1. Introduction

In addition to their exhibition, collection, research, and education functions, museums’ main purpose is to display and protect cultural resources. Continuous attention has been paid to them. However, there is a difficulty: If these collections are displayed in public places for a long time, they may deteriorate. On the other hand, if they are kept in a warehouse, visitors cannot share this valuable information. In 2007, Ross Parry suggested that the concept of digital collections should be added to the main concepts of museums [1]. The main purpose is to digitize these collections. Moreover, transforming collections into digital content in a unified format and developing them into good digital rights management will not only help promote social education, but also facilitate the operation of museums.

Museum digitalization means that the museum converts the texts, images, and videotapes through digital scanners and digital cameras based on the collections of the museum to produce digital data that can be processed by a computer; “Digital Collection” refers to the data and files on various utensils, paintings, and calligraphy, specimens, and documents that have been processed through digital processes. The “digital collections” authorization originated at the beginning of photography in the 19th century. The British Museum accepted donations of photographic images, as well as professional photographers’ photo collections, and sold the collections taken in the museum and the records of museum activity photos; this was the beginning of the museum’s image recording and image authorization [2].

In the 20th century, international museums and governments implemented the digitization plan of various museum collections based on the mission of collection preservation and promotion of cultural policies. Currently, in the 21st century, digital technology is booming, and museums have entered the era of digitization. There are a huge number of digital images. Production allows museums to hold numerous copyrights, signaling an important turning point for image authorization. The international museum community has invested a lot of money and human resources starting more than ten years ago to digitize its collections on a large scale. For example, J. Paul Getty Trust, associated with the Getty Museum, paid US$4.2 million from 1997 to 2002 in funding to establish the “Electronic Cataloguing Initiative”, which sponsored 21 Los Angeles area museums whose main collections are visual arts.

In 2009, the foundation launched OSCI in cooperation with the J. Paul Getty Museum and eight other institutions. Arthur M. Sackler and Freer Art Gallery; Los Angeles County Museum of Art; National Gallery of Art in Washington, DC; San Francisco Museum of Modern Art; Seattle Art Museum; and the Tate and Walker Art Center. The goal of the alliance is to create models for online catalogs, which will greatly increase access to museum collections to provide interdisciplinarity and the latest research, and innovate how to conduct, introduce, and use this research [3]. In 2002, the Culture Online Project of the British Department of Culture, Media and Sports was founded [4]; the British Museum established the “Merlin Project” in 2006 along with other projects, which are all efforts related to the museum’s digital collection.

The core of the museum is its collection and heritage, the physical evidence of human survival and its environment. This includes two levels of connotation: One is the cultural relic entity in the museum’s collection; the other is the information resources that recreate the cultural relic entity, reveal its original information and cultural connotation, including text introductions, images, video three-dimensional models, etc. Museum experts and scholars research and publish works on a certain collection or collection preservation technology, as well as works of collection pictures taken by museum photographers, etc., all belonging to the collection resources.

The “Creative Economy Report 2010” of UNESCO [4] points out that “cultural heritage” is the source of all art forms, and the soul of culture and creative industries, which brings together history, anthropology, ethnology, aesthetics, and social perspectives, while influences people’s creativity. The intellectual property authorization of the museum means that the museum authorizes the copyright of its collection resources. It includes cultural relics, specimens, and artworks to other institutions for the development of cultural derivatives, transforms cultural resources into cultural goods, and establishes effective communication with consumers. It forms a unique brand of museums and reflects the intention of museums to develop products [5]. The authorized person pays the corresponding fee to the authorizer, and the authorizer gives the authorized person corresponding guidance and assistance. In particular, museums in various countries with rich collections can serve as models for brand authorization.

Brand authorization began in the United States in the early 20th century. When Disney’s classic cartoon image of Mickey Mouse became famous, a furniture merchant paid Walt Disney US$300 in exchange for the right to print the image of Mickey Mouse on its products. Disney is recognized as the originator of international brand authorization. Currently, brand authorization has become a global industry with a relatively mature operation model and a complete industrial chain. According to the “2019 Global Licensing Industry Market Survey Report” released by the International Licensing Industry Merchandiser’s Association (LIMA) [6], the global retail sales of licensed goods reached 280.3 billion U.S. dollars in 2018, a year-on-year increase of 3.2%. Among the competitors, China’s authorized industry market sales reached 9.5 billion U.S. dollars, maintaining a rapid growth trend with an increase of 67%.

As an image producer, the core mission of museums is to produce images in the spirit of equality, sharing, and reciprocity. This view also echoes the concept of equality of museums. In the comprehensive digital collection, most of the collections that cannot be displayed or watched in permanent exhibitions or special exhibitions can have the opportunity to be presented to the world. For example, the sea area around the National Museum of Marine Biology and Aquarium, located in the Kenting National Park in southern Taiwan, is a typical marine environment intersection, covering the estuary area, sandy mud bottom, reef shores, and other habitats. Chang et al. [7] studied and integrated the fish species in the sub-tidal zone around the National Museum of Marine Biology and Aquarium, which provides a constant monitoring and conservation research platform for the aquatic environment and biodiversity. The museum has also carried out the image management collection of collection resources [8], but how to use these valuable research resources of the museum through the appropriate preservation, management, authorization, and promote social education is an extremely important challenge.

In recent years, under the concept of “activating and reproducing collections”, museums spread a huge amount of knowledge and culture to visitors with their rich collections, such as artworks, crafts, biological specimens, texts, drawings, paintings, photos, maps, movies, and sound recordings. Museums all over the world take marketization, digitization, diversification, and popularization as their development direction. Their development and utilization of digital image resources in the collections, via different authorization models, are widely praised by society.

The cultural industry chain is divided into four links: Research and development, production, circulation, and consumption. With the development over time, the term “authorization” has been widely used in the cultural industry, and its connotation and extension have also been continuously expanded, and gradually valued by museums. At present, there are two views on the definition of digital image authorization of museum collections: One view is that authorization refers to the process by which the museum grants the digital image of cultural relics owned or managed by the museum as the subject matter to the authorized person in the form of a contract; another view is that authorization is mainly the process of transaction and management of related intellectual property rights. The ultimate goal of museums’ digital authorization of collections is to increase economic benefits based on spreading culture and exerting its educational function.

However, due to various reasons, most people may not be able to visit their favorite museums one by one due to time and space constraints. For example, since the outbreak of the COVID-19 at the beginning of this year (2020), the American Alliance of Museums (AAM) recently stated that nearly one-third of museums in the United States may be permanently closed, and pointed out that museum operations are facing “extreme financial difficulties” [9]. Therefore, determining how to protect museum collections and effectively use these collection resources to maintain the operation of the museum is a critical topic for consideration by museum operators.

