HK40090172A - A blockchain-based method, device and electronic equipment for document management - Google Patents
A blockchain-based method, device and electronic equipment for document management Download PDFInfo
- Publication number
- HK40090172A HK40090172A HK42023079284.8A HK42023079284A HK40090172A HK 40090172 A HK40090172 A HK 40090172A HK 42023079284 A HK42023079284 A HK 42023079284A HK 40090172 A HK40090172 A HK 40090172A
- Authority
- HK
- Hong Kong
- Prior art keywords
- document
- blockchain
- file record
- hash value
- signature
- Prior art date
Links
Description
技术领域Technical Field
本发明涉及区块链技术领域,尤其是涉及一种基于区块链的文档管理方法、装置和电子设备。This invention relates to the field of blockchain technology, and in particular to a blockchain-based document management method, apparatus, and electronic device.
背景技术Background Technology
随着互联网技术的快速发展,许多公司均须处理大量公司内部或对外的纸质文件。With the rapid development of internet technology, many companies need to handle a large number of internal or external paper documents.
目前,文件都需经由行政/管理/专业人员作认证或验证。在认证过程中涉及许多安全问题,包括纸质文件的可靠性和手写签名是否有效等。Currently, all documents require certification or verification by administrative/management/professionals. The certification process involves many security issues, including the reliability of paper documents and the validity of handwritten signatures.
发明内容Summary of the Invention
基于此,有必要针对上述技术问题,提供一种基于区块链的文档管理方法、装置和电子设备,能够保证文档的安全性。Therefore, it is necessary to provide a blockchain-based document management method, device, and electronic device to address the aforementioned technical issues and ensure document security.
第一方面,本发明实施例提供了一种基于区块链的文档管理方法,所述方法包括:In a first aspect, embodiments of the present invention provide a blockchain-based document management method, the method comprising:
接收创建者发送的文档;Receive documents sent by the creator;
在区块链中查询所述文档对应的第一文件记录,并生成第二文件记录,其中,所述第一文件记录包括第一签名,所述第二文件记录包括第二签名;The document is queried in the blockchain to obtain the first file record corresponding to it, and a second file record is generated, wherein the first file record includes a first signature and the second file record includes a second signature;
将所述第二文件记录上传至所述区块链,并将所述文档发送给验证者,以使所述验证者基于所述文档对所述区块链中的所述第二文件记录进行验证。The second file record is uploaded to the blockchain, and the document is sent to the validator so that the validator can verify the second file record in the blockchain based on the document.
在一些实施例中,所述接收创建者发送的文档之前,所述方法还包括:In some embodiments, prior to receiving the document sent by the creator, the method further includes:
创建文档;Create a document;
计算所述文档的默克尔树的根哈希值,并将所述文档的识别码设置为所述根哈希值;Calculate the root hash value of the Merkle tree of the document, and set the document's identifier as the root hash value;
利用创建者的私钥在所述根哈希值上生成第一签名;A first signature is generated on the root hash value using the creator's private key;
将所述识别码、所述根哈希值、所述创建者的第一签名、创建者的公钥和所述文档的元数据进行组合,获得第一文件记录;The first file record is obtained by combining the identification code, the root hash value, the creator's first signature, the creator's public key, and the document's metadata.
将所述第一文件记录上传至区块链,以及将所述文档传输给签名者。The first file record is uploaded to the blockchain, and the document is transmitted to the signer.
在一些实施例中,所述在区块链中查询所述文档对应的第一文件记录,并生成第二文件记录,包括:In some embodiments, querying the first file record corresponding to the document in the blockchain and generating the second file record includes:
计算所述文档的默克尔树的根哈希值;Calculate the root hash value of the Merkle tree of the document;
根据所述根哈希值确定所述文档的识别码;The document's identifier is determined based on the root hash value;
基于所述识别码在所述区块链中查询所述文档对应的第一文件记录;Based on the identification code, query the first file record corresponding to the document in the blockchain;
若所述文档的默克尔树的根哈希值和区块链上的所述第一文件记录中的默克尔树的根哈希值相等,且所述第一签名验证通过,则利用签名者的私钥在所述第一文件记录中的默克尔树的根哈希值上生成第二签名;If the root hash value of the Merkle tree of the document is equal to the root hash value of the Merkle tree in the first file record on the blockchain, and the first signature verification is successful, then a second signature is generated on the root hash value of the Merkle tree in the first file record using the signer's private key.
将所述签名者的第二签名和所述签名者的公钥加入所述第一文件记录中,生成第二文件记录。The signer's second signature and the signer's public key are added to the first file record to generate a second file record.
在一些实施例中,所述验证者基于所述文档对所述区块链中的所述第二文件记录进行验证,包括:In some embodiments, the verifier verifies the second document record in the blockchain based on the document, including:
计算所述文档的默克尔树的根哈希值;Calculate the root hash value of the Merkle tree of the document;
根据所述根哈希值确定所述文档的识别码;The document's identifier is determined based on the root hash value;
基于所述识别码在所述区块链中查询所述文档对应的第二文件记录;Based on the identification code, query the second file record corresponding to the document in the blockchain;
若所述文档的默克尔树的根哈希值和区块链上的所述第二文件记录中的默克尔树的根哈希值相等,且所述第一签名和所述第二签名均通过验证,则所述文档通过验证。If the root hash value of the Merkle tree of the document is equal to the root hash value of the Merkle tree in the second file record on the blockchain, and both the first signature and the second signature are verified, then the document is verified.
在一些实施例中,所述方法还包括:In some embodiments, the method further includes:
将所述第一文件记录上传至区块链,以及将所述文档的识别码传输给签名者。The first document record is uploaded to the blockchain, and the document's identification code is transmitted to the signer.
在一些实施例中,所述将所述文档传输给签名者,包括:In some embodiments, transmitting the document to the signer includes:
创建者利用加密密钥对所述文档进行加密,获得加密文档;The creator uses an encryption key to encrypt the document, thus obtaining the encrypted document;
将所述加密文档传输给签名者。The encrypted document is then transmitted to the signer.
在一些实施例中,所述方法还包括:In some embodiments, the method further includes:
通过纸质文档的标签获取所述识别码,所述标签存储有文档的识别码。The identification code is obtained by using a label on a paper document, the label storing the document's identification code.
