CN107920052B - Encryption method and intelligent device - Google Patents

Encryption method and intelligent device Download PDF

Info

Publication number
CN107920052B
CN107920052B CN201710655465.4A CN201710655465A CN107920052B CN 107920052 B CN107920052 B CN 107920052B CN 201710655465 A CN201710655465 A CN 201710655465A CN 107920052 B CN107920052 B CN 107920052B
Authority
CN
China
Prior art keywords
terminal
server
private key
password
identification code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201710655465.4A
Other languages
Chinese (zh)
Other versions
CN107920052A (en
Inventor
解旻
孙文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tangsheng Beijing Internet Of Things Technology Co ltd
Original Assignee
Tangsheng Beijing Internet Of Things Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tangsheng Beijing Internet Of Things Technology Co ltd filed Critical Tangsheng Beijing Internet Of Things Technology Co ltd
Priority to CN201710655465.4A priority Critical patent/CN107920052B/en
Publication of CN107920052A publication Critical patent/CN107920052A/en
Application granted granted Critical
Publication of CN107920052B publication Critical patent/CN107920052B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • G06Q20/065Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • G06Q20/065Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
    • G06Q20/0658Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash e-cash managed locally
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/067Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Abstract

The invention discloses an encryption method and an intelligent terminal. The method comprises the following steps; the user clicks a button for obtaining the verification code, the remaining half of the private key generated after the previous operation is submitted to the server, the server splices the half of the private key stored in the server last time to obtain a complete private key, decrypts the information submitted by the user last time to obtain the verification code, and sends the verification code to the mobile phone of the user through a short message; the user splices the obtained mobile phone verification code to a half of the password generated before to obtain a complete wallet password, unlock the wallet and back up the wallet, the wallet needs to go to a server service provider to obtain a cloud storage uploading certificate and a wallet file encryption public key during wallet backup, the wallet file is encrypted and uploaded, a key returned by cloud storage is obtained after the wallet file is successfully uploaded, and a faucet is informed to back up a wallet cloud storage address; the method solves the problems of backup and recovery of the wallet file while ensuring the security of the local wallet file of the user.

