CN109257381A - A kind of key management method, system and electronic equipment - Google Patents
A kind of key management method, system and electronic equipment Download PDFInfo
- Publication number
- CN109257381A CN109257381A CN201811327452.5A CN201811327452A CN109257381A CN 109257381 A CN109257381 A CN 109257381A CN 201811327452 A CN201811327452 A CN 201811327452A CN 109257381 A CN109257381 A CN 109257381A
- Authority
- CN
- China
- Prior art keywords
- target
- platform
- key
- key information
- key management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
This application provides a kind of key management methods, which comprises obtains the account name that the login target platform of active user end input uses;The platform name of account name and the target platform that login target platform based on active user's input uses, obtains target cipher key information in the key management apparatus for the key information for being stored at least one platform;The target platform is logged in based on the target cipher key information and the account name.The embodiment of the present application scheme may be implemented to be managed collectively the password of different accounts.The embodiment of the present application also provides a kind of key management system and electronic equipments.
Description
Technical field
This application involves technical field of data processing, set in particular to a kind of key management method, system and electronics
It is standby.
Background technique
With the development of network technology, more and more users are managed money matters by point to point network financing platform.In order to
Risk control, many users can manage money matters on different financing platforms.In this way, each user can exist many account and
Account key, the setting and management of account and account key are just particularly important.If the account of each platform and account password are set
It is set to identical, although remembering convenient for user, once Key Exposure occurs for some platform, other platform keys divulge a secret
Risk be consequently increased.
During family finance, for the management of account and account password, most of user by way of memory or
Person is managed account and account password using the mode of special number, for example, using birthday, telephone number, license plate number etc.
As account password.But now due to the prosperity of network technology, the personal information of user are easy to obtain, illegal person can be with
Account password is guessd out using these personal information.If in addition, one group of account password of user's self-setting, but working as account password mistake
It is easy to forget when more.As it can be seen that the mode of user password management is unfavorable for the way to manage of more account passwords at present.
Summary of the invention
In view of this, the embodiment of the present application is designed to provide a kind of key management method, system and electronic equipment, energy
It is enough that authentication is carried out to user, and using key information needed for key management apparatus offer login target platform, it realizes and uses
The unified management of the multiple passwords in family increases the safety of user's logon account.
In a first aspect, the embodiment of the present application provides a kind of key management method, it is applied to user terminal, the method packet
It includes:
Obtain the account name that the login target platform of active user end input uses;
The platform name of account name and the target platform that login target platform based on active user's input uses, is being deposited
Contain acquisition target cipher key information in the key management apparatus of the key information of at least one platform;
The target platform is logged in based on the target cipher key information and the account name.
It is described to be obtained in the key management apparatus for the key information for being stored at least one platform in above-mentioned technical proposal
Before target cipher key information, further includes:
Verifying message is sent to certificate server, authenticates the certificate server to the key management apparatus;
Receive the authentication result that certificate server carries out verifying return to the key management apparatus;
If the certificate server passes through the certification of the key management apparatus, obtained in the key management apparatus
Take target cipher key information.
In above-mentioned technical proposal, account name and the mesh that the login target platform based on active user's input uses
The platform name for marking platform obtains target cipher key information in the key management apparatus for being stored at least one platform key information,
Include:
According to the platform name of account name and the target platform that the login target platform that active user inputs uses, determine
Inquire the target sequence number of the target cipher key information;
The corresponding destination node of the target sequence number is searched in the chained list node of the key management apparatus;Wherein, institute
State the key information that platform is stored in chained list node;
The target cipher key information is obtained in the destination node.
It is described that the target sequence number correspondence is searched in the chained list node of the key management apparatus in above-mentioned technical proposal
Destination node, comprising:
The serial number of i-th of chained list node is obtained in the chained list node;
The serial number for i-th of chained list node that will acquire is compared with the target sequence number;
If the serial number of i-th of chained list node is identical as the target sequence number, it is determined that i-th of chained list node
For the destination node;Otherwise, obtain i+1 chained list node serial number, and will acquire i+1 chained list node serial number and
The target sequence number compares, until the serial number of the chained list node of acquisition is identical as the serial number of the destination node;Wherein, i
For natural number.
It is described that the target platform is logged in based on the target cipher key information and the account name in above-mentioned technical proposal,
Include:
According to the cipher key-extraction rule negotiated with the target platform, obtained in the predetermined position of the target cipher key information
The key information of presetting digit capacity is taken, and using the key information of presetting digit capacity as the login password for logging in the target platform;
The target platform is logged in using the login password and the user name.
In above-mentioned technical proposal, the method also includes:
Restore to instruct according to key information, obtains seed key information in the memory unit;
The seed key information is sent to key management apparatus, wherein the seed key information is used for the key
Management equipment restores the target cipher key information.
Second aspect, the embodiment of the present application also provides a kind of key management methods, are applied in key management apparatus, institute
Stating equipment includes: identity authentication and key management unit;
The key management unit is used to store the key information of at least one platform, and the identity authentication is close for storing
The authentication information of key management equipment;
The described method includes: obtaining target cipher key information for the user terminal when connecting with user terminal;Make the user
End group logs in target platform in the account name of the target cipher key information and user.
In above-mentioned technical proposal, before the acquisition target cipher key information for the user terminal, further includes:
According to the checking request that certificate server is sent, carries to certificate server transmission and set using key management
The authentication information that standby private key is encrypted makes the certificate server based on the public affairs of the key management apparatus prestored
Key verify to the authentication information and return authentication result.
In above-mentioned technical proposal, target cipher key information is generated according to following steps:
Instruction is generated according to the key that user terminal is sent, generates target cipher key information using seed key information;
The target cipher key information of generation is stored in the destination node of chained list node;
Based on target sequence number of the destination node in the chained list node and the key generate instruction carry it is flat
Platform name and account name establish the corresponding relationship between the platform name, the account name and the target sequence number.
The third aspect, the embodiment of the present application also provides a kind of key management system, the system comprises: key management is set
Standby and user terminal;Wherein,
The key management apparatus, for storing the key information of at least one platform, when being connect with the user terminal,
Target cipher key information is obtained for the user terminal;
The user terminal, the account name that the login target platform for obtaining the input of active user end uses;Based on current
The platform name of account name and the target platform that the login target platform of user's input uses, is being stored at least one platform
Key information key management apparatus in obtain target cipher key information, and be based on the target cipher key information and the account name
Log in the target platform.