Due to the fading of museum collections, while promoting social education, we must strive to preserve them. Digitizing collections is a feasible way. On the other hand, in order to maintain the sustainable operation of museums, it is important to manage the property rights of museum collections after digitization. Copyright provides a bridge between art and commerce because we need to protect the collections. In the past, using watermarking technology to achieve digital property management has been a mature technology [10,11,12]. Digital rights management is always inseparable from cryptographic technology [13,14,15,16]. Up to now, watermarks are combined with smart contract technology to realize digital property management [17]. In recent years, more scholars have used the characteristics of decentralization, non-tampering, traceability, and blockchain openness to solve the application problems of digital rights management, a process that has expanded rapidly [17,18,19,20,21,22].

However, none of the above-mentioned digital property rights management mechanisms integrate the operation of the cash flow system, and naturally cannot reflect its feasibility. Therefore, this article integrates cash flow management into our digital rights management regarding comprehensive digital collections and promotes transparency of collections, the heart of museums. Apart from the practice of equality, the production of images provides an extension of museum collections and serves as a carrier of culture. The circulation of copied images creates richer and more diverse ways of use [23].

In 2017, Ma proposed a common, flexible, and extendable solution for variant DRM scenes, and can support rapid and customized development [24]. Du Toit proposed a decentralized architectural model, which makes use of digital rights management to enforce access control over personal information [25]. Mrabet et al. [26] concluded the open research issues and future directions towards securing IoT. Including the use of blockchain to address security challenges in IoT, and the implications of IoT deployment in 5G and beyond. Therefore, the first focus of digital rights management is how to achieve proper authorization. Generally, the authorization mode of digital collections in museums is divided into the following three methods:

• Direct authorization model of museum digitized collections

The direct authorization model is a model in which the museum, as the authorized party, signs a contract with the authorized party to authorize it to use the digital resources of the collections. The museum collects cultural relics, produces digital content, encrypts and encapsulates, authorizes the identity verification and makes remittance notices, authorizes remittances royalties’ feedback, and finally operates the key authorization process. The authorization model process is shown in Figure 1. The National Museum of the Netherlands and the British Museum, as well as the National Palace Museum in Taipei in Taiwan, are typical examples of the direct authorization model.

Under this authorization model, the authorized party often directly participates in the use of the digital image resources of cultural relics by third-party manufacturers. The advantage is that it is not only conducive to the museum as the authorized party to promptly understand the development of digital image resources, but is also given an in-depth understanding of the connotations of the collection by the relevant departments of the museum, which is often helpful to the successful development of digital resources. However, the shortcomings of this authorization model are also obvious. Because the authorized party is a state-owned museum, the nature of its public welfare institutions often makes it limited in authorization methods, scope, personnel incentives, and so on, so it can easily lead to insufficient responses to market demand and changes.

• 2. Proxy authorization model of museum digitized collections

The proxy authorization model refers to the model in which the museum does not directly act as the authorized subject, but entrusts an agent or an authorization platform as an intermediary, authorizes through a contract with the authorized party, and finally uses the digital resources of the collection in the manner agreed to in the contract. In this model, there will be two authorization behaviors: The first time is the authorization by the museum to the agent or the authorization platform, and the second time is the authorization by the agent or the authorization platform to the third party. The process of this type of authorization mode is shown in Figure 2. The Louvre Museum in France and the Solomon R Guggenheim Museum in the United States are typical representatives of this authorization model.

The entrusted authorization model means that the museum authorizes an agent to sign an authorization contract with the authorized person on behalf of the museum, a common museum proxy authorization model. In the proxy authorization model, agents as authorized intermediaries often have rich authorization management experience and mature customer groups, respond quickly to market demand, and have strong marketing capabilities, which can assist museums in rapidly opening up the authorization market, thereby promoting museums. The cultural and creative production industry has developed rapidly. However, agents, as market entities dominated by economic interests, tend to ignore the public welfare contained in cultural relics, significantly weakening the museum’s ability to control the use of the digital collection by authorized third parties. In this process, third parties are based on market interests driving the development and utilization of authorized resources, so the cultural and economic risks faced by museums will increase accordingly.

The platform authorization model is similar to the entrusted authorization model, but there are differences in the scale of the authorizing party and the authorized party. Under the entrusted authorization model, it is usually one-to-one, that is, a museum entrusts a company to externally authorize, while under the platform authorization model, it is usually many-to-many, that is, multiple museums, middlemen, and authorized parties concentrated in a certain platform carry out authorization. The platform authorization model not only solves the problem of insufficient hardware facilities when most museums carry out the authorization of digital image resources of cultural relics, but also effectively reduces the transaction cost in the process of authorization of digital cultural relics. However, in the platform authorization model, the digital authorization of collections is mainly carried out in the network environment, which is likely to entail transaction risks, including intellectual property rights infringement.

• 3. Comprehensive authorization model for museum digital collections

The comprehensive authorization model is a composite authorization model, which is a diversified and differentiated authorization strategy made by the museum based on its actual situation. Possessing a certain brand awareness, a large number of collection images, high social recognition, and a variety of types of authorized objects are necessary conditions for the adoption of a comprehensive authorization model; therefore, it needs to be based on the museum’s brand awareness, social influence, collection scale, and organization factors, such as staffing and the type of the subject matter of authorization, in making the relevant decision. The comprehensive authorization model combines the advantages of direct authorization and entrusted authorization and helps to optimize the authorization model of different subjects and maximize value creation. The disadvantage is that the complexity of the comprehensive authorization model increases the transaction cost of the authorization process, which will occupy more museum resources to a certain extent. The Metropolitan Museum of Art adopted a comprehensive authorization model when developing art authorization.

Blockchain is a kind of distributed data storage, which has the characteristics of point-to-point transmission, consensus mechanism, and encryption algorithm. For museums, blockchain technology has great value for the digitization of collections and artworks, especially cultural relics, specimens, and artworks. Blockchain has great potential in the confirmation of digital identities. This technology can generate an ID card based on an encryption algorithm for each institution or each person. It has the characteristics of decentralized data storage, decentralization, and traceability. Making clear value guarantees for each collection can also systematically protect the intellectual property rights of cultural relics and artworks so that the whole process of circulation can be followed. The production of digital content and the mechanism of cryptography comprise the foundation of digital property rights. In recent years, blockchain technology has been used to register and digitize collection-related information and cultural relic owner information, and then record these digital files on the blockchain. Because the blockchain has the characteristics of permanent storage and non-tampering, it can establish a one-to-one correspondence between collections, digital information (including photos, three-dimensional models, etc.), and owners, which can effectively solve cultural relic storage, ownership confirmation, and anti-theft, identification, loss prevention, and other issues.