Description

Encryption method and intelligent device
Technical Field
The present invention relates to the field of block chaining technologies, and in particular, to an encryption method and an intelligent device.
Background
At present, in a traditional centralized system, user safety information is stored in a server, and the trust cost is too high. In the existing blockchain wallet technology, a user wallet is stored in a user local, and a server only stores a user public key capable of verifying the identity of the user, so that the problems of trust crisis and data opacity are solved, but once the user wallet file is lost or the password is forgotten, the user cannot prove the identity of the user, and the money in an account can only be seen and cannot be taken out. The traditional centralized user system has the following disadvantages:
1. the security and privacy of user information are threatened. All data is on a centralized server, making it vulnerable to hackers and causing theft of funds and disclosure of user privacy.
2. Trust is costly, in a centralized system, a user may default to believing that the system is trusted, and if the system administrator makes a malicious job, the user data may be tampered with or even stolen by the administrator.
3. The data is opaque, in a centralized system, the data is opaque.
The conventional decentralized blockchain wallet technology has the following disadvantages:
1. the user needs to assume the role of backing up the wallet. The user wallet file needs to be saved by the user, once the wallet file is lost, the user cannot use the account, and the user can take back the money in the account.
2. The user needs to bear the risk of forgetting the password, the user needs to remember the password of the wallet, once the user forgets the password, the user cannot get the secret key for proving the identity of the user, and the money of the user account can only be seen and cannot be taken out.
3. The password of the user is in danger of brute force cracking, the password of the user is verified locally, the times are not limited, a hacker can forcibly try to export the password in a brute force cracking mode, and the block chain assets of the user can be possibly lost.
Therefore, an encryption method and an intelligent device are urgently needed to solve the problems of the backup and recovery of wallet files while ensuring the security of the local wallet files of the user.
Disclosure of Invention
The invention aims to solve the technical problem of backup and recovery of wallet files while ensuring the security of the local wallet files of a user.
To solve the above technical problem, the present invention provides an encryption method;
when a terminal receives a program ending instruction, generating a user password, a public key and a private key, wherein the user password comprises a first password and a second password;
the terminal splits the private key into a first private key and a second private key;
the terminal encrypts the first password through the public key to obtain a first ciphertext, and the first ciphertext and the first private key are sent to a server;
when the terminal receives a next login/transaction instruction, the attribution identification and the second private key of the terminal are sent to the server, so that the server confirms the identity of the terminal after receiving the attribution identification, recombines the received first private key and the second private key after confirming the identity of the terminal, obtains the private key, decrypts a first ciphertext through the private key to obtain a first password, and sends the first password back to the terminal;
the terminal receives the first password sent by the server, and recombines the first password and the local second password to obtain the user password;
and the terminal executes login \ transaction operation through the recombined user password.
The present invention also provides another encryption method, comprising,
the method comprises the steps that a server receives a first cipher text, a first private key, a second private key and an attribution identification sent by a terminal, the first private key and the second private key are formed by fission of a generated private key after the terminal receives an ending instruction, the first cipher text is obtained by encrypting a first password in a user password generated by the terminal through a public key generated after the terminal receives the ending instruction, and the user password also comprises a second password;
the server confirms the identity of the terminal through the attribution identification, if the identity is confirmed to be correct, the server recombines the first private key and the second private key to obtain the private key, decrypts the first ciphertext through the private key to obtain the first password, and sends the first password back to the terminal, so that the terminal recombines the first password and the local second password to obtain the user password, and the next login \ transaction operation is executed through the user password.
The present invention also provides another encryption method, comprising,
the method comprises the steps that a cloud identification code is generated after a cloud receiving terminal encrypts a wallet file, the cloud identification code is sent to the terminal, so that the terminal receives the cloud identification code and sends the cloud identification code to a server, the server checks and matches the cloud identification code with the local server identification code after receiving the cloud identification code, and if the matching is successful, the path of the wallet file is updated.
The present application further provides an intelligent device, comprising:
a receiving and sending unit for receiving the instruction of ending program;
the device comprises a generating unit, a processing unit and a processing unit, wherein the generating unit is used for generating a user password, a public key and a private key, and the user password comprises a first password and a second password;
the fission recombination unit is used for splitting the private key into a first private key and a second private key;
the encryption unit is used for encrypting the first password through a public key to obtain a first ciphertext;
the receiving and sending unit is further configured to send the first ciphertext and the first private key to a server, and is further configured to receive a login \ transaction instruction, so that the server confirms the identity of the terminal after receiving the attribution identifier, recombines the received first private key and the second private key after confirming the identity of the terminal, obtains the private key, decrypts the first ciphertext through the private key, obtains the first password, and sends the first password back to the terminal;
the transceiver unit is further configured to send the first password to the server;
the fission recombination unit is further used for recombining the first password and the local second password to obtain the user password;
it also comprises the following steps of,
and the execution unit is used for executing login \ transaction operation through the user password.
The present application further provides another intelligent device, comprising:
the receiving and sending unit is used for receiving a first cipher text, a first private key, a second private key and an attribution identification, wherein the first private key and the second private key are formed by splitting a generated private key after the terminal receives an ending instruction, the first cipher text is obtained by encrypting a first password in a user password generated by the terminal by generating a public key after the terminal receives the ending instruction, and the user password also comprises a second password;