In above-mentioned technical proposal, the key management apparatus is specifically used for sending confirmation to user terminal according to user's operation
Log-in instruction;Authentication information is sent to the certificate server according to the checking request that the certificate server is sent;
The user terminal, specifically for the confirmation log-in instruction sent according to the key management apparatus, to authentication service
Device sends verifying message, the authentication result of certificate server is received, if the certificate server is to the key management apparatus
Certification passes through, then target cipher key information is obtained in the key management apparatus;
Certificate server, the verifying message for being sent according to user terminal send verifying to the key management apparatus and ask
It asks;The key management apparatus is authenticated according to the authentication information that the key management apparatus is sent, and to described
User terminal return authentication result.
Fourth aspect, the embodiment of the present application also provides a kind of electronic equipment, comprising: processor, memory and bus, institute
State memory and be stored with the executable computer program of the processor, when electronic equipment operation, the processor with it is described
By bus communication between memory, when the processor executes the computer program the step of realization preceding method.
5th aspect, the embodiment of the present application also provide a kind of computer readable storage medium, the computer-readable storage medium
The step of being stored with computer program in matter, the above method executed when which is run by processor.
Key management method, system and electronic equipment provided by the embodiments of the present application, available active user end input
The account name that uses of login target platform, and the account name that uses of the login target platform based on active user's input and target
The platform name of platform obtains target cipher key information in the key management apparatus for the key information for being stored at least one platform,
And target cipher key information and account name login target platform based on acquisition.In this way, use can be obtained in key management apparatus
In the key information for logging in multiple target platforms.The password of multiple accounts is carried out by memory by user in the prior art close
The mode of code management is compared, and using key managing project provided by the embodiments of the present application, not only can use key management apparatus
The secure log for guaranteeing user account can also obtain the key information for logging in different platform in key management apparatus, realize
The password of different accounts is managed collectively, provides convenience for user.
To enable the above objects, features, and advantages of the application to be clearer and more comprehensible, preferred embodiment is cited below particularly, and cooperate
Appended attached drawing, is described in detail below.
Detailed description of the invention
Technical solution in ord to more clearly illustrate embodiments of the present application, below will be to needed in the embodiment attached
Figure is briefly described, it should be understood that the following drawings illustrates only some embodiments of the application, therefore is not construed as pair
The restriction of range for those of ordinary skill in the art without creative efforts, can also be according to this
A little attached drawings obtain other relevant attached drawings.
Fig. 1 shows a kind of basic flow chart of key management method provided by the embodiment of the present application;
Fig. 2 shows the schematic diagrames that user identity provided by the embodiment of the present application carries out verification process;
Fig. 3 shows the schematic diagram of key management apparatus provided by the embodiment of the present application;
Fig. 4 shows the schematic diagram of the chained list node of identity authentication provided by the embodiment of the present application;
Fig. 5 shows the basic flow chart of another kind key management method provided by the embodiment of the present application;
Fig. 6 shows the schematic diagram of the storage format of key information in chained list node provided by the embodiment of the present application;
Fig. 7 shows the schematic diagram that target cipher key information process is generated provided by the embodiment of the present application;
Fig. 8 shows the schematic diagram of user terminal provided by the embodiment of the present application;
Fig. 9 shows the schematic diagram of key management apparatus provided by the embodiment of the present application;
Figure 10 shows the schematic diagram of key management system provided by the embodiment of the present application;
Figure 11 shows the structural schematic diagram of electronic equipment provided by the embodiment of the present application;
Figure 12 shows the structural schematic diagram of another kind electronic equipment provided by the embodiment of the present application.
Specific embodiment
To keep the purposes, technical schemes and advantages of the embodiment of the present application clearer, below in conjunction with the embodiment of the present application
Middle attached drawing, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described embodiment is only
It is some embodiments of the present application, instead of all the embodiments.The application being usually described and illustrated herein in the accompanying drawings is real
The component for applying example can be arranged and be designed with a variety of different configurations.Therefore, below to the application's provided in the accompanying drawings
The detailed description of embodiment is not intended to limit claimed scope of the present application, but is merely representative of the selected reality of the application
Apply example.Based on embodiments herein, those skilled in the art institute obtained without making creative work
There are other embodiments, shall fall in the protection scope of this application.
The embodiment of the present application following methods, device, system, electronic equipment or computer storage medium can be applied to any
The scene that the key information to multiple platforms is managed is needed, for example, can be applied to key or Password Management software etc..This
Application embodiment specific application scenarios are not restricted, it is any using method provided by the embodiments of the present application to the use of account
Family carries out authentication and the scheme that is managed to the key information of multiple platforms is in the application protection scope.
Key management method, device, system, electronic equipment and computer storage medium provided by the embodiments of the present application, can
With the confirmation log-in instruction sent according to the key management apparatus received, authentication information is sent to certificate server, is made
Certificate server authenticates key management apparatus, thereby may be ensured that the safety of user account.If certificate server is to close
The certification of key management equipment passes through, then the account name that uses of login target platform and target platform based on active user's input
Platform name obtains target cipher key information in the key management apparatus for the key information for being stored at least one platform, and is based on
The target cipher key information and account name of acquisition log in target platform.In this way, not only can be before user logs in target platform, benefit
Key management apparatus is verified with certificate server, guarantees the safety of user account, further, it is also possible in key management
The key information for logging in multiple target platforms is obtained in equipment, realizes the management of different user account key information.If
By user Password Management is carried out to the password of multiple accounts by way of memory, is not only easy to forget when password is excessive, also
It is easy to be cracked.Using key managing project provided by the embodiments of the present application, by the safety certification of user account and can be mostly used
The key management of family account combines, and not only can use the secure log that key management apparatus guarantees user account, may be used also
To provide the Password Management scheme of multiple accounts using key management apparatus for user, the unified pipe of the password of different accounts is realized
Reason, provides convenience for user.
For convenient for understanding the present embodiment, first to a kind of key management method disclosed in the embodiment of the present application into
Row is discussed in detail.
A kind of basic procedure of key management method provided by the embodiments of the present application is as shown in Figure 1, be applied to user terminal, institute
The method of stating includes:
S101 obtains the account name that the login target platform of active user end input uses.
Here, user terminal can be terminal device, such as the movement of laptop, mobile phone, electronic watch, electronics bracelet is eventually
End equipment can also be the fixed terminal equipments such as desktop computer, server.User terminal can be equipped with and key management apparatus pair
The key management application answered, user terminal can be applied by key management and key management apparatus are configured and managed.