第二方面,本发明实施例还提供了一种基于区块链的文档管理装置,所述装置包括:Secondly, embodiments of the present invention also provide a blockchain-based document management device, the device comprising:
接收模块,用于接收创建者发送的文档;The receiving module is used to receive documents sent by the creator.
第一生成模块,用于在区块链中查询所述文档对应的第一文件记录,并生成第二文件记录,其中,所述第一文件记录包括第一签名,所述第二文件记录包括第二签名;The first generation module is used to query the first file record corresponding to the document in the blockchain and generate a second file record, wherein the first file record includes a first signature and the second file record includes a second signature;
验证模块,用于将所述第二文件记录上传至区块链,并将所述文档发送给验证者,以使所述验证者基于所述文档对所述区块链中的所述第二文件记录进行验证。The verification module is used to upload the second file record to the blockchain and send the document to the verifier so that the verifier can verify the second file record in the blockchain based on the document.
第三方面,本发明实施例还提供了一种电子设备,包括:Thirdly, embodiments of the present invention also provide an electronic device, comprising:
至少一个处理器;以及,At least one processor; and,
与所述至少一个处理器通信连接的存储器;其中,A memory communicatively connected to the at least one processor; wherein,
所述存储器存储有可被所述至少一个处理器执行的指令,所述指令被所述至少一个处理器执行,以使所述至少一个处理器能够执行第一方面所述的方法。The memory stores instructions that can be executed by the at least one processor to enable the at least one processor to perform the method described in the first aspect.
第四方面,本发明实施例还提供了一种非易失性计算机可读存储介质,所述计算机可读存储介质存储有计算机可执行指令,当所述计算机可执行指令被处理器所执行时,使所述处理器执行第一方面所述的方法。Fourthly, embodiments of the present invention also provide a non-volatile computer-readable storage medium storing computer-executable instructions that, when executed by a processor, cause the processor to perform the method described in the first aspect.
与现有技术相比,本发明的有益效果是:区别于现有技术的情况,本发明实施例中的基于区块链的文档管理方法、装置和电子设备,签名者接收创建者发送的文档,然后在区块链中查询所述文档对应的第一文件记录,并生成第二文件记录,第一文件记录包括第一签名,第二文件记录包括第二签名,接着签名者将所述文档发送给验证者,验证者基于所述文档对区块链中的第二文件记录进行验证,由此,通过不同的用户对文档进行签名,并将文件记录上传至区块链,并由此能够保证文档的安全性。Compared with the prior art, the beneficial effects of the present invention are as follows: Unlike the prior art, in the blockchain-based document management method, apparatus, and electronic device embodiments of the present invention, the signer receives a document sent by the creator, then queries the blockchain for the first file record corresponding to the document, and generates a second file record. The first file record includes a first signature, and the second file record includes a second signature. Then, the signer sends the document to the verifier, who verifies the second file record in the blockchain based on the document. Thus, by having different users sign the document and upload the file record to the blockchain, the security of the document can be guaranteed.
附图说明Attached Figure Description
一个或多个实施例通过与之对应的附图中的图片进行示例性说明,这些示例性说明并不构成对实施例的限定,附图中具有相同参考数字标号的元件表示为类似的元件,除非有特别申明,附图中的图不构成比例限制。One or more embodiments are illustrated by way of example with reference numerals in the accompanying drawings. These illustrations do not constitute a limitation on the embodiments. Elements with the same reference numerals in the drawings are denoted as similar elements. Unless otherwise stated, the figures in the drawings are not to be limited by scale.
图1是本发明实施例中基于区块链的文档管理方法的应用场景示意图;Figure 1 is a schematic diagram of the application scenario of the blockchain-based document management method in an embodiment of the present invention;
图2是本发明一个实施例中基于区块链的文档管理方法的流程示意图;Figure 2 is a flowchart illustrating a blockchain-based document management method in one embodiment of the present invention;
图3是本发明一个实施例中创建者创建文档的流程示意图;Figure 3 is a schematic diagram of the process of a creator creating a document in one embodiment of the present invention;
图4是本发明一个实施例中生成第二文件记录的流程示意图;Figure 4 is a schematic diagram of the process of generating a second file record in one embodiment of the present invention;
图5是本发明一个实施例中对第二文件记录进行验证的流程示意图;Figure 5 is a schematic diagram of the process for verifying the second file record in one embodiment of the present invention;
图6是本发明一个实施例中基于区块链的文档管理装置的结构示意图;Figure 6 is a schematic diagram of the structure of a blockchain-based document management device in one embodiment of the present invention;
图7是本发明一个实施例中电子设备的硬件结构示意图。Figure 7 is a schematic diagram of the hardware structure of an electronic device in one embodiment of the present invention.
具体实施方式Detailed Implementation
为使本发明实施例的目的、技术方案和优点更加清楚,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。To make the objectives, technical solutions, and advantages of the embodiments of the present invention clearer, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.
需要说明的是,如果不冲突,本发明实施例中的各个特征可以相互结合,均在本发明的保护范围之内。另外,虽然在装置示意图中进行了功能模块划分,在流程图中示出了逻辑顺序,但是在某些情况下,可以以不同于装置中的模块划分,或流程图中的顺序执行所示出或描述的步骤。再者,本发明所采用的“第一”、“第二”、“第三”等字样并不对数据和执行次序进行限定,仅是对功能和作用基本相同的相同项或相似项进行区分。It should be noted that, unless otherwise specified, the various features in the embodiments of this invention can be combined with each other, all of which are within the protection scope of this invention. Furthermore, although functional modules are divided in the device schematic diagram and a logical order is shown in the flowchart, in some cases, the steps shown or described can be executed in a different order than the module division in the device or the order in the flowchart. Moreover, the terms "first," "second," and "third" used in this invention do not limit the data or execution order, but only distinguish identical or similar items with essentially the same function and effect.
便于理解本发明,下面先对本发明涉及到的概念进行说明。To facilitate understanding of this invention, the concepts involved in this invention will be explained below.
