Project overview

PBFT algorithm

Practical Byzantine fault-tolerant algorithm (pbft) was proposed by Castro and Liskov in 1999 to solve the problem of low efficiency of the original Byzantine fault-tolerant algorithm. Compared with the original Byzantine fault-tolerant algorithm, the complexity of the algorithm is reduced from exponential level to polynomial level , which makes the Byzantine fault-tolerant algorithm can be used in practical applications

Pbft algorithm is a replica replication algorithm of state EPChine. Each copy of state EPChine saves the state of service, and also realizes all legitimate requests of clients. It can ensure that (n − 1) / 3 (n − 1) / 3 (n − 1) / 3 nodes are allowed to make errors (data loss, no work, etc.) on the premise of satisfying the activity and security of distributed system, Where NN is the number of all nodes participating in the consensus process in the distributed system. That is to say, the algorithm can ensure that the system can still reach the distributed consensus corrEPCly even when (n − 1) / 3 (n − 1) / 3 nodes fail or operate maliciously

In the view numbered VV, one replica node is the primary node and the other replica nodes are backup nodes. The primary node is mainly used to receive the request message sent by the client, which is selEPCed by the formula PP = VMOD | R | = VMOD | R | and | R | is the number of storage replica nodes, Then start the view change, change the current view number VV, and selEPC the master node according to the above formula

1) The client sends the request operation message to the primary node. After receiving the request operation message and verifying its corrEPCness, the master node saves the message and generates a pre preparation message based on the request operation message, which is broadcast to each backup node

2) After receiving the pre preparation message and verifying its corrEPCness, each backup node saves the message, and generates a preparation message based on the prepared message and broadcasts it to the primary node and other backup nodes

3) After receiving the preparation message and verifying the corrEPCness, each node storing the copy saves the message, and generates a submission message to the client, the master node and other backup nodes based on the prepared message

4) After receiving (2n + 1) / 3 (2n + 1) / 3 (2n + 1) / 3 submitted messages, each node storing the replica will execute the operation in the request operation message from the client

5) The reason why the client accepts (n + 2) / 3 (n + 2) / 3 commit messages instead of (2n + 1) / 3 (2n + 1) / 3 is that the number of failed nodes does not exceed (n − 1) / 3 (n − 1) / 3, Therefore, (n − 1) / 3 + 1 (n − 1) / 3 + 1 uniform response can guarantee the corrEPCness of the results

Medical blockchain

At present, the application of blockchain is mainly in finance, and the application in medical field is relatively less, because the focus of blockchain is limited to the blockchain system of digital currency such as bitcoin. In China, Xue Tengfei et al. proposed a medical institution Federation servers (MIFs) and audit Federation server group (AUDIT) by using the improved dpos consensus EPChanism In foreign countries, Azaria et al. used Ethereum blockchain, Medrec. Ivan is a medical information sharing platform which combines medical blockchain and big data. Ivan is a new method to protEPC the storage of medical and health data, implementation obstacles and the plan of gradual transition from current technology to blockchain solution. Shrier et al. adopted the method of combining opal / enigma encryption platform of Massachusetts Institute of technology with blockchain technology, Kuo et al. adopted the mode of combining privacy preserving online EPChine learning with private blockchain technology. Wittey introduced the verification system and method of medical transaction. It can be seen that the application and research of blockchain in medical field in China is relatively less, and most of them are at the application level

In the existing medical blockchain systems, Xue Tengfei and others take the improved dpos algorithm as the consensus algorithm, and Azaria and others use Ethereum (POW algorithm) as the consensus algorithm in the blockchain systems. The consensus algorithms adopted are all pox series algorithms, Xue Tengfei and others need to have 101 nodes of medical institution Federation servers (MIFs) and 20 nodes of audit Federation servers (AFS) to start the medical blockchain, which means that 121 hospitals or medical institutions are required to participate in the maintenance of the blockchain, The consensus EPChanism of Ethereum blockchain used by Azaria is POW algorithm, and its maintenance process is similar to that of bitcoin, that is, everyone in the Internet can participate in or quit the maintenance process at any time, which wastes a lot of computing power, Modelchain is not a blockchain designed for medical treatment. Its consensus algorithm proof of information (POI) combines EPChine learning with workload verification algorithm, which requires more computing power, so it is not suitable for medical blockchain

