CN-122001587-A - Intelligent air management method based on state-secret algorithm and hierarchical management block chain

Abstract

The invention belongs to the technical field of air traffic data management, and provides an intelligent air traffic control method based on a national encryption algorithm and a hierarchical management blockchain. And splitting the blockchain into a real-time chain for processing real-time data and a traceability chain for storing historical data in a time dimension, wherein the space dimension divides the nodes into a plurality of consensus domains according to a geographic network, and a PBFT consensus mechanism is adopted in a consensus group. And the authentication data of the real-time chain and the traceability chain are combined by adopting an SM3 hash uplink and an SM2 digital signature. The intelligent traffic control system and the intelligent traffic control method realize decentralization data sharing on the premise of guaranteeing data safety, bring strong technical support for an intelligent traffic control method, and have important practical significance and wide application prospect.

Inventors

• LU YANRONG
• NIU ZEHAN
• ZHOU GUANGXIN
• WANG JINGTAO
• LI JING

Assignees

• 中国民航大学

Dates

Publication Date

20260508

Application Date

20260225

Claims (9)

1. 1. The intelligent air management method based on the cryptographic algorithm and the hierarchical management block chain is characterized by comprising the following steps of: S100, dividing the block chain nodes into a plurality of groups, wherein one of the groups is a tracing chain group, the plurality of real-time chain groups are divided according to space, and data transmission is carried out between the tracing chain and the real-time chain through a ground mechanism; s110, judging the data type by a real-time chain data transmitting end, encrypting authentication data without encryption, encrypting sensitive data by using SM9 to complete data standardization processing, carrying out hash operation on the processed data by using SM3, signing according to an SM2 private key distributed by a supervision mechanism, and finally packaging the data by a real-time chain for uplink; S120, after verifying the source of data according to the SM2 signature, a real-time chain receiving end performs hash operation by adopting SM3 to verify the integrity, performs multi-copy synchronization on real-time chain data after verification, stores the data in a plurality of core ground nodes in a domain, and then uploads the locally filed real-time chain block data to a tracing chain through a tracing chain node by a real-time chain link point; S130, judging the type of received historical data by a traceable chain, encrypting authentication data without encryption, encrypting sensitive data by an SM4 algorithm, carrying out hash operation on the data by an SM3 and signing by an SM2 private key, generating an SM4 master key by a supervision organization, splitting the SM4 master key into a plurality of key fragments by a (k, n) threshold key sharing method, respectively storing the key fragments in a plurality of types of core ground nodes, carrying out digital signature by the SM2, destroying the original key of the supervision organization, splitting the data into m data fragments, and distributing the m data fragments to different ground nodes according to a consensus domain; And S140, when the authorized user initiates data query, firstly sending a request to the intra-domain node, recovering an SM4 key according to the fragments sent by the node, then requesting the intra-domain node for the data fragments, performing SM3 hash operation on the data fragments to verify the integrity, merging the recovered data after the verification, and finally decrypting the presented data through the SM 4.
2. 2. The intelligent air management method based on the cryptographic algorithm and the hierarchical management blockchain according to claim 1, wherein in S100, a common group is adopted in each group, a PBFT common mechanism is adopted, a leader node is selected for each sub-cluster, other common nodes in the cluster only communicate in the cluster and execute PBFT flow to complete data consistency verification in the cluster, the common nodes maintain data in the common group, and the leader node maintains a full data chain.
3. 3. The intelligent air management method based on the cryptographic algorithm and hierarchical management of block chains according to claim 1, wherein in S100, the block chain links are divided into four groups, one is a trace-source chain group and three is a real-time chain group.
4. 4. The intelligent air management method based on the cryptographic algorithm and the hierarchical management blockchain according to claim 1, wherein in S100, the real-time chain data transmitting end includes an airborne node, a ground weather node and an air management node, which are respectively used for transmitting position data, weather early warning data and flight dynamic data.
5. 5. The intelligent air management method based on the cryptographic algorithm and hierarchical management blockchain according to claim 1, wherein in S140, when requesting data fragments from intra-domain nodes, at least a key fragment is requested from t=2 intra-domain nodes.
6. 6. The intelligent air management method based on the cryptographic algorithm and hierarchical management blockchain of claim 1, wherein S110 comprises: s111, starting a real-time chain data uplink flow to acquire data to be uplink and SM2 private keys; s112, judging the type of the data to be uplink, and distinguishing authentication data from sensitive data; S113, if the sensitive data is encrypted by adopting an SM9 encryption algorithm to generate ciphertext, and directly entering authentication data into the next step; s114, carrying out hash operation on the processed data by adopting an SM3 algorithm; S115, carrying out digital signature on the hash operation result by using the SM2 private key; And S116, packaging the signed data into a chain, and ending the flow.
7. 7. The intelligent air management method based on the cryptographic algorithm and hierarchical management blockchain of claim 1, wherein in S120, when the real-time chain receiving end verifies the data source according to the SM2 signature and then performs the hash operation by using SM3 to verify the integrity, the method comprises: s121, starting a receiving end data verification process to acquire data to be verified and an SM2 public key; s122, signature verification is carried out on the data to be verified by using the SM2 public key; s123, if the signature verification is not passed, discarding the data, and ending the flow; s124, if the signature verification is passed, calculating a content abstract of the data to be verified by using an SM3 algorithm; s125, comparing the calculated SM3 abstract with the original SM3 abstract of the data; s126, if the comparison of the summaries is inconsistent, discarding the data, and ending the flow; and S127, if the comparison of the summaries is consistent, the operation of using or decrypting is finished.
8. 8. The intelligent air management method based on a cryptographic algorithm and hierarchical management blockchain according to claim 1, wherein in S130, the traceability chain judges the type of received historical data, authentication data does not need to be encrypted, sensitive data is encrypted by using an SM4 algorithm, data is hashed by using an SM3 and signed by an SM2 private key, and then is uplink, comprising: s131, starting a traceability chain historical data storage flow to acquire historical data to be stored and SM2 private keys; s132, judging the type of the historical data to be stored, and distinguishing authentication data from sensitive data; S133, if the sensitive data are encrypted by adopting an SM4 encryption algorithm to generate ciphertext, and the authentication data directly enter the next step; s134, carrying out hash operation on the processed data by adopting an SM3 algorithm; S135, carrying out digital signature on the hash operation result by using the SM2 private key; s136, packaging and storing the signed data in a uplink mode, and ending the flow.
9. 9. The intelligent air management method based on the cryptographic algorithm and hierarchical management blockchain of claim 1, wherein S140 comprises: S141, authorizing a user to initiate a data fragment inquiry request to an intra-domain keeping node; S142, the custody node 1 performs validity verification on the query request of the authorized user; S143, if the authentication request of the storage node 1 is illegal, rejecting the inquiry request, and if the authentication request is legal, returning the data fragment 1 to the authorized user; s144, the custody node n performs validity verification on the query request of the authorized user; s145, if the verification request of the storage node n is illegal, rejecting the inquiry request, and if the verification request is legal, returning the data fragment n to the authorized user; S146, carrying out hash integrity check on all received data fragments by adopting an SM3 algorithm; S147, if the hash check fails, discarding the corresponding data fragment, and ending the flow; S148, if the hash check is passed, merging all the data fragments to recover the complete original data; And S149, decrypting the restored original data by adopting an SM4 algorithm and presenting the decrypted original data to an authorized user, and ending the flow.

