a start consensus request to all nodes in the network.

2d)如果此状态下收到共识开始请求，则表示已有其他节点进入到tc时间点，所以节点会广播ACK表示同意开始此轮共识，然后转入WaitingACK状态。2d) If a consensus start request is received in this state, it means that other nodes have entered the tc time point, so the node will broadcast ACK to agree to start this round of consensus, and then transfer to the WaitingACK state.

2e)如果此状态下收到最新的Block，并且经过校验成功，则说明此轮共识已经结束，并转入到Running状态。2e) If the latest Block is received in this state and the verification is successful, it means that this round of consensus has ended and it will enter the Running state.

(3)Negotiation(3)Negotiation

3a)时间节点在进入时间点tc时，会进入此状态并广播共识开始请求，然后转入WaitingACK状态。3a) When the time node enters the time point tc, it will enter this state and broadcast the consensus start request, and then transfer to the WaitingACK state.

3b)但是在转入下一状态之前如果收到最新的Block，则会直接进入Running状态结束本轮共识。3b) However, if the latest Block is received before entering the next state, it will directly enter the Running state to end the current round of consensus.

(4)WaitingACK(4)WaitingACK

4a)在收到并验证共识开始请求后，节点会进入此状态广播ACK并等待接收其他节点的ACK。4a) After receiving and verifying the consensus start request, the node will enter this state to broadcast ACK and wait to receive ACK from other nodes.

4b)每个节点都会确认在收到对方的开始共识请求后回复ACK，而在其他状态下节点会认为收到的ACK是无效的，然后丢弃。4b) Each node will confirm that it will reply ACK after receiving the start consensus request from the other party, while in other states, the node will consider the received ACK to be invalid and discard it.

4c)如果节点不广播ACK而只接收ACK，因为稳定指数表的存在，它在其他节点的稳定指数一定会大幅降低，从而导致其之后的竞争处于劣势。4c) If a node does not broadcast ACK but only receives ACK, because of the existence of the stability index table, its stability index in other nodes must be greatly reduced, resulting in a disadvantage in subsequent competition.

4d)如果收到的ACK数达到阈值，则转入WritingVBlock状态。4d) If the number of ACKs received reaches the threshold, it will enter the WritingVBlock state.

4e)如果收到最新的VBlock，则说明代表节点的竞争已经正式开始，则直接进入到WaitingVACK状态。4e) If the latest VBlock is received, it means that the competition for the representative node has officially started, and it will directly enter the WaitingVACK state.

4f)如果在此状态下收到最新的Block，则说明共识结束，直接转入Running状态。4f) If the latest Block is received in this state, it means that the consensus is over and it will go directly to the Running state.

(5)WritingVBlock(5)WritingVBlock

5a)进入此状态后，节点将获取并锁定虚区块，然后将收到的ACK以及其他信息打包成虚区块，并广播给其他节点，然后就会转入到WaitingVACK状态。5a) After entering this state, the node will obtain and lock the virtual block, then pack the received ACK and other information into a virtual block, broadcast it to other nodes, and then enter the WaitingVACK state.

5b)但是如果在广播虚区块前就收到了其他节点的最新的VBlock，则放弃自己虚区块的打包发送，并转入状态WaitingBlock。5b) However, if the latest VBlock of other nodes is received before broadcasting the virtual block, the packaging and sending of its own virtual block is abandoned, and the status is transferred to WaitingBlock.

5c)如果此状态下收到最新的Block，则放弃当前的共识操作，直接进入Running状态。5c) If the latest Block is received in this state, the current consensus operation is abandoned and directly enters the Running state.

(6)WaitingVACK(6) Waiting VACK

6a)此状态下节点会发送VACK响应给稳定指数列表中的节点，然后等待接收其他节点的VACK。6a) In this state, the node will send a VACK response to the nodes in the stability index list, and then wait to receive VACK from other nodes.

6b)当接收到的VACK达到阈值后，就会进入WritingBlock状态。6b) When the received VACK reaches the threshold, it will enter the WritingBlock state.

6c)如果此前就收到了最新的Block，则结束当前共识操作直接进入到Running状态。6c) If the latest Block has been received before, end the current consensus operation and enter the Running state directly.

(7)WritingBlock(7)Writing Block

7a)此状态下节点会将收到的VACK和自己的签名等信息打包成新的区块Block并广播到整个区块链网络中，当区块被其他节点接收后此节点即为经过共识选出的代表节点，然后即可进入到Running状态结束本轮共识。7a) In this state, the node will package the received VACK and its own signature into a new block Block and broadcast it to the entire blockchain network. When the block is received by other nodes, the node is selected by consensus. The representative node that has been selected can enter the Running state to end the current round of consensus.

7b)但是在发送最新打包的区块之前若是收到了来自其他节点的最新合法区块，则自己的区块就没有在打包的必要，因此停止共识的相关操作，直接进入到Running状态。7b) However, if the latest legal block from other nodes is received before the latest packaged block is sent, then there is no need to package your own block, so stop the consensus-related operations and directly enter the Running state.