In specific implementation, key management apparatus may be mounted in user terminal or separately positioned with user terminal.User exists
When logging in target platform using user terminal, account that the login target platform of user terminal available active user end input uses
Name.Before logining target platform, if key management apparatus is mounted in user terminal, user terminal by display interface or can be mentioned
Show that sound provides user and confirms to the operation of present access destination platform;If key management apparatus is separately positioned with user terminal,
Then user terminal, which can first pass through display interface or prompt tone and provide user, connects key management apparatus, is detecting and key management
After equipment connection, user can be provided by display interface or prompt tone and the operation of present access destination platform is carried out really
Recognize.Here, it if key management apparatus is separately positioned with user terminal, can be attached by inserting mode and user terminal;?
In some embodiments, user terminal can also be wirelessly attached with user terminal.
Here, confirmation key can be set on key management apparatus, user can be by user's operation to current accessed
The operation of target platform confirmed, such as by user's operations such as clicking operation, pressing operations to present access destination platform
Operation confirmed.Confirmation log-in instruction can be generated according to user's operation in key management apparatus, and sending to user terminal should
Confirm log-in instruction.User terminal, can be to authentication service after the confirmation log-in instruction for receiving key management apparatus transmission
Device sends authentication information, authenticates certificate server to the key management apparatus.
In specific implementation, user terminal sends authentication information to certificate server using key management apparatus, makes to recognize
The process that card server authenticates the key management apparatus can be as shown in Fig. 2, user terminal can be to certificate server
Verifying message is sent, so that certificate server is sent checking request to key management apparatus according to verifying message, and based on the received
Checking request is carried to certificate server transmission using key management apparatus and is encrypted using the private key of key management apparatus
Authentication information, the key pipe for using public key of the certificate server based on the key management apparatus prestored to active user
Reason equipment authenticate and return authentication result.Specifically such as, user terminal sends verifying message, certificate server to certificate server
After receiving verifying message, checking request is sent to key management apparatus.Key management apparatus receives server transmission
Checking request after, authentication information is encrypted using the private key of storage inside, and the identity after encryption is recognized
Card information is sent to certificate server, and authentication information here can be the digital certificate of key management apparatus.Certification clothes
After business device receives the authentication information of encryption, using the key management apparatus prestored public key to authentication information into
Row decryption, and authentication is carried out to key management apparatus using the authentication information after decryption, authentication result is generated, then
The authentication result is returned to user terminal.
Here, the structure of key management apparatus can be as shown in figure 3, include identity authentication and key management unit.Wherein
Identity authentication can for quick online identity verify (Fast Identity Online, FIDO) device.In identity authentication
It is stored with the authentication information of key management apparatus, for example, it is stored with the digital certificate of key management apparatus, the digital certificate
The equipment identities of key management apparatus can be characterized.The public private key pair of key management apparatus is also stored in identity authentication, it should
Public private key pair includes public key and private key, and private key therein can be used for being added for the authentication information of key management apparatus
It is close, such as signed using private key to digital certificate.
S102, the platform of account name and the target platform that the login target platform based on active user's input uses
Name obtains target cipher key information in the key management apparatus for the key information for being stored at least one platform.
In specific implementation, if the authentication result that certificate server returns shows to pass through the certification of key management apparatus,
The platform name of account name and target platform that can be then used according to the login target platform that active user inputs, be stored with to
Target cipher key information is obtained in the key management apparatus of the key information of a few platform.Here, the key of key management apparatus
It can store the key information of multiple platforms in manager, the key information of each platform can store in key management unit
In chained list node, each chained list node corresponds to the key information of a platform.If the authentication result table that certificate server returns
The bright certification to key management apparatus does not pass through, then can terminate current process, and prompt user authentication failure.
Here, user terminal is used in the login target platform inputted based on active user account name and target platform it is flat
Platform name, when obtaining target cipher key information in the key management apparatus for the key information for being stored at least one platform, Ke Yigen
According to the platform name of account name and target platform that the login target platform that active user inputs uses, inquiry target cipher key letter is determined
The target sequence number of breath searches the corresponding destination node of target sequence number in the chained list node of key management apparatus, and in target knot
Target cipher key information is obtained in point.Here, the key information of platform is stored in chained list node.For example, user terminal can calculate
The cryptographic Hash of the platform name of the account name and target platform of active user's input, and using calculated cryptographic Hash as inquiry linked list
The sign of the serial number of node determines destination node further according to the corresponding relationship between cryptographic Hash and the serial number of chained list node
Corresponding target sequence number.
In specific implementation, when searching the corresponding destination node of target sequence number in the chained list node of key management apparatus,
The serial number and target sequence for i-th of the chained list node that the serial number of i-th of chained list node can be obtained in chained list node, and will acquire
It number compares, if the serial number of i-th of chained list node is identical as target sequence number, it is determined that i-th of chained list node is target
Node.Otherwise, obtain i+1 chained list node serial number, and will acquire i+1 chained list node serial number and target sequence number into
Row comparison, until the serial number of the chained list node of acquisition is identical as the serial number of destination node, wherein i is natural number.Here, it is looking into
When looking for the corresponding destination node of target sequence number, it can successively be searched according to the sequence of chained list node.For example, key management unit
Chained list node schematic diagram as shown in figure 4, when searching destination node, can be begun looking for from root node, it is assumed that root node
Serial number 0, serial number 0 can be compared with target sequence number, if target sequence number is also 0, root node be destination node.
If target sequence number is not 0, next node of root node is searched, it is assumed that the serial number 1 of next node of root node, then
Serial number 1 can be compared with target sequence number, if target sequence number is 1, the node of serial number 1 is destination node.If mesh
Marking serial number is not 1, then searches next node of the node of serial number 1, until finding serial number node identical with target sequence number,
Alternatively, until traversing whole chained list nodes.
S103 logs in the target platform based on the target cipher key information and the account name.
Here, after the target cipher key information that destination node is obtained in key management apparatus, it can use target cipher key
Information and account name log in target platform.When logging in target platform, the target cipher key information that can be will acquire is as login mesh
The corresponding password of account name of mark platform is logged in.It in specific implementation, can also basis and mesh when logging in target platform
The cipher key-extraction rule that platform is negotiated is marked, obtains the key information of presetting digit capacity in the predetermined position of target cipher key information, and
Using the key information of presetting digit capacity as the login password for logging in the target platform, then stepped on using login password and user name
Record target platform.The safety of password can be enhanced in this way, even if the key information in key management apparatus is obtained
It takes, also target account can not be directly logged in by the key information of acquisition, to guarantee the safety of target account.