数字签名方案:数字签名是一种用作证明和验证数字信息真实性的方案。数字签名基于公钥密码体制和私钥密码体制作运算。公钥可以自由发布,但私钥则只有自己秘密保存。设sign:(sk,m)→δ为签名算法为签名算法,用私钥sk对消息摘要m进行签名,形成数字签名δ。验证者或接收方可以执行验证算法,用公钥(pk,m,δ)对数字签名进行解密并检查其有效性。在公钥pk的配合下,验证者可得悉数字签名δ和消息摘要m是否吻合。RSA加密算法和ECDSA椭圆曲线签名算法是市场上大多数系统中流行的数字签名方案。Digital signature schemes: Digital signatures are schemes used to prove and verify the authenticity of digital information. Digital signatures are based on public-key cryptography and private-key cryptography. The public key can be freely published, but the private key is kept secret only by the user. Let sign: (sk, m) → δ be the signature algorithm. Using the private key sk to sign the message digest m, a digital signature δ is formed. The verifier or receiver can execute the verification algorithm, using the public key (pk, m, δ) to decrypt the digital signature and check its validity. With the help of the public key pk, the verifier can determine whether the digital signature δ matches the message digest m. RSA encryption algorithm and ECDSA elliptic curve signature algorithm are popular digital signature schemes in most systems on the market.
默克尔树:默克尔树又称哈希树,是一种树形资料结构。它容许使用者对多项资料作出哈希函数计算,并输出单一数值root hash作为代表。设V={v1,v2,...vn}作为数值列。我们以MTree:V→(tree,root)表示默克尔树的构造算法,输入V后会得出结构tree和根哈希值root。默克尔树还提供了一种有效的方案来证明和验证会员资格,同时顾及保护隐私。证明算法可表示作prove:(tree,v)→proofs。其中proofs={h1,h2,...hm}是一个相对于数值v说,可以重新计算出根哈希值并由验证verify演练则表示:verify:(v,proofs,root)→accept/reject。当值proofs与数值v可以重新组装出根哈希值root为根的哈希树,它会反回接受accept。Merkle Tree: A Merkle tree, also known as a hash tree, is a tree-like data structure. It allows users to perform hash function calculations on multiple data items and output a single value, the root hash, as the representative. Let V = { v1 , v2 , ..., vn } be the sequence of values. We use MTree: V → (tree, root) to represent the construction algorithm of the Merkle tree. Inputting V will produce the structure tree and the root hash value root. Merkle trees also provide an efficient way to prove and verify membership while protecting privacy. The proof algorithm can be represented as prove: (tree, v) → proofs. Where proofs = { h1 , h2 , ..., hm } are values relative to the value v. The root hash value can be recalculated and verified using the verify algorithm. The verify algorithm is then expressed as: verify: (v, proofs, root) → accept/reject. When the values proofs and v can be reassembled to form a hash tree with the root hash value root, it will accept the result.
实行当中的变化可从数值和指标验证。证明演练和验证演练分别表示为proveldx:(tree,idx)→proofs和verifyIdx(v,idx,proofs,root)→accept/reject。其中idx是v在V里的指标。Changes during implementation can be verified through numerical values and metrics. Proof drills and verification drills are represented as provedx:(tree, idx)→proofs and verifyIdx(v, idx, proofs, root)→accept/reject, respectively. Here, idx is the metric of v in V.
本发明实施例提供的基于区块链的文档管理方法适用于图1所示的应用场景,所述应用场景包括创建者、至少一个签名者以及验证者。图1示例性的示出了创建者10、签名者20以及验证者30,所述签名者20分别与所述创建者10和所述验证者30通讯连接。The blockchain-based document management method provided in this embodiment of the invention is applicable to the application scenario shown in Figure 1, which includes a creator, at least one signer, and a verifier. Figure 1 exemplarily shows a creator 10, a signer 20, and a verifier 30, wherein the signer 20 is communicatively connected to both the creator 10 and the verifier 30.
所述创建者10用于创建文档,并将创建好的文档发送给签名者20,同时将文档对应的文件记录上传至区块链。其中,文件记录包括文档的识别码、文档的元数据、根哈希值、创建者的公钥、创建者的签名等。所述签名者20用于接收创建者10发送的文档,在区块中查询所述文档对应的文件记录,然后在创建者生成的文件记录的基础上生成签名者的签名、同时将自身的公钥也放入文件记录中,从而形成新的文件记录,即新的文件记录包括文档的识别码、元数据、根哈希值、创建者的公钥、创建者的签名以及签名者的公钥、签名者的签名等。签名者20将新的文件记录上传至区块链,同时将文档发送给验证者30。验证者30用于接收签名者20发送的文档,并基于所述文档对区块链中的新的文件记录进行验证。Creator 10 creates a document and sends it to signer 20, while simultaneously uploading the corresponding file record to the blockchain. The file record includes the document's identifier, metadata, root hash value, creator's public key, and creator's signature. Signer 20 receives the document from creator 10, queries the block for the corresponding file record, generates its own signature based on the creator's file record, and adds its own public key to the file record, thus forming a new file record. This new file record includes the document's identifier, metadata, root hash value, creator's public key, creator's signature, and the signer's public key and signature. Signer 20 uploads the new file record to the blockchain and simultaneously sends the document to verifier 30. Verifier 30 receives the document from signer 20 and verifies the new file record in the blockchain based on the document.
需要说明的是,本发明实施例提供的方法还可以进一步地扩展到其他合适的应用场景中,而不限于图1所示的应用场景,在实际的应用过程中,该应用场景还可以包括更多或者更少的创建者、签名者和验证者。It should be noted that the method provided in this embodiment of the invention can be further extended to other suitable application scenarios, and is not limited to the application scenario shown in Figure 1. In actual application, the application scenario may include more or fewer creators, signers and verifiers.
如图2所示,本发明实施例提供的基于区块链的文档管理方法,所述方法包括:As shown in Figure 2, the blockchain-based document management method provided in this embodiment of the invention includes:
步骤202,接收创建者发送的文档。Step 202: Receive the document sent by the creator.
签名者接收创建者从安全途径传输过来的文档。The signer receives the document from the creator via a secure transfer.
在其中一些实施例中,如图3所示,签名者接收创建者发送的文档之前,创建者首先需要创建文档,所述方法包括:In some embodiments, as shown in Figure 3, before the signer receives the document sent by the creator, the creator first needs to create the document, the method of which includes:
步骤302,创建文档。Step 302, create a document.
步骤304,计算所述文档的默克尔树的根哈希值,并将所述文档的识别码设置为所述根哈希值。Step 304: Calculate the root hash value of the Merkle tree of the document, and set the document's identifier as the root hash value.