(8)WaitingBlock(8) Waiting Block

8a)此状态下节点也会响应给其他节点VACK，但是鉴于竞争VBlock已经失利，不会在打包新的Block区块，以此减少网络中消息的发送量和节点的资源消耗。8a) In this state, the node will also respond to other nodes with VACK, but since the competition for VBlock has already failed, no new Block will be packaged, so as to reduce the amount of messages sent in the network and the resource consumption of nodes.

8b)在接收到最新的Block并执行校验等后续操作后即进入Running状态完成此轮共识。8b) After receiving the latest Block and performing follow-up operations such as verification, it will enter the Running state to complete this round of consensus.

实施例2：Example 2:

本发明提供的安全时间同步方法包括以下步骤：The secure time synchronization method provided by the present invention comprises the following steps:

步骤1：授权中心认证身份，颁发、撤销、验证身份，节点入网；Step 1: The authorization center authenticates the identity, issues, revokes, and verifies the identity, and the node enters the network;

步骤2：基于稳定度证明的代表节点选举；Step 2: Representative node election based on proof of stability;

步骤3：代表节点发布新区块；Step 3: Publish a new block on behalf of the node;

步骤4：时间节点更新区块链；Step 4: The time node updates the blockchain;

步骤5：代表节点获取标准时间；Step 5: Obtain the standard time on behalf of the node;

步骤6：同步设备同步时间。Step 6: Synchronize device to synchronize time.

本发明的具体步骤做进一步描述如下：Concrete steps of the present invention are further described as follows:

(1)授权中心认证身份，颁发、撤销、验证身份，节点入网(1) The authorization center authenticates the identity, issues, revokes, and verifies the identity, and the node enters the network

1a)认证、分发：如果时间节点想要加入本联盟链系统、参与共识，需要向授权中心发送自己的真实身份信息进行认证，如果认证通过，授权中心将记录该节点的身份信息并向其颁发一个安全证书，安全证书包括唯一的序列号、认证节点的公钥以及授权中心的签名，其中序列号代表认证节点的真实身份，公钥用于验证签名确认身份，授权中心的签名作为该安全证书合法性的证明。1a) Authentication and distribution: If the time node wants to join the alliance chain system and participate in the consensus, it needs to send its real identity information to the authorization center for authentication. If the authentication passes, the authorization center will record the identity information of the node and issue it to it. A security certificate, the security certificate includes a unique serial number, the public key of the authentication node and the signature of the authorization center, where the serial number represents the real identity of the authentication node, the public key is used to verify the signature to confirm the identity, and the signature of the authorization center is used as the security certificate proof of legitimacy.

1b)撤销：授权中心维护有一个证书撤销列表，如果某个时间节点出现了作恶行为被网络共识决定开除，或某个时间节点的私钥遭到泄露以及某个时间节点需要退出网络，授权中心将该时间节点的安全证书号添加到证书撤销列表，提供给网络中的节点查阅。1b) Revocation: The authorization center maintains a certificate revocation list. If there is a malicious behavior at a certain time node and the network consensus decides to expel it, or the private key of a certain time node is leaked and a certain time node needs to withdraw from the network, the authorization center Add the security certificate number of this time node to the certificate revocation list and provide it to the nodes in the network for reference.

1c)验证：在同步设备初次连接时间节点或时间节点之间相互确认身份时，首先查看要验证节点的安全证书，验证安全证书的合法性，即授权中心的签名是否正确，然后再查看授权中心的证书撤销列表，查验该安全证书是否已经被撤销，如果安全证书合法且未被撤销，该节点则通过了身份验证，可以通过证书中的公钥来确认该时间节点的身份。1c) Verification: When the synchronization device first connects to the time node or confirms the identity between time nodes, first check the security certificate of the node to be verified, verify the validity of the security certificate, that is, whether the signature of the authorization center is correct, and then check the authorization center Check the certificate revocation list to check whether the security certificate has been revoked. If the security certificate is legal and has not been revoked, the node has passed the identity verification, and the identity of the time node can be confirmed through the public key in the certificate.

1d)入网：如果是时间节点要加入网络，其向网络中的某一个时间节点申请入网，被连接的时间节点在验证通过其身份后，会将其广播到链上其它所有的节点从而使其身份被网络知晓。连接成功后新加入网络的节点会从网络中获取到最新的虚拟链数据以及时间链数据，验证并同步链信息后即可同步自己的时钟信息。1d) Network access: If a time node wants to join the network, it applies to a certain time node in the network to join the network. After the connected time node passes its identity verification, it will broadcast it to all other nodes on the chain to make it The identity is known by the network. After the connection is successful, the new node that joins the network will obtain the latest virtual chain data and time chain data from the network. After verifying and synchronizing the chain information, it can synchronize its own clock information.

(2)基于稳定度证明的代表节点选举(2) Representative node election based on proof of stability

2a)网络中首先进入周期视图中t_c时间点的时间节点准备开始本周期视图的共识，其首先计算出当前网络中其可连接的稳定节点的总数N，向这些节点发送自己的共识开始请求消息。2a) The time node that first enters the _tc time point in the cycle view in the network is ready to start the consensus of this cycle view. It first calculates the total number N of stable nodes that can be connected to it in the current network, and sends its own consensus start request to these nodes information.