This research is motivated by the following motivations:

• (a). In the 20th century, international museums and governments, based on the mission of preservation and promotion of cultural policies to protect cultural resources, implemented digital plans for various museum collections, so that museums can share digital resources, which will not only help to promote social education, but also benefit the operation of museums.

• (b). Under the guidance of the “activation and reproduction” thinking, this research uses a “digital authorization” model for museums to provide online users with information and increase financial resources to become a sustainable development of museum operations.

The main contributions of this work are as follows. This research proposes an authorization mechanism based on blockchain technology for protecting the museum’s digital property rights. The signature and time stamp mechanism of cryptography is used to achieve a non-repudiation mechanism, and the smart contract achieves transparency, unforgeability, and traceability; this mechanism will thereby solving the above-mentioned problems faced by museum-digital rights management.

The rest of this article is organized as follows. The second section provides preliminary knowledge. The third section discusses the proposed methods for two kinds of authority mechanisms in the business model. The fourth section presents an analysis of the proposed scheme. The fifth section includes a discussion and comparison of the proposed scheme with related works. Finally, we present the conclusion and future works.

2. Preliminary

2.1. Smart Contract

A smart contract is a special agreement that is used when making a contract in the blockchain. It contains code functions and can interact with other contracts, guide decisions, store data, etc. The main force of smart contracts is to provide verification and execution of the conditions stipulated in the contract. Smart contracts allow credible transactions without the need for a third party. These transactions are traceable and irreversible. The concept of smart contracts was first proposed in 1994 by Nick Szabo [27,28], a computer scientist and cryptography expert. The purpose of smart contracts is to provide better security than traditional contract methods and to reduce other transaction costs associated with the contract.

2.2. ECDSA

In cryptography, the Elliptic Curve Digital Signature Algorithm (ECDSA) offers a variant of the Digital Signature Algorithm (DSA), which uses elliptic curve cryptography [29]. As with elliptic-curve cryptography in general, the bit size of the public key believed to be needed for ECDSA is about twice the size of the security level, in bits. For example, at a security level of 80 bits (meaning an attacker requires a maximum of about 2⁸⁰ operations to find the private key), the size of an ECDSA public key would be 160 bits, whereas the size of a DSA public key is at least 1024 bits. On the other hand, the signature size is the same for both DSA and ECDSA: Approximately 4t bits, where t is the security level measured in bits; that is, about 320 bits for a security level of 80 bits.

The signature and verification process of ECDSA is as follows: Suppose Alice wants to send a message to Bob. Initially, both parties must reach a consensus on the curve parameters (CURVE, G, n). In addition to the field equation of the curve, the base point G on the curve and the multiplication order n of the base point G are also required. Alice also needs a private key, $d_A$ and a public key, $Q_A$, where $Q_A=d_{A}G$. If the message Alice wants to send is $m$, Alice needs to choose a random value $k$ between [1, n − 1]: Calculate $z=h(m)$, $(x_1,y_1)=kG$, $r=x_1\mathrm{mod}n$, $s=k^{-1}(z+r{d}_A)\mathrm{mod}n$, and send the ECDSA signature pair $(r,s)$ together with the original message $m$ to Bob. After receiving the signature pair $(r,s)$ and the original message $m$, Bob will verify the correctness of the ECDSA signature. Bob first calculates $z^{\prime }=h(m)$, $u_1=z^{\prime }{s}^{-1}\mathrm{mod}n$, $u_2=r{s}^{-1}\mathrm{mod}n$, $({x_1}^{\prime },{y_1}^{\prime })=u_{1}G+u_2{Q}_A$, $r\stackrel{?}{=}{x}_1{}^{\prime }\mathrm{mod}n$, and if it passes the verification, then Bob confirms that the ECDSA signature and message $m$ sent by Alice are correct.

2.3. Bilinear Pairings

The bilinear map was proposed by Boneh et al. in 2001 [30]. Later, Chen et al. applied this in the medical care field [31,32]. Let $G_1$ be a cyclic additive group generated by $P$, whose order is a prime $q$, and $G_2$ be a cyclic multiplicative group with the same order $q$. Let $e:G_1\ast G_1\to G_2$ be a map with the following properties:

• (a). Bilinearity: $e(aP,bQ)=e{(P,Q)}^{ab}$, $P,Q\in G_1$, $a,b\in Z_q$.

• (b). Non-degeneracy: There exists $P,Q\in G_1$ such that $e(P,Q)\ne 1$, in other words, the map does not send all pairs in $G_1\ast G_1$ to the identity in $G_2$.

• (c). Computability: There is an efficient algorithm to compute $e(P,Q)$, $P,Q\in G_1$.

2.4. Proxy Re-Encryption

In 1998, Blaze et al. [33] proposed atomic proxy cryptography for the first time, in which a semi-trusted proxy computes a function that converts ciphertexts for Alice into ciphertexts for Bob without seeing the underlying plaintext. In Elliptic Curve Based Proxy Re-Encryption, the authors combined elliptic curve, bilinear mapping, and proxy re-encryption and proposed the Elliptic Curve based proxy re-encryption. In their scheme, with setting up a large prime number and G, which is a point on elliptic curve E of order $n$, the proxy is entrusted with delegation key $bG/a$ to change ciphertext from Alice to Bob via computing ($raGbG/a,r{G}^2+P_m$), where $P_m$ is a point on the elliptic curve that embeds the message $m$ in the elliptic curve equation $f$ (i.e., $P_m=f(m)$).

Then we can calculate the message m by finding inverse as $f^{-1}(P_m)$. The proxy re-encryption is a natural application to secure the file system. The following scenarios are the Elliptic Curve based proxy re-encryption mechanism.

• (a). System parameter establishment

Let $E$ be an elliptic curve over a limited field $F_q$, where $q$ is a large prime number, and $G$ is a point on the elliptic curve $E$ of order $n$. Let $Z_n{}^{\ast }$ be a multiplicative group. Let the elliptic curve equation $f$ denote the message embedding function, which maps the message $m$ to a point $P_m$ on $E$.

• (b). Key generation

Alice randomly selects a positive integer $a\in Z_n{}^{\ast }$ as his/her private key and calculates $aG$ as the public key. Bob randomly selects a positive integer $b\in Z_n{}^{\ast }$ as the private key and calculates $bG$ as Bob’s public key.