具体地,创建者首先需要在基于区块链的文件验证和管理系统(dBC系统)中进行注册,创建个人的公钥和私钥,创建者的公钥会保存在区块链中,而私钥则自己秘密保存。创建者个人的公钥和私钥创建好之后,则继续创建文档,创建者计算文档的默克尔树的根哈希值,并且将文档的识别码设置为计算得到的根哈希值。示例性的,以doc={d,a1,a2,...,an}表示带有附件列表的文档,创建者以root←MTree(doc)计算文档的默克尔树的根哈希值,并设置文档的识别码ID=root。Specifically, the creator first needs to register in a blockchain-based document verification and management system (dBC system), creating their own public and private keys. The creator's public key is stored in the blockchain, while the private key is kept secret. After the creator's public and private keys are created, they proceed to create the document. The creator calculates the root hash value of the document's Merkle tree and sets the document's identifier ID to the calculated root hash value. For example, let doc = {d, a1 , a2 , ..., an } represent a document with an attachment list. The creator calculates the root hash value of the document's Merkle tree using root←MTree(doc) and sets the document's identifier ID = root.
步骤306,利用创建者的私钥在所述根哈希值上生成第一签名。Step 306: Generate the first signature on the root hash value using the creator's private key.
创建者设置文档的识别码为根哈希值后,可利用自身注册的私钥对根哈希值进行签名,形成第一签名。示例性的,承接上述例子,创建者利用δcreator←sign(skcreator,root)在根哈希值root上生成签字δcreator。After the creator sets the document's identifier as the root hash value, they can use their registered private key to sign the root hash value, forming the first signature. For example, continuing the previous example, the creator uses δ creator← sign(sk creator , root) to generate the signature δ creator on the root hash value root.
步骤308,将所述识别码、所述根哈希值、所述创建者的第一签名、创建者的公钥和所述文档的元数据进行组合,获得第一文件记录。Step 308: Combine the identification code, the root hash value, the creator's first signature, the creator's public key, and the document's metadata to obtain the first file record.
步骤310,将所述第一文件记录上传至区块链,以及将所述文档传输给签名者。Step 310: Upload the first file record to the blockchain and transmit the document to the signer.
在本发明实施例中,第一文件记录包括文档的识别码ID、文档的元数据meta、根哈希值root、创建者的第一签名δcreator、创建者注册的公钥pkcreator。将上述所有的信息进行组合,获得第一文件记录。示例性的,第一文件记录例如可以为,rec=(ID,root,δcreator,pkcreator,meta)。具体地,创建者将第一文件记录上传至区块链中,同时将文档通过安全途径传输给签名者。In this embodiment of the invention, the first file record includes the document's identifier ID, the document's metadata meta, the root hash value root, the creator's first signature δ creator , and the creator's registered public key pk creator . All of the above information is combined to obtain the first file record. For example, the first file record can be, for instance, rec = (ID, root, δ creator , pk creator , meta). Specifically, the creator uploads the first file record to the blockchain and simultaneously transmits the document to the signer via a secure means.
在其中一些实施例中,作为步骤310的一种实现方式,所述方法包括:创建者利用加密密钥对所述文档进行加密,获得加密文档;将所述加密文档传输给签名者。In some embodiments, as one implementation of step 310, the method includes: the creator encrypting the document using an encryption key to obtain an encrypted document; and transmitting the encrypted document to the signer.
在本发明实施例中,为了保证文档的安全性,创建者可利用加密密鑰对创建好的文档进行加密,然后再传输给签名者。具体地,当创建者选择用加密密钥为文件doc加密,他要先生成文件加密钥和解密钥Kdoc,并对密文Cdoc进行加密Cdoc←Enc(kdoc,doc)。默克尔树根哈希值和签字预设为root←MTree(doc)和δcreator←sign(skcreator,root)。为文档加密后,文档转移时或储存时会是密文Cdoc格式,而非纯文本格式,由此能够保证文档的安全。如果接收者需要解密密钥来查看原始文档,必然要通过安全密钥传输机制传送。安全密钥传输机制是:接收者会经由安全渠道取得解密钥Kdoc,接收者会从纸质文档上可锁定的NFC标检索得到解密钥Kdoc。收到密文Cdoc后,验证者和签名者可以doc←Dec(kdoc,cdoc)为原档doc解密,解密后,他们便能跟平常一样进行文档检查。In this embodiment of the invention, to ensure document security, the creator can encrypt the created document using an encryption key before transmitting it to the signer. Specifically, when the creator chooses to encrypt the file doc using an encryption key, they must first generate a file encryption key and a decryption key K doc , and then encrypt the ciphertext C doc using C doc ← Enc(k doc , doc). The Merkle root hash value and signature are preset as root ← MTree(doc) and δ creator ← sign(sk creator , root). After the document is encrypted, it will be in ciphertext C doc format when transferred or stored, rather than in plain text format, thus ensuring document security. If the recipient needs the decryption key to view the original document, it must be transmitted through a secure key transmission mechanism. The secure key transmission mechanism is as follows: the recipient obtains the decryption key K doc through a secure channel, and the recipient retrieves the decryption key K doc from a lockable NFC tag on the paper document. After receiving the ciphertext C doc , the verifier and signer can decrypt the original doc using doc←Dec(k doc , c doc ). After decryption, they can perform document checks as usual.
步骤204,在区块链中查询所述文档对应的第一文件记录,并生成第二文件记录,其中,所述第一文件记录包括第一签名,所述第二文件记录包括第二签名。Step 204: Query the first file record corresponding to the document in the blockchain and generate a second file record, wherein the first file record includes a first signature and the second file record includes a second signature.
第二文件记录是在第一文件记录的基础上生成的,所述第一文件记录包括第一签名,所述第二文件记录包括第二签名。具体地,签名者接收创建者从安全途径传输过来的文档后,则在区块链中查询该文档对应的第一文件记录,从而在第一文件记录的基础上生成第二文件记录。The second document record is generated based on the first document record, which includes a first signature, and the second document record includes a second signature. Specifically, after receiving the document from the creator via a secure means, the signer queries the blockchain for the corresponding first document record, thereby generating the second document record based on the first document record.
在一些实施例中,如图4所示,作为步骤204的一种具体实现方式,所述方法包括:In some embodiments, as shown in FIG4, as a specific implementation of step 204, the method includes:
步骤402,计算所述文档的默克尔树的根哈希值。Step 402: Calculate the root hash value of the Merkle tree of the document.
步骤404,根据所述根哈希值确定所述文档的识别码。Step 404: Determine the document's identifier based on the root hash value.
步骤406,基于所述识别码在所述区块链中查询所述文档对应的第一文件记录。Step 406: Based on the identification code, query the first file record corresponding to the document in the blockchain.
