ProHoster > Blog > Utongi > DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Haisi chakavanzika kuti imwe yeanowanzo shandiswa anobatsira maturusi, pasina izvo kuchengetedzwa kwedata mumanetiweki akavhurika hazvigoneke, idhijitari chitupa tekinoroji. Nekudaro, hachisi chakavanzika kuti chikuru dhizaini yetekinoroji kuvimba kusingaite munzvimbo dzinopa zvitupa zvedhijitari. Director weTekinoroji uye Innovation kuENCRY Andrey Chmora akakurudzira nzira nyowani yekuronga zvivakwa zvakakosha zveveruzhinji (Public Key Infrastructure, PKI), iyo ichabatsira kubvisa kukanganisa kwazvino uye iyo inoshandisa yakagoverwa ledger (blockchain) tekinoroji. Asi zvinhu zvekutanga kutanga.

Kana iwe uchiziva mashandiro azvino veruzhinji makiyi makiyi anoshanda uye uchiziva zvikanganiso zvayo zvakakosha, unogona kusvetukira mberi kune zvatiri kufunga kuchinja pazasi.

Chii chinonzi digital siginecha uye zvitupa?Kudyidzana paInternet nguva dzose kunosanganisira kutumira data. Tese tine chido chekuona kuti data inofambiswa zvakachengeteka. Asi kuchengeteka chii? Iwo anonyanya kutsvakwa masevhisi ekuchengetedza akavanzika, kuvimbika uye chokwadi. Nechinangwa ichi, nzira dzeasymmetric cryptography, kana cryptography ine kiyi yeruzhinji, ikozvino inoshandiswa.

Ngatitangei nenyaya yekuti kushandisa nzira idzi, nyaya dzekudyidzana dzinofanirwa kunge dziine makiyi maviri ega ega - eruzhinji uye akavanzika. Nerubatsiro rwavo, masevhisi ekuchengetedza atataura pamusoro anopihwa.

Kuvanzika kwekufambiswa kwemashoko kunowanikwa sei? Asati atumira data, munyoreri anotumira encrypts (cryptographically inoshandura) data rakavhurika uchishandisa kiyi yeruzhinji yeanogamuchira, uye anogamuchira anobvisa iyo yakagamuchirwa ciphertext achishandisa paired chakavanzika kiyi.

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Ko kutendeseka nehuchokwadi hweruzivo rwunofambiswa hunowanikwa sei? Kugadzirisa dambudziko iri, imwe nzira yakagadzirwa. Iyo data yakavhurika haina kuvharirwa, asi mhedzisiro yekushandisa iyo cryptographic hash basa - "yakamanikidzwa" mufananidzo weiyo yekuisa data sequence - inofambiswa mune encrypted fomu. Mhedzisiro yehashing yakadai inonzi "digest", uye yakavharidzirwa uchishandisa kiyi yakavanzika yeanotumira anonyorera ("chapupu"). Nekuda kwekunyorera digest, siginecha yedhijitari inowanikwa. Iyo, pamwe chete nemashoko akajeka, inotumirwa kune anogamuchira ("verifier"). Anobvisa siginecha yedhijitari pakiyi yeruzhinji yechapupu uye anoienzanisa nemhedzisiro yekushandisa cryptographic hash basa, iro mutsigiri anoverengera akazvimirira zvichibva pane yakagamuchirwa yakavhurika data. Kana dzikaenderana, izvi zvinoratidza kuti iyo data yakafambiswa mune yechokwadi uye yakazara fomu neanotumira munyoreri, uye isina kuchinjwa neanorwisa.

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Zvizhinji zvezviwanikwa zvinoshanda nedata remunhu uye ruzivo rwekubhadhara (mabhangi, makambani einishuwarenzi, ndege, masisitimu ekubhadhara, pamwe nenzvimbo dzehurumende sevhisi yemutero) inoshingairira kushandisa asymmetric cryptography nzira.

Chitupa chedhijitari chine chekuita nei nazvo? Zviri nyore. Ese maviri maitiro ekutanga neechipiri anosanganisira makiyi eruzhinji, uye sezvo vachiita basa repakati, zvakakosha kuve nechokwadi kuti makiyi ndeeanotumira (chapupu, kana iri yekusimbisa siginecha) kana mugamuchiri, uye haasi dzakatsiviwa nemakiyi evanorwisa. Ichi ndicho chikonzero zvitupa zvedhijitari zviripo kuti ive nechokwadi chechokwadi uye kuvimbika kwekiyi yeruzhinji.