2b)其它节点在收到节点共识开始请求消息后，先检查自身的运行状态，如果正好处于周期视图中的(t_p，t_c)时间段内，即等待共识开始状态，则验证共识开始请求的节点是否为网络中的节点，如果是网络中的节点，则验证其签名身份，如果通过签名身份验证，则查询发送共识开始请求的节点的稳定度，然后按照从高到低的顺序回复带有自己签名的ACK消息，对于超过5个周期内均处于稳定度列表后10％的节点不予回复消息。2b) After receiving the node consensus start request message, other nodes first check their own running status. If they are within the time period (t _p , t _c ) in the cycle view, that is, waiting for the consensus start state, they will verify the consensus start request Whether the node is a node in the network, if it is a node in the network, verify its signature identity, if it passes the signature identity verification, query the stability of the node that sent the consensus start request, and then reply with For the ACK message with its own signature, it will not reply to the nodes that are in the bottom 10% of the stability list for more than 5 cycles.

2c)发起开始共识请求的节点在收到ACK消息后，先判断自己的运行状态，是否在等待ACK响应阶段，如果处于此阶段，则验证ACK消息的签名身份，如果该ACK消息通过签名身份验证，则收集起来并计数。如果发起开始共识请求的节点收到了超过网络节点总数2/3数量的合法ACK消息，则将这些ACK消息打包到VBlock中广播给其它节点。2c) After receiving the ACK message, the node that initiates the consensus request first judges its own running status, whether it is waiting for the ACK response stage, if it is in this stage, then verify the signature identity of the ACK message, if the ACK message passes the signature authentication , are collected and counted. If the node that initiates the consensus request receives legal ACK messages that exceed 2/3 of the total number of network nodes, these ACK messages will be packaged into VBlocks and broadcast to other nodes.

2d)其它节点在收到VBlock后验证其正确与合法性，如果通过验证则将VBlock写入虚拟链，并向发送VBlock的时间节点发送带有自己签名的VACK消息。2d) After receiving the VBlock, other nodes verify its correctness and legitimacy. If it passes the verification, it will write the VBlock into the virtual chain, and send a VACK message with its own signature to the time node that sent the VBlock.

2e)发送VBlock的节点在收到VACK消息后验证VACK合法性与正确性，如果通过则收集起来并计数，如果该节点收到了超过网络节点总数2/3数量的合法VACK消息，则当选为本周期视图共识的代表节点。2e) The node that sends the VBlock verifies the legitimacy and correctness of the VACK after receiving the VACK message. If it passes, it collects and counts it. If the node receives a legal VACK message that exceeds 2/3 of the total number of network nodes, it is elected as this The representative node of the cycle view consensus.

(3)代表节点发布新区块(3) Release a new block on behalf of the node

3a)代表节点将获得的超过阈值(网络节点总数的2/3)的合法VACK消息打包到新的区块newBlock中。3a) The representative node packs the obtained legal VACK messages exceeding the threshold (2/3 of the total number of network nodes) into a new block newBlock.

3b)代表节点将打包好的新区块newBlock广播给全网节点。3b) The representative node broadcasts the packaged new block newBlock to the entire network nodes.

(4)时间节点更新区块链(4) The time node updates the blockchain

4a)所有时间节点在收到本周期视图共识的代表节点发来的新区块newBlock后，验证newBlock及其中内容的合法性与正确性。4a) All time nodes verify the legitimacy and correctness of the newBlock and its contents after receiving the new block newBlock sent by the representative node of the current cycle view consensus.

4b)如果newBlock通过验证，则将其写入本节点的时间链中，本轮代表选举完成。4b) If the newBlock passes the verification, it will be written into the time chain of this node, and the current round of representative election is completed.

(5)代表节点获取标准时间(5) Obtain the standard time on behalf of the node

5a)代表节点向时间源发送时间同步请求，时间源验证代表节点的身份。5a) The representative node sends a time synchronization request to the time source, and the time source verifies the identity of the representative node.

5b)如果时间源验证代表节点身份是正确的，则利用NTP协议向代表节点输出标准时间。5b) If the time source verifies that the identity of the representative node is correct, then use the NTP protocol to output the standard time to the representative node.

5c)代表节点通过NTP协议从时间源获得标准时间。5c) represents that the node obtains the standard time from the time source through the NTP protocol.

(6)同步设备同步时间(6) Synchronization device synchronization time

6a)需要同步时间的同步设备向其连接的时间节点发送时间同步请求。6a) A synchronization device that needs to synchronize time sends a time synchronization request to its connected time node.

6b)时间节点在收到同步设备发来的同步请求之后，向同步设备发送本周期视图内当前的代表节点连接。6b) After receiving the synchronization request sent by the synchronization device, the time node sends the current representative node connection in the current cycle view to the synchronization device.

6c)同步设备向代表节点申请时间同步，通过NTP协议同步设备从代表节点处获得标准时间。6c) The synchronization device applies to the representative node for time synchronization, and the synchronization device obtains the standard time from the representative node through the NTP protocol.

