In recent years, with the improvement of the overall level of national network security and informatization, password security has become an important symbol of a country's comprehensive national strength and competitiveness. development is playing an increasingly important role. The transformation of commercial encryption has become a technical problem that various industries urgently need to break through.
What are the advantages of the National Secret Algorithm? How to realize the national secret transformation of the underlying platform?
image description
Global Open Source Technology Summit Hyperledger Blockchain Sub-Forum
first level title
What is the National Secret Algorithm
The National Secret Algorithm is a domestic commercial encryption algorithm recognized by the State Cryptography Administration. Simply put, it is actually a series of algorithms, which can be divided into three categories from SM1-SM4, SM7, and SM9, namely symmetric encryption algorithm, asymmetric encryption algorithm and hash algorithm. algorithm.
Compared with the international algorithm, the national secret algorithm is more dominant in terms of overall security strength.
SM2 and RSA have different underlying algorithm mathematical principles. SM2 has higher security strength, and it can use shorter keys to achieve higher security strength. SM2 only needs a 256-bit key level to reach the RSA 2046-bit key security strength, or even exceed it.
SM3 and Sha256, SM3 is an improvement and optimization of Sha256, the algorithm structure of SM3 is MD (Merkle-Damgard) structure, SM3 is more collidable and safer.
SM4 and 3DES, 3DES is an encryption algorithm transitioning from DES to AES, DES has made a linear change, while SM4 has made a non-linear change, and the security will be higher.
Blockchain is a very important field of encryption technology, and the country also has certain requirements for the application of national secret algorithms in blockchain.
text
Basic technical requirements of China's software industry blockchain platform
image description
first level title
Why Do National Secret Transformation
Wanglian Technology's transformation of national secrets is mainly based on three points of thinking:
It is more secure, and several algorithms corresponding to national secrets are generally more secure than international algorithms.
It is more standardized. In the technical requirements for blockchain cryptographic applications proposed by the government and the industry, it is mentioned that it needs to support the national secret algorithm.
first level title
VoneBaaS Platform Architecture
image description
VoneBaaS Platform Functional Architecture
In the VoneBaaS platform architecture, the upper layer is the platform interface layer for external output, the left side is the application integration, and the docking platform interface layer is extended by another layer. We have made many application standards or templates on BaaS, including traceability, certificate storage, NFT, and DAO. Users can quickly copy these applications for their own application development. On the right side of the architecture is the operation monitoring function module, including configuration management, visual monitoring and operation auditing functions.
The VoneBaaS platform has many advantages:
One is that VoneBaaS supports multiple underlying platforms, and meets the password usage requirements of financial distributed technology security specifications in the national secret algorithm;
The second is to support cross-chain, and provide NFT integration modules, and output NFT development capabilities in the form of API;
The third is to provide a smart contract market. The VoneBaaS platform provides smart contract market functions and smart contract online packaging functions to facilitate users to quickly obtain smart contracts and realize business needs.
first level title
VoneBaaS national secret transformation plan
image description
VoneBaaS national secret transformation plan
In the transformation process of Fabric, it is divided into four major parts, namely, Fabric ontology transformation, Fabric CA transformation, Fabric Go SDK transformation, and Fabric Chaincode API transformation.
CA refers to the gwanted open source transformation library, basically no major changes have been made. The transformation of the BCCSP Cryptographic Service Provider module is the core of our transformation. BCCSP provides two factories, one is software implementation factory and the other is hardware implementation factory. What we want to achieve is soft modification, so the SW module has been modified. SW supports the encryption suite of ECCSHA256 by default. After modification, the encryption suite supporting SM2 and SM3 is realized.
On the Fabric Go SDK, our transformation is divided into two parts: CFSSL and NET/HTTP are transformations on the communication level, and INTERNAL is to rely on the code transformed by Fabric, because the Fabric Go SDK depends on the local code of Fabric.
Fabric Chaincode also needs to be modified at the communication level and encryption and decryption. Internal is the code that relies on Fabric transformation, and the communication level is mainly to modify the code in the Shim package.
Since its establishment, Wanglian Technology has always supported national policies, practiced corporate social responsibilities, and has been vigorously supporting the national security construction strategy, actively cooperating with the national secret reinforcement and transformation work. According to the data, Wanglian Technology is the first blockchain enterprise to do national secret transformation based on Fabric2.2 and open source.
In the future, Wangchain Technology will continue to work hard to promote the technological innovation and application of the blockchain, continue to improve the construction of the underlying platform of the blockchain, and jointly help and witness the better development of the industry.