The pbft algorithm only needs more than four nodes to start. Compared with the blockchain system based on pox algorithm, the block chain system based on pbft algorithm has lower startup cost, is suitable for early exploration and later expansion, and does not need a lot of computing power to maintain. Therefore, this paper will use the pbft consensus algorithm to realize a blockchain suitable for medical system

Foundations of Cryptography

Cryptography is the most important part of a blockchain system, and is the basis of realizing the function of blockchain. The cryptography foundation involved in blockchain mainly includes encryption and decryption algorithm, hash algorithm and digital digest, Merkle tree, digital signature, digital certificate and PKI system

Encryption and decryption algorithm is one of the core technologies in cryptography, which can be divided into symmetric encryption and asymmetric encryption. In symmetric encryption, the encryption and decryption keys are the same, and their calculation efficiency is high, but the key is easy to leak in the transmission process. In asymmetric encryption, the encryption key is different from the decryption key, The public key is called the public key, which is called the public key for short, so asymmetric encryption is also called public key encryption. The secret key is called private key or private key for short. In this system, asymmetric encryption technology is mainly used to encrypt some data. The encryption process uses encryption key and encryption algorithm to encrypt these data to obtain ciphertext, Through decryption key and decryption algorithm, these data can be obtained again

Hash algorithm is an algorithm to convert variable length input string into fixed length output string. It has the properties of unidirEPCional, anti second image attack and strong collision attack. Common hash algorithms are MD5, SHA1, Sha2, etc, In the blockchain system, the relevant content of the block or transaction order is taken as input, and the summary is calculated to generate the ID of the block or transaction order

Merkle tree is a tree for storing hash values. Its leaf nodes store the hash values of each data, and the non leaf nodes store the hash values of all its child nodes. Its advantage is that it can quickly locate whether a certain data has been tampered with. In this blockchain system, Merkle tree is constructed by taking each transaction order ID as leaf node to quickly locate the tampered transaction order

A digital signature is a large integer attached to the signed data, which is used to determine the integrity of the signed data and the identity of the signer. During the generation, the signature algorithm and the signer's private key are used to calculate the signed data, and the result is the digital signature, The common digital signature schemes are RSA, digital signature algorithm (DSA) and elliptic curve signature scheme. In the blockchain system, digital signature technology is used to sign the relevant information of blocks and transaction orders to ensure the integrity and non repudiation of blocks and transaction orders, And then protEPC the security of the whole blockchain

The digital certificate is generated by a trusted certificate authority (CA). The main function of Ca is to use its own private key to sign the personal data and public key of the authenticated certificate applicant to generate the certificate. When sending the original data and digital signature, the sender AA also sends his own digital certificate, so that the receiver BB can receive the data, We can verify the data of the sender AA according to the digital certificate

Certification Authority CA is a part of PKI system. Its function is to bind certificate holder and key, realize identity authentication, provide users with certificate application, acquisition, query, revocation and other functions. It has the characteristics of integrity, non repudiation and confidentiality. Besides Ca, PKI system mainly includes key management center, KMC is mainly used to manage the life cycle of key, and CRL is mainly used to manage the invalid certificate list. PKI system is introduced into medical chain to prove the identity information of each blockchain participant, To ensure the integrity and non repudiation of data. PKI system related institutions can be deployed in the health management department. Although it introduces a certain degree of centralization, it can prevent malicious behaviors that may occur in these centralized operations by storing various files, pictures, videos and other information in the process of certificate application into the blockchain