• (c). Alice encrypts the plaintext m:

  • $P_m$ is the embedding message, which is calculated by $f(m)$: $P_m=f(m)$;

  • generate an arbitrary number $r\in Z_n{}^{\ast }$ and output the ciphertext $(C_1,C_2)=(raG,r{G}^2+P_m)$;

  • send the ciphertext ($C_1,C_2$) to the proxy.

• (d). Generation of the re-encryption key:

  • Alice wants to authorize the information to Bob such that Bob can decrypt the ciphertext; Alice sends the proxy key ${\pi }_{A\to B}=bG/a$ to the proxy.

  • The semi-honest agent proxy re-encrypts the ciphertext ($C_1,C_2$) into ($C_1{}^{\prime },C_2{}^{\prime }$) and sends it to Bob.

• (e). Re-encryption process:

  • For the ciphertext $(C_1,C_2)=(raG,r{G}^2+P_m)$, the proxy uses the re-encryption key to re-encrypt ($C_1,C_2$) into ($C_1{}^{\prime },C_2{}^{\prime }$).

  • • ($C_1{}^{\prime },C_2{}^{\prime }$)

    • =$(raG{\pi }_{A\to B},r{G}^2+P_m)$

    • =$(raGbG/a,r{G}^2+P_m)$

    • =$(rb{G}^2,r{G}^2+P_m)$

  • The proxy sends the converted ciphertext $(C_1{}^{\prime },C_2{}^{\prime })=(rb{G}^2,r{G}^2+P_m)$ to Bob.

• (f). Bob decrypts the ciphertext:

  • Bob can decrypt the embedding message $P_m$ with key $b$:$P_m$ = $C_2{}^{\prime }-b^{-1}{C}_1{}^{\prime }$;

  • then apply the inverse of the function $f$ to get the original message $m$ from $P_m$: $m=f^{-1}(P_m)$.

3. Method

3.1. System Architecture

Figure 3 is the system architecture diagram.

In this study, we use the Elliptic Curve Digital Signature Algorithm (ECDSA), blockchain, and smart contracts to design a traceable authorization mechanism for the museum’s digital content resource. There are six parties involved in this study: Museum (M), Content Administrator (CA), Licensee (L), Blockchain Center (BCC), Proxy (P), and Bank (B).

• (a). Museum (M): The museum is the owner of the digital content. The museum collects the cultural relics and is responsible for the generation and management of the museum’s digital content resource. The digital content resource is classified and protected by the museum.

• (b). Content Administrator (CA): The CA is a cloud platform of the museum. It is responsible for reviewing the Licensee’s request to determine ‘allow or not’ to access the digital content resource.

• (c). Licensee (L): When citizens or institutions want to access the digital content resource of the museum, the Licensee should pay a premium to the museum.

• (d). Blockchain Center (BCC): This center records the access information of the digital right resource for the Licensee. The BCC accepts the parties’ registration and issues the identity certificate and public/private key pair to each party.

• (e). Proxy (P): The proxy is an agency of the museum. After CA authenticates the Licensee’s identity, P is responsible for actually cloud authorization for the Licensee to access the museum’s digital content resource.

• (f). Bank (B): Bank is authorized by a Licensee to pay a premium to the museum.

  We briefly illustrate the scenarios in the following steps.

• Step 1: Registration phase:

Museum, Licensee, Proxy, and Bank need to register with Blockchain Center; the Blockchain Center issues the identity certificate and public/private key pair to each party.

• Step 2: Digital content production phase:

The DCA classifies the museum’s resources, encrypts these resources into a protected digital resource, and then stores it in the CA. The CA also uploads the detailed categories into the Blockchain center.

• Step 3: Authentication phase and issuing invoice phase:

After the Licensee proposes to access digital resource requests, the CA reviews the Licensee’s qualifications and then issues the invoice.

• Step 4: Payment phase:

After payment, the Licensee requests the Bank to issue a certificate for the museum to authenticate this payment. The Content Administer then authenticates the Licensee’s identity. The Content Administer performs one of the following cases.

Case 1: Generates the authorized key to the Licensee directly.

Case 2: Generates a proxy key to the Agency, and the Agency transfers it to the Licensee.

• Step 5: Digital content browsing phase:

After the Licensee receives the authorized key, the Licensee uses it to decrypt the protected digital content. The digital content can be read (or played) normally.

3.2. Smart Contract Initialization

In the proposed architecture, blockchain technology is applied. During the authentication and authorization process, some key information will be saved and verified through the blockchain. The key information in the blockchain is defined in the smart contract. The following is the blockchain smart contract structure for the proposed scheme (Scheme 1).

In the proposed smart contract, we have developed key information that will be stored in the blockchain. In the structure of the lm/la/am smart contract, we developed the field of id (identification), transaction detail, certificate, and timestamp. In the structure of the ml/ma/al smart contract, we developed the field of id, transaction detail, transaction id, and timestamp. In the structure of lc/lp/pc smart contract, we developed the field of id, transaction detail, payment information, and timestamp. In the structure of the cl/cp/pl smart contract, we developed the field of id, transaction detail, authentication key, and timestamp. In the initialization phase, the blockchain center also issues the public and private key pairs for all roles.

3.3. Registration Phase

The Licensee (L), Content Administrator (CA), and Proxy (P) should register with the Blockchain Center (BCC) and obtain a relative public/private key pair. The Licensee (L) and Proxy (P) also get a digital certificate of identity from the Blockchain Center via a secure channel. The system role X can represent the Licensee (L), Content Administrator (CA), and Proxy (P). Figure 4 shows the flowchart of the registration phase.

• Step 1: Role X generates an identity $I{D}_X$, and sends it to the Blockchain Center.

• Step 2: The Blockchain center generates an ECDSA private key $d_X$ based on the role X, calculates:

(1) $Q_X=d_{X}G.$

If the identity of the registered role is verified, the smart contract Xins will be triggered, and the content is presented as follows (Scheme 2):

Then the blockchain center will transmit $I{D}_X,(d_X,Q_X),P{K}_X,S{K}_X,Cer{t}_X$ to role X.

• Step 3: The role X stores $(d_X,Q_X,P{K}_X,S{K}_X,Cer{t}_X)$.

3.4. Digital Content Production Phase

The museum collects many precious cultural relics. The digital content production process of valuable cultural relics involves a specific process. In general, experts and scholars classify (such as biological classification, antiquities classification, etc.), grade (grade of antiquities is divided into general, important, national treasures, etc.), and clarify the importance (such as rare or era significance or endangered species, etc.), and then different competent authorities proceed with various kinds of appointments. Finally, it is handed over to professional and technical personnel to produce digital content through photography and 3D surroundings.