Cherechedza: chokwadi uye kuvimbika kwekiyi yeruzhinji inosimbiswa nenzira imwecheteyo seyechokwadi uye kuvimbika kwedata reruzhinji, ndiko kuti, kushandisa siginecha yemagetsi yedhijitari (EDS).
Zvitupa zvedhijitari zvinobva kupi?Zviremera zvinovimbwa nezvitupa, kana Certification Authorities (CAs), vane basa rekuburitsa nekuchengetedza zvitupa zvedhijitari. Munyoreri anokumbira kupihwa kwechitupa kubva kuCA, anopihwa chitupa paRegistration Center (CR) uye anogamuchira chitupa kubva kuCA. Iyo CA inovimbisa kuti kiyi yeruzhinji kubva pachitupa ndechechaizvo icho chachakapihwa.

Kana iwe ukasasimbisa huchokwadi hwekiyi yeruzhinji, zvino anorwisa panguva yekufambisa/kuchengetedza kiyi iyi anogona kuitsiva neyake. Kana kutsiva kwaitika, munhu anorwisa achakwanisa kuburitsa zvese zvinotumirwa nemunyoreri kune anotambira, kana kushandura data rakavhurika nekufunga kwake.

Digital zvitupa zvinoshandiswa chero kupi asymmetric cryptography inowanikwa. Imwe yeakajairika zvitupa zvedhijitari zvitupa zveSSL zvekutaurirana kwakachengeteka pamusoro peHTTPS protocol. Mazana emakambani akanyoreswa munzvimbo dzakasiyana siyana ane chekuita nekupa zvitupa zveSSL. Mugove mukuru unowira pamashanu kusvika gumi makuru akavimbika nzvimbo: IdenTrust, Comodo, GoDaddy, GlobalSign, DigiCert, CERTUM, Actalis, Secom, Trustwave.

CA uye CR zvikamu zvePKI, izvo zvinosanganisira:

  • Vhura dhairekitori - database yeruzhinji inopa kuchengetedza kwakachengeteka kwedhijitari zvitupa.
  • Revocation list - dhatabhesi yeruzhinji inopa kuchengetedza kwakachengeteka kwedhijitari zvitupa zveakabviswa makiyi eruzhinji (semuenzaniso, nekuda kwekukanganisa kwekiyi yakavanzika yakabatana). Zvidzidzo zvezvivakwa zvinogona kuzvimiririra kuwana iyi dhatabhesi, kana kuti vanogona kushandisa yakasarudzika Online Certification Status Protocol (OCSP), iyo inorerutsa maitiro ekuona.
  • Vashandisi vezvitupa -sevhisiwa PKI zvidzidzo zvakapinda muchibvumirano chemushandisi neCA uye simbisa siginecha yedhijitari uye/kana encrypt data yakavakirwa pakiyi yeruzhinji kubva pachitupa.
  • Vateveri - vakashandira PKI zvidzidzo vane kiyi yakavanzika yakapetwa nekiyi yeruzhinji kubva pachitupa, uye vakapinda muchibvumirano chekunyoresa neCA. Munyoreri anogona panguva imwe chete kuva mushandisi wechitupa.

Nekudaro, masangano akavimbika eruzhinji kiyi zvivakwa, anosanganisira maCA, maCR uye akavhurika madhairekitori, ane basa re:

1. Kuongororwa kwechokwadi chekuzivikanwa kweanonyorera.
2. Kunyora chitupa cheruzhinji.
3. Kupa chitupa cheruzhinji rwemunyoreri ane chitupa chakasimbiswa nekuvimbika.
4. Shandura chimiro chechitupa chekiyi yeruzhinji.
5. Kupa ruzivo pamusoro pemamiriro azvino echitupa chekiyi yeruzhinji.

Zvakaipa zvePKI, ndezvipi?Iko kukanganisa kwakakosha kwePKI kuvepo kwemasangano akavimbika.
Vashandisi vanofanirwa kuvimba neCA neCR zvisingaite. Asi, sezvinoratidzwa nemaitiro, kuvimba kusingaverengeki kuzere nemigumisiro yakakomba.

Mumakore gumi apfuura, kwave nekunyomba kukuru munzvimbo iyi zvine chekuita nekusagadzikana kwezvivakwa.

- muna 2010, iyo Stuxnet malware yakatanga kupararira online, yakasainwa ichishandisa zvakabiwa zvitupa zvedhijitari kubva kuRealTek uye JMicron.

