CN-122001594-A - Smart electric meter data secure storage and tamper-proof blockchain authentication method and system

Abstract

The invention provides a method and a system for safe storage and tamper-proof blockchain authentication of smart meter data, which relate to the technical field of data security and comprise the steps of dividing a structured data object into a public segment and a private segment by receiving the smart meter data, and executing zero knowledge proof on the private segment to generate a mixed data carrier; establishing a cross-chain anchoring relation, synchronizing the hash abstract of the hybrid data carrier to a main side chain, triggering an intelligent contract to verify the validity of data, and verifying the integrity of the data through a global identifier when a tracing request is received. The invention realizes the safe storage and tamper-proof authentication of the ammeter data, ensures the privacy of sensitive data and ensures the traceability and tamper-proof of the data.

Inventors

• GUI JIE
• KONG XIANGYU
• WU YINAN

Assignees

• 江苏瑞达电力设备有限公司

Dates

Publication Date

20260508

Application Date

20260316

Claims (9)

1. 1. The intelligent ammeter data secure storage and tamper-proof blockchain authentication method is characterized by comprising the following steps: The method comprises the steps of receiving electric quantity data reported by an intelligent electric meter, analyzing metering information, equipment identity information and geographic position information in the electric quantity data, and constructing a structured data object, carrying out slicing treatment on the structured data object, dividing the structured data object into public data slices and private data slices according to data sensitivity, and carrying out zero knowledge proof generation operation on the private data slices to obtain proof data which can be verified but does not leak original content; Establishing a cross-chain data anchoring relation, synchronously writing the hash abstract of the hybrid data carrier into a main chain and a side chain, storing the corresponding relation between the global unique identifier and the block height in the main chain, and storing the complete content of the hybrid data carrier in the side chain; Triggering intelligent contract execution, wherein the intelligent contract verifies the validity of the digital signature of the mixed data carrier and checks whether the zero knowledge proof of the proof data passes or not; And when a data tracing request is received, extracting the mixed data carrier at a side chain through the global unique identifier at the height of a main chain positioning block, and verifying the validity of the proving data to confirm that the data is not tampered.
2. 2. The method of claim 1, wherein performing a zero knowledge proof generation operation on the piece of private data to obtain proof data that is verifiable but does not reveal original content comprises: Performing polynomial code conversion on the private data vector, mapping each component of the private data vector into polynomial coefficients, and generating a characteristic polynomial representing the private data fragment; generating a random blinding factor, performing algebraic operation on the random blinding factor and the characteristic polynomial to obtain a blinding polynomial, wherein the blinding polynomial conceals the true value of the private data vector; constructing a constraint relation set, wherein the constraint relation set defines numerical boundary conditions, identity binding conditions and logic consistency conditions which are required to be met by the private data fragments; Converting the set of constraint relationships into an arithmetic circuit representation, the arithmetic circuit representation comprising a directed acyclic graph structure of addition gates and multiplication gates, input nodes of the directed acyclic graph structure corresponding to coefficients of the blinded polynomial; And performing commitment calculation on the proving polynomial to generate a polynomial commitment value, packaging and combining the polynomial commitment value and the verifier key to form proving data, wherein the proving data support verifier verifies the satisfaction of the constraint relation set under the condition of not obtaining the private data vector plaintext.
3. 3. The method of claim 2, wherein cryptographically transforming the blinded polynomial using the prover key to generate a proving polynomial that satisfies the set of constraint relationships, performing a commitment calculation on the proving polynomial to generate a polynomial commitment value, combining the polynomial commitment value with the verifier key package, forming the proving data comprises: The encryption parameters and the pairing generation elements in the prover key are extracted, wherein the encryption parameters comprise elliptic curve group parameters and bilinear mapping parameters; Performing scalar multiplication operation on the coefficients of the blinding polynomial by using the pairing generating element to generate an encryption coefficient vector, wherein the encryption coefficient vector conceals the original coefficients of the blinding polynomial; Performing homomorphic operation on the encryption coefficient vector based on a circuit gate structure represented by the arithmetic circuit, wherein the homomorphic operation keeps the satisfaction of the constraint relation set in an encryption domain; Performing consistency calculation on the output result of the homomorphic operation and the evaluation result of the blinding polynomial to generate the proving polynomial, wherein the proving polynomial proves that the private data vector meets the constraint relation set; Performing a group exponential operation on the result of the linear combination operation to generate a polynomial commitment value, wherein the polynomial commitment value computationally conceals the content of the proving polynomial; The polynomial commitment value is combined with the verifier key package to form the attestation data.