在本发明实施例中,签名者计算文档的默克尔树的根哈希值,并根据所述根哈希值在区块链中搜索,可搜索到该文档的识别码。由于创建者将文档的识别码设置为默克尔树的根哈希值,因此,只要确定根哈希值,即可确定文档的识别码ID。具体地,签名者利用识别码ID在区块链中查询第一文件记录,即rec=(ID,root,δcreator,pkcreator,meta)。In this embodiment of the invention, the signer calculates the root hash value of the Merkle tree of the document and searches the blockchain based on the root hash value to find the document's identifier. Since the creator sets the document's identifier as the root hash value of the Merkle tree, the document's identifier ID can be determined simply by determining the root hash value. Specifically, the signer uses the identifier ID to query the first file record in the blockchain, i.e., rec = (ID, root, δ creator , pk creator , meta).
步骤408,若所述文档的默克尔树的根哈希值和区块链上的所述第一文件记录中的默克尔树的根哈希值相等,且所述第一签名验证通过,则利用签名者的私钥在所述第一文件记录中的默克尔树的根哈希值上生成第二签名。Step 408: If the root hash value of the Merkle tree of the document is equal to the root hash value of the Merkle tree in the first file record on the blockchain, and the first signature verification is successful, then a second signature is generated on the root hash value of the Merkle tree in the first file record using the signer's private key.
在本发明实施例中,签名者需要检查根哈希值和创建者签名的有效性。具体地,签名者进行签名需要满足文档的默克尔树的根哈希值和区块链上存储的第一文件记录中的默克尔树的根哈希值相等,同时需保证第一签名验证通过,签名者才会进行签名。In this embodiment of the invention, the signer needs to check the validity of the root hash value and the creator's signature. Specifically, the signer needs to ensure that the root hash value of the document's Merkle tree is equal to the root hash value of the Merkle tree in the first file record stored on the blockchain, and that the first signature verification passes before the signer will proceed with the signing.
具体地,签名者判断文档的默克尔树的根哈希值是否和区块链中存储的第一文件记录中的默克尔树的根哈希值相等,若相等,则利用创建者的公钥进行验证,即判断文档的默克尔树的根哈希值和创建者的公钥是否能够重新组装出第一签名,若可用,则表示第一签名验证通过。验证通过后,签名者利用自身的私钥在第一文件记录的默克尔树的根哈希值上生成第二签名。如果上述两个条件都不满足,或者只满足其中一个条件,则意味着文档验证不通过,签名者可拒绝签名,此时签名过程将会被停止。需要说明的是,检查根哈希值和签名有效性的顺序可根据需求设置,无需拘泥于本实施例中的限定,可以先检查根哈希值,再检查签名,亦可以先检查签名,再检查根哈希值。Specifically, the signer determines whether the root hash value of the Merkle tree of the document is equal to the root hash value of the Merkle tree in the first document record stored in the blockchain. If they are equal, the signer uses the creator's public key for verification, that is, to determine whether the root hash value of the document's Merkle tree and the creator's public key can be reassembled to form the first signature. If they can be used, the first signature verification is successful. After successful verification, the signer uses their private key to generate a second signature based on the root hash value of the Merkle tree in the first document record. If neither of the above two conditions is met, or only one condition is met, it means that the document verification fails, and the signer can refuse to sign, at which point the signing process will be stopped. It should be noted that the order of checking the root hash value and the signature validity can be set according to needs and is not limited to the limitations of this embodiment. The root hash value can be checked first, followed by the signature, or the signature can be checked first, followed by the root hash value.
步骤410,将所述签名者的第二签名和所述签名者的公钥加入所述第一文件记录中,生成第二文件记录。Step 410: Add the signer's second signature and the signer's public key to the first file record to generate a second file record.
具体地,签名者在第一文件记录中的默克尔树的根哈希值上生成第二签名后,可将所述第二签名和自身的公钥加入第一文件记录中,生成第二文件记录。示例性的,签名者的第二签名例如可以为δsigner,签名者的公钥例如可以为pksigner,签名者将δsigner和pksigner加入第一文件记录,得到第二文件记录rec=(ID,root,δcreator,pkcreator,δsigner,pksigner,meta)。即第二文件记录包括文档识别码、元数据、根哈希值、第一签名、创建者的公钥、签名者的公钥以及第二签名。Specifically, after generating a second signature on the root hash value of the Merkle tree in the first document record, the signer can add the second signature and their own public key to the first document record to generate a second document record. For example, the signer's second signature could be δ signer , and the signer's public key could be pk signer . The signer adds δ signer and pk signer to the first document record, resulting in the second document record rec = (ID, root, δ creator , pk creator , δ signer , pk signer , meta). That is, the second document record includes the document identifier, metadata, root hash value, first signature, creator's public key, signer's public key, and second signature.
步骤206,将所述第二文件记录上传至所述区块链,并将所述文档发送给验证者,以使所述验证者基于所述文档对所述区块链中的所述第二文件记录进行验证。Step 206: Upload the second file record to the blockchain and send the document to the verifier so that the verifier can verify the second file record in the blockchain based on the document.
具体地,签名者将第二文件记录上传至区块链,同时通过安全途径将文档传输给验证者,以使验证者基于所述文档对区块链中的第二文件爱你记录进行验证。Specifically, the signer uploads the second document record to the blockchain and simultaneously transmits the document to the verifier via a secure means, so that the verifier can verify the second document record in the blockchain based on the document.
在本发明实施例中,签名者接收创建者发送的文档,然后在区块链中查询所述文档对应的第一文件记录,并生成第二文件记录,接着签名者将所述文档发送给验证者,验证者基于所述文档对区块链中的第二文件记录进行验证,由此,通过不同的用户对文档进行签名,并将文件记录上传至区块链,并由此能够保证文档的安全性。In this embodiment of the invention, the signer receives a document sent by the creator, then queries the blockchain for the first file record corresponding to the document and generates a second file record. The signer then sends the document to the verifier, who verifies the second file record in the blockchain based on the document. Thus, by having different users sign the document and upload the file record to the blockchain, the security of the document can be guaranteed.
在其中一些实施例中,如图5所示,作为步骤206的一种实现方式,所述方法包括:In some embodiments, as shown in FIG5, as one implementation of step 206, the method includes:
步骤502,计算所述文档的默克尔树的根哈希值。Step 502: Calculate the root hash value of the Merkle tree of the document.