实施例3：Example 3:

步骤2：时间节点向组管理节点发送自己的稳定表；Step 2: The time node sends its own stability table to the group management node;

步骤3：组管理节点广播新区块；Step 3: The group management node broadcasts the new block;

步骤4：时间节点更新区块链，计算出本轮代表节点；Step 4: The time node updates the blockchain and calculates the representative node for this round;

1d)入网：如果是时间节点要加入网络，其向网络中的某一个时间节点申请入网，被连接的时间节点在验证通过其身份后，会将其广播到链上其它所有的节点从而使其身份被网络知晓。连接成功后新加入网络的节点会从网络中获取到最新的时间链数据，验证并同步链信息后即可同步自己的时钟信息。1d) Network access: If a time node wants to join the network, it applies to a certain time node in the network to join the network. After the connected time node passes its identity verification, it will broadcast it to all other nodes on the chain to make it The identity is known by the network. After the connection is successful, the node that newly joins the network will obtain the latest time chain data from the network, and after verifying and synchronizing the chain information, it can synchronize its own clock information.

(2)时间节点向组管理节点发送自己的稳定表(2) The time node sends its own stability table to the group management node

2a)时间节点进入每个周期的t_c时间点时，准备开始本周期的共识，其首先计算出当前网络中各个节点与本节点之间的稳定程度，得到本节点的稳定度表。2a) When the time node enters the t _c time point of each cycle, it is ready to start the consensus of this cycle. It first calculates the degree of stability between each node in the current network and the node, and obtains the stability table of the node.

2b)将稳定度表、本轮周期序号、自己的节点ID打包为共识消息，并使用自己的私钥进行签名，将打包并签名后的共识消息发送给组管理节点。2b) Pack the stability table, the current cycle number, and your own node ID into a consensus message, sign it with your own private key, and send the packaged and signed consensus message to the group management node.

(3)组管理节点广播新区块(3) Group management nodes broadcast new blocks

3a)组管理节点收集网络中所有节点的共识消息后将所有消息打包到新区块的区块体中，将本区块索引Index，前一个区块的Hash值，当前共识周期编号No，当前时间戳TimeStamp以及本区块的Hash值填入区块头中，将新区块广播到网络中。3a) The group management node collects the consensus messages of all nodes in the network and packs all the messages into the block body of the new block, indexes the block with Index, the hash value of the previous block, the current consensus cycle number No, and the current time Stamp the TimeStamp and the Hash value of this block into the block header, and broadcast the new block to the network.

(4)时间节点更新区块链，计算出本轮代表节点(4) The time node updates the blockchain and calculates the current round representative node

4a)时间节点收到新区块后，验证区块头是否合法，再取出区块体中的共识消息验证消息签名与消息内容是否合法，根据合法消息内容中的各个节点的稳定度表汇总出全网中综合稳定度最高的节点，该节点即当选为本轮共识选举出的代表节点。4a) After the time node receives the new block, it verifies whether the block header is legal, and then takes out the consensus message in the block body to verify whether the message signature and message content are legal, and summarizes the entire network according to the stability table of each node in the legal message content. The node with the highest comprehensive stability among the nodes will be elected as the representative node elected by this round of consensus.

5a)时间节点通过新区块计算出自己当选为本轮共识选举出的代表节点。5a) The time node calculates through the new block that it is elected as the representative node elected by this round of consensus.

5b)代表节点将新区块作为自己的当选证明发送给时间源，经时间源验证通过后与时间源同步精确时间，成为本轮的授时节点。5b) The representative node sends the new block as its own proof of election to the time source, and after passing the verification of the time source, it synchronizes the precise time with the time source and becomes the timing node of this round.

(6)同步设备向代表节点获取时间同步(6) The synchronization device obtains time synchronization from the representative node

6b)时间节点在收到同步设备发来的同步请求之后，向同步设备发送本周期内当前的代表节点连接。6b) After receiving the synchronization request sent by the synchronization device, the time node sends the current representative node connection in this period to the synchronization device.

原始方案中，网络中所有节点在测试完与网络中其它节点的稳定度后，在共识阶段每个节点依然要和全网所有节点保持连接并持续通讯，通信复杂度为O(n²)。因为引入了组管理节点，改进后的方案中同步节点在测试完与网络中其它节点的稳定度后，在共识阶段每个节点只需要与组管理节点保持连接即可，且整个共识过程只需要与组管理节点来回发送两条消息即可完成共识，整体网络通信复杂度降为了O(n)，大大减少了共识的通信开销与稳定性。In the original scheme, after all nodes in the network have tested their stability with other nodes in the network, each node still needs to maintain connection and communication with all nodes in the entire network during the consensus phase, and the communication complexity is O(n ² ). Because of the introduction of the group management node, in the improved scheme, after the synchronization node has tested the stability with other nodes in the network, each node only needs to maintain a connection with the group management node during the consensus stage, and the entire consensus process only needs to The consensus can be completed by sending two messages back and forth with the group management node, and the overall network communication complexity is reduced to O(n), which greatly reduces the communication overhead and stability of the consensus.

下面结合实验对本发明的技术效果作详细的描述。The technical effects of the present invention will be described in detail below in conjunction with experiments.