4. 4. The method of claim 1, wherein establishing a cross-chain data anchoring relationship, writing the hash digest of the hybrid data carrier to the backbone and the side chain simultaneously, comprises: the method comprises the steps of performing anti-collision hash operation on the hybrid data carrier, generating a hash digest with fixed length, wherein the hash digest is used as a unique digital fingerprint of the hybrid data carrier, constructing a main chain anchoring data structure, and the main chain anchoring data structure comprises the globally unique identifier, the hash digest, an anchoring time stamp and a data source identifier; Monitoring a main chain consensus process, and capturing the main chain block height and main chain transaction hash of the main chain transaction load after the main chain transaction load is verified by main chain consensus nodes and packed into the main chain block; Constructing a side chain storage data structure, wherein the side chain storage data structure comprises the complete content of the hybrid data carrier, the hash digest, the main chain block height and associated proving data; Generating a cross-chain anchoring certificate, wherein the cross-chain anchoring certificate comprises a Merck proving path of the main chain transaction hash and a main chain block head; And executing side chain consensus verification, wherein a side chain consensus node verifies the validity of the cross-chain anchoring certificate, and writing the side chain transaction load into a side chain account book after verification is passed, so as to obtain a side chain block identifier where the side chain transaction load is located.
5. 5. The method of claim 4, wherein generating a cross-chain anchored proof that includes the backbone transaction hash and a merck proof path of a backbone block header comprises: acquiring a main chain block containing the main chain transaction load, extracting block head information of the main chain block and a transaction list; Constructing a merck tree of the transaction list, wherein leaf nodes of the merck tree are hash values of all transactions in the transaction list, and root nodes of the merck tree are hash transaction roots of the main chain blocks; Traversing the leaf nodes corresponding to the main chain transaction load to a root node along the merck tree, and collecting the brother node hash values on the traversing path, wherein the brother node hash values form the merck proving path; The main chain transaction hash, the merck proving path, the block height field, the previous block hash field and the transaction root hash field are subjected to structural combination to generate a data packet of the cross-chain anchoring proving; The method comprises the steps of carrying out digital signature on a data packet of the cross-chain anchoring certification, generating a signature value for the data packet by using a private key of a main chain verification node, wherein the signature value certifies that the cross-chain anchoring certification is confirmed by the main chain verification node, and packaging the data packet and the signature value into a final format of the cross-chain anchoring certification.
6. 6. The method according to claim 1, wherein triggering execution of a smart contract that verifies digital signature validity of the hybrid data carrier and checks whether zero knowledge proof of the proof data passes comprises: Extracting public key parameters in the public key field of the signer, and verifying whether the public key parameters are in a pre-registered authorized public key list or not; performing asymmetric decryption operation on the digital signature field by utilizing the public key parameter to obtain a signature decryption digest; performing hash operation consistent with the signature generation process on the data content field to generate a data content hash value; Comparing the signature decryption digest with the data content hash value, and confirming that the digital signature is valid when the signature decryption digest and the data content hash value are completely consistent, otherwise rejecting the uplink request; Generating public input parameters based on the public data fragments, wherein the public input parameters comprise hash values and derivative calculated values of the public data fragments; Invoking a zero knowledge proof verification function, providing the proof data, the verifier key and the public input parameter as inputs to the zero knowledge proof verification function; the zero knowledge proof verification function executes pairing operation and polynomial verification calculation, and checks whether a promise value in the proof data meets a preset algebraic relation; And when the digital signature is valid and the zero knowledge proof verification function returns a verification success identification, the intelligent contract generates a verification passing event.
7. 7. A smart meter data secure storage and tamper resistant blockchain authentication system for implementing the method of any of claims 1-6, comprising: The first unit is used for receiving electric quantity data reported by the intelligent electric meter, analyzing metering information, equipment identity information and geographic position information in the electric quantity data and constructing a structured data object, carrying out slicing treatment on the structured data object, dividing the structured data object into public data slices and private data slices according to data sensitivity, and carrying out zero knowledge proof generation operation on the private data slices to obtain proof data which can be verified but does not leak original content; The second unit is used for carrying out association coding on the public data fragments and the proving data to generate a mixed data carrier and distributing a global unique identifier for the mixed data carrier, establishing a cross-chain data anchoring relation, synchronously writing the hash abstract of the mixed data carrier into a main chain and a side chain, storing the corresponding relation between the global unique identifier and the block height in the main chain, and storing the complete content of the mixed data carrier in the side chain; A third unit for triggering execution of a smart contract that verifies the digital signature validity of the hybrid data carrier and checks whether zero knowledge proof of the proof data passes, curing the hybrid data carrier to a distributed storage node after verification passes, and recording a storage location index in a blockchain; And the fourth unit is used for extracting the mixed data carrier at the side chain through the global unique identifier at the height of the main chain positioning block when receiving the data tracing request, and verifying the validity of the proving data to confirm that the data is not tampered.
8. 8. An electronic device, comprising: A processor; A memory for storing processor-executable instructions; Wherein the processor is configured to invoke the instructions stored in the memory to perform the method of any of claims 1 to 6.
9. 9. A computer readable storage medium having stored thereon computer program instructions, which when executed by a processor, implement the method of any of claims 1 to 6.