步骤504,根据所述根哈希值确定所述文档的识别码。Step 504: Determine the document's identifier based on the root hash value.
步骤506,基于所述识别码在所述区块链中查询所述文档对应的第二文件记录。Step 506: Based on the identification code, query the second file record corresponding to the document in the blockchain.
在本发明实施例中,验证者接收到签名者从安全途径传输过来的文档后,则计算文档的默克尔树的根哈希值,并根据所述根哈希值在区块链中搜索,可搜索得到该文档的识别码。由于创建者将文档的识别码设置为默克尔树的根哈希值,因此,只要确定根哈希值,即可确定文档的识别码ID。具体地,验证者利用识别码ID在区块链中查询第二文件记录,即rec=(ID,root,δcreator,pkcreator,δsigner,pksigner,meta)。In this embodiment of the invention, after receiving the document transmitted securely by the signer, the verifier calculates the root hash value of the document's Merkle tree and searches the blockchain based on the root hash value to obtain the document's identifier. Since the creator sets the document's identifier as the root hash value of the Merkle tree, the document's identifier ID can be determined simply by determining the root hash value. Specifically, the verifier uses the identifier ID to query the second file record in the blockchain, i.e., rec = (ID, root, δ creator , pk creator , δ signer , pk signer , meta).
步骤508,若所述文档的默克尔树的根哈希值和区块链上的所述第二文件记录中的默克尔树的根哈希值相等,且所述第一签名和所述第二签名均通过验证,则所述文档通过验证。Step 508: If the root hash value of the Merkle tree of the document is equal to the root hash value of the Merkle tree in the second file record on the blockchain, and both the first signature and the second signature are verified, then the document is verified.
在本发明实施例中,验证者需要负责检查根哈希值和所有签名的有效性。具体地,验证者需检查文档的默克尔树的根哈希值和区块链上存储的第二文件记录中的默克尔树的根哈希值是否相等,以及需要检查第一签名和第二签名的有效性,即第一签名和第二签名是否通过验证。上述只要有一处验证失败,则所述文档会被验证者自动拒绝。反之,则意味着该文档通过验证。In this embodiment of the invention, the verifier is responsible for checking the validity of the root hash value and all signatures. Specifically, the verifier needs to check whether the root hash value of the document's Merkle tree is equal to the root hash value of the Merkle tree in the second file record stored on the blockchain, and also needs to check the validity of the first and second signatures, i.e., whether the first and second signatures pass verification. If any of the above verifications fail, the document will be automatically rejected by the verifier. Conversely, if all verifications pass, the document passes verification.
具体地,验证者判断文档的默克尔树的根哈希值是否和区块链中存储的第二文件记录中的默克尔树的根哈希值相等,若相等,则利用创建者的公钥进行验证,即判断文档的默克尔树的根哈希值和创建者的公钥是否能够重新组装出第一签名,若能够重新组装出第一签名,则继续利用签名者的公钥进行验证,即判断文档的默克尔树的根哈希值和签名者的公钥是否能够组装出第二签名,若能够组装出第二签名,则意味着文档通过验证。如果上述三个条件都不满足,或者只满足其中一个条件或者只满足其中两个条件,则意味着该文档的验证不通过。Specifically, the verifier checks if the root hash value of the document's Merkle tree is equal to the root hash value of the Merkle tree in the second document record stored in the blockchain. If they are equal, the verifier uses the creator's public key to verify whether the root hash value of the document's Merkle tree and the creator's public key can be reassembled to form the first signature. If the first signature can be reassembled, the verifier continues to use the signer's public key to verify whether the root hash value of the document's Merkle tree and the signer's public key can be reassembled to form the second signature. If the second signature can be assembled, the document passes verification. If none of the above three conditions are met, or only one or two conditions are met, the document fails verification.
在一些实施例中,所述方法还包括:将所述第一文件记录上传至区块链,以及将所述文档的识别码传输给签名者。In some embodiments, the method further includes: uploading the first document record to a blockchain, and transmitting the document's identifier to the signer.
在本发明实施例中,为了提高数据的流动性,创建者在创建文档后,将文档对应的第一文件记录上传至区块链中,但是不将该文档传输给签名者,而是将所述文档的识别码传输给签名者。签名者可利用所述识别码从区块链中直接下载所述文档。同理,签名者也不传输文档给验证者,而是传输识别码给验证者,验证者利用所述识别码也可从区块链中下载所述文档。In this embodiment of the invention, to improve data liquidity, after creating a document, the creator uploads the corresponding first file record to the blockchain, but does not transmit the document to the signer. Instead, the signer transmits the document's identification code to the signer. The signer can then use the identification code to directly download the document from the blockchain. Similarly, the signer does not transmit the document to the verifier, but instead transmits the identification code to the verifier, who can also use the identification code to download the document from the blockchain.
可选地,在其他一些实施例中,所述方法还包括:通过纸质文档的标签获取所述识别码,所述标签存储有文档的识别码。Optionally, in some other embodiments, the method further includes: obtaining the identification code through a label on a paper document, the label storing the document's identification code.
在本发明实施例中,将标签贴在纸质文档上,有利于绑定纸质文档以及将纸质文档数码化。在创建文档时,识别码ID已存储至标签中。因此,签名者和验证者可透过纸质文档上的标签检索到区块链中的文档和签名。为了避免标签被修改,可使用可锁定的NFC标签。In this embodiment of the invention, attaching the tag to a paper document facilitates the binding of the paper document and its digitization. When the document is created, the identification ID is stored in the tag. Therefore, signers and verifiers can retrieve the document and signature in the blockchain through the tag on the paper document. To prevent the tag from being modified, a lockable NFC tag can be used.
相应地,本发明实施例提供了一种基于区块链的文档管理装置600,如图6所示,装置600包括:Accordingly, this embodiment of the invention provides a blockchain-based document management device 600, as shown in FIG6. The device 600 includes:
接收模块602,用于接收创建者发送的文档;The receiving module 602 is used to receive the document sent by the creator;
第一生成模块604,用于在区块链中查询所述文档对应的第一文件记录,并生成第二文件记录,其中,所述第一文件记录包括第一签名,所述第二文件记录包括第二签名;The first generation module 604 is used to query the first file record corresponding to the document in the blockchain and generate a second file record, wherein the first file record includes a first signature and the second file record includes a second signature;
验证模块606,用于将所述第二文件记录上传至区块链,并将所述文档发送给验证者,以使所述验证者基于所述文档对所述区块链中的所述第二文件记录进行验证。The verification module 606 is used to upload the second file record to the blockchain and send the document to the verifier so that the verifier can verify the second file record in the blockchain based on the document.