本发明的主要仿真测试使用编程语言Java实现，采用了intellij idea集成开发环境来开发实现，并使用Maven保证依赖的版本控制。为了部署运行本系统，本实验的硬件运行环境为：The main simulation test of the present invention is implemented using the programming language Java, developed and implemented by using the intellij idea integrated development environment, and uses Maven to ensure dependent version control. In order to deploy and run this system, the hardware operating environment of this experiment is:

i5-8500 3.0GHz CPU；i5-8500 3.0GHz CPU;

32GB RAM；32GB RAM;

1TB硬盘驱动器；1TB hard drive;

操作系统是Ubuntu 14.04Trusty。The operating system is Ubuntu 14.04 Trusty.

Docker原理如图13所示。The principle of Docker is shown in Figure 13.

软件运行环境为docker version2.0.0.0。实际测试过程中最低运行节点数5个，最高25个。docker是一种虚拟化的应用容器，能够使用较少的系统资源为不同的应用提供独立的运行沙箱环境，能够较好地仿真物联网下大量的物理设备节点情景。docker的原理示意如图所示，每个容器不是单独建立虚拟os内核，而是建立独立的Bins/Libs环境，以此来提高对资源的利用率。The software operating environment is docker version2.0.0.0. In the actual test process, the minimum number of running nodes is 5, and the maximum number is 25. Docker is a virtualized application container that can use less system resources to provide independent running sandbox environments for different applications, and can better simulate a large number of physical device node scenarios under the Internet of Things. The principle diagram of docker is shown in the figure. Each container does not create a virtual OS kernel independently, but an independent Bins/Libs environment to improve the utilization of resources.

系统总体分为9大模块：计时器、状态机、P2P模块、API模块、Block模块、工具集、Peer模块、MessageHelper模块、NTP模块，其中核心模块为P2P模块。The system is generally divided into 9 modules: timer, state machine, P2P module, API module, Block module, tool set, Peer module, MessageHelper module, NTP module, and the core module is the P2P module.

从图中可以看出，系统的计时器驱动状态机运行，状态机与P2P模块互相影响，状态机的状态变化会导致P2P运行状态的变化，同时P2P的运行也会导致状态机的状态转移事件。API向外部暴露接口，可以和其他程序、设备等进行对接，Block模块管理区块链数据部分，工具集整合了系统运行所需的基本方法如加密、签名等基础算法，Peer模块则管理P2P网络连接的具体实现部分，MessageHelper则是对节点之间消息传输和处理方法的封装，NTP模块则是独立运行的能够提供NTP服务的模块，同时在需要时也可以调用它来实现本节点和其他节点或设备进行时钟同步。It can be seen from the figure that the timer of the system drives the state machine to run, and the state machine and the P2P module interact with each other. The state change of the state machine will lead to the change of the P2P operation state, and the operation of P2P will also cause the state transition event of the state machine . The API exposes the interface to the outside, which can be connected with other programs and devices. The Block module manages the blockchain data part. The tool set integrates the basic methods required for system operation, such as encryption, signature and other basic algorithms. The Peer module manages the P2P network The specific implementation part of the connection, MessageHelper is the encapsulation of message transmission and processing methods between nodes, and the NTP module is an independently running module that can provide NTP services, and it can also be called to implement this node and other nodes when needed Or the device performs clock synchronization.

本发明将改进后的时间安全同步方案与原始稳定度共识方案进行了通信复杂度测试比较。本发明通过改变参与共识的节点数观察平均每次共识网络中的消息流通量的方法来判断两种方案的通信复杂度如何，如图14所示。节点数从5到25，每次增加5个节点，从图14中可以看出随着节点数目的增加，原始的稳定度共识的共识通信量呈现指数级增长，这反映了原始的稳定度共识在参与节点数增加的情况下通信开销会迅速增加。而本发明改进后的稳定度共识的共识通信量虽呈成线性变化而没有增加太多，通信量与参与节点之间稳定在2倍关系。The invention compares the communication complexity test between the improved time security synchronization scheme and the original stability consensus scheme. The present invention judges the communication complexity of the two schemes by changing the number of nodes participating in the consensus and observing the average message flow in each consensus network, as shown in FIG. 14 . The number of nodes ranges from 5 to 25, increasing by 5 nodes each time. It can be seen from Figure 14 that as the number of nodes increases, the consensus traffic of the original stability consensus increases exponentially, which reflects the original stability consensus Communication overhead increases rapidly as the number of participating nodes increases. However, although the consensus traffic of the improved stability consensus of the present invention changes linearly without increasing too much, the relationship between the traffic and participating nodes is stable at 2 times.