- Muna 2017, Google yakapomera Symantec mhosva yekupa nhamba yakakura yezvitupa zvemanyepo. Panguva iyoyo, Symantec yaive imwe yeCAs hombe maererano nemavhoriyamu ekugadzira. MuGoogle Chrome 70 browser, rutsigiro rwezvitupa zvakapihwa nekambani iyi nenzvimbo dzayo dzakabatana GeoTrust neThawte dzakamiswa pamberi paZvita 1, 2017.

MaCA akakanganiswa, uye somugumisiro munhu wose akatambura-CAs pachavo, pamwe chete nevashandisi nevanyori. Kuvimbika muzvivakwa kwakaderedzwa. Uye zvakare, zvitupa zvedhijitari zvinogona kuvharwa mumamiriro ekukonana kwezvematongerwo enyika, izvo zvinozokanganisa kushanda kwezviwanikwa zvakawanda. Izvi ndizvo chaizvo zvaityiwa makore akati wandei apfuura muhutongi hwemutungamiri weRussia, umo muna 2016 vakakurukura nezve mukana wekugadzira nzvimbo yekupihwa zvitupa yaizoburitsa zvitupa zveSSL kumasaiti paRuNet. Mamiriro ezvinhu epanguva ino akadaro zvekuti kunyange nyika portals muRussia shandisa zvitupa zvedhijitari zvakapihwa nemakambani eAmerica Comodo kana Thawte (rimwe divi reSymantec).

Pane rimwe dambudziko - mubvunzo yekutanga authentication (kutendeseka) kwevashandisi. Nzira yekuziva sei mushandisi akabata iyo CA nechikumbiro chekuburitsa chitupa chedhijitari pasina kuonana nemunhu? Iye zvino izvi zvinogadziriswa mamiriro zvichienderana nekugona kwezvivakwa. Chimwe chinhu chinotorwa kubva kumarejista akavhurika (semuenzaniso, ruzivo nezve masangano epamutemo ari kukumbira zvitupa); mumamiriro ezvinhu apo vanyoreri vari vanhu, mahofisi ebhangi kana mahofisi epositi anogona kushandiswa, uko kuzivikanwa kwavo kunosimbiswa uchishandisa zvitupa, semuenzaniso, pasipoti.

Dambudziko rekunyepera magwaro nechinangwa chekuedzesera chinhu chakakosha. Ngationei kuti hapana mhinduro yakakwana yedambudziko iri nekuda kwezvikonzero zveruzivo-dzidziso: pasina kuve neruzivo rwakavimbika a priori, hazvibviri kusimbisa kana kuramba chokwadi cheimwe nyaya. Semutemo, kuti zvionekwe zvinodikanwa kuunza seti yemagwaro anoratidza kuzivikanwa kweanonyorera. Kune dzakawanda dzakasiyana nzira dzekuongorora, asi hapana imwe yadzo inopa vimbiso yakazara yehuchokwadi hwemagwaro. Saizvozvo, huchokwadi hwekuzivikanwa kweanonyorera zvakare haugone kuvimbiswa.

Izvi zvikanganiso zvingabviswa sei?Kana matambudziko ePKI ari mumamiriro ayo aripo achigona kutsanangurwa nepakati, saka zvine musoro kufunga kuti decentralization inogona kubatsira kubvisa zvikanganiso zvakaonekwa.

Decentralization hairevi kuvepo kwemasangano akavimbika - kana iwe ukagadzira decentralized public key infrastructure (Decentralized Public Key Infrastructure, DPKI), saka hapana CA kana CR inodiwa. Ngatisiyei pfungwa yechitupa chedhijitari uye tishandise registry yakagoverwa kuchengetedza ruzivo nezve makiyi eruzhinji. Mune yedu, isu tinodaidza register mutsara dhatabhesi rine ega marekodhi (mabhuraki) akabatanidzwa achishandisa blockchain tekinoroji. Panzvimbo pechitupa chedhijitari, isu tichaunza iyo pfungwa ye "ziviso".

Maitiro ekugamuchira, kuongorora uye kukanzura zviziviso anozoita senge mune yakarongwa DPKI:

1. Mumwe nemumwe anenge achinyorera anoendesa chikumbiro chekuzivisa akazvimirira nekuzadza fomu panguva yekunyoresa, mushure mezvo anogadzira kutengeserana kunochengetwa mudziva rakasarudzika.