a confirming unit, which is used for the server to confirm the terminal identity through the attribution identification;
the fission recombining unit is used for recombining the first private key and the second private key to obtain the private key if the confirmation is correct;
the decryption unit decrypts the first ciphertext through the private key to obtain the first password;
the receiving and sending unit is further configured to send a first password to the terminal, so that the terminal recombines the first password and a local second password to obtain the user password, and executes a next login \ transaction operation through the user password.
The present application further provides another intelligent device, comprising:
a receiving and sending unit, which is used for receiving the encrypted wallet file encrypted by the terminal;
the generating unit is used for generating a cloud identification code;
the receiving and sending unit is further used for sending the cloud identification code to the terminal so that the terminal receives the cloud identification code and sends the cloud identification code to the server, the server checks and matches the cloud identification code with the local server identification code after receiving the cloud identification code, and if the matching is successful, the path of the wallet file is updated.
The invention has the beneficial effects that:
1. the user login password is designed by adopting a one-time pad, the user does not need to remember the password, and the risk of forgetting the password is avoided.
2. The wallet is automatically backed up, and the risk of losing wallet information is avoided.
3. The wallet backup adopts asymmetric encryption and one-time pad design. The risk of the wallet being violently decrypted is eliminated.
4. The mobile phone number of the user at the server side and the backup information of the wallet file are stored separately and are not related to the server side, so that the information safety is ensured.
Drawings
FIG. 1 is a flow chart of a method of encrypting according to an embodiment of the present application;
FIG. 2 is a flow chart of a method of encrypting according to another embodiment of the present application;
FIG. 3 is a flow chart of a method of encrypting according to another embodiment of the present application;
FIG. 4 is a flow chart of a method of encrypting according to another embodiment of the present application;
FIG. 5 is a flow chart of a method of encrypting according to another embodiment of the present application;
FIG. 6 is a flow chart of a method of encrypting according to another embodiment of the present application;
FIG. 7 is a flow chart of a method of encrypting according to another embodiment of the present application;
FIG. 8 is a flow chart of a method of encrypting according to another embodiment of the present application;
FIG. 9 is a flow chart of a method of encrypting according to another embodiment of the present application;
FIG. 10 is a block diagram of an intelligent device for encryption according to another embodiment of the present application;
FIG. 11 is a block diagram of an intelligent device for encryption according to another embodiment of the present application;
FIG. 12 is a block diagram of an intelligent device for an encryption method according to another embodiment of the present application;
the specific implementation mode is as follows:
the following examples are given for the purpose of clarity of the invention and are not intended to limit the embodiments of the invention. It will be apparent to those skilled in the art that other variations and modifications can be made in the invention without departing from the spirit of the invention, and it is intended to cover all such modifications and variations as fall within the true spirit of the invention.
A method of encryption, the method comprising;
as shown in fig. 1, the encryption method of the present application includes:
step 101: when a terminal receives a program ending instruction, generating a user password, a public key and a private key, wherein the user password comprises a first password and a second password;
step 102: the terminal splits the private key into a first private key and a second private key;
step 103: the terminal encrypts the first password through the public key to obtain a first ciphertext, and the first ciphertext and the first private key are sent to a server;
step 104: when the terminal receives a next login/transaction instruction, the attribution identification and the second private key of the terminal are sent to the server, so that the server confirms the identity of the terminal after receiving the attribution identification, recombines the received first private key and the second private key after confirming the identity of the terminal, obtains the private key, decrypts a first ciphertext through the private key to obtain a first password, and sends the first password back to the terminal;
step 105: the terminal receives the first password sent by the server, and recombines the first password and the local second password to obtain the user password;
step 106: and the terminal executes login \ transaction operation through the recombined user password.
Firstly, when a terminal receives a program ending instruction, the program ending instruction is a logout or quit instruction, and a user password, a public key and a private key are generated, wherein the user password comprises a first password and a second password; the first password and the second password are two random character strings, the terminal encrypts the first password through the public key to obtain a first ciphertext, and the first ciphertext and the first private key are sent to the server; when a terminal receives a login/transaction instruction, an attribution identification and the second private key of the terminal are sent to the server, so that the server confirms the identity of the terminal after receiving the attribution identification, wherein the attribution identification generally refers to the mobile phone number of a mobile phone, after the identity is confirmed correctly, the received first private key and the received second private key are recombined to obtain the private key, a first cipher text is decrypted through the private key to obtain a first password, and the first password is sent back to the terminal; the above encryption and decryption processes all adopt salt adding encryption, and decrypted passwords and salt are generated after decryption. All the encryption and decryption operations are performed by salt adding encryption, and are not described in detail.
Secondly, the terminal receives the first password sent by the server, and recombines the first password and the local second password to obtain the user password.
And finally, the terminal executes login \ transaction operation through the recombined user password. Since the generation of the user password is an instantaneous process, the user password is not stored in the same device in other cases. So brute force cracking cannot be performed.
As shown in fig. 7, in an alternative embodiment of the present application, it further includes a backup method thereof, where the backup method is as follows:
after the terminal splits the private key into a first private key and a second private key, the terminal sends a terminal identifier to the server so that the server performs identifier registration through the terminal identifier, after the identifier registration is successful, the server generates a server path, an uploading certificate, a server identification code, a storage public key and a storage private key, and the server sends the server path, the uploading certificate and the storage public key to the terminal;
the terminal receives the server path, the uploading certificate and the storage public key sent by the server;