应当注意，本发明的实施方式可以通过硬件、软件或者软件和硬件的结合来实现。硬件部分可以利用专用逻辑来实现；软件部分可以存储在存储器中，由适当的指令执行系统，例如微处理器或者专用设计硬件来执行。本领域的普通技术人员可以理解上述的设备和方法可以使用计算机可执行指令和/或包含在处理器控制代码中来实现，例如在诸如磁盘、CD或DVD-ROM的载体介质、诸如只读存储器(固件)的可编程的存储器或者诸如光学或电子信号载体的数据载体上提供了这样的代码。本发明的设备及其模块可以由诸如超大规模集成电路或门阵列、诸如逻辑芯片、晶体管等的半导体、或者诸如现场可编程门阵列、可编程逻辑设备等的可编程硬件设备的硬件电路实现，也可以用由各种类型的处理器执行的软件实现，也可以由上述硬件电路和软件的结合例如固件来实现。It should be noted that the embodiments of the present invention can be realized by hardware, software, or a combination of software and hardware. The hardware part can be implemented using dedicated logic; the software part can be stored in memory and executed by a suitable instruction execution system such as a microprocessor or specially designed hardware. Those of ordinary skill in the art will understand that the above-described devices and methods can be implemented using computer-executable instructions and/or contained in processor control code, for example, on a carrier medium such as a magnetic disk, CD or DVD-ROM, such as a read-only memory Such code is provided on a programmable memory (firmware) or on a data carrier such as an optical or electronic signal carrier. The device and its modules of the present invention may be implemented by hardware circuits such as VLSI or gate arrays, semiconductors such as logic chips, transistors, etc., or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., It can also be realized by software executed by various types of processors, or by a combination of the above-mentioned hardware circuits and software such as firmware.

以上所述，仅为本发明的具体实施方式，但本发明的保护范围并不局限于此，任何熟悉本技术领域的技术人员在本发明揭露的技术范围内，凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等，都应涵盖在本发明的保护范围之内。The above is only a specific embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Anyone familiar with the technical field within the technical scope disclosed in the present invention, whoever is within the spirit and principles of the present invention Any modifications, equivalent replacements and improvements made within shall fall within the protection scope of the present invention.

Claims

1. A secure time synchronization method, characterized in that, the secure time synchronization method comprises:

In the first step, the time node forms a network in the Running state, updates node information, processes new nodes to join the network, and synchronizes block information. The representative node is responsible for the timing work, and other nodes are responsible for the routing and addressing work;

In the second step, the time node processes node connection information updates and connection quality test updates in the WaitingNegotiation state, and is ready to start consensus;

In the third step, the time node sends a consensus start request in the Negotiation state;

In the fourth step, the time node responds to the consensus start request in the WaitingACK state;

The fifth step is to collect a sufficient number of time nodes to enter the WritingVBlock state and broadcast VBlock;

In the sixth step, the node enters the WaitingVACK state and sends VACK to the nodes in the stability index list, and collects VACKs from other nodes at the same time;

The seventh step is to collect a sufficient number of VACK nodes to enter the WritingBlock state to package VACK and sign, generate a Block and broadcast it. After other nodes receive the Block, this node becomes the representative node of this round, and enters the Running state after the end of this round of consensus;

In the eighth step, the node in the WaitingBlock state will end the current round of consensus and enter the Running state if it receives the correct Block while responding to the VACK.

2. The secure time synchronization method according to claim 1, wherein the secure time synchronization method further comprises:

(1)Running

1) In this state, the representative node is responsible for time service, and other nodes are responsible for routing and addressing operations. The synchronization device obtains the representative node connection from the nearest time node, and uses the NTP protocol to synchronize time with the representative node;

2) Each node will update the node information in the network at this time;

3) Each node processes a new node to join the network. The new node first verifies its identity to the authorization center, obtains a network access license and a security certificate, and then sends a network access request to a node in the running state in the network to join the network;

4) Each node synchronizes the block information between each node, etc. At this time, if it receives a consensus message, it will automatically ignore it;

(2) Waiting Negotiation

1) When the time node enters the time period (t _p , t _c ), its state will transform into WaitingNegotiation state; the start time point of each consensus cycle is t _p , after time P ₁ reaches the time point t _c , and then Time point t _e is reached after time P ₂ ;

2) In this state, the node will prepare some resources needed for consensus, such as the update of the total number of nodes, and the test of the connection quality with other nodes;

3) If the node reaches the _tc state at this time and does not receive consensus messages from other nodes during the period, it will transfer to the Negotiation state and broadcast a consensus request to all nodes in the network;

4) If a consensus start request is received in this state, it means that other nodes have entered the t _c time point, so the node will broadcast ACK to indicate that it agrees to start this round of consensus, and then transfer to the WaitingACK state;

5) If the latest Block is received in this state and the verification is successful, it means that this round of consensus has ended and it will enter the Running state;

(3)Negotiation

1) When the time node enters the time point t _c , it enters this state and broadcasts the consensus start request, and then transfers to the WaitingACK state;

2) However, if the latest Block is received before entering the next state, it will directly enter the Running state to end the current round of consensus;

(4)WaitingACK

1) After receiving and verifying the consensus start request, the node will enter this state to broadcast ACK and wait to receive ACK from other nodes;

2) Each node will confirm that it will reply ACK after receiving the start consensus request from the other party, while in other states, the node will consider the received ACK to be invalid and discard it;

3) If the node does not broadcast ACK but only receives ACK;

4) If the number of ACKs received reaches the threshold, it will enter the WritingVBlock state;

5) If the latest VBlock is received, it means that the competition of the representative node has officially started, and it will directly enter the WaitingVACK state;

6) If the latest Block is received in this state, it means that the consensus is over and it will directly transfer to the Running state;