2. Ruzivo pamusoro pekiyi yeruzhinji, pamwe chete neruzivo rwemuridzi uye mamwe metadata, inochengetwa mune yakagoverwa registry, uye kwete mune yedhijitari chitupa, yekuburitsa iyo mune centralized PKI iyo CA inotarisira.

3. Kuongororwa kwehuchokwadi hwemunhu anenge akakumbira kunoitwa mushure mechokwadi nekuedza pamwe chete kweDPKI user community, uye kwete neCR.

4. Muridzi wechiziviso chakadaro chete ndiye anogona kushandura chimiro chekiyi yeruzhinji.

5. Chero ani zvake anogona kuwana iyo yakagoverwa ledger uye tarisa mamiriro azvino ekiyi yeruzhinji.

Cherechedzo: Kuongororwa kwenharaunda kwemunhu anenge achinyorera kungaite sekusingavimbike pekutanga. Asi isu tinofanira kuyeuka kuti mazuva ano vese vashandisi vedhijitari masevhisi vanosiya nzira yedhijitari, uye maitiro aya anongoramba achiwedzera. Vhura marejista emagetsi emasangano epamutemo, mepu, digitization yemifananidzo yenzvimbo, masocial network - zvese izvi zvishandiso zvinowanikwa pachena. Iwo atove akabudirira kushandiswa panguva yekuferefeta nevatori venhau nevanochengetedza mutemo. Semuenzaniso, zvakakwana kurangarira kuferefetwa kweBellingcat kana timu yakabatana yekuferefeta JIT, iyo iri kudzidza mamiriro ekuparara kweMalaysia Boeing.

Saka dhizaini yakakosha yeruzhinji yaizoshanda sei mukuita? Ngatigarei pane tsanangudzo ye teknolojia pachayo, iyo isu patented muna 2018 uye tinozviona sekuziva kwedu.

Fungidzira kune mumwe muridzi ane makiyi mazhinji eruzhinji, uko kiyi yega yega iri imwe kutengeserana inochengetwa muregistry. Mukushaikwa kweCA, unganzwisise sei kuti makiyi ese ndeemuridzi uyu? Kugadzirisa dambudziko iri, zero transaction inogadzirwa, iyo ine ruzivo nezvemuridzi uye chikwama chake (kubva kune iyo komisheni yekuisa iyo dhizaini mune registry inobviswa). Iyo null transaction imhando ye "anchor" iyo inotevera kutengeserana ine data nezve makiyi eruzhinji ichabatanidzwa. Imwe neimwe dhizaini yakadai ine yakasarudzika data chimiro, kana nemamwe mazwi, chiziviso.

Ziviso seti yakarongeka yedata ine minda inoshanda uye inosanganisira ruzivo nezvekiyi yeruzhinji yemuridzi, kushingirira kwayo kunovimbiswa nekuiswa mune imwe yemarekodhi akabatana eregistry yakagoverwa.

Mubvunzo unotevera une musoro ndewekuti zero transaction inoumbwa sei? Iyo null transaction - senge inotevera - ndeye kuunganidzwa kwematanho matanhatu edata. Munguva yekugadzirwa kwezero transaction, iyo kiyi mbiri yechikwama inobatanidzwa (yeruzhinji uye yakabatana makiyi akavanzika). Aya makiyi maviri anoonekwa panguva iyo mushandisi anonyoresa chikwama chake, kubva uko komisheni yekuisa zero transaction mune registry uye, zvino, mashandiro ane zviziviso achabviswa.

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Sezvinoratidzwa mumufananidzo, chikwama cheruzhinji kiyi digest inogadzirwa nekutevedzana kushandisa iyo SHA256 uye RIPEMD160 hashi mabasa. Pano RIPEMD160 inotarisira iyo compact inomiririra data, iyo yakafara isingapfuuri 160 bits. Izvi zvakakosha nekuti registry haisi dhatabhesi yakachipa. Kiyi yeruzhinji pachayo inopinzwa mundima yechishanu. Munda wekutanga une data inomisikidza kubatana kune yapfuura kutengeserana. Kune zero transaction, iyi ndima haina chinhu, iyo inoisiyanisa kubva kune inotevera kutengeserana. Yechipiri munda ndeye data yekutarisa kubatana kwekutengeserana. Nekupfupika, tichadaidza iyo data mundima yekutanga neyechipiri "link" uye "cheki", zvichiteerana. Zviri mukati mezvikamu izvi zvinogadzirwa ne iterative hashing, sezvakaratidzwa nekubatanidza kutengeserana kwechipiri nekwechitatu mumufananidzo uri pasi apa.