In some embodiments, user terminal can restore to instruct according to key information, and it is close to obtain seed in the memory unit
Key information.Here, key information, which restores instruction, can be what user terminal was generated according to user's operation, alternatively, can be by other
What electronic equipment was sent.User terminal can restore the conjunction of instruction after obtaining key information and restoring instruction with validation key information
Method, the finger print information or the device authentication code by verifying other electronic equipments that the user of user's operation is such as executed by verifying
Etc. verification modes, validation key information restore instruction legitimacy.If it is legal that user terminal validation key information is restored to instruct,
Storage unit obtains seed key information, and sends seed key information to key management apparatus, is based on key management apparatus
Seed key Information recovering target cipher key information.Here, storage unit can be set to the storage unit of any storage equipment, can
To be integrated on the user terminal for being equipped with user terminal, can also be integrated in other storage equipment.By being set to key management
Preparation send seed key information, causes the key information of storage to be lost even if key management apparatus breaks down, key management is set
It is standby can pre-stored seed key information based on the received, restore the key information of storage.Alternatively, in key management apparatus
In the case where loss, user terminal can send pre-stored seed key information to new key management apparatus, make new close
Key management equipment restores key information according to seed key information.
The key management method provided through the foregoing embodiment can not only utilize before user logs in target platform
Key management apparatus verifies user identity, guarantees the safety of user account, further, it is also possible in key management apparatus
The middle key information obtained for logging in multiple platforms realizes management to different user account key information, so as to for
User provides the Password Management scheme of multiple accounts, realizes the unified management of the password of different accounts, provides convenience for user.
As shown in figure 5, can be applied to key management apparatus the embodiment of the present application also provides a kind of key management method
In, the equipment includes: identity authentication and key management unit;The key management unit is for storing the close of at least one platform
Key information, the identity authentication are used to store the authentication information of key management apparatus;The described method includes:
S201, the identity authentication sends confirmation log-in instruction to the user terminal according to user's operation, so that described
User terminal sends verifying message to certificate server.
Here, the structure of key management apparatus can be as shown in figure 3, the equipment may include identity authentication and key pipe
Manage device.Identity authentication therein can verify (Fast Identity Online, FIDO) device for quick online identity.Wherein
Key management unit can store the key information of at least one platform.Here, key information can store in key management unit
Chained list node in.The key information of each chained list node may include private key, public key, chain code and serial number.
In specific implementation, for key management apparatus after connecting user terminal, the identity authentication of key management apparatus can
To send confirmation log-in instruction to user terminal according to user's operation.User terminal is sent out according to confirmation log-in instruction to certificate server
Verifying message is sent, so that certificate server sends checking request to key management apparatus.
S202, the identity authentication are sent out according to the checking request that the certificate server is sent to the certificate server
Authentication information is sent, authenticates the certificate server to the key management apparatus.
Here, identity authentication can take after the checking request for receiving certificate server transmission to the certification
Business device sends authentication information, authenticates the certificate server to the key management apparatus.To the certification
When server sends authentication information, it can send to Authentication server and be believed using the authentication that private key is encrypted
Breath.The authentication information stored in identity authentication may include the digital certificate of key management apparatus, which can
To characterize the equipment identities of key management apparatus.The public private key pair of key management apparatus, the public affairs are also stored in identity authentication
To including public key and private key, private key therein can be used for being encrypted for the authentication information of key management apparatus private key,
Such as signed using private key to digital certificate.After certificate server receives the authentication information of encryption, using prestoring
The public key of key management apparatus authentication information is decrypted, and using the authentication information after decryption to key pipe
It manages equipment and carries out authentication, generate authentication result, then return to the authentication result to user terminal.
S203, the key management unit is used to store the key information of at least one platform, if the certificate server pair
The certification of the key management apparatus passes through, and obtains target cipher key information for user terminal;Wherein, the user terminal is used to be based on institute
The account name for stating target cipher key information and user logs in target platform.
Here, if the authentication result that certificate server returns shows that the certification of key management unit passes through, key management unit
Target cipher key information can be obtained for user terminal.Key management unit is stored with the key information of at least one platform, each platform
Key information can store in chained list node, each chained list node correspond to a platform key information.Chained list node
The storage format of middle key information is as shown in fig. 6, key information may include private key, public key, chain code and serial number.
In specific implementation, the key information of at least one platform stored in key management unit is by key management unit
It is that the key generation instruction sent according to user terminal is generated.User terminal is in the account for registering target platform according to user's operation
When family, the account name that the platform name of target platform and user input can be sent to key management unit.Key management unit can be with
Instruction is generated according to the key that user terminal is sent, generates target cipher key information using seed key information.Generating target cipher key
After information, the target cipher key information of generation can be stored in the destination node of chained list node, and be existed based on destination node
Target sequence number and key in the chained list node generate the platform name and account name that instruction carries, and establish the platform name, institute
State the corresponding relationship between account name and the target sequence number.Here, target cipher key information may include private key, public key, chain code
And target sequence number.
Here, as shown in fig. 7, when generating target cipher key information using seed key information, if not having in key management unit
There is the chained list node of storage, then it can be close using preset algorithm and generating random number root using random number as seed key information
Key information.Here random number can be preset byte, such as 32 bytes.Utilizing preset algorithm and generating random number root key information
When, it can use preset algorithm and operation carried out to random number, and using 32 byte of a left side of the data obtained after operation as root key
The private key of information, can be using 32 byte of the right side of the data obtained after operation as the chain code of root key information, for example, utilizing
SHA512 algorithm carries out operation to random number.After generating private key, the public key that private key generates root key information, example can use
Such as, private key calculate using elliptic curve encryption algorithm (Elliptic Curves Cryptography, ECC) and generate root
The public key of key information, root key information here are target cipher key information.If being stored with chained list node in certificate server,
Then son can be generated using preset algorithm and root key information using the root key information in chained list node as seed key information
Key information.Here root key information includes private key, public key, chain code and serial number.Utilizing preset algorithm and root key information
When generating sub-key information, it can use preset algorithm and operation carried out to the public key, chain code and serial number of root key information, and will fortune
32 byte of a left side of the data obtained after calculation and the private component of root key information take the mould of n as the private key of sub-key information,
Using 32 byte of the right side of the data obtained after operation as the chain code of sub-key information.For example, using SHA512 algorithm to root key
Information carries out operation.After the private key for generating sub-key information, the public key that private key generates sub-key information, example can use
Such as, using elliptic curve encryption algorithm (Elliptic Curves Cryptography, ECC) to the private key of sub- key information into
Row calculates, and generates the public key of sub-key information.Wherein, n is positive integer, can indicate the number that sub-key generates.