the terminal encrypts the wallet file through the storage public key and sends the wallet file to a cloud end, so that the cloud end generates a cloud end identification code after receiving the encrypted wallet file and sends the cloud end identification code back to the terminal;
and the terminal receives the cloud identification code and sends the cloud identification code to the server so that the server checks and matches the cloud identification code with the local server identification code, and if the matching is successful, the path of the wallet file is updated, so that all backup processes are completed.
As shown in fig. 8, in an alternative embodiment of the present application, it further includes a recovery method thereof, where the recovery method is as follows:
the terminal receives a reduction instruction and sends the terminal identification to the server so that the server confirms the identity of the terminal through the terminal identification, after the confirmation is successful, the server downloads the encrypted wallet file at the cloud end and decrypts the encrypted wallet file through a local storage private key, and the server sends the decrypted wallet file to the terminal;
and the terminal executes recovery operation after receiving the decrypted wallet file. This restore operation is based on the use of the backup operation described above.
As shown in fig. 2, a method for line encryption according to another embodiment of the present application includes:
step 201: the method comprises the steps that a server receives a first cipher text, a first private key, a second private key and an attribution identification sent by a terminal, the first private key and the second private key are formed by fission of a generated private key after the terminal receives an ending instruction, the first cipher text is obtained by encrypting a first password in a user password generated by the terminal through a public key generated after the terminal receives the ending instruction, and the user password also comprises a second password;
step 202: the server confirms the identity of the terminal through the home identifier,
step 203: if the user password is confirmed to be correct, the server recombines the first private key and the second private key to obtain the private key, decrypts the first ciphertext through the private key to obtain the first password, and sends the first password back to the terminal, so that the terminal recombines the first password and the local second password to obtain the user password, and executes the next login \ transaction operation through the user password.
Firstly, the server receives a first ciphertext, a first private key, a second private key and an attribution identifier sent by a terminal;
secondly, the server confirms the identity of the terminal through the attribution identification; the attribution identification refers to a mobile phone number.
And finally, if the confirmation is correct, the server recombines the first private key and the second private key to obtain the private key, decrypts the first ciphertext through the private key to obtain the first password, and sends the first password back to the terminal, so that the terminal recombines the first password and the local second password to obtain the user password, and executes the next login \ transaction operation through the user password.
As shown in fig. 7, in an alternative embodiment of the present application, a backup method thereof may be included, where the backup method is as follows:
when the terminal splits the private key into a first private key and a second private key and sends the terminal identification to the server, the server receives the terminal identification sent by the terminal and performs identification registration through the terminal identification;
after the registration is successful, the server generates a server identification code, a storage public key, a storage private key, a server path and an uploading certificate;
the server sends the server path and the uploading certificate to the terminal together with the storage public key so that the terminal uploads a wallet file to a cloud end in an encrypted mode through the storage public key, the cloud end generates a cloud end identification code after receiving the encrypted wallet file and sends the cloud end identification code to the terminal, and the terminal sends the cloud end identification code to the server after receiving the cloud end identification code;
and after receiving the cloud identification code, the server checks and matches the cloud identification code with the local server identification code, and if the matching is successful, the path of the wallet file is updated.
As shown in fig. 8, in an alternative embodiment of the present application, a recovery method thereof may be included, and the recovery method is as follows:
after receiving a terminal identifier sent by the terminal, the server confirms the identity of the terminal through the terminal identifier;
when the identity is confirmed correctly, the server downloads the encrypted wallet file stored in the cloud;
and the server decrypts the encrypted wallet file through the storage private key and sends the decrypted wallet file to the terminal so as to enable the terminal to execute recovery operation.
Firstly, after receiving a terminal identifier sent by the terminal, the server confirms the identity of the terminal through the terminal identifier;
secondly, when the identity is confirmed to be correct, the server downloads the encrypted wallet file stored in the cloud end;
and finally, the server decrypts the encrypted wallet file through the storage private key and sends the decrypted wallet file to the terminal so as to enable the terminal to execute recovery operation. In the process of sending the decryption wallet to the terminal, a rescue mailbox is usually preset actually. And sending the information to the rescue mailbox. And the terminal downloads the decryption wallet file in the rescue mailbox and imports the decryption wallet file into a terminal program.
Another embodiment of the present application provides a line encryption method, including:
as shown in fig. 7, a cloud terminal receives a wallet file encrypted by a terminal, generates a cloud terminal identification code, and sends the cloud terminal identification code to the terminal, so that the terminal receives the cloud terminal identification code and sends the cloud terminal identification code to a server, the server checks and matches the cloud terminal identification code with the local server identification code, and if the matching is successful, the path of the wallet file is updated.
The cloud end mainly appears in the identity of a memory in the process, and the password passing through the cloud end is placed on the server and the terminal to prevent the cloud end from being stolen.
Application example:
the following describes the working process in detail based on the complete encryption, decryption, backup, and recovery process, and the specific working process is as follows:
as shown in fig. 3, when the user registers on the terminal for the first time, the server sends the first user password because the operation has not triggered the fission login \ transaction operation condition, and because the program has not been entered at this time, the login \ transaction operation cannot be performed yet. And finally quitting to perform logout operation through the first initial user entering program. The logout operation is the instruction of the ending program in step 101, and may also be a trigger node operation after the login \ transaction operation.