Description

Smart electric meter data secure storage and tamper-proof blockchain authentication method and system Technical Field The invention relates to the technical field of data security, in particular to a method and a system for secure storage and tamper-proof blockchain authentication of intelligent ammeter data. Background Along with the rapid promotion of smart power grids construction, smart electric meters are used as key electricity information acquisition terminals and are widely applied to power systems. The intelligent ammeter not only realizes the automation of electric energy metering, but also can collect, store and transmit various electric quantity data, and provides important basis for power utilization information management and power grid operation monitoring for electric power companies. However, in the process of transmitting, storing and managing data of the smart meter, security and authenticity of the data face serious challenges. The traditional intelligent ammeter data management system mainly depends on a centralized database storage mode, and ensures data security through means such as encryption transmission and access control. With the development of the Internet of things and big data technology, the blockchain technology provides a new technical path for the safe storage of the data of the intelligent electric meter due to the characteristics of decentralization, non-tampering and traceability. The block chain combination zero knowledge proof and other cryptography technologies can ensure the integrity and verifiability of data while guaranteeing the privacy of the data. The prior art has the defects that the relationship between data transparency and privacy protection is difficult to balance, and the storage of all electric quantity data on a public chain can cause the leakage of sensitive information of a user, so that the public verification and audit of the data are not facilitated due to the complete encryption. Secondly, the storage mode of the single-chain structure faces performance bottleneck problems, and with the exponential increase of the data volume of the smart meter, the storage capacity and transaction processing capacity of the blockchain system are severely challenged, and real-time data processing requirements are difficult to meet. Disclosure of Invention The embodiment of the invention provides a method and a system for safely storing data of an intelligent electric meter and authenticating a tamper-proof blockchain, which can solve the problems in the prior art. In a first aspect of the embodiment of the present invention, a method for securely storing and authenticating a tamper-resistant blockchain of data of a smart meter is provided, including: The method comprises the steps of receiving electric quantity data reported by an intelligent electric meter, analyzing metering information, equipment identity information and geographic position information in the electric quantity data, and constructing a structured data object, carrying out slicing treatment on the structured data object, dividing the structured data object into public data slices and private data slices according to data sensitivity, and carrying out zero knowledge proof generation operation on the private data slices to obtain proof data which can be verified but does not leak original content; Establishing a cross-chain data anchoring relation, synchronously writing the hash abstract of the hybrid data carrier into a main chain and a side chain, storing the corresponding relation between the global unique identifier and the block height in the main chain, and storing the complete content of the hybrid data carrier in the side chain; Triggering intelligent contract execution, wherein the intelligent contract verifies the validity of the digital signature of the mixed data carrier and checks whether the zero knowledge proof of the proof data passes or not; And when a data tracing request is received, extracting the mixed data carrier at a side chain through the global unique identifier at the height of a main chain positioning block, and verifying the validity of the proving data to confirm that the data is not tampered. Performing a zero knowledge proof generation operation on the private data fragment, the obtaining proof data that can be verified but does not reveal the original content comprising: Performing polynomial code conversion on the private data vector, mapping each component of the private data vector into polynomial coefficients, and generating a characteristic polynomial representing the private data fragment; generating a random blinding factor, performing algebraic operation on the random blinding factor and the characteristic polynomial to obtain a blinding polynomial, wherein the blinding polynomial conceals the true value of the private data vector; constructing a constraint relation set, wherein the constraint relation set defines numerical boundary conditions, identity b