In this phase, we will focus on illustrating the protection technology of digital content. Figure 3 shows the production flowchart of protected digital content. To enhance performance, we use the digital envelope for implementation. That is, the Content Administrator (CA) uses the symmetry key to encrypt the digital content, and then uses the ElGamal-based system of the public-key system to protect the symmetry key. Figure 5 shows the flowchart of the digital content production phase.

• Step 1: Content Administrator (CA) collects cultural relics in a systematic and planned way according to the categories of different collections. CA also uses information technology to convert the collected media data into a form that can be stored, processed, and edited.

• Step 2: CA encrypts these encoded multimedia data with KeyID and Seed, organizes and categorizes each digitized archive resource, and records the data description of the archive itself, as an annotation explanation for the archive itself and various media materials, as well as an indexing tool for users to inquire.

• Step 3: Through the overall planning of the collection environment, a suitable information system can be constructed, and the functions of digital data preservation and management can be achieved through the operation of the system. When a Licensee wants to access these multimedia materials, it must first obtain legal authorization from the Content Administrator (CA).

• Step 4: The CA will provide the Licensee with an authorization key; the Licensee can use the authorization key to unlock the information provided by the CA and get a decryption key, which can be used to obtain the plaintext of multimedia messages. The details will be introduced in the following phase.

3.5. Authentication and Issuing Invoice Phase

3.5.1. Case 1: Direct Authorization

After reviewing the Licensee’s identity, the Content Administrator generates a transaction ID and invoice to the Licensee. We present the flowchart of the authentication and issuing an invoice phase for direct authorization in Figure 6.

• Step 1: The Licensee generates a random value $k_{L-M}$, calculates:

(2)$z_{L-M}=h(I{D}_L,M_{L-M},Cer{t}_L,T{S}_{L-M},I{D}_{BC}),$

(3)$(x_{L-M},y_{L-M})=k_{L-M}G,$

(4)$r_{L-M}=x_{L-M}\mathrm{mod}n,$

(5)$s_{L-M}=k_{L-M}{}^{-1}(z_{L-M}+r_{L-M}{d}_L)\mathrm{mod}n,$

(6)$En{c}_{L-M}=E_{P{K}_M}(I{D}_L,M_{L-M},Cer{t}_L,T{S}_{L-M},I{D}_{BC}),$

The ID_L is encrypted to check integrity. The second ID_L is to show the Licensee’s identity to the content administrator.

• Step 2: The Content Administrator first calculates:

(7)$(I{D}_L,M_{L-M},Cer{t}_L,T{S}_{L-M},I{D}_{BC})=D_{S{K}_M}(En{c}_{L-M}),$

(8)$T{S}_{NOW}-T{S}_{L-M}\le \Delta T$

(9)$z_{L-M}{}^{\prime }=h(I{D}_L,M_{L-M},Cer{t}_L,T{S}_{L-M},I{D}_{BC}),$

(10)$u_{L-M1}=z_{L-M}{}^{\prime }{s}_{L-M}{}^{-1}\mathrm{mod}n,$

(11)$u_{L-M2}=r_{L-M}{s}_{L-M}{}^{-1}\mathrm{mod}n,$

(12)$(x_{L-M}{}^{\prime },y_{L-M}{}^{\prime })=u_{L-M1}G+u_{L-M2}{Q}_L,$

(13)$x_{L-M}{}^{\prime }\stackrel{?}{=}{r}_{L-M}\mathrm{mod}n.$

If the verification is passed, CA will get the relevant content request information and trigger the smart contracts lmins and lmchk. The content is as follows (Scheme 3):

The CA calculates:

(14)$B{C}_{L-M}=h(r_{L-M},s_{L-M}),$

$(I{D}_{BC},B{C}_{L-M})$ will also be uploaded to the blockchain center. Then the CA generates a random value $k_{M-L}$ and calculates:

(15)$z_{M-L}=h(I{D}_M,M_{M-L},TID,invoice,T{S}_{M-L},I{D}_{BC}),$

(16)$(x_{M-L},y_{M-L})=k_{M-L}G,$

(17)$r_{M-L}=x_{M-L}\mathrm{mod}n,$

(18)$s_{M-L}=k_{M-L}{}^{-1}(z_{M-L}+r_{M-L}{d}_M)\mathrm{mod}n,$

(19)$En{c}_{M-L}=E_{P{K}_L}(I{D}_M,M_{M-L},TID,invoice,T{S}_{M-L},I{D}_{BC}),$

• Step 3: The Licensee first calculates:

(20)$(I{D}_M,M_{M-L},TID,invoice,T{S}_{M-L},I{D}_{BC})=D_{S{K}_L}(En{c}_{M-L}),$

(21)$T{S}_{NOW}-T{S}_{M-L}\le \Delta T$

(22)$z_{M-L}{}^{\prime }=h(II{D}_M,M_{M-L},TID,invoice,T{S}_{M-L},I{D}_{BC}),$

(23)$u_{M-L1}=z_{M-L}{}^{\prime }{s}_{M-L}{}^{-1}\mathrm{mod}n,$

(24)$u_{M-L2}=r_{M-L}{s}_{M-L}{}^{-1}\mathrm{mod}n,$

(25)$(x_{M-L}{}^{\prime },y_{M-L}{}^{\prime })=u_{M-L1}G+u_{M-L2}{Q}_M,$

(26)$x_{M-L}{}^{\prime }\stackrel{?}{=}{r}_{M-L}\mathrm{mod}n.$

If the verification is passed, the content request information is confirmed by CA, and the smart contracts mlins and mlchk will be sent. The content is as follows (Scheme 4):

The Licensee calculates:

(27)$B{C}_{M-L}=h(r_{M-L},s_{M-L}),$

$(I{D}_{BC},B{C}_{M-L})$ will also be uploaded to the blockchain center.

3.5.2. Case 2: Proxy Authorization

When the Licensee submits an application request to the Proxy, the Proxy transfers it to the CA for verification. After reviewing the Licensee’s identity, the CA generates a transaction ID and invoice to the Licensee. We present the flowchart of the authentication and issuing invoice phase (L to P) in Figure 7, the flowchart of the authentication and issuing invoice phase (P to CA) in Figure 8, the flowchart of the authentication and issuing invoice phase (CA to P) in Figure 9, and the flowchart of the authentication and issuing invoice phase (P to L) in Figure 10.