Description

Intelligent air management method based on state-secret algorithm and hierarchical management block chain Technical Field The invention belongs to the technical field of air traffic data management, and particularly relates to an intelligent air management method based on a national encryption algorithm and a hierarchical management block chain. Background In an Air Traffic Management (ATM) system, efficient sharing of data can provide real-time situational awareness and decision support for multiparty participants, promoting the construction of intelligent civil aviation. However, current aviation data sharing still faces many challenges, including firstly, the phenomenon of data islanding is common, a large amount of data is only used in a limited range and cannot fully exert potential value, secondly, aviation operation has high dynamic property and real-time property, extremely high requirements on timeliness, safety and reliability of data sharing are put forward, and furthermore, data owners have the worry about safety and privacy generally, and active sharing of data is further inhibited due to lack of effective incentive mechanisms. The blockchain technology has obvious technical advantages in the aspects of data management and trust construction by virtue of the characteristics of decentralization, tamper resistance, traceability, encryption security and the like. Through the distributed account book technology, synchronization and consensus verification of data among multiple nodes are realized, and integrity, consistency and transparency of the data in the storage and transmission processes are ensured. Meanwhile, the intelligent contract can automatically execute preset business logic without intervention of a third party, so that the automation level, the running efficiency and the credibility of the system are effectively improved. Some researches attempt to introduce blockchain technology into aviation data sharing scenes, but the design is limited to simple superposition of single technical layers, and a depth fusion architecture cannot be formed. In terms of data security and privacy protection, the conventional scheme usually adopts a universal international cryptographic algorithm (RSA, AES and the like) or a basic hash function, the compliance requirement of an aviation information system on autonomous and controllable passwords is not fully considered, potential security risks exist on an algorithm level, on a key management and distribution mechanism, most schemes depend on a centralized or semi-centralized key management mechanism, single-point faults and trust bottlenecks are easy to form, effective support for key security storage and dynamic recovery under a multi-mechanism collaborative scene is lacking, in terms of data sharing real-time performance guarantee, the conventional blockchain scheme mostly adopts a public chain or universal alliance chain architecture with large common expenditure, the requirement of high throughput and low delay of empty pipe data exchange is difficult to adapt, and the automatic execution efficiency of intelligent contracts is insufficient to support empty condition dynamic update and real-time decision response. The invention mainly uses SM2 (asymmetric encryption algorithm based on elliptic curve cryptography), SM3 (cryptographic hash algorithm), SM9 (asymmetric cryptographic algorithm based on identification) and SM4 (symmetric block cryptographic algorithm) to form an autonomous controllable cryptographic technology system. In the aspect of key security management, the Shamir password sharing mechanism realizes the secure storage and distribution of keys by dispersing the password into a plurality of shares and recovering when a certain threshold is reached. In the invention, the blockchain provides a new idea for constructing a trusted data sharing environment. The block chain technology is combined with the national cryptographic algorithm (SM 2, SM3, SM4 and SM 9), so that the decentralization data sharing is realized on the premise of guaranteeing the data security, and a powerful technical support is brought for the intelligent air traffic control method, so that the intelligent air traffic control method has important practical significance and wide application prospect. Disclosure of Invention Aiming at the problems, the invention provides an intelligent air management method based on a cryptographic algorithm and a hierarchical management block chain, which solves the problems in the prior art, and adopts the following technical scheme: an intelligent air management method based on a cryptographic algorithm and hierarchical management block chain comprises the following steps: S100, dividing the block chain nodes into a plurality of groups, wherein one of the groups is a tracing chain group, the plurality of real-time chain groups are divided according to space, and data transmission is carried out between the tracing chain and the real-