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Iyo data kubva kuminda mishanu yekutanga inosimbiswa nemagetsi siginecha, iyo inogadzirwa uchishandisa kiyi yakavanzika yechikwama.

Ndizvozvo, iyo null transaction inotumirwa kudziva uye mushure mekubudirira kwechokwadi kunopinzwa mune registry. Iye zvino unogona "kubatanidza" zvinotevera kutengeserana kwairi. Ngatitarisei kuti kutengeserana kusiri zero kunogadzirwa sei.

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Chinhu chekutanga chingangobata ziso rako ndiko kuwanda kwepairi kiyi. Pamusoro peiyo yatove yakajairwa wallet kiyi peya, akajairwa uye sevhisi kiyi pairi anoshandiswa.

Kiyi yeruzhinji ndiyo yakatangirwa zvese. Kiyi iyi inosanganisirwa mumatanho akasiyana uye maitiro ari kuitika kunze kwenyika (kubhengi uye kumwe kutengeserana, kuyerera kwegwaro, nezvimwewo). Semuenzaniso, kiyi yakavanzika kubva kune vakajairwa vaviri inogona kushandiswa kugadzira masiginecha edhijitari emagwaro akasiyana - maodha ekubhadhara, nezvimwewo, uye kiyi yeruzhinji inogona kushandiswa kusimbisa iyi siginecha yedhijitari pamwe nekuzoitwa kwemirairo iyi, chero inoshanda.

Iwo maviri sevhisi anopihwa kune yakanyoreswa DPKI chidzidzo. Zita revaviri ava rinoenderana nechinangwa chayo. Ziva kuti kana uchigadzira/kutarisa zero transaction, makiyi ebasa haashandiswe.

Ngatijekese chinangwa chekiyi zvakare:

  1. Wallet makiyi anoshandiswa kugadzira/kusimbisa zvese zvisina basa uye chero imwe isiri-null transaction. Kiyi yepachivande yechikwama inongozivikanwa nemuridzi wechikwama, anovawo muridzi wemakiyi akawanda eruzhinji.
  2. Kiyi yeruzhinji yakajairika yakafanana nechinangwa kune kiyi yeruzhinji inopihwa chitupa muPKI yepakati.
  3. Iyo sevhisi kiyi mbiri ndeye DPKI. Kiyi yakavanzika inopihwa kumasangano akanyoreswa uye inoshandiswa pakugadzira masiginecha edhijitari ekutengeserana (kunze kwezero transactions). Veruzhinji inoshandiswa kuona siginecha yemagetsi yedhijitari yekutengeserana isati yatumirwa mukunyoresa.

Nokudaro, kune mapoka maviri emakiyi. Yekutanga inosanganisira makiyi ebasa uye makiyi echikwama - anongoita zvine musoro mumamiriro eDPKI. Boka rechipiri rinosanganisira makiyi akajairwa - chiyero chavo chinogona kusiyana uye chinotemerwa nemabasa ekushandisa maanoshandiswa. Panguva imwecheteyo, DPKI inovimbisa kutendeseka uye huchokwadi hweakajairwa makiyi eruzhinji.

Ongorora: Iyo sevhisi kiyi mbiri inogona kuzivikanwa kune akasiyana DPKI masangano. Semuenzaniso, zvinogona kunge zvakafanana kune wese munhu. Nechikonzero ichi kuti pakugadzira siginecha yega yega isiri-zero, makiyi maviri akavanzika anoshandiswa, imwe yacho iri kiyi yechikwama - inozivikanwa chete kune muridzi wechikwama, uyo ari zvakare muridzi weakawanda akajairwa. makiyi eruzhinji. Makiyi ese ane zvaanoreva. Semuenzaniso, zvinogara zvichigoneka kuratidza kuti kutengeserana kwakapinda murejista neyakanyoreswa DPKI chinyorwa, sezvo siginicha zvakare yakagadzirwa pane yakavanzika sevhisi kiyi. Uye hapagone kuve nekushungurudzwa, sekurwiswa kweDOS, nekuti muridzi anobhadhara kune yega dhizaini.