The key management method provided through the foregoing embodiment can utilize certification before user logs in target platform
Server verifies key management apparatus, guarantees the safety of user account.In addition, the key management of key management apparatus
The key information for logging in multiple platforms is stored in device, when logging in target platform, key management unit can provide login target
The key information of platform realizes the management to different user account key information.Key management side provided by the embodiments of the present application
Authentication and multi-key cipher management can be combined together by case, so as to guarantee user account it is safe while, for
Family provides the Password Management scheme of multiple accounts, realizes the unified management of the password of different accounts, provides convenience for user.
Conceived based on same application, key management dress corresponding with key management method is additionally provided in the embodiment of the present application
It sets, since the principle that the device in the embodiment of the present application solves the problems, such as is similar to the above-mentioned key management method of the embodiment of the present application,
Therefore the implementation of device may refer to the implementation of method, and overlaps will not be repeated.
As shown in figure 8, user terminal 80 provided by the embodiments of the present application includes: that the first acquisition module 81, second obtains module
82 and login module 83.
Described first obtains module 81, the account name that the login target platform for obtaining the input of active user end uses;
Described second obtains module 82, the account name and institute that the login target platform for being inputted based on active user is used
The platform name for stating target platform, obtains target cipher key in the key management apparatus for the key information for being stored at least one platform
Information;
The login module 83, for logging in the target platform based on the target cipher key information and the account name.
In specific implementation, described device further include: authentication module makes for sending verifying message to certificate server
The certificate server authenticates the key management apparatus;Certificate server is received to carry out the key management apparatus
Verify the authentication result returned;If the certificate server passes through the certification of the key management apparatus, in the key
Target cipher key information is obtained in management equipment.
In specific implementation, described second module 82 is obtained, specifically for being stored at least one according to following steps
Target cipher key information is obtained in the key management apparatus of platform key information:
According to the platform name of account name and the target platform that the login target platform that active user inputs uses, determine
Inquire the target sequence number of the target cipher key information;
The corresponding destination node of the target sequence number is searched in the chained list node of the key management apparatus;Wherein, institute
State the key information that platform is stored in chained list node;
The target cipher key information is obtained in the destination node.
In specific implementation, described second module 82 is obtained, specifically for setting according to following steps in the key management
The corresponding destination node of the target sequence number is searched in standby chained list node:
The serial number of i-th of chained list node is obtained in the chained list node;
The serial number for i-th of chained list node that will acquire is compared with the target sequence number;
If the serial number of i-th of chained list node is identical as the target sequence number, it is determined that i-th of chained list node
For the destination node;Otherwise, obtain i+1 chained list node serial number, and will acquire i+1 chained list node serial number and
The target sequence number compares, until the serial number of the chained list node of acquisition is identical as the serial number of the destination node;Wherein, i
For natural number.
In specific implementation, the login module 83 is specifically used for logging in the target platform according to following steps:
According to the cipher key-extraction rule negotiated with the target platform, obtained in the predetermined position of the target cipher key information
The key information of presetting digit capacity is taken, and using the key information of presetting digit capacity as the login password for logging in the target platform;
The target platform is logged in using the login password and the user name.
In specific implementation, the sending module, restores to instruct according to key information, and it is close to obtain seed in the memory unit
Key information;
The seed key information is sent to key management apparatus, wherein the seed key information is used for the key
Management equipment restores the target cipher key information.
As shown in figure 9, key management apparatus 90 provided by the embodiments of the present application includes: identity authentication 91 and key management
Device 92.
The identity authentication 91, for storing the authentication information of key management apparatus;
The key management 92, for storing the key information of at least one platform, when being connect with user terminal, for described
User terminal obtains target cipher key information, and the user terminal is made to log in mesh based on the account name of the target cipher key information and user terminal
Mark platform.
In specific implementation, the identity authentication 91, specifically for the checking request sent according to certificate server, to
Certificate server transmission carries the authentication information encrypted using the private key of key management apparatus, makes described to recognize
Card public key of the server based on the key management apparatus prestored verify to the authentication information and return authentication
As a result.
In specific implementation, the key management unit 92 is specifically used for generating target cipher key information according to following steps:
Instruction is generated according to the key that user terminal is sent, generates target cipher key information using seed key information;
The target cipher key information of generation is stored in the destination node of chained list node;
Based on target sequence number of the destination node in the chained list node and the key generate instruction carry it is flat
Platform name and account name establish the corresponding relationship between the platform name, the account name and the target sequence number.
Key management apparatus 90 provided in this embodiment can utilize authentication before user logs in target platform
Device can verify user identity, guarantee the safety of user account.In addition, in the key management unit of key management apparatus
It is stored with the key information for logging in multiple platforms, when logging in target platform, key management unit can provide login target platform
Key information, realize management to different user account key information.Key management apparatus 90 provided by the embodiments of the present application,
Identity authentication and key management unit are combined together, so as to be mentioned for user while guaranteeing that user account is safe
For the Password Management scheme of multiple accounts, the unified management of the password of different accounts is realized, provide convenience for user.
It as shown in Figure 10, is a kind of structural schematic diagram of key management system 1000 provided by the embodiment of the present application, packet
It includes: key management apparatus 1001 and user terminal 1002.
The key management apparatus 1001 connects for storing the key information of at least one platform with the user terminal
When connecing, target cipher key information is obtained for the user terminal;
The user terminal 1002, the account name that the login target platform for obtaining the input of active user end uses;It is based on
The platform name of account name and the target platform that the login target platform of active user's input uses, is being stored at least one
Target cipher key information is obtained in the key management apparatus of the key information of platform;Based on the target cipher key information and the account
Name logs in the target platform.
In specific implementation, the key management apparatus 1001 is specifically used for being sent according to user's operation to user terminal true
Recognize log-in instruction;Authentication information is sent to the certificate server according to the checking request that the certificate server is sent;
The user terminal 1002, specifically for the confirmation log-in instruction sent according to the key management apparatus, to certification
Server sends verifying message, the authentication result of certificate server is received, if the certificate server sets the key management
Standby certification passes through, then target cipher key information is obtained in the key management apparatus;
The system also includes certificate servers 1003, the verifying message for being sent according to user terminal, to the key
Management equipment sends checking request;The authentication information sent according to the key management apparatus is to the key management apparatus
It is authenticated, and to the user terminal return authentication result.
In specific implementation, the key management apparatus 1001, is asked specifically for the verifying sent according to certificate server
It asks, carries the authentication information encrypted using the private key of key management apparatus to certificate server transmission, make
The certificate server is verified and is returned to the authentication information based on the public key of the key management apparatus prestored
Return authentication result.
