Electronic official document exchange encryption method based on BlockChainTechnical Field
The invention relates to the field of data security, in particular to an electronic official document exchange encryption method.
Background
The data contains a great deal of visual and hidden values, but how to develop, perfect and reasonably protect the data becomes the first problem to be solved nowadays.
The electronic document exchange system needs interactive cooperation of information management and a resource exchange mechanism, and accordingly, the management mechanism of the electronic document is optimized. It can be known in bitcoin and other cryptocurrency block chains that resource mining gradually rises to a bottleneck, a user can conveniently access cloud-end data on any equipment, and the existing Searchable Symmetric Encryption (SSE) scheme needs to pay before searching, which is unfair for the user, so that a novel electronic document exchange encryption method is needed to protect the data in the electronic document and ensure the safety and reliability of the data.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide the electronic document exchange encryption method, the provided method realizes safer monitoring management and authorization functions, and has the advantages of high data access safety factor, optimized resource monitoring, reduced resource consumption and the like.
The invention aims at an electronic official document exchange encryption method, which can comprise the following steps: and collecting a data source document, encrypting the data original document through a private key array K, generating a ciphertext C, and generating a corresponding encryption index I. C, I is uploaded to a server, the receiver and the sender share the private key array K at the same time, if the receiver wants to search the data document containing the keyword w, the corresponding search identification can be calculated by the private key array KtwAnd at the same time, uploading the search identifier to the server, wherein the server side passes through the combination C, I,twCalculation resultsCijAt this point, the receiver can decrypt locallyCij。
The source data collected may be a data warehouse, in-server data, etc.
The private key array firstly provides a security parameter k for data in the process of encrypting the original document and outputs the private key arrayK=(k1,k2,k3,k4,k5)。
The index generation first extracts keywords from the document, and for each keywordwi∈WNull set should be setDB(wi) If the jth document contains keywordswiThen, thenDB(wi)[j]Is set to 1, otherwise, willDB(wi)[j]Is set to 0.
Wherein,twi,ewi,Macwithe value of (c) will be calculated as follows:
twi=F1(K2,wi||0)
kwi=F1(K2,wi||1)
ewi= 𝛿.Enc(K=kwi,DB(wi))
kwi=F1(K3,wi)
Macwi =H(Kwi||DB(wi))
at this time, willtwi,ewi,MacwiPut into a length ofm·(2k +λ) C, I is finally uploaded to the server.
The search identification of the document containing the keyword w is calculated through the private key arrayTwShould be calculated as follows:
tw=F1(k2,w|| 0)
kw=F1(k2,w|| 1)
k31=F1(k4,wi)
Tw= 𝛿.Enck(k31,tw||kw||H(k31))
when the server side combines and calculates the output result, ask and Pay are calculated through search algorithm, and then Reed is usedAnd the Dec algorithm calculates the Redeem,Dj。
The fairness is based on the block chain technique being irreversible, and if the user and the server are not honest, then Pay cannot be accepted by the block chain.
When the search mode is executed, the user and the server carry out six times of interaction, and the intelligent contract is realizedD(. a) andSHA256,V(x,y) AndAESandSHA256, the contract may automatically determine whether the embedded result is valid.
Drawings
Fig. 1 shows a flow chart of an electronic document exchange encryption algorithm according to an example embodiment of the present invention.
Detailed Description
As shown in fig. 1, an embodiment of the present invention provides an electronic document exchange encryption method.
First, a source data document is collected in step S101, and user data is derived from data in a data warehouse and a server.
Next, in step S102, after the data owner takes the parameter K as input, the key array K = (K =) can be correctly outputk1,k2,k3,k4,k5)。
In generating the ciphertext C in step S103, the ciphertext C should be calculated using the private key and the source document as follows.
Ci=ε.Enck1(Di)(1 ≤i ≤n)
MAC(Ci)=(K5,Ci)
C←((C1,MAC(C1)),...,(Cn,MAC(Cn)))
Generating the index first extracts keywords from the documents, for each keywordwi∈WNull set should be setDB(wi) If the jth document contains keywordswiThen, thenDB(wi)[j]Is set to 1, otherwise, willDB(wi)[j]Is set to 0.
Wherein,twi,ewi,Macwithe value of (c) will be calculated as follows:
twi=F1(K2,wi||0)
kwi=F1(K2,wi||1)
ewi= A.Enc(K=kwi,DB(wi))
kwi=F1(K3,wi)
Macwi =H(Kwi||DB(wi))
at this time, willtwi,ewi,MacwiPut into a length ofm·(2k +λ) C, I is finally uploaded to the server.
The data owner shares the key array k with the user in step S104, and when searching for a document containing the keyword w, it should be obtained by the following calculationTwAnd upload it to the server.
tw=F1(k2,w|| 0)
kw=F1(k2,w|| 1)
k31=F1(k4,wi)
Tw=A.Enck(k31,tw||kw||H(k31))
In step S105, a value ofdNon-redemption of BTs1Then will beV(k31,Tw) Is embedded intoaskIn the script of (2), the user outputs the main body of the Pay using ask, and propagates the Pay value.
The calculated should be used in step S106tw,ew,MacwAnd usekw:DB(w)=𝛿.Dec(kw,ew) Decryptionew. Setting of empty collectorCwAnd will beMAC(Cj) Is put intoCw,Thereafter will beTu1AndTu2the main body Get is output as input, and the script of pro is output by Get.
Using the key in step S107k1To pairCj:Dj=ε.Dec(K1,Cj) Decryption, and finally updating by new keyCiIs/are as followsMAC(Ci) Deleting old cloud storage endMAC(Ci)。