Zvese zvekutengesa zvinotevedza zero imwe zvinoumbwa nenzira yakafanana: kiyi yeruzhinji (kwete chikwama, sezviri kuitika kune zero transaction, asi kubva kune yakajairwa kiyi peya) inofambiswa kuburikidza maviri hashi mabasa SHA256 uye RIPEMD160. Iyi ndiyo nzira iyo data yemunda wechitatu inogadzirwa. Munda wechina une ruzivo runofambidzana (somuenzaniso, ruzivo pamusoro pemamiriro ezvinhu aripo, mazuva ekupera, timestamp, identifiers ye crypto-algorithms inoshandiswa, nezvimwewo). Munda wechishanu une kiyi yeruzhinji kubva pairi kiyi yebasa. Nerubatsiro rwayo, siginecha yedhijitari inozotariswa, saka inozodzokororwa. Ngatipembedzei kudiwa kwemaitiro akadaro.

Rangarira kuti kutengeserana kunopinzwa mudziva uye kuchengetwamo kusvika kwaitwa. Kuchengeta mudziva kwakabatana neimwe njodzi - data rekutengesa rinogona kunyengedzwa. Muridzi anosimbisa data rekutengesa nemagetsi siginecha yedhijitari. Kiyi yeruzhinji yekuona iyi siginecha yedhijitari inoratidzwa zvakajeka mune imwe yenzvimbo dzekutengeserana uye inozopinzwa muregistry. Izvo zvinotarisika zvekugadziriswa kwekutengeserana ndezvekuti munhu anorwisa anokwanisa kushandura data nekufunga kwake obva aisimbisa achishandisa kiyi yake yakavanzika, uye anoratidza kiyi yeruzhinji yakapetwa yekuona siginecha yedhijitari mukutengesa. Kana huchokwadi uye kutendeseka kuchichengetedzwa chete kuburikidza nedhijitari siginicha, saka manyepo akadaro anoenda asina kucherechedzwa. Nekudaro, kana, mukuwedzera kune siginecha yedhijitari, pane imwe nzira inogonesa kuchengetedza uye kuenderera kweruzivo rwakachengetwa, ipapo iyo yekunyepedzera inogona kuwonekwa. Kuti uite izvi, zvakakwana kuti uise kiyi yemuridzi yechokwadi yeruzhinji mune registry. Ngatitsanangure kuti izvi zvinoshanda sei.

Rega anorwisa agadzire data rekutengesa. Kubva pamaonero emakiyi uye masiginecha edhijitari, zvinotevera zvinogoneka:

1. Anorwisa anoisa kiyi yake yeruzhinji mukutengeserana nepo muridzi wedhijitari siginicha inoramba isina kuchinjika.
2. Anorwisa anogadzira siginecha yedhijitari pakiyi yake yega, asi anosiya kiyi yeruzhinji yemuridzi isina kuchinjwa.
3. Anorwisa anogadzira siginecha yedhijitari pakiyi yake yega uye anoisa kiyi yeruzhinji yakabatana mukutengeserana.

Zviripachena, sarudzo 1 uye 2 hadzina zvadzinoreva, sezvo dzichigara dzichionekwa panguva yekusimbisa siginecha yedhijitari. Sarudzo yechitatu chete inonzwisisika, uye kana munhu anorwisa akagadzira siginecha yedhijitari pakiyi yake yakavanzika, anobva amanikidzwa kuchengetedza kiyi yeruzhinji mukutengeserana, yakasiyana nekiyi yeruzhinji yemuridzi. Iyi ndiyo chete nzira yekuti anorwisa aise data remanyepo.

Ngatitorei kuti muridzi ane makiyi akagadziriswa - ega uye eruzhinji. Rega iyo data isimbiswe nedhijitari siginecha uchishandisa kiyi yakavanzika kubva kune iyi vaviri, uye kiyi yeruzhinji inoratidzwa mukutengeserana. Ngatifungeiwo kuti iyi kiyi yeruzhinji yakambopinzwa muregistry uye huchokwadi hwayo hwakasimbiswa nekuvimbika. Ipapo kubiridzira kucharatidzwa nenyaya yekuti kiyi yeruzhinji kubva mukutengeserana haienderane nekiyi yeruzhinji kubva kurejista.

Pfupisa. Kana uchigadzirisa data remuridzi rekutanga rekutengeserana, zvinodikanwa kuti uone chokwadi chekiyi yeruzhinji yakapinda murejista. Kuti uite izvi, verenga kiyi kubva ku registry uye uienzanise neyechokwadi yeruzhinji kiyi yemuridzi mukati meyekuchengetedza perimeter (nzvimbo yekusagadzikana kwehukama). Kana huchokwadi hwekiyi huchisimbiswa uye kuenderera kwayo kunovimbiswa pakuiswa, ipapo huchokwadi hwekiyi kubva kune kutengeserana kunotevera kunogona kusimbiswa nyore nyore / kurambwa nekuienzanisa nekiyi kubva kurejista. Mune mamwe mazwi, kiyi kubva kune registry inoshandiswa semuenzaniso wereferenzi. Zvimwe zvese zvemuridzi zvekutengesa zvinogadziriswa zvakafanana.