• Step 1: The Licensee generates a random value $k_{L-A}$, calculates:

(28)$z_{L-A}=h(I{D}_L,M_{L-A},Cer{t}_L,T{S}_{L-A},I{D}_{BC}),$

(29)$(x_{L-A},y_{L-A})=k_{L-A}G,$

(30)$r_{L-A}=x_{L-A}\mathrm{mod}n,$

(31)$s_{L-A}=k_{L-A}{}^{-1}(z_{L-A}+r_{L-A}{d}_L)\mathrm{mod}n,$

(32)$En{c}_{L-A}=E_{P{K}_A}(I{D}_L,M_{L-A},Cer{t}_L,T{S}_{L-A},I{D}_{BC}),$

• Step 2: The proxy first calculates:

(33)$(I{D}_L,M_{L-A},Cer{t}_L,T{S}_{L-A},I{D}_{BC})=D_{S{K}_A}(En{c}_{L-A}),$

(34)$T{S}_{NOW}-T{S}_{L-A}\le \Delta T$

(35)$z_{L-A}{}^{\prime }=h(I{D}_L,M_{L-A},Cer{t}_L,T{S}_{L-A},I{D}_{BC}),$

(36)$u_{L-A1}=z_{L-A}{}^{\prime }{s}_{L-A}{}^{-1}\mathrm{mod}n,$

(37)$u_{L-A2}=r_{L-A}{s}_{L-A}{}^{-1}\mathrm{mod}n,$

(38)$(x_{L-A}{}^{\prime },y_{L-A}{}^{\prime })=u_{L-A1}G+u_{L-A2}{Q}_L,$

(39)$x_{L-A}{}^{\prime }\stackrel{?}{=}{r}_{L-A}\mathrm{mod}n.$

If the verification is passed, the proxy will get the relevant content request information and trigger the smart contracts lains and lachk. The content is as follows (Scheme 5):

The proxy calculates:

(40)$B{C}_{L-A}=h(r_{L-A},s_{L-A}),$

$(I{D}_{BC},B{C}_{L-A})$ will also be uploaded to the blockchain center.

• Step 3: The proxy generates a random value $k_{A-M}$ and calculates:

(41)$z_{A-M}=h(I{D}_A,I{D}_L,M_{A-M},Cer{t}_A,Cer{t}_L,T{S}_{A-M},I{D}_{BC}),$

(42)$(x_{A-M},y_{A-M})=k_{A-M}G,$

(43)$r_{A-M}=x_{A-M}\mathrm{mod}n,$

(44)$s_{A-M}=k_{A-M}{}^{-1}(z_{A-M}+r_{A-M}{d}_A)\mathrm{mod}n,$

(45)$En{c}_{A-M}=E_{P{K}_M}(I{D}_A,I{D}_L,M_{A-M},Cer{t}_A,Cer{t}_L,T{S}_{A-M},I{D}_{BC}),$

• Step 4: The CA first calculates:

(46)$(I{D}_A,I{D}_L,M_{A-M},Cer{t}_A,Cer{t}_L,T{S}_{A-M},I{D}_{BC})=D_{S{K}_M}(En{c}_{A-M}),$

(47)$T{S}_{NOW}-T{S}_{A-M}\le \Delta T$

(48)$z_{A-M}{}^{\prime }=h(I{D}_A,I{D}_L,M_{A-M},Cer{t}_A,Cer{t}_L,T{S}_{A-M},I{D}_{BC}),$

(49)$u_{A-M1}=z_{A-M}{}^{\prime }{s}_{A-M}{}^{-1}\mathrm{mod}n,$

(50)$u_{A-M2}=r_{A-M}{s}_{A-M}{}^{-1}\mathrm{mod}n,$

(51)$(x_{A-M}{}^{\prime },y_{A-M}{}^{\prime })=u_{A-M1}G+u_{A-M2}{Q}_A,$

(52)$x_{A-M}{}^{\prime }\stackrel{?}{=}{r}_{A-M}\mathrm{mod}n.$

If the verification is passed, the CA will get the relevant content request information and trigger the smart contracts amins and amchk. The content is as follows (Scheme 6):

The CA calculates:

(53)$B{C}_{A-M}=h(r_{A-M},s_{A-M}),$

$(I{D}_{BC},B{C}_{A-M})$ will also be uploaded to the blockchain center.

• Step 5: The CA generates a random value $k_{M-A}$ and calculates:

(54)$z_{M-A}=h(I{D}_M,M_{M-A},TID,invoice,T{S}_{M-A},I{D}_{BC}),$

(55)$(x_{M-A},y_{M-A})=k_{M-A}G,$

(56)$r_{M-A}=x_{M-A}\mathrm{mod}n,$

(57)$s_{M-A}=k_{M-A}{}^{-1}(z_{M-A}+r_{M-A}{d}_M)\mathrm{mod}n,$

(58)$En{c}_{M-A}=E_{P{K}_A}(I{D}_M,M_{M-A},TID,invoice,T{S}_{M-A},I{D}_{BC}),$

• Step 6: The proxy first calculates:

(59)$(I{D}_M,M_{M-A},TID,invoice,T{S}_{M-A},I{D}_{BC})=D_{S{K}_A}(En{c}_{M-A}),$

(60)$T{S}_{NOW}-T{S}_{M-A}\le \Delta T$

(61)$z_{M-A}{}^{\prime }=h(I{D}_M,M_{M-A},TID,invoice,T{S}_{M-A},I{D}_{BC}),$

(62)$u_{M-A1}=z_{M-A}{}^{\prime }{s}_{M-A}{}^{-1}\mathrm{mod}n,$

(63)$u_{M-A2}=r_{M-A}{s}_{M-A}{}^{-1}\mathrm{mod}n,$

(64)$(x_{M-A}{}^{\prime },y_{M-A}{}^{\prime })=u_{M-A1}G+u_{M-A2}{Q}_M,$

(65)$x_{M-A}{}^{\prime }\stackrel{?}{=}{r}_{M-A}\mathrm{mod}n.$

If the verification is passed, the content request information is confirmed by the proxy, and the smart contracts mains and machk will be sent. The content is as follows (Scheme 7):

The proxy calculates:

(66)$B{C}_{M-A}=h(r_{M-A},s_{M-A}),$

• Step 7: The proxy generates a random value $k_{A-L}$ and calculates:

(67)$z_{A-L}=h(I{D}_A,M_{A-L},TID,invoice,T{S}_{A-L},I{D}_{BC}),$

(68)$(x_{A-L},y_{A-L})=k_{A-L}G,$

(69)$r_{A-L}=x_{A-L}\mathrm{mod}n,$

(70)$s_{A-L}=k_{A-L}{}^{-1}(z_{A-L}+r_{A-L}{d}_A)\mathrm{mod}n,$

(71)$En{c}_{A-L}=E_{P{K}_L}(I{D}_A,M_{A-L},TID,invoice,T{S}_{A-L},I{D}_{BC}),$

• Step 8: The Licensee first calculates:

(72)$(I{D}_A,M_{A-L},TID,invoice,T{S}_{A-L},I{D}_{BC})=D_{S{K}_L}(En{c}_{A-L}),$

(73)$T{S}_{NOW}-T{S}_{A-L}\le \Delta T$

(74)$z_{A-L}{}^{\prime }=h(I{D}_A,M_{A-L},TID,invoice,T{S}_{A-L},I{D}_{BC}),$

(75)$u_{A-L1}=z_{A-L}{}^{\prime }{s}_{A-L}{}^{-1}\mathrm{mod}n,$

(76)$u_{A-L2}=r_{A-L}{s}_{A-L}{}^{-1}\mathrm{mod}n,$

(77)$(x_{A-L}{}^{\prime },y_{A-L}{}^{\prime })=u_{A-L1}G+u_{A-L2}{Q}_A,$

(78)$x_{A-L}{}^{\prime }\stackrel{?}{=}{r}_{A-L}\mathrm{mod}n.$

If the verification is passed, the content request information is confirmed by the CA, and the smart contracts alins and alchk will be sent. The content is as follows (Scheme 8):

The Licensee calculates:

(79)$B{C}_{A-L}=h(r_{A-L},s_{A-L}),$

$(I{D}_{BC},B{C}_{A-L})$ will also be uploaded to the blockchain center.

3.6. Payment Verification and Browsing Phase

3.6.1. Case 1: Direct Authorization

After the Licensee is paid, the bank must sign and issue the payment certificate to verify. The CA then authenticates the Licensee’s identity and bank payment certificate. After that, the CA generates the authorized key, making time-sensitive tokens. After authorization, the Licensee’s application (reader or player) can use the authorized key to automatically decrypt the symmetry key. The APP can browse digital content normally. We present the flowchart of the payment verification and browsing phase for direct authorization in Figure 11.

• Step 1: The Licensee generates a random value $k_{L-C}$, calculates:

(80)$z_{L-C}=h(I{D}_L,M_{L-C},Cer{t}_L,TID,Cer{t}_{pay},T{S}_{L-C},I{D}_{BC}),$

(81)$(x_{L-C},y_{L-C})=k_{L-C}G,$

(82)$r_{L-C}=x_{L-C}\mathrm{mod}n,$

(83)$s_{L-C}=k_{L-C}{}^{-1}(z_{L-C}+r_{L-C}{d}_L)\mathrm{mod}n,$

(84)$En{c}_{L-C}=E_{P{K}_C}(I{D}_L,M_{L-C},Cer{t}_L,TID,Cer{t}_{pay},T{S}_{L-C},I{D}_{BC}),$

• Step 2: The CA first calculates:

(85)$(I{D}_L,M_{L-C},Cer{t}_L,TID,Cer{t}_{pay},T{S}_{L-C},I{D}_{BC})=D_{S{K}_C}(En{c}_{L-C}),$

(86)$T{S}_{NOW}-T{S}_{L-C}\le \Delta T$

(87)$z_{L-C}{}^{\prime }=h(I{D}_L,M_{L-C},Cer{t}_L,TID,Cer{t}_{pay},T{S}_{L-C},I{D}_{BC}),$

(88)$u_{L-C1}=z_{L-C}{}^{\prime }{s}_{L-C}{}^{-1}\mathrm{mod}n,$

(89)$u_{L-C2}=r_{L-C}{s}_{L-C}{}^{-1}\mathrm{mod}n,$

(90)$(x_{L-C}{}^{\prime },y_{L-C}{}^{\prime })=u_{L-C1}G+u_{L-C2}{Q}_L,$

(91)$x_{L-C}{}^{\prime }\stackrel{?}{=}{r}_{L-C}\mathrm{mod}n.$

If the verification is passed, the content administrator will get the relevant payment information and trigger the smart contracts lcins and lcchk. The content is as follows (Scheme 9):

The content administrator calculates:

(92)$B{C}_{L-C}=h(r_{L-C},s_{L-C}),$

$(I{D}_{BC},B{C}_{L-C})$ will also be uploaded to the blockchain center. Then the content administrator generates a random value $k_{C-L}$ and calculates:

(93)$P_m=f(I{D}_{DC},Vtime),$

(94)$C_1=Z^{rb}G,$

(95)$C_2=Z^{r}G+P_m,$

(96)$z_{C-L}=h(I{D}_C,M_{C-L},(C_1,C_2),T{S}_{C-L},I{D}_{BC}),$

(97)$(x_{C-L},y_{C-L})=k_{C-L}G,$

(98)$r_{C-L}=x_{C-L}\mathrm{mod}n,$

(99)$s_{C-L}=k_{C-L}{}^{-1}(z_{C-L}+r_{C-L}{d}_C)\mathrm{mod}n,$

(100)$En{c}_{C-L}=E_{P{K}_L}(I{D}_C,M_{C-L},(C_1,C_2),T{S}_{C-L},I{D}_{BC}),$

• Step 3: The Licensee first calculates:

(101)$(I{D}_C,M_{C-L},(C_1,C_2),T{S}_{C-L},I{D}_{BC})=D_{S{K}_L}(En{c}_{C-L}),$

(102)$T{S}_{NOW}-T{S}_{C-L}\le \Delta T$

(103)$z_{C-L}{}^{\prime }=h(I{D}_C,M_{C-L},(C_1,C_2),T{S}_{C-L},I{D}_{BC}),$

(104)$u_{C-L1}=z_{C-L}{}^{\prime }{s}_{C-L}{}^{-1}\mathrm{mod}n,$

(105)$u_{C-L2}=r_{C-L}{s}_{C-L}{}^{-1}\mathrm{mod}n,$

(106)$(x_{C-L}{}^{\prime },y_{C-L}{}^{\prime })=u_{C-L1}G+u_{C-L2}{Q}_C,$

(107)$x_{C-L}{}^{\prime }\stackrel{?}{=}{r}_{C-L}\mathrm{mod}n.$

If the verification is passed, the payment information is confirmed by the content administrator, and the smart contracts clins and clchk will be sent. The content is as follows (Scheme 10):

The Licensee calculates:

(108)$B{C}_{C-L}=h(r_{C-L},s_{C-L}),$

$(I{D}_{BC},B{C}_{C-L})$ will also be uploaded to the blockchain center. Finally, the APP calculates:

(109)$P_m=C_2-C_1{}^{-b}$

3.6.2. Case 2: Proxy Authorization

After payment, the bank must sign and issue the payment certificate to the Licensee. The Licensee submits the payment certificate to the Proxy, and the Proxy transfers it to the Content Administrator for verification. The CA then authenticates the Licensee’s identity and bank payment certificate. After that, the CA generates the authorized key, making time-sensitive tokens. After authorization, the Licensee’s application (reader or player) can use the authorized key to automatically decrypt the symmetry key. The APP can browse digital content normally. We present the flowchart of the payment verification and browsing phase (L to P) in Figure 12, the flowchart of the payment verification and browsing phase (P to CA) in Figure 13, the flowchart of the payment verification and browsing phase (CA to P) in Figure 14, and the flowchart of the payment verification and browsing phase (P to L) in Figure 15.