在本发明实施例中,通过接收模块接收创建者发送的文档,然后在区块链中查询所述文档对应的第一文件记录,并通过生成模块生成第二文件记录,第一文件记录包括第一签名,第二文件记录包括第二签名,接着将所述第二文件记录上传至区块链,并将所述文档发送给验证者,以使所述验证者通过验证模块基于所述文档对所述区块链中的所述第二文件记录进行验证,由此,通过不同的用户对文档进行签名,并将文件记录上传至区块链,并由此能够保证文档的安全性。In this embodiment of the invention, a receiving module receives a document sent by the creator, then queries the blockchain for the first file record corresponding to the document, and a generating module generates a second file record. The first file record includes a first signature, and the second file record includes a second signature. The second file record is then uploaded to the blockchain, and the document is sent to a verifier so that the verifier can verify the second file record in the blockchain based on the document through a verification module. Thus, by having different users sign the document and upload the file record to the blockchain, the security of the document can be guaranteed.
可选地,在装置的其他实施例中,如图6所示,所述装置600还包括:Optionally, in other embodiments of the device, as shown in FIG6, the device 600 further includes:
创建模块608,用于创建文档;Create module 608 for creating documents;
计算模块610,用于计算所述文档的默克尔树的根哈希值,并将所述文档的识别码设置为所述根哈希值;The calculation module 610 is used to calculate the root hash value of the Merkle tree of the document and set the identification code of the document as the root hash value;
第二生成模块612,用于利用创建者的私钥在所述根哈希值上生成第一签名;The second generation module 612 is used to generate a first signature on the root hash value using the creator's private key;
组合模块614,用于将所述识别码、所述根哈希值、所述创建者的第一签名、创建者的公钥和所述文档的元数据进行组合,获得第一文件记录;The combination module 614 is used to combine the identification code, the root hash value, the creator's first signature, the creator's public key, and the document's metadata to obtain a first file record;
将所述第一文件记录上传至区块链,以及将所述文档传输给签名者。The first file record is uploaded to the blockchain, and the document is transmitted to the signer.
可选地,在装置的其他实施例中,如图6所示,所述装置600还包括:Optionally, in other embodiments of the device, as shown in FIG6, the device 600 further includes:
第一传输模块618,用于将所述第一文件记录上传至区块链,以及将所述文档的识别码传输给签名者。The first transmission module 618 is used to upload the first file record to the blockchain and transmit the document's identification code to the signer.
可选地,在装置的其他实施例中,如图6所示,所述装置600还包括:Optionally, in other embodiments of the device, as shown in FIG6, the device 600 further includes:
加密模块620,用于创建者利用加密密钥对所述文档进行加密,获得加密文档;The encryption module 620 is used by the creator to encrypt the document using an encryption key to obtain an encrypted document;
第二传输模块622,用于将所述加密文档传输给签名者。The second transmission module 622 is used to transmit the encrypted document to the signer.
可选地,在装置的其他实施例中,第一生成模块604具体用于:Optionally, in other embodiments of the device, the first generation module 604 is specifically used for:
计算所述文档的默克尔树的根哈希值;Calculate the root hash value of the Merkle tree of the document;
根据所述根哈希值确定所述文档的识别码;The document's identifier is determined based on the root hash value;
基于所述识别码在所述区块链中查询所述文档对应的第一文件记录;Based on the identification code, query the first file record corresponding to the document in the blockchain;
若所述文档的默克尔树的根哈希值和区块链上的所述第一文件记录中的默克尔树的根哈希值相等,且所述第一签名验证通过,则利用签名者的私钥在所述第一文件记录中的默克尔树的根哈希值上生成第二签名;If the root hash value of the Merkle tree of the document is equal to the root hash value of the Merkle tree in the first file record on the blockchain, and the first signature verification is successful, then a second signature is generated on the root hash value of the Merkle tree in the first file record using the signer's private key.
将所述签名者的第二签名和所述签名者的公钥加入所述第一文件记录中,生成第二文件记录。The signer's second signature and the signer's public key are added to the first file record to generate a second file record.
可选地,在装置的其他实施例中,验证模块606具体用于:Alternatively, in other embodiments of the device, the verification module 606 is specifically used for:
计算所述文档的默克尔树的根哈希值;Calculate the root hash value of the Merkle tree of the document;
根据所述根哈希值确定所述文档的识别码;The document's identifier is determined based on the root hash value;
基于所述识别码在所述区块链中查询所述文档对应的第二文件记录;Based on the identification code, query the second file record corresponding to the document in the blockchain;
若所述文档的默克尔树的根哈希值和区块链上的所述第二文件记录中的默克尔树的根哈希值相等,且所述第一签名和所述第二签名均通过验证,则所述文档通过验证。If the root hash value of the Merkle tree of the document is equal to the root hash value of the Merkle tree in the second file record on the blockchain, and both the first signature and the second signature are verified, then the document is verified.
需要说明的是,上述基于区块链的文档管理装置可执行本发明实施例所提供的基于区块链的文档管理方法,具备执行方法相应的功能模块和有益效果。未在基于区块链的文档管理装置实施例中详尽描述的技术细节,可参照本发明实施例提供的基于区块链的文档管理方法。It should be noted that the aforementioned blockchain-based document management device can execute the blockchain-based document management method provided in the embodiments of the present invention, and possesses the corresponding functional modules and beneficial effects of the method. Technical details not described in detail in the embodiments of the blockchain-based document management device can be found in the blockchain-based document management method provided in the embodiments of the present invention.
图7是本发明实施例提供的电子设备的硬件结构示意图,如图7所示,该电子设备700包括:Figure 7 is a schematic diagram of the hardware structure of an electronic device provided in an embodiment of the present invention. As shown in Figure 7, the electronic device 700 includes:
一个或者多个处理器702以及存储器704,图7中以一个处理器702为例。其中,所述处理器702可以为中央处理器,或者图像处理器,亦或者处理器702为集成中央处理器和图像处理器的功能于一体的处理器。One or more processors 702 and a memory 704 are provided. Figure 7 shows an example of one processor 702. The processor 702 can be a central processing unit (CPU), a graphics processing unit (GPU), or a processor that integrates the functions of both a CPU and a GPU.