Iko kutengeserana kunosimbiswa nemagetsi edhijitari siginecha - apa ndipo panodiwa makiyi akavanzika, uye kwete imwe, asi maviri kamwechete - kiyi yebasa uye kiyi yechikwama. Nekuda kwekushandiswa kwemakiyi maviri akavanzika, iyo inodiwa nhanho yekuchengetedza inovimbiswa - mushure mezvose, kiyi yakavanzika yebasa inogona kuzivikanwa kune vamwe vashandisi, nepo kiyi yakavanzika yechikwama ichizivikanwa chete kumuridzi weakajairwa kiyi peya. Isu takadaidza siginecha yemakiyi maviri akadaro "yakabatanidzwa" siginecha yedhijitari.

Kuongororwa kweasina-null transactions kunoitwa uchishandisa makiyi maviri eruzhinji: chikwama uye kiyi yebasa. Maitiro ekuona anogona kukamurwa kuita matanho makuru maviri: yekutanga ndeyekutarisa kugaya kwekiyi yeruzhinji yechikwama, uye yechipiri ndeyekutarisa yemagetsi siginecha yedhijitari yekutengeserana, iyo yakafanana yakasanganiswa iyo yakaumbwa uchishandisa makiyi maviri akavanzika ( chikwama uye sevhisi). Kana iyo yechokwadi yedhijitari siginecha yakasimbiswa, ipapo mushure mekuwedzera verification kutengeserana kunopinzwa murejista.

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Mubvunzo unonzwisisika ungamuka: nzira yekutarisa kana kutengeserana kuri kwecheni chaiyo ne "mudzi" muchimiro che zero transaction? Nechinangwa ichi, iyo yekusimbisa maitiro inowedzerwa neimwe nhanho - yekubatanidza kutarisa. Apa ndipo patichada data kubva kuminda miviri yekutanga, yatisina kufuratira.

Ngatimbofungidzira kuti tinoda kutarisa kana kutengeserana Nha. Kuti uite izvi, uchishandisa iyo yakasanganiswa hashing nzira, iyo hashi basa kukosha inoverengerwa data kubva kune yechitatu, yechina uye yechishanu minda yekutengeserana Nha. Zvadaro concatenation yedata kubva kumunda wekutanga wekutengesa Nha. Zvese izvi zvinofambiswa kuburikidza maviri hashi mabasa SHA3 uye RIPEMD2. Kana iyo yakagamuchirwa yakakosha inofananidzwa nedheta mundima yechipiri yekutengeserana Nha. Izvi zvinoratidzwa zvakajeka mumifananidzo iri pasi apa.

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain
DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Mukutaura kwakawanda, tekinoroji yekugadzira uye yekupinda chiziviso murejista inotaridzika chaizvo seizvi. Mufananidzo unooneka wemaitiro ekugadzira ketani yezviziviso unoratidzwa mumufananidzo unotevera:

DPKI: kubvisa zvikanganiso zvepakati PKI uchishandisa blockchain

Muchinyorwa ichi, isu hatisi kuzogara pane izvo, izvo pasina kupokana zviripo, uye kudzoka kuzokurukura iyo iyo pfungwa yeiyo yakatemerwa ruzhinji kiyi zvivakwa.

Saka, sezvo munyoreri pachake achiendesa chikumbiro chekunyoresa zviziviso, izvo zvisina kuchengetwa mu database yeCA, asi mune registry, iyo huru yekuvaka zvikamu zveDPKI zvinofanirwa kutariswa:

1. Rejista yezviziviso zvinoshanda (RDN).
2. Register yezviziviso zvakabviswa (RON).
3. Kunyoresa kwezviziviso zvakamiswa (RPN).

Ruzivo rwemakiyi eruzhinji rwakachengetwa muRDN/RON/RPN muchimiro chehash function values. Zvakakoshawo kuziva kuti aya anogona kunge ari maregistries akasiyana, kana maketani akasiyana, kana kunyange cheni imwe sechikamu cheregistry imwechete, kana ruzivo nezve chimiro cheyakajairika kiyi yeruzhinji (kubviswa, kumiswa, nezvimwe) chikamu chechina chechimiro chedata muchimiro chekodhi inowirirana kukosha. Pane zvakawanda zvakasiyana-siyana zvingasarudzwa zvekugadzirwa kweDPKI, uye sarudzo yeimwe kana imwe inoenderana nehuwandu hwezvinhu, semuenzaniso, maitiro ekugadzirisa akadai semutengo wekuyeuka kwenguva refu yekuchengetedza makiyi evanhu, nezvimwewo.