(5)WritingVBlock

1) After entering this state, the node will obtain and lock the virtual block, pack the received ACK and other information into a virtual block, and broadcast it to other nodes, then it will enter the WaitingVACK state;

2) However, if the latest VBlock of other nodes is received before broadcasting the virtual block, the packaging and sending of its own virtual block will be abandoned, and the status will be transferred to WaitingBlock;

3) If the latest Block is received in this state, the current consensus operation is abandoned and directly enters the Running state;

(6) Waiting VACK

1) In this state, the node will send a VACK response to the nodes in the stability index list, waiting to receive VACK from other nodes;

2) When the received VACK reaches the threshold, enter the WritingBlock state;

3) If the latest Block has been received before, end the current consensus operation and directly enter the Running state;

(7)Writing Block

1) In this state, the node will package the received VACK and its own signature information into a new block Block and broadcast it to the entire blockchain network. When the block is received by other nodes, this node is selected by consensus On behalf of the node, enter the Running state to end the current round of consensus;

2) However, if the latest legal block from other nodes is received before the latest packaged block is sent, then there is no need to package your own block, stop the consensus-related operations, and directly enter the Running state;

(8) Waiting Block

1) In this state, the node will also respond to other nodes VACK;

2) After receiving the latest Block and performing follow-up operations such as verification, it will enter the Running state to complete this round of consensus.

3. The secure time synchronization method according to claim 1, wherein the secure time synchronization method further comprises:

Step 1, the authorization center authenticates the identity, issues, revokes, and verifies the identity, and the node enters the network;

Step 2, representative node election based on stability proof;

Step 3, publish new blocks on behalf of the node;

Step 4, the time node updates the blockchain;

Step 5, obtain the standard time on behalf of the node;

Step 6: Synchronize device to synchronize time.

4. The safe time synchronization method according to claim 3, wherein said step 1 authorizes the center to authenticate identity, issue, revoke, and verify identity, and node network access includes:

1) Authentication and distribution: If the time node wants to join the alliance chain system and participate in the consensus, it needs to send its real identity information to the authorization center for authentication. If the authentication passes, the authorization center will record the identity information of the node and issue it to it. A security certificate, the security certificate includes a unique serial number, the public key of the authentication node and the signature of the authorization center, where the serial number represents the real identity of the authentication node, the public key is used to verify the signature to confirm the identity, and the signature of the authorization center is used as the security certificate proof of legitimacy;

2) Revocation: The authorization center maintains a certificate revocation list. If there is a malicious behavior at a certain time node and the network consensus decides to expel it, or the private key of a certain time node is leaked and a certain time node needs to withdraw from the network, the authorization center Add the security certificate number of the time node to the certificate revocation list and provide it to the nodes in the network for reference;

3) Verification: When the synchronization device connects to the time node for the first time or confirms the identity between time nodes, first check the security certificate of the node to be verified, verify the validity of the security certificate, that is, whether the signature of the authorization center is correct, and then check the authorization center Check the certificate revocation list to check whether the security certificate has been revoked. If the security certificate is legal and has not been revoked, the node has passed the identity verification, and the identity of the node at this time is confirmed through the public key in the certificate;

4) Network access: If a time node wants to join the network, it applies to a certain time node in the network to join the network. After the connected time node passes its identity verification, it will broadcast it to all other nodes on the chain so that it can The identity is known by the network; after the connection is successful, the newly joined network node will obtain the latest virtual chain data and time chain data from the network, and after verifying and synchronizing the chain information, it can synchronize its own clock information;

The second step, the election of representative nodes based on proof of stability includes:

1) The time node that first enters the _tc time point in the cycle view in the network is ready to start the consensus of this cycle view. It first calculates the total number N of stable nodes that can be connected to it in the current network, and sends its own consensus start request message to the node ;

2) After receiving the node consensus start request message, other nodes first check their own running status. If they are within the time period (t _p , t _c ) in the cycle view, that is, waiting for the consensus start state, they will verify the consensus start request Whether the node is a node in the network, if it is a node in the network, verify its signature identity, if it passes the signature identity verification, query the stability of the node that sent the consensus start request, and reply with The self-signed ACK message will not reply to the nodes that are in the bottom 10% of the stability list for more than 5 cycles;

3) After receiving the ACK message, the node that initiates the consensus request first judges its own running status, whether it is waiting for the ACK response stage, if it is in this stage, then verifies the signature identity of the ACK message, if the ACK message passes the signature authentication , then collect and count them; if the node that initiates the consensus request receives legal ACK messages that exceed 2/3 of the total number of network nodes, it will pack the ACK messages into VBlocks and broadcast them to other nodes;

4) After receiving the VBlock, other nodes verify its correctness and legitimacy. If it passes the verification, it will write the VBlock into the virtual chain, and send a VACK message with its own signature to the time node that sent the VBlock;

5) The node sending the VBlock verifies the legitimacy and correctness of the VACK after receiving the VACK message. If it passes, it will be collected and counted. If the node receives a number of legal VACK messages exceeding 2/3 of the total number of network nodes, it will be elected as this The representative node of the periodic view consensus;

The step three represents that the node publishes a new block including:

1) The representative node packs the legal VACK messages obtained by more than 2/3 of the total number of network nodes into the new block newBlock;

2) The representative node broadcasts the packaged new block newBlock to the entire network nodes;

The step 4 time node update block chain includes:

1) All time nodes verify the legitimacy and correctness of the newBlock and its contents after receiving the new block newBlock sent by the representative node of the current cycle view consensus;

2) If the newBlock passes the verification, it will be written into the time chain of this node, and the current round of representative election is completed;

The step five represents that the node obtains the standard time including:

1) The representative node sends a time synchronization request to the time source, and the time source verifies the identity of the representative node;

2) If the time source verifies that the identity of the representative node is correct, then use the NTP protocol to output the standard time to the representative node;

3) The representative node obtains the standard time from the time source through the NTP protocol;

The step 6 synchronizing device synchronization time includes:

1) A synchronization device that needs to synchronize time sends a time synchronization request to its connected time node;

2) After receiving the synchronization request sent by the synchronization device, the time node sends the current representative node connection in the current cycle view to the synchronization device;

3) The synchronization device applies to the representative node for time synchronization, and the synchronization device obtains the standard time from the representative node through the NTP protocol.

5. The secure time synchronization method according to claim 1, wherein the secure time synchronization method further comprises:

Step 2, the time node sends its own stability table to the group management node;

Step 3, the group management node broadcasts the new block;

Step 4, the time node updates the blockchain and calculates the current round representative node;

Step 5, obtain the standard time on behalf of the node;

Step 6: Synchronize device to synchronize time.

6. The secure time synchronization method according to claim 5, wherein said step one authorizes the center to authenticate identity, issue, revoke, and verify identity, and node network access includes:

4) Network access: If a time node wants to join the network, it applies to a certain time node in the network to join the network. After the connected time node passes its identity verification, it broadcasts it to all other nodes on the chain to make its identity Known by the network; after the connection is successful, the new node that joins the network will obtain the latest time chain data from the network, and after verifying and synchronizing the chain information, it can synchronize its own clock information;

In the step 2, the time node sends its own stability table to the group management node including:

1) When the time node enters the t _c time point of each cycle, it is ready to start the consensus of this cycle. It first calculates the degree of stability between each node in the current network and the node, and obtains the stability table of the node;

2) Pack the stability table, the cycle number of this round, and your own node ID into a consensus message, sign it with your own private key, and send the packaged and signed consensus message to the group management node;

The steps of three groups of management nodes broadcasting new blocks include: the group management nodes collect the consensus messages of all nodes in the network and pack all the messages into the block body of the new block, index this block, and the Hash of the previous block value, the current consensus cycle number No, the current timestamp TimeStamp and the Hash value of this block are filled in the block header, and the new block is broadcast to the network;

In the step 4, the time node updates the blockchain, and the calculation of the representative node of this round includes: after the time node receives the new block, it verifies whether the block header is legal, and then takes out the consensus message in the block body to verify whether the message signature and message content are legal , according to the stability table of each node in the legal message content, the node with the highest comprehensive stability in the whole network is summarized, and this node is elected as the representative node elected by this round of consensus;

The step five represents that the node obtains the standard time including:

1) The time node calculates through the new block that it is elected as the representative node elected by this round of consensus;

2) The representative node sends the new block as its own proof of election to the time source, and after passing the verification of the time source, it will synchronize the precise time with the time source and become the timing node of this round;

In step six, the synchronizing device obtains time synchronization from the representative node including:

2) After receiving the synchronization request sent by the synchronization device, the time node sends the current representative node connection in this period to the synchronization device;

7. A computer device, characterized in that the computer device includes a memory and a processor, the memory stores a computer program, and when the computer program is executed by the processor, the processor is made to perform the following steps:

8. A computer-readable storage medium, storing a computer program, when the computer program is executed by a processor, the processor is made to perform the following steps:

9. A secure time synchronization system running the secure time synchronization method according to any one of claims 1 to 6, wherein the secure time synchronization system comprises:

The network and synchronous block information adding module are used to realize the time node networking in the Running state, update node information, process new nodes to join the network, and synchronize block information;

Consensus start module, which is used for time nodes to process node connection information updates and connection quality test updates in the WaitingNegotiation state, and prepare to start consensus;

The consensus request sending module is used to realize the time node sending the consensus start request in the Negotiation state;

The consensus request response module is used to realize that the time node responds to the consensus start request in the WaitingACK state;

The state adjustment module is used to collect a sufficient number of response time nodes to enter the WritingVBlock state and broadcast VBlock;

The state collection module is used to realize that the node enters the WaitingVACK state and sends VACK to the nodes in the stability index list, and collects VACKs sent by other nodes at the same time;

This round of consensus module is used to collect a sufficient number of VACK nodes to enter the WritingBlock state to package VACK and sign, generate a Block and broadcast it. After other nodes receive the Block, this node becomes the representative node of this round, and enters the Running state after the end of this round of consensus; Nodes in the WaitingBlock state will end the current round of consensus and enter the Running state if they receive the correct Block while responding to VACK.

10. An intelligent device, characterized in that the intelligent device is equipped with the secure time synchronization system according to claim 9.