Step a: when the terminal executes the ending instruction, the user password, the public key and the private key are generated, the first password and the second password included in the user password are both two strings of random characters, and the public key and the private key are rsa public and private key pairs. The algorithm of the public and private keys adopts the user public and private keys to pass through ECC (elliptic curve algorithm). After that time, the user can use the device,
step b: the private key is split to generate the first private key and the second private key;
step c: the terminal encrypts the first password through the public key to obtain a first ciphertext, wherein the encryption is salt encryption, the subsequent encryption processes are all salt encryption, the password and the salt are also generated after decryption, the description is not repeated, and the encrypted first ciphertext and the first private key are sent to the server.
Step d: when the terminal receives a next login \ transaction instruction, the terminal sends the mobile phone number and the second private key to the server; the mobile phone number at this time is the above-mentioned attribution mark.
Step e: and after receiving the first private key, the second private key and the first ciphertext, the server recombines the first private key and the second private key into the private key and decrypts the first ciphertext. The password is restored to be the first password and is transmitted back to the terminal in the form of the short message verification code.
Step f: and the terminal and the local second password are combined and restored to be the user password to execute login \ transaction operation. And the server takes out the private key of the operation at the moment.
When the user operates the data on the chain on the terminal, the terminal automatically changes the wallet password after receiving the verification code and inputting verification, calls a wallet backup and password changing interface to the server, and transmits clues of logging in the short message verification code next time for obtaining the short message verification code when operating the data on the chain next time, which is a one-time pad.
The backup process is as follows:
when the terminal splits the private key into a first private key and a second private key and sends the terminal identifier to the server, the backup process starts:
and the terminal sends a terminal identifier to the server, the terminal identifier at this time is a user name, and a server identification code generated by the server is a key associated with the path. Meanwhile, an uploading certificate, the storage public key and a storage private key are generated, and the key, the uploading certificate and the storage public key are sent to the terminal;
and encrypting the wallet file by using the storage public key on the terminal and uploading the wallet file to the cloud. And the cloud end generates the cloud end identification code, the cloud end identification code is a key generated by the cloud end and is matched with the key generated by the server, and if the matching is successful, the wallet path of the user is updated.
As shown in fig. 4, the terminal receives a restore instruction sent by the user, the restore instruction is a get-back wallet button in the program, and the terminal sends the user name to the server. And the server starts to download the wallet file encrypted by the cloud after receiving the user name, decrypts the wallet file through the locally generated storage private key, and finally sends the decrypted wallet file to the storage module. The storage module is a preset rescue mailbox.
And the terminal downloads the decrypted wallet file and automatically imports the wallet file to finish the restoration operation.
In the authentication process shown in fig. 9, the terminal sends the URI, the http method, and the user name to the server, and obtains the ticket through the server and sends the ticket to the terminal. The terminal signs the Ticket through a private key, the Ticket and the service data are sent to the server, the server checks whether the signed Ticket is matched with the current interface or not, and a check result, namely a service result or authentication failure, is returned to the terminal.
The noun explains:
definition of blockchain:
in a narrow sense: the data blocks are organized by a cryptographic algorithm and a chain-linked associative structure and are commonly maintained by participating nodes to ensure that the data is hardly modified.
In a broad sense: in a peer-to-peer network with all nodes being untrusty, a trust mechanism is established through a consensus algorithm and a game theory, and finally a communication system with node data storage consistency is realized.
Characteristics of the blockchain:
the block chain technology has four characteristics of decentralized, distributed accounting, non-tampering and distrust removing, so that the block chain technology is very suitable for being used as a bottom layer technology of various financial scenes, helps to promote asset circulation, reduces transaction cost, standardizes operation flow, improves service efficiency, and makes finance safer and more transparent.
The block chain technology realizes decentralized through distributed nodes, distributed accounting is realized through a consensus mechanism among the distributed nodes, and non-tampering is realized through a cryptology chain structure and an electronic signature, so that a distrusted peer-to-peer accounting network is realized.
Block chain wallet technology:
the block chain wallet is designed in a non-centralized mode, a public and private key of a user is generated through an ECC (elliptic curve algorithm), the private key is used for message signing, the public key is used for verifying and marking an address, the user wallet stores the private key of the user used for message signing, and a user password encrypts the private key of the user through an AES (advanced encryption standard) encryption and decryption algorithm to protect the security of the private key.
The public and private keys of the user are as follows:
the user public and private keys are generated through an ECC (elliptic curve algorithm), the private keys are used for message signing, the public keys are used for verifying and marking addresses, the server does not store a user password and the user private keys, only stores the user public keys, and the password and the private keys are kept by the user.
Wallet password:
the method is used for encrypting and storing the private key, and the security of the private key is protected by adopting an AES encryption and decryption algorithm.
Rsa public and private key:
an asymmetric cryptographic algorithm, RSA will generate two keys, either one can be used for public key, then the other is the private key you must protect; using one encryption requires the other to decrypt.
Cloud storage and uploading of a certificate: before uploading, the cloud storage client needs to acquire an uploading certificate from the server, and the uploading certificate is used as a part of request content when uploading resources. Requests without credentials or with illegitimate credentials will be denied.
Adding salt and encrypting: salt encryption is an encryption of system login passwords by associating each password with an n-bit random number called "salt".
Wallet backup table:
Figure BDA0001368374840000111
a one-time pad table:
name of field Description of the invention Remarks for note
phone Main key
encode_pass_b Encrypted secret-B with salt
private_x One half of RSA private key X transmitted from client
old_pass_b Old personCipher B encrypted by adding salt Authentication-use
As shown in fig. 10, the present application also provides an intelligent terminal, including:
a receiving and sending unit for receiving the instruction of ending program;