• Step 1: The Licensee generates a random value $k_{L-P}$, calculates:

(110)$z_{L-P}=h(I{D}_L,M_{L-P},Cer{t}_L,TID,Cer{t}_{pay},T{S}_{L-P},I{D}_{BC}),$

(111)$(x_{L-P},y_{L-P})=k_{L-P}G,$

(112)$r_{L-P}=x_{L-P}\mathrm{mod}n,$

(113)$s_{L-P}=k_{L-P}{}^{-1}(z_{L-P}+r_{L-P}{d}_L)\mathrm{mod}n,$

(114)$En{c}_{L-P}=E_{P{K}_P}(I{D}_L,M_{L-P},Cer{t}_L,TID,Cer{t}_{pay},T{S}_{L-P},I{D}_{BC}),$

• Step 2: The Proxy first calculates:

(115)$(I{D}_L,M_{L-P},Cer{t}_L,TID,Cer{t}_{pay},T{S}_{L-P},I{D}_{BC})=D_{S{K}_P}(En{c}_{L-P}),$

(116)$T{S}_{NOW}-T{S}_{L-P}\le \Delta T$

(117)$z_{L-P}{}^{\prime }=h(I{D}_L,M_{L-P},Cer{t}_L,TID,Cer{t}_{pay},T{S}_{L-P},I{D}_{BC}),$

(118)$u_{L-P1}=z_{L-P}{}^{\prime }{s}_{L-P}{}^{-1}\mathrm{mod}n,$

(119)$u_{L-P2}=r_{L-P}{s}_{L-P}{}^{-1}\mathrm{mod}n,$

(120)$(x_{L-P}{}^{\prime },y_{L-P}{}^{\prime })=u_{L-P1}G+u_{L-P2}{Q}_L,$

(121)$x_{L-P}{}^{\prime }\stackrel{?}{=}{r}_{L-P}\mathrm{mod}n.$

If the verification is passed, the proxy will get the relevant payment information and trigger the smart contracts lpins and lpchk. The content is as follows (Scheme 11):

The Proxy calculates:

(122)$B{C}_{L-P}=h(r_{L-P},s_{L-P}),$

$(I{D}_{BC},B{C}_{L-P})$ will also be uploaded to the blockchain center.

• Step 3: The Proxy then generates a random value $k_{P-C}$ and calculates:

(123)$z_{P-C}=h(I{D}_P,I{D}_L,M_{P-C},Cer{t}_P,Cer{t}_L,TID,Cer{t}_{pay},T{S}_{P-C},I{D}_{BC}),$

(124)$(x_{P-C},y_{P-C})=k_{P-C}G,$

(125)$r_{P-C}=x_{P-C}\mathrm{mod}n,$

(126)$s_{P-C}=k_{P-C}{}^{-1}(z_{P-C}+r_{P-C}{d}_P)\mathrm{mod}n,$

(127)$En{c}_{P-C}=E_{P{K}_C}(I{D}_P,I{D}_L,M_{P-C},Cer{t}_P,Cer{t}_L,TID,Cer{t}_{pay},T{S}_{P-C},I{D}_{BC}),$

• Step 4: The CA first calculates:

(128)$(I{D}_P,I{D}_L,M_{P-C},Cer{t}_P,Cer{t}_L,TID,Cer{t}_{pay},T{S}_{P-C},I{D}_{BC})=D_{S{K}_C}(En{c}_{P-C}),$

(129)$T{S}_{NOW}-T{S}_{P-C}\le \Delta T$

(130)$z_{P-C}{}^{\prime }=h(I{D}_P,I{D}_L,M_{P-C},Cer{t}_P,Cer{t}_L,TID,Cer{t}_{pay},T{S}_{P-C},I{D}_{BC}),$

(131)$u_{P-C1}=z_{P-C}{}^{\prime }{s}_{P-C}{}^{-1}\mathrm{mod}n,$

(132)$u_{P-C2}=r_{P-C}{s}_{P-C}{}^{-1}\mathrm{mod}n,$

(133)$(x_{P-C}{}^{\prime },y_{P-C}{}^{\prime })=u_{P-C1}G+u_{P-C2}{Q}_P,$

(134)$x_{P-C}{}^{\prime }\stackrel{?}{=}{r}_{P-C}\mathrm{mod}n.$

If the verification is passed, the content administrator will get the relevant payment information and trigger the smart contracts pcins and pcchk. The content is as follows (Scheme 12):

The content administrator calculates:

(135)$B{C}_{P-C}=h(r_{P-C},s_{P-C}),$

$(I{D}_{BC},B{C}_{P-C})$ will also be uploaded to the blockchain center.

• Step 5: The content administrator generates a random value $k_{C-P}$ and calculates:

(136)$P_m=f(I{D}_{DC},Vtime),$

(137)$C_1=e(raG,a^{-1}bG),$

(138)$C_2=Z^r{G}^2+P_m,$

(139)$z_{C-P}=h(I{D}_C,M_{C-P},(C_1,C_2),T{S}_{C-P},I{D}_{BC}),$

(140)$(x_{C-P},y_{C-P})=k_{C-P}G,$

(141)$r_{C-P}=x_{C-P}\mathrm{mod}n,$

(142)$s_{C-P}=k_{C-P}{}^{-1}(z_{C-P}+r_{C-P}{d}_C)\mathrm{mod}n,$

(143)$En{c}_{C-P}=E_{P{K}_P}(I{D}_C,M_{C-P},(C_1,C_2),T{S}_{C-P},I{D}_{BC}),$

• Step 6: The Proxy first calculates:

(144)$(I{D}_C,M_{C-P},(C_1,C_2),T{S}_{C-P},I{D}_{BC})=D_{S{K}_P}(En{c}_{C-P}),$

(145)$T{S}_{NOW}-T{S}_{C-P}\le \Delta T$

(146)$z_{C-P}{}^{\prime }=h(I{D}_C,M_{C-P},(C_1,C_2),T{S}_{C-P},I{D}_{BC}),$