In specific implementation, the key management apparatus 1001 is specifically used for generating target cipher key letter according to following steps
Breath:
Instruction is generated according to the key that user terminal is sent, generates target cipher key information using seed key information;
The target cipher key information of generation is stored in the destination node of chained list node;
Based on target sequence number of the destination node in the chained list node and the key generate instruction carry it is flat
Platform name and account name establish the corresponding relationship between the platform name, the account name and the target sequence number.
In specific implementation, the user terminal 1002 is specifically used for obtaining target cipher key information according to following steps:
According to the platform name of account name and the target platform that the login target platform that active user inputs uses, determine
Inquire the target sequence number of the target cipher key information;
The corresponding destination node of the target sequence number is searched in the chained list node of the key management apparatus;Wherein, institute
State the key information that platform is stored in chained list node;
The target cipher key information is obtained in the destination node.
It as shown in figure 11, is the structural schematic diagram of a kind of electronic equipment 1100 provided by the embodiment of the present application, comprising: place
Manage device 1101, memory 1102 and bus 1103;
The machine readable instructions that the memory storage 1102 has the processor 1101 executable are (for example, the life in Fig. 8
Enable module 81, obtain module 82 and login module 83 is corresponding executes instruction), when electronic equipment operation, the processor
It is communicated between 1101 and the memory 1102 by bus 1103, when the processor 1101 executes the machine readable instructions
Realize following processing:
Obtain the account name that the login target platform of active user end input uses;
The platform name of account name and the target platform that login target platform based on active user's input uses, is being deposited
Contain acquisition target cipher key information in the key management apparatus of the key information of at least one platform;
The target platform is logged in based on the target cipher key information and the account name.
In specific implementation, described to be stored with the close of at least one platform in the processing that above-mentioned processor 1101 executes
In the key management apparatus of key information before acquisition target cipher key information, further includes:
Verifying message is sent to certificate server, authenticates the certificate server to the key management apparatus;
Receive the authentication result that certificate server carries out verifying return to the key management apparatus;
If the certificate server passes through the certification of the key management apparatus, obtained in the key management apparatus
Take target cipher key information.
In specific implementation, in the processing that above-mentioned processor 1101 executes, the login mesh based on active user's input
The platform name of account name and the target platform that mark platform uses, in the key pipe for being stored at least one platform key information
It manages and obtains target cipher key information in equipment, comprising:
According to the platform name of account name and the target platform that the login target platform that active user inputs uses, determine
Inquire the target sequence number of the target cipher key information;
The corresponding destination node of the target sequence number is searched in the chained list node of the key management apparatus;Wherein, institute
State the key information that platform is stored in chained list node;
The target cipher key information is obtained in the destination node.
In specific implementation, in the processing that above-mentioned processor 1101 executes, the chained list in the key management apparatus
The corresponding destination node of the target sequence number is searched in node, comprising:
The serial number of i-th of chained list node is obtained in the chained list node;
The serial number for i-th of chained list node that will acquire is compared with the target sequence number;
If the serial number of i-th of chained list node is identical as the target sequence number, it is determined that i-th of chained list node
For the destination node;Otherwise, obtain i+1 chained list node serial number, and will acquire i+1 chained list node serial number and
The target sequence number compares, until the serial number of the chained list node of acquisition is identical as the serial number of the destination node;Wherein, i
For natural number.
In specific implementation, described to be based on the target cipher key information and institute in the processing that above-mentioned processor 1101 executes
It states account name and logs in the target platform, comprising:
According to the cipher key-extraction rule negotiated with the target platform, obtained in the predetermined position of the target cipher key information
The key information of presetting digit capacity is taken, and using the key information of presetting digit capacity as the login password for logging in the target platform;
The target platform is logged in using the login password and the user name.
In specific implementation, in the processing that above-mentioned processor 1101 executes, the method also includes:
Restore to instruct according to key information, obtains seed key information in the memory unit;
The seed key information is sent to key management apparatus, wherein the seed key information is used for the key
Management equipment restores the target cipher key information.
It as shown in figure 12, is the structural schematic diagram of a kind of electronic equipment 1200 provided by the embodiment of the present application, comprising: place
Manage device 1201, memory 1202 and bus 1203;
The machine readable instructions that the memory storage 1202 has the processor 1201 executable are (for example, the body in Fig. 9
Part authenticator 91 and key management unit 92 is corresponding executes instruction), when electronic equipment operation, the processor 1201 with it is described
It is communicated between memory 1202 by bus 1203, the processor 1201 realizes following place when executing the machine readable instructions
Reason:
Confirmation log-in instruction is sent to the user terminal according to user's operation, so that the user terminal is sent out to certificate server
Send verifying message;Authentication information is sent to the certificate server according to the checking request that the certificate server is sent,
Authenticate the certificate server to the key management apparatus;
The key information of at least one platform is stored, if the certificate server is logical to the certification of the key management apparatus
It crosses, then obtains target cipher key information for the user terminal;Wherein, the user terminal is used to be based on the target cipher key information and use
The account name at family logs in target platform.
In specific implementation, in the processing that above-mentioned processor 1201 executes, the verifying sent according to certificate server
It requests to send authentication information to the certificate server, recognizes the certificate server to the key management apparatus
Card, comprising:
According to the checking request that certificate server is sent, carries to certificate server transmission and set using key management
The authentication information that standby private key is encrypted makes the certificate server based on the public affairs of the key management apparatus prestored
Key verify to the authentication information and return authentication result.
In specific implementation, in the processing that above-mentioned processor 1201 executes, target cipher key information is generated according to following steps:
Instruction is generated according to the key that user terminal is sent, generates target cipher key information using seed key information;
The target cipher key information of generation is stored in the destination node of chained list node;
Based on target sequence number of the destination node in the chained list node and the key generate instruction carry it is flat
Platform name and account name establish the corresponding relationship between the platform name, the account name and the target sequence number.
In addition, the embodiment of the present application also provides a kind of computer readable storage medium, on the computer readable storage medium
It is stored with computer program, key management described in above method embodiment is executed when which is run by processor
The step of method.
The computer program product of key management method provided by the embodiment of the present application, including storing program code
Computer readable storage medium, the instruction that said program code includes can be used for executing key described in above method embodiment
The step of management method, for details, reference can be made to above method embodiments, and details are not described herein.