the device comprises a generating unit, a processing unit and a processing unit, wherein the generating unit is used for generating a user password, a public key and a private key, and the user password comprises a first password and a second password;
the fission recombination unit is used for splitting the private key into a first private key and a second private key;
the encryption unit is used for encrypting the first password through a public key to obtain a first ciphertext;
the receiving and sending unit is further configured to send the first ciphertext and the first private key to a server, and is further configured to receive a login \ transaction instruction, so that the server confirms the identity of the terminal after receiving the attribution identifier, recombines the received first private key and the second private key after confirming the identity of the terminal, obtains the private key, decrypts the first ciphertext through the private key, obtains the first password, and sends the first password back to the terminal;
the transceiver unit is further configured to send the first password to the server;
the fission recombination unit is further used for recombining the first password and the local second password to obtain the user password;
it also comprises the following steps of,
and the execution unit is used for executing login \ transaction operation through the user password.
Further, in the present invention,
the receiving and sending unit is further configured to send a terminal identifier to the server, so that the server performs identifier registration through the terminal identifier, after the identifier registration is successful, the server generates a server path, an upload certificate, a server identification code, a storage public key and a storage private key, and the server sends the server path, the upload certificate and the storage public key to the terminal;
the receiving and sending unit is further configured to receive the server path, the upload certificate, and the storage public key sent by the server;
the encryption unit is used for encrypting the wallet file by the terminal through the storage public key;
the receiving and sending unit is further configured to send the wallet file encrypted by the terminal to a cloud, so that the cloud generates a cloud identification code after receiving the encrypted wallet file, and sends the cloud identification code back to the terminal.
The receiving and sending unit is further configured to receive the cloud identification code and send the cloud identification code to the server, so that the server checks and matches the cloud identification code with the local server identification code, and if the matching is successful, the path of the wallet file is updated.
Further, in the present invention,
the receiving and sending unit is further configured to receive a restore instruction, send the terminal identifier to the server, so that the server confirms the identity of the terminal through the terminal identifier, download the encrypted wallet file at the cloud end and decrypt the encrypted wallet file through a local storage private key after the confirmation is successful, and send the decrypted wallet file to the terminal;
the receiving and sending unit is also used for receiving the decrypted wallet file;
the execution unit is further configured to execute a recovery operation by the terminal.
As shown in fig. 11, another smart device provided by the present application includes:
the receiving and sending unit is used for receiving a first cipher text, a first private key, a second private key and an attribution identification, wherein the first private key and the second private key are formed by splitting a generated private key after the terminal receives an ending instruction, the first cipher text is obtained by encrypting a first password in a user password generated by the terminal by generating a public key after the terminal receives the ending instruction, and the user password also comprises a second password;
a confirming unit, which is used for the server to confirm the terminal identity through the attribution identification;
the fission recombining unit is used for recombining the first private key and the second private key to obtain the private key if the confirmation is correct;
the decryption unit decrypts the first ciphertext through the private key to obtain the first password;
the receiving and sending unit is further configured to send a first password to the terminal, so that the terminal recombines the first password and a local second password to obtain the user password, and executes a next login \ transaction operation through the user password.
Further, in the present invention,
the receiving and sending unit is further configured to receive, by the server, the terminal identifier sent by the terminal when the terminal splits the private key into a first private key and a second private key and sends the terminal identifier to the server;
it also comprises the following steps of,
a registration unit, which is used for performing identification registration through the terminal identification;
the generation unit is used for generating a server identification code, a storage public key, a storage private key, a server path and an uploading certificate by the server after the registration is successful;
the receiving and sending unit is further configured to send the server path and the upload certificate together with the storage public key to the terminal, so that the terminal uploads a wallet file to a cloud in an encrypted manner through the storage public key, the cloud generates a cloud identification code after receiving the encrypted wallet file, and sends the cloud identification code to the terminal, and the terminal sends the cloud identification code back to the server after receiving the cloud identification code;
the receiving and sending unit is further used for the server to check and match the cloud identification code with the local server identification code after receiving the cloud identification code, and if the matching is successful, the path of the wallet file is updated.
Further, in the present invention,
the receiving and sending unit is further configured to receive a terminal identifier sent by the terminal, and send the decrypted wallet file to the storage module;
it also comprises the following steps of,
a confirming unit, configured to confirm, by the server, the identity of the terminal through the terminal identifier;
the download unit is used for downloading the encrypted wallet file stored in the cloud end by the server when the identity is confirmed to be correct;
the decryption unit is used for decrypting the encrypted wallet file through the storage private key;
and the transceiving unit is used for sending the decrypted wallet file to the terminal so as to enable the terminal to execute recovery operation.
As shown in fig. 12, another smart device provided by the present application includes:
a receiving and sending unit, which is used for receiving the encrypted wallet file encrypted by the terminal;
the generating unit is used for generating a cloud identification code;
the receiving and sending unit is further used for sending the cloud identification code to the terminal so that the terminal receives the cloud identification code and sends the cloud identification code to the server, the server checks and matches the cloud identification code with the local server identification code after receiving the cloud identification code, and if the matching is successful, the path of the wallet file is updated.
Although the embodiments of the present invention have been described above, the above description is only for the convenience of understanding the present invention, and is not intended to limit the present invention. It will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (12)