Nekudaro, DPKI inogona kuve, kana isiri nyore, saka inofananidzwa nepakati mhinduro maererano nekuoma kwekuvaka.

Mubvunzo mukuru unoramba uripo - Ndeipi registry yakakodzera kushandisa tekinoroji?

Chinodiwa chikuru chekunyoresa ndiko kugona kugadzira kutengeserana kwemhando ipi neipi. Muenzaniso unonyanya kuzivikanwa webhuku ndeyeBitcoin network. Asi pakuita tekinoroji yakatsanangurwa pamusoro, mamwe matambudziko anomuka: kuganhurirwa kwemutauro uripo wekunyora, kushomeka kwemaitiro anodiwa ekugadziridza data risingawirirane, nzira dzekugadzira matranskisheni emhando yemhando, nezvimwe zvakawanda.

Isu paENCRY takaedza kugadzirisa matambudziko akaumbwa pamusoro uye takagadzira registry, iyo, semaonero edu, ine mabhenefiti akati wandei, anoti:

  • inotsigira akati wandei marudzi ekutengeserana: inogona zvese kuchinjanisa midziyo (kureva, kuita kutengeserana kwemari) uye kugadzira kutengeserana nechimiro chekupokana,
  • Vagadziri vanokwanisa kuwana mutauro wechirongwa chePrismLang, uyo unopa shanduko inodiwa pakugadzirisa matambudziko akasiyana etekinoroji,
  • nzira yekugadzirisa zvisizvo seti yedata inopihwa.

Kana tikatora nzira iri nyore, zvino kutevedzana kwezviito kunoitika:

  1. Iye anonyorera anonyoresa neDPKI uye anogamuchira chikwama chedhijitari. Kero yewallet ndiyo kukosha kwehashi yekiyi yeruzhinji yechikwama. Kiyi yega yega yewallet inozivikanwa chete kune anonyorera.
  2. Chinyorwa chakanyoreswa chinopihwa mukana kune kiyi yakavanzika yebasa.
  3. Musoro wacho unogadzira zero transaction uye unoisimbisa nedhijitari siginecha uchishandisa kiyi yakavanzika yechikwama.
  4. Kana kutengeserana kusiri zero kwakaumbwa, kunosimbiswa nemagetsi dhijitari siginecha uchishandisa makiyi maviri akavanzika: chikwama uye sevhisi imwe.
  5. Nyaya inoendesa kutengeserana kudziva.
  6. Iyo ENCRY network node inoverenga kutengeserana kubva padziva uye inotarisa siginecha yedhijitari, pamwe nekubatanidza kwekutengesa.
  7. Kana iyo siginecha yedhijitari inoshanda uye kubatana kwakasimbiswa, saka inogadzirira kutengeserana kwekupinda murejista.

Pano iyo registry inoshanda sedhatabhesi yakagoverwa inochengeta ruzivo nezve inoshanda, yakanzurwa uye yakamiswa zviziviso.

Hongu, decentralization haisi panacea. Dambudziko rekutanga rekusimbisa mushandisi hariperi chero kupi zvako: kana iko zvino kuongororwa kwemunyoreri kuchiitwa neCR, ipapo muDPKI inokurudzirwa kupa humbowo kunhengo dzenharaunda, uye kushandisa kukurudzira kwemari kukurudzira chiitiko. Open source verification tekinoroji inozivikanwa kwazvo. Kubudirira kwekusimbisa kwakadaro kwakasimbiswa mukuita. Ngatiyeukei zvakare akati wandei ekuferefeta kwepamusoro-soro nekuburitswa kwepamhepo Bellingcat.

Asi kazhinji, mufananidzo unotevera unobuda: DPKI mukana wekugadzirisa, kana zvisiri zvese, saka mazhinji ezvikanganiso zvepakati PKI.

Nyorera kune yedu Habrablog, isu tinoronga kuenderera mberi nekushingaira kuvhara tsvakiridzo yedu nekusimudzira, uye kutevera Twitter, kana iwe usingade kupotsa dzimwe nhau nezve ENCRY mapurojekiti.

Source: www.habr.com

Voeg