处理器702和存储器704可以通过总线或者其他方式连接,图7中以通过总线连接为例。The processor 702 and the memory 704 can be connected via a bus or other means. Figure 7 shows an example of a connection via a bus.
存储器704作为一种非易失性计算机可读存储介质,可用于存储非易失性软件程序、非易失性计算机可执行程序以及模块,如本发明实施例中的基于区块链的文档管理方法对应的程序指令/模块。处理器702通过运行存储在存储器704中的非易失性软件程序、指令以及模块,从而执行电子设备的各种功能应用以及数据处理,即实现上述实施例中的基于区块链的文档管理方法。The memory 704, as a non-volatile computer-readable storage medium, can be used to store non-volatile software programs, non-volatile computer-executable programs, and modules, such as the program instructions/modules corresponding to the blockchain-based document management method in this embodiment of the invention. The processor 702 executes various functional applications and data processing of the electronic device by running the non-volatile software programs, instructions, and modules stored in the memory 704, thereby realizing the blockchain-based document management method in the above embodiment.
存储器704可以包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需要的应用程序;存储数据区可存储根据基于区块链的文档管理装置使用所创建的数据等。此外,存储器704可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他非易失性固态存储器件。在一些实施例中,存储器704可选包括相对于处理器702远程设置的存储器,这些远程存储器可以通过网络连接至基于区块链的文档管理的装置。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The memory 704 may include a program storage area and a data storage area. The program storage area may store the operating system and applications required for at least one function; the data storage area may store data created for use by the blockchain-based document management device. Furthermore, the memory 704 may include high-speed random access memory and may also include non-volatile memory, such as at least one disk storage device, flash memory device, or other non-volatile solid-state storage device. In some embodiments, the memory 704 may optionally include memory remotely located relative to the processor 702, and these remote memories can be connected to the blockchain-based document management device via a network. Examples of such networks include, but are not limited to, the Internet, corporate intranets, local area networks, mobile communication networks, and combinations thereof.
本发明实施例还提供了一种非易失性计算机可读存储介质,所述计算机可读存储介质存储有计算机可执行指令,该计算机可执行指令被一个或者多个处理器执行时,可使得上述一个或者多个处理器可执行上述任意方法实施例中的基于区块链的文档管理方法。This invention also provides a non-volatile computer-readable storage medium storing computer-executable instructions. When these computer-executable instructions are executed by one or more processors, they enable the one or more processors to execute the blockchain-based document management method in any of the above method embodiments.
以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。The device embodiments described above are merely illustrative. The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the modules can be selected to achieve the purpose of this embodiment according to actual needs.
通过以上的实施方式的描述,本领域普通技术人员可以清楚地了解到各实施方式可借助软件加通用硬件平台的方式来实现,当然也可以通过硬件。本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程是可以通过计算机程序来指令相关的硬件来完成,所述的程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。其中,所述的存储介质可为磁碟、光盘、只读存储记忆体(Read-Only Memory,ROM)或随机存储记忆体(Random Access Memory,RAM)等。Through the above description of the embodiments, those skilled in the art can clearly understand that each embodiment can be implemented using software and a general-purpose hardware platform, or of course, using hardware. Those skilled in the art will understand that all or part of the processes in the above embodiments can be implemented by a computer program instructing related hardware. The program can be stored in a computer-readable storage medium, and when executed, it can include the processes of the embodiments of the above methods. The storage medium can be a magnetic disk, optical disk, read-only memory (ROM), or random access memory (RAM), etc.
最后应说明的是:以上实施例仅用以说明本发明的技术方案,而非对其限制;在本发明的思路下,以上实施例或者不同实施例中的技术特征之间也可以进行组合,步骤可以以任意顺序实现,并存在如上所述的本发明的不同方面的许多其它变化,为了简明,它们没有在细节中提供;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的范围。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them; under the concept of the present invention, the technical features of the above embodiments or different embodiments can also be combined, the steps can be implemented in any order, and there are many other variations of different aspects of the present invention as described above, which are not provided in detail for the sake of brevity; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the scope of the technical solutions of the embodiments of the present invention.
Claims (10)
Publications (1)
| Publication Number | Publication Date |
|---|---|
| HK40090172A true HK40090172A (en) | 2023-11-03 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111628868B (en) | Digital signature generation method and device, computer equipment and storage medium | |
| CN111159288B (en) | Chain structure data storage, verification, implementation method, system, device and medium | |
| US9800416B2 (en) | Distributed validation of digitally signed electronic documents | |
| KR101999188B1 (en) | Secure personal devices using elliptic curve cryptography for secret sharing | |
| US20220020020A1 (en) | Methods, systems, and devices for managing digital assets | |
| CN116032613B (en) | Blockchain digital credential exchange method, file storage access method and system | |
| CN116318784B (en) | Identity authentication method, identity authentication device, computer equipment and storage medium | |
| CN114637808B (en) | Archive privacy protection and encryption evidence storage method and system based on blockchain technology | |
| CN115203749B (en) | Data transaction method and system based on block chain | |
| CN111614680A (en) | A traceable cloud storage access control method and system based on CP-ABE | |
| US12519757B2 (en) | Methods, devices and system related to a distributed ledger and user identity attribute | |
| KR101253683B1 (en) | Digital Signing System and Method Using Chained Hash | |
| US20230146229A1 (en) | Entity, gateway device, information processing device, information processing system, and information processing method | |
| CN109951276A (en) | Embedded device remote identity authentication method based on TPM | |
| CN116668167A (en) | Intelligent contract method for data communication based on block chain | |
| EP4385168A1 (en) | Generating digital signature shares | |
| CN119945680A (en) | Multi-authentication electronic notarial certificate verification method and system based on blockchain | |
| CN110851804B (en) | Alliance chain identity authentication mode based on electronic contract | |
| Datta et al. | Short attribute-based signatures for arbitrary turing machines from standard assumptions | |
| US11316698B2 (en) | Delegated signatures for smart devices | |
| CN110851848B (en) | Privacy protection method for symmetric searchable encryption | |
| CN114760072B (en) | Signature and signature verification method, device and storage medium | |
| CN118337505B (en) | Disclosure traceable ciphertext transmission method and storage method | |
| Rondelet | A note on anonymous credentials using BLS signatures | |
| CN113572615B (en) | Method, system, equipment and storage medium for identity authentication of distributed network users |