It is apparent to those skilled in the art that for convenience and simplicity of description, the system of foregoing description
It with the specific work process of device, can refer to corresponding processes in the foregoing method embodiment, details are not described herein.In the application
In provided several embodiments, it should be understood that disclosed systems, devices and methods, it can be real by another way
It is existing.The apparatus embodiments described above are merely exemplary, for example, the division of the unit, only a kind of logic function
It can divide, there may be another division manner in actual implementation, in another example, multiple units or components can combine or can collect
At another system is arrived, or some features can be ignored or not executed.Another point, shown or discussed mutual coupling
Conjunction or direct-coupling or communication connection can be the indirect coupling or communication connection by some communication interfaces, device or unit,
It can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, each functional unit in each embodiment of the application can integrate in one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.
It, can be with if the function is realized in the form of SFU software functional unit and when sold or used as an independent product
It is stored in the executable non-volatile computer-readable storage medium of a processor.Based on this understanding, the application
Technical solution substantially the part of the part that contributes to existing technology or the technical solution can be with software in other words
The form of product embodies, which is stored in a storage medium, including some instructions use so that
One computer equipment (can be personal computer, server or the network equipment etc.) executes each embodiment institute of the application
State all or part of the steps of method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (Read-Only
Memory, ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. is various to deposit
Store up the medium of program code.
The above is only the protection scopes of the specific embodiment of the application, but the application to be not limited thereto, any to be familiar with
Those skilled in the art within the technical scope of the present application, can easily think of the change or the replacement, and should all cover
Within the protection scope of the application.Therefore, the protection scope of the application should be subject to the protection scope in claims.
Claims (11)
1. a kind of key management method, which is characterized in that be applied to user terminal, which comprises
Obtain the account name that the login target platform of active user end input uses;
The platform name of account name and the target platform that login target platform based on active user's input uses, is being stored with
Target cipher key information is obtained in the key management apparatus of the key information of at least one platform;
The target platform is logged in based on the target cipher key information and the account name.
2. the method according to claim 1, wherein described in the key information for being stored at least one platform
In key management apparatus before acquisition target cipher key information, further includes:
Verifying message is sent to certificate server, authenticates the certificate server to the key management apparatus;
Receive the authentication result that certificate server carries out verifying return to the key management apparatus;
If the certificate server passes through the certification of the key management apparatus, mesh is obtained in the key management apparatus
Mark key information.
3. the method according to claim 1, wherein the login target platform based on active user's input makes
The platform name of account name and the target platform, in the key management apparatus for being stored at least one platform key information
Obtain target cipher key information, comprising:
According to the platform name of account name and the target platform that the login target platform that active user inputs uses, inquiry is determined
The target sequence number of the target cipher key information;
The corresponding destination node of the target sequence number is searched in the chained list node of the key management apparatus;Wherein, the chain
The key information of platform is stored in table node;
The target cipher key information is obtained in the destination node.
4. according to the method described in claim 3, it is characterized in that, described look into the chained list node of the key management apparatus
Look for the corresponding destination node of the target sequence number, comprising:
The serial number of i-th of chained list node is obtained in the chained list node;
The serial number for i-th of chained list node that will acquire is compared with the target sequence number;
If the serial number of i-th of chained list node is identical as the target sequence number, it is determined that i-th of chained list node is institute
State destination node;Otherwise, obtain the serial number of i+1 chained list node, and will acquire the serial number of i+1 chained list node with it is described
Target sequence number compares, until the serial number of the chained list node of acquisition is identical as the serial number of the destination node;Wherein, i is certainly
So number.
5. the method according to claim 1, wherein described be based on the target cipher key information and the account name
Log in the target platform, comprising:
According to the cipher key-extraction rule negotiated with the target platform, obtained in the predetermined position of the target cipher key information pre-
If the key information of digit, and using the key information of presetting digit capacity as the login password for logging in the target platform;
The target platform is logged in using the login password and the user name.
6. the method according to claim 1, wherein the method also includes:
Restore to instruct according to key information, obtains seed key information in the memory unit;
The seed key information is sent to key management apparatus, wherein the seed key information is used for the key management
Equipment restores the target cipher key information.
7. a kind of key management method, which is characterized in that be applied in key management apparatus, the equipment includes: authentication
Device and key management unit;
The key management unit is used to store the key information of at least one platform, and the identity authentication is for storing key pipe
Manage the authentication information of equipment;
The described method includes: obtaining target cipher key information when being connect with user terminal for the user terminal, making user's end group
Target platform is logged in the account name of the target cipher key information and user terminal.
8. the method according to the description of claim 7 is characterized in that it is described for the user terminal obtain target cipher key information it
Before, further includes:
According to the checking request that certificate server is sent, is carried to certificate server transmission and utilize key management apparatus
The authentication information that private key is encrypted makes the certificate server based on the public key of the key management apparatus prestored to described
Authentication information verify and return authentication result.
9. the method according to the description of claim 7 is characterized in that generating target cipher key information according to following steps:
Instruction is generated according to the key that user terminal is sent, generates target cipher key information using seed key information;
The target cipher key information of generation is stored in the destination node of chained list node;
The platform name of target sequence number and key generation instruction carrying based on the destination node in the chained list node
And account name, establish the corresponding relationship between the platform name, the account name and the target sequence number.
10. a kind of key management system, which is characterized in that the system comprises: key management apparatus and user terminal;Wherein,
The key management apparatus, for storing the key information of at least one platform, when being connect with the user terminal, for institute
It states user terminal and obtains target cipher key information;
The user terminal, the account name that the login target platform for obtaining the input of active user end uses;Based on active user
The platform name of account name and the target platform that the login target platform of input uses, is being stored with the close of at least one platform
Target cipher key information is obtained in the key management apparatus of key information;Institute is logged in based on the target cipher key information and the account name
State target platform.