1. A method of encryption, the method comprising:
when a terminal receives a program ending instruction, generating a user password, a public key and a private key, wherein the user password comprises a first password and a second password;
the terminal splits the private key into a first private key and a second private key;
the terminal encrypts the first password through the public key to obtain a first ciphertext, and the first ciphertext and the first private key are sent to a server;
when the terminal receives a next login/transaction instruction, the attribution identification and the second private key of the terminal are sent to the server, so that the server confirms the identity of the terminal after receiving the attribution identification, recombines the received first private key and the second private key after confirming the identity of the terminal, obtains the private key, decrypts a first ciphertext through the private key to obtain a first password, and sends the first password back to the terminal;
the terminal receives the first password sent by the server, and recombines the first password and the local second password to obtain the user password;
and the terminal executes login \ transaction operation through the recombined user password.
2. The encryption method according to claim 1, further comprising a backup method thereof,
the backup method comprises the following steps:
after the terminal splits the private key into a first private key and a second private key, the terminal sends a terminal identifier to the server so that the server performs identifier registration through the terminal identifier, after the identifier registration is successful, the server generates a server path, an uploading certificate, a server identification code, a storage public key and a storage private key, and the server sends the server path, the uploading certificate and the storage public key to the terminal;
the terminal receives the server path, the uploading certificate and the storage public key sent by the server;
the terminal encrypts the wallet file through the storage public key and sends the wallet file to a cloud end, so that the cloud end generates a cloud end identification code after receiving the encrypted wallet file and sends the cloud end identification code back to the terminal;
and the terminal receives the cloud identification code and sends the cloud identification code to the server, so that the server checks and matches the cloud identification code with the local server identification code, and if the matching is successful, the path of the wallet file is updated.
3. The encryption method according to claim 2, further comprising a recovery method thereof,
the recovery method comprises the following steps:
the terminal receives a reduction instruction and sends the terminal identification to the server so that the server confirms the identity of the terminal through the terminal identification, after the confirmation is successful, the server downloads the encrypted wallet file at the cloud end and decrypts the encrypted wallet file through a local storage private key, and the server sends the decrypted wallet file to the terminal;
and the terminal executes recovery operation after receiving the decrypted wallet file.
4. A method of encryption, the method comprising:
the method comprises the steps that a server receives a first cipher text, a first private key, a second private key and an attribution identification sent by a terminal, the first private key and the second private key are formed by fission of a generated private key after the terminal receives an ending instruction, the first cipher text is obtained by encrypting a first password in a user password generated by the terminal through a public key generated after the terminal receives the ending instruction, and the user password also comprises a second password;
the server confirms the identity of the terminal through the attribution identification;
if the user password is confirmed to be correct, the server recombines the first private key and the second private key to obtain the private key, decrypts the first ciphertext through the private key to obtain the first password, and sends the first password back to the terminal, so that the terminal recombines the first password and the local second password to obtain the user password, and executes the next login \ transaction operation through the user password.
5. The encryption method according to claim 4, further comprising a backup method thereof:
the backup method comprises the following steps:
when the terminal splits the private key into a first private key and a second private key and sends the terminal identification to the server, the server receives the terminal identification sent by the terminal and performs identification registration through the terminal identification;
after the registration is successful, the server generates a server identification code, a storage public key, a storage private key, a server path and an uploading certificate;
the server sends the server path and the uploading certificate to the terminal together with the storage public key so that the terminal uploads a wallet file to a cloud end in an encrypted mode through the storage public key, the cloud end generates a cloud end identification code after receiving the encrypted wallet file and sends the cloud end identification code to the terminal, and the terminal sends the cloud end identification code to the server after receiving the cloud end identification code;
and after receiving the cloud identification code, the server checks and matches the cloud identification code with the local server identification code, and if the matching is successful, the path of the wallet file is updated.
6. The encryption method according to claim 5, further comprising a recovery method thereof,
the recovery method comprises the following steps:
after receiving a terminal identifier sent by the terminal, the server confirms the identity of the terminal through the terminal identifier;
when the identity is confirmed correctly, the server downloads the encrypted wallet file stored in the cloud;
and the server decrypts the encrypted wallet file through the storage private key and sends the decrypted wallet file to the terminal so as to enable the terminal to execute recovery operation.
7. A smart device, comprising:
a receiving and sending unit for receiving the instruction of ending program;
the device comprises a generating unit, a processing unit and a processing unit, wherein the generating unit is used for generating a user password, a public key and a private key, and the user password comprises a first password and a second password;
the fission recombination unit is used for splitting the private key into a first private key and a second private key;
the encryption unit is used for encrypting the first password through a public key to obtain a first ciphertext;
the receiving and sending unit is further configured to send the first ciphertext and the first private key to a server, and is further configured to receive a login \ transaction instruction, so that the server confirms the identity of the terminal after receiving the home identifier, recombines the received first private key and the second private key after confirming the identity of the terminal is correct, obtains a private key, decrypts the first ciphertext through the private key, obtains the first password, and sends the first password back to the terminal;
the transceiver unit is further configured to receive the first password sent by the server;
the fission recombination unit is further used for recombining the first password and the local second password to obtain the user password;
it also comprises the following steps of,
and the execution unit is used for executing login \ transaction operation through the user password.
8. The intelligent device of claim 7, wherein:
the receiving and sending unit is further configured to send a terminal identifier to the server, so that the server performs identifier registration through the terminal identifier, after the identifier registration is successful, the server generates a server path, an upload certificate, a server identification code, a storage public key and a storage private key, and the server sends the server path, the upload certificate and the storage public key to the terminal;
the receiving and sending unit is further configured to receive the server path, the upload certificate, and the storage public key sent by the server;
the encryption unit is used for encrypting the wallet file by the terminal through the storage public key;
the receiving and sending unit is further used for sending the wallet file encrypted by the terminal to a cloud end, so that the cloud end generates a cloud end identification code after receiving the encrypted wallet file and sends the cloud end identification code back to the terminal;
the receiving and sending unit is further configured to receive the cloud identification code and send the cloud identification code to the server, so that the server checks and matches the cloud identification code with the local server identification code, and if the matching is successful, the path of the wallet file is updated.
9. The intelligent device of claim 8, wherein:
the receiving and sending unit is further configured to receive a restore instruction, send the terminal identifier to the server, so that the server confirms the identity of the terminal through the terminal identifier, download the encrypted wallet file at the cloud end and decrypt the encrypted wallet file through a local storage private key after the confirmation is successful, and send the decrypted wallet file to the terminal;
the receiving and sending unit is also used for receiving the decrypted wallet file;
the execution unit is further configured to execute a recovery operation by the terminal.
10. An intelligent device, characterized in that: which comprises the steps of (a) preparing a mixture of,
the receiving and sending unit is used for receiving a first cipher text, a first private key, a second private key and an attribution identification, wherein the first private key and the second private key are formed by splitting a generated private key after a terminal receives an ending instruction, the first cipher text is obtained by encrypting a first password in user passwords generated by the terminal by generating a public key after the terminal receives the ending instruction, and the user passwords also comprise a second password;
a confirming unit, which is used for the server to confirm the terminal identity through the attribution identification;
the fission recombination unit is used for recombining the first private key and the second private key to obtain a private key if the confirmation is correct;
the decryption unit decrypts the first ciphertext through the private key to obtain the first password;
the receiving and sending unit is further configured to send a first password to the terminal, so that the terminal recombines the first password and a local second password to obtain the user password, and executes a next login \ transaction operation through the user password.
11. The intelligent device of claim 10, wherein:
the receiving and sending unit is further configured to receive, by the server, the terminal identifier sent by the terminal when the terminal splits the private key into a first private key and a second private key and sends the terminal identifier to the server;
it also comprises the following steps of,
a registration unit, which is used for performing identification registration through the terminal identification;
the generation unit is used for generating a server identification code, a storage public key, a storage private key, a server path and an uploading certificate by the server after the registration is successful;
the receiving and sending unit is further configured to send the server path and the upload certificate together with the storage public key to the terminal, so that the terminal uploads a wallet file to a cloud in an encrypted manner through the storage public key, the cloud generates a cloud identification code after receiving the encrypted wallet file, and sends the cloud identification code to the terminal, and the terminal sends the cloud identification code back to the server after receiving the cloud identification code;
the receiving and sending unit is further used for the server to check and match the cloud identification code with the local server identification code after receiving the cloud identification code, and if the matching is successful, the path of the wallet file is updated.
12. The intelligent device of claim 11, wherein:
the receiving and sending unit is also used for receiving the terminal identification sent by the terminal and sending the decrypted wallet file to a storage module;
the confirmation unit is used for confirming the identity of the terminal through the terminal identification by the server;
it also comprises the following steps of,
the download unit is used for downloading the encrypted wallet file stored in the cloud end by the server when the identity is confirmed to be correct;
the decryption unit is used for decrypting the encrypted wallet file through the storage private key;
and the transceiving unit is used for sending the decrypted wallet file to the terminal so as to enable the terminal to execute recovery operation.
CN201710655465.4A 2017-08-02 2017-08-02 Encryption method and intelligent device Expired - Fee Related CN107920052B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710655465.4A CN107920052B (en) 2017-08-02 2017-08-02 Encryption method and intelligent device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710655465.4A CN107920052B (en) 2017-08-02 2017-08-02 Encryption method and intelligent device

