网络与信息安全学报 ›› 2021, Vol. 7 ›› Issue (1): 65-75.doi: 10.11959/j.issn.2096-109x.2021007

• 专题Ⅱ:区块链安全 • 上一篇    下一篇

Hyperledger Fabric平台的国密算法嵌入研究

曹琪1,2, 阮树骅1,2, 陈兴蜀1,2, 兰晓1,2, 张红霞1,2, 金泓键1,2   

  1. 1 四川大学网络空间安全学院,四川 成都 610065
    2 四川大学网络空间安全研究院,四川 成都 610065
  • 修回日期:2020-09-18 出版日期:2021-02-15 发布日期:2021-02-01
  • 作者简介:曹琪(1996- ),女,四川广安人,四川大学硕士生,主要研究方向为区块链安全及应用、网络行为分析。
    阮树骅(1966- ),女,浙江绍兴人,四川大学副教授、硕士生导师,主要研究方向为云计算与大数据安全、区块链安全。
    陈兴蜀(1968- ),女,贵州六枝人,博士,四川大学教授、博士生导师,主要研究方向为云计算与大数据安全、可信计算与信息保障。
    兰晓(1990- ),女, 四川自贡人,博士,四川大学助理研究员,主要研究方向为应用密码学、安全多方计算、认证密钥协商协议、区块链安全。
    张红霞(1996- ),女,河北邢台人,四川大学硕士生,主要研究方向为区块链安全及应用、网络行为分析。
    金泓键(1996- ),男,重庆人,四川大学硕士生,主要研究方向为区块链安全及应用、大数据分析。
  • 基金资助:
    国家自然科学基金(61802270);中央高校基础研究经费(SCU2018D018);中央高校基础研究经费(2019SCU12069)

Embedding of national cryptographic algorithm in Hyperledger Fabric

Qi CAO1,2, Shuhua RUAN1,2, Xingshu CHEN1,2, Xiao LAN1,2, Hongxia ZHANG1,2, Hongjian JIN1,2   

  1. 1 School of Cyber Science and Engineering, Sichuan University, Chengdu 610065, China
    2 Cybersecurity Research Institute, Sichuan University, Chengdu 610065, China
  • Revised:2020-09-18 Online:2021-02-15 Published:2021-02-01
  • Supported by:
    The Fundamental Research Funds for the Central Universities(61802270);The National Natural Science Foundation of China(SCU2018D018);The National Natural Science Foundation of China(2019SCU12069)

摘要:

Hyperledger Fabric 是为企业级商用区块链项目提供支撑的且可扩展的联盟链平台,密码算法为该平台的核心,保证上链数据的安全和不可篡改,但原始Fabric平台缺乏对国密算法的支持。因此,设计并实现了Fabric平台的国密算法的嵌入和支持。首先,通过分析Fabric平台中组件间交互逻辑和密码算法的调用场景,提出了在该平台嵌入国密支持的设计思路;其次,基于同济开源国密实现源码,为 Fabric 平台BCCSP添加SM2、SM3和SM4算法模块与接口;再次,将Fabric平台的各组件上层应用的密码算法调用接口与对应国密算法接口相关联,实现上层应用对国密算法调用的支持;最后,通过创建 fabric-gm 联盟链测试实例验证Fabric平台中嵌入的国密算法模块和接口的正确性及有效性,并与原生Fabric平台镜像构建的测试实例进行了性能比较。实验结果表明,嵌入的国密算法模块和接口可用、正确且生成的国密证书有效,与原生Fabric平台镜像相比,网络启动时间增加3%,毫秒级单位下的交易时间开销增加1倍,动态证书生成时间增加9%,各项性能指标均在可接受范围内。

关键词: 区块链, HyperledgerFabric, SM2, SM3, SM4

Abstract:

Hyperledger Fabric is an extensible alliance blockchain platform and provides support for enterprise-level commercial blockchain projects.The cryptographic algorithm is the core technologies of the platform, ensuring the security and non-tampering of the data on the chain.But the original Fabric platform lacks the national cryptographic algorithm support.The embedding and support of the national cryptographic algorithm of the Fabric platform was designed and implemented.Firstly, the interaction logic of between components and the invocation scenario of each type of cryptographic algorithm in the Fabric platform were analyzed, an idea of embedding national cryptographic algorithm support for the platform was proposed.Secondly, the modules and interfaces for SM2, SM3 and SM4 were added to BCCSP of the Fabric platform based on the open source code of national cryptographic algorithm implementation.Thirdly, the interface of cryptographic algorithm invoked by the upper layer of each component is associated to the interface of corresponding national cryptographic algorithms, which realized the invocation support of national cryptographic algorithm for the upper layer applications.Finally, the correctness and effectiveness of the embedded national cryptographic algorithm were verified by creating a fabric-gm test instance.And compared with the performances of the test instance built by the mirror of the native Fabric platform.The experimental results show that the embedded national cryptographic algorithm interfaces are corrected and the generated national cryptographic certificates are effective.Moreover, compared with the native Fabric platform, the network start up time increases by about 3%.In the millisecond unit, the transaction time cost increases by about one time, the dynamic certificate generation time increases by about 9%, and all the performance are within the acceptable range.

Key words: blockchain, Hyperledger Fabric, SM2, SM3, SM4

中图分类号: 

No Suggested Reading articles found!