11. system according to claim 10, which is characterized in that
The key management apparatus is specifically used for sending confirmation log-in instruction to user terminal according to user's operation;It is taken according to certification
The checking request that device is sent of being engaged in sends authentication information to certificate server;
The user terminal is sent out specifically for the confirmation log-in instruction sent according to the key management apparatus to certificate server
Verifying message is sent, the authentication result of certificate server is received, if certification of the certificate server to the key management apparatus
Pass through, then obtains target cipher key information in the key management apparatus;
The system also includes certificate servers, the verifying message for being sent according to user terminal, to the key management apparatus
Send checking request;The key management apparatus is recognized according to the authentication information that the key management apparatus is sent
Card, and to the user terminal return authentication result.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811327452.5A CN109257381A (en) | 2018-11-08 | 2018-11-08 | A kind of key management method, system and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811327452.5A CN109257381A (en) | 2018-11-08 | 2018-11-08 | A kind of key management method, system and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109257381A true CN109257381A (en) | 2019-01-22 |
Family
ID=65044025
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811327452.5A Pending CN109257381A (en) | 2018-11-08 | 2018-11-08 | A kind of key management method, system and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109257381A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110166234A (en) * | 2019-05-21 | 2019-08-23 | 阿里巴巴集团控股有限公司 | A kind of creation of business cipher key and business datum encryption method, apparatus and system |
| CN111464297A (en) * | 2020-03-30 | 2020-07-28 | 百度国际科技(深圳)有限公司 | Transaction processing method and device based on block chain, electronic equipment and medium |
| CN112257041A (en) * | 2020-10-19 | 2021-01-22 | 当家移动绿色互联网技术集团有限公司 | Item control method and device and electronic equipment |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101719826A (en) * | 2009-05-13 | 2010-06-02 | 北京宏基恒信科技有限责任公司 | Dynamic token having function of updating seed key and updating method for seed key thereof |
| CN101777992A (en) * | 2008-12-24 | 2010-07-14 | 华为终端有限公司 | Method, equipment and system for logging in gateway |
| CN102148685A (en) * | 2010-02-04 | 2011-08-10 | 陈祖石 | Method and system for dynamically authenticating password by multi-password seed self-defined by user |
| CN102497635A (en) * | 2011-11-28 | 2012-06-13 | 宇龙计算机通信科技(深圳)有限公司 | Server, terminal and account password acquisition method |
| CN104333452A (en) * | 2014-10-26 | 2015-02-04 | 重庆智韬信息技术中心 | Multi-account encryption method for file data |
| CN104780048A (en) * | 2015-04-13 | 2015-07-15 | 中国电子科技集团公司第二十八研究所 | Lightweight mirror image file encryption system and method |
| CN106789848A (en) * | 2015-11-23 | 2017-05-31 | 阿里巴巴集团控股有限公司 | A kind of user key storage method and server |
| CN107124409A (en) * | 2017-04-25 | 2017-09-01 | 新华三技术有限公司 | A kind of access authentication method and device |
| CN107423638A (en) * | 2017-08-02 | 2017-12-01 | 成都安恒信息技术有限公司 | A kind of password management system and application method based on order detection type Modify password |
-
2018
- 2018-11-08 CN CN201811327452.5A patent/CN109257381A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101777992A (en) * | 2008-12-24 | 2010-07-14 | 华为终端有限公司 | Method, equipment and system for logging in gateway |
| CN101719826A (en) * | 2009-05-13 | 2010-06-02 | 北京宏基恒信科技有限责任公司 | Dynamic token having function of updating seed key and updating method for seed key thereof |
| CN102148685A (en) * | 2010-02-04 | 2011-08-10 | 陈祖石 | Method and system for dynamically authenticating password by multi-password seed self-defined by user |
| CN102497635A (en) * | 2011-11-28 | 2012-06-13 | 宇龙计算机通信科技(深圳)有限公司 | Server, terminal and account password acquisition method |
| CN104333452A (en) * | 2014-10-26 | 2015-02-04 | 重庆智韬信息技术中心 | Multi-account encryption method for file data |
| CN104780048A (en) * | 2015-04-13 | 2015-07-15 | 中国电子科技集团公司第二十八研究所 | Lightweight mirror image file encryption system and method |
| CN106789848A (en) * | 2015-11-23 | 2017-05-31 | 阿里巴巴集团控股有限公司 | A kind of user key storage method and server |
| CN107124409A (en) * | 2017-04-25 | 2017-09-01 | 新华三技术有限公司 | A kind of access authentication method and device |
| CN107423638A (en) * | 2017-08-02 | 2017-12-01 | 成都安恒信息技术有限公司 | A kind of password management system and application method based on order detection type Modify password |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110166234A (en) * | 2019-05-21 | 2019-08-23 | 阿里巴巴集团控股有限公司 | A kind of creation of business cipher key and business datum encryption method, apparatus and system |
| CN111464297A (en) * | 2020-03-30 | 2020-07-28 | 百度国际科技(深圳)有限公司 | Transaction processing method and device based on block chain, electronic equipment and medium |
| CN111464297B (en) * | 2020-03-30 | 2023-05-26 | 百度国际科技(深圳)有限公司 | Transaction processing method, device, electronic equipment and medium based on block chain |
| CN112257041A (en) * | 2020-10-19 | 2021-01-22 | 当家移动绿色互联网技术集团有限公司 | Item control method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110401615B (en) | Identity authentication method, device, equipment, system and readable storage medium | |
| US10846372B1 (en) | Systems and methods for trustless proof of possession and transmission of secured data | |
| US9185111B2 (en) | Cryptographic authentication techniques for mobile devices | |
| CN105915338B (en) | Generate the method and system of key | |
| CN112671720B (en) | Token construction method, device and equipment for cloud platform resource access control | |
| US10887110B2 (en) | Method for digital signing with multiple devices operating multiparty computation with a split key | |
| EP3684005A1 (en) | Method and system for recovering cryptographic keys of a blockchain network | |
| JP2018093434A (en) | Transaction management method, transaction management program and transaction management device | |
| CN107493291A (en) | A kind of identity identifying method and device based on safety element SE | |
| CN111131336B (en) | Resource access method, device, equipment and storage medium under multi-party authorization scene | |
| CN111275419A (en) | Block chain wallet signature right confirming method, device and system | |
| KR101253683B1 (en) | Digital Signing System and Method Using Chained Hash | |
| CN109257381A (en) | A kind of key management method, system and electronic equipment | |
| CN111901304B (en) | Registration method and device of mobile security equipment, storage medium and electronic device | |
| US20230237437A1 (en) | Apparatuses and methods for determining and processing dormant user data in a job resume immutable sequential listing | |
| CN111314066B (en) | Block chain-based data transfer method, terminal and computer-readable storage medium | |
| CN111566647A (en) | Identity recognition system based on block chain | |
| CN110719172A (en) | Signature method, signature system and related equipment in block chain system | |
| CN111212026A (en) | Data processing method and device based on block chain and computer equipment | |
| KR102372503B1 (en) | Method for providing authentification service by using decentralized identity and server using the same | |
| KR101586439B1 (en) | User data integrity verification method and apparatus capable of guaranteeing privacy | |
| US11082236B2 (en) | Method for providing secure digital signatures | |
| JP6581611B2 (en) | Authentication key sharing system and authentication key sharing method | |
| CN113271207A (en) | Escrow key using method and system based on mobile electronic signature, computer equipment and storage medium | |
| Durán et al. | An architecture for easy onboarding and key life-cycle management in blockchain applications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190122 |