Publications (2)

Publication Number Publication Date
CN107920052A CN107920052A (en) 2018-04-17
CN107920052B true CN107920052B (en) 2020-11-17

Family

ID=61898542

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710655465.4A Expired - Fee Related CN107920052B (en) 2017-08-02 2017-08-02 Encryption method and intelligent device

Country Status (1)

Country Link
CN (1) CN107920052B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110492990B (en) * 2018-05-15 2021-10-15 华为技术有限公司 Private key management method, device and system under block chain scene
CN109118187B (en) * 2018-08-30 2021-07-23 神州数码融信软件有限公司 Block chain wallet recovery method and device and computer readable storage medium
US11212093B2 (en) * 2018-09-14 2021-12-28 Htc Corporation Method of social key recovery and related device
CN109389397B (en) * 2018-09-28 2021-11-26 北京金山安全软件有限公司 Hardware wallet
CN110493261B (en) * 2019-09-16 2021-07-27 腾讯科技(深圳)有限公司 Verification code obtaining method based on block chain, client, server and storage medium
CN111242613B (en) * 2020-01-09 2023-05-23 中信银行股份有限公司 Wallet information management method and device based on online banking system and electronic equipment
CN114257387A (en) * 2020-09-11 2022-03-29 中移物联网有限公司 Login authentication method and device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104468627A (en) * 2014-12-30 2015-03-25 成都三零瑞通移动通信有限公司 Data encryption method and system conducting terminal data backup through server
WO2015142765A1 (en) * 2014-03-17 2015-09-24 Coinbase, Inc Bitcoin host computer system

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101123495A (en) * 2007-09-07 2008-02-13 农革 A data encryption, decryption system and method
CN101719205B (en) * 2009-12-25 2012-05-23 国家广播电影电视总局电影数字节目管理中心 Digital copyright management method and system
US20150363777A1 (en) * 2014-06-16 2015-12-17 Bank Of America Corporation Cryptocurrency suspicious user alert system
EP2975570A1 (en) * 2014-07-17 2016-01-20 draglet GmbH Method and a device for securing access to wallets containing crypto-currencies
US20160098723A1 (en) * 2014-10-01 2016-04-07 The Filing Cabinet, LLC System and method for block-chain verification of goods
CN104615691B (en) * 2015-01-24 2017-12-15 上海彩亿信息技术有限公司 A kind of method of mobile terminal and data storage
CN106788989B (en) * 2016-11-30 2020-01-21 华为技术有限公司 Method and equipment for establishing secure encrypted channel
CN106548345B (en) * 2016-12-07 2020-08-21 北京信任度科技有限公司 Method and system for realizing block chain private key protection based on key partitioning
CN106533675A (en) * 2016-12-19 2017-03-22 北京洋浦伟业科技发展有限公司 Digital signature method and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015142765A1 (en) * 2014-03-17 2015-09-24 Coinbase, Inc Bitcoin host computer system
CN104468627A (en) * 2014-12-30 2015-03-25 成都三零瑞通移动通信有限公司 Data encryption method and system conducting terminal data backup through server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
区块链技术与应用前瞻综述;何蒲,于戈,张岩峰,鲍玉斌;《计算机科学》;20170415;第44卷(第4期);全文 *

Also Published As

Publication number Publication date
CN107920052A (en) 2018-04-17

Similar Documents

Publication Publication Date Title
EP3661120B1 (en) Method and apparatus for security authentication
CN107920052B (en) Encryption method and intelligent device
KR101999188B1 (en) Secure personal devices using elliptic curve cryptography for secret sharing
CN110401615B (en) Identity authentication method, device, equipment, system and readable storage medium
US9185111B2 (en) Cryptographic authentication techniques for mobile devices
US20160337124A1 (en) Secure backup and recovery system for private sensitive data
CN109981255B (en) Method and system for updating key pool
US9531540B2 (en) Secure token-based signature schemes using look-up tables
RU2584500C2 (en) Cryptographic authentication and identification method with real-time encryption
CN108494551A (en) Processing method, system, computer equipment and storage medium based on collaboration key
US8806206B2 (en) Cooperation method and system of hardware secure units, and application device
CN109981562B (en) Software development kit authorization method and device
US11831753B2 (en) Secure distributed key management system
US11394543B2 (en) System and method for secure sensitive data storage and recovery
JP2019530265A (en) Method and apparatus for providing and acquiring graphic code information and terminal
CN110138548B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol
CN108471352A (en) Processing method, system, computer equipment based on distributed private key and storage medium
CN111355591A (en) Block chain account safety management method based on real-name authentication technology
CN108768941B (en) Method and device for remotely unlocking safety equipment
JP2010231404A (en) System, method, and program for managing secret information
TWI476629B (en) Data security and security systems and methods
CN114244508A (en) Data encryption method, device, equipment and storage medium
CN110098925B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and random number
CN115276978A (en) Data processing method and related device
EP3292654B1 (en) A security approach for storing credentials for offline use and copy-protected vault content in devices

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20201117

Termination date: 20210802

CF01 Termination of patent right due to non-payment of annual fee