CN116757698A - Encryption method and system for improving payment security performance - Google Patents
Encryption method and system for improving payment security performance Download PDFInfo
- Publication number
- CN116757698A CN116757698A CN202310458516.XA CN202310458516A CN116757698A CN 116757698 A CN116757698 A CN 116757698A CN 202310458516 A CN202310458516 A CN 202310458516A CN 116757698 A CN116757698 A CN 116757698A
- Authority
- CN
- China
- Prior art keywords
- transaction
- data
- encryption
- gaussian distribution
- perfecting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 77
- 230000008569 process Effects 0.000 claims abstract description 48
- 230000003993 interaction Effects 0.000 claims abstract description 25
- 238000012795 verification Methods 0.000 claims abstract description 20
- 230000007246 mechanism Effects 0.000 claims abstract description 19
- 230000000694 effects Effects 0.000 claims abstract description 12
- 230000006872 improvement Effects 0.000 claims abstract description 11
- 230000006870 function Effects 0.000 claims abstract description 8
- 230000001360 synchronised effect Effects 0.000 claims abstract description 8
- 238000004590 computer program Methods 0.000 claims description 9
- 238000004891 communication Methods 0.000 claims description 6
- 238000010276 construction Methods 0.000 claims description 6
- 230000005540 biological transmission Effects 0.000 claims description 4
- 239000002131 composite material Substances 0.000 claims description 3
- 238000005070 sampling Methods 0.000 claims description 3
- 238000012790 confirmation Methods 0.000 description 9
- 238000012545 processing Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 230000010076 replication Effects 0.000 description 2
- 230000005856 abnormality Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
Abstract
The invention provides an encryption method and system for improving payment security performance, and belongs to the technical field of data transaction security. The method comprises the following steps: step 1, constructing a data transaction link; step 2, executing transaction activities between two transaction objects based on the data transaction link; step 3, adopting an RSA encryption and double hash function based on Gaussian distribution improvement to execute synchronous encryption operation in the process of executing transaction activities; and 4, after carrying out Gaussian distribution inversion decryption verification on the encrypted information, completing interaction of transaction data. Aiming at the requirement of the actual data interaction process on the security performance, the invention optimizes the traditional data interaction mode, and executes encryption operation on the transaction data related in the interaction process, thereby avoiding the potential safety hazard generated when a third party mechanism exists, and having good security performance and reliability.
Description
Technical Field
The invention relates to the technical field of data transaction security, in particular to an encryption method and system for improving payment security performance.
Background
In the years of the tremendous development of electronic information, digital economies have also gradually occupied a portion of the mass life, and papered transactions have also been gradually replaced with digital currency. The digital currency is used as a transaction carrier without materialization, and cryptography is adopted for anti-counterfeiting.
However, the digital currency is based on the internet as a transaction carrier, and when malicious attacks occur in the transaction process, transaction failure and even larger loss can occur.
Disclosure of Invention
The invention aims to: an encryption method and system for improving payment security are provided to solve the above problems in the prior art. Aiming at the requirement of the actual data interaction process on the security performance, the traditional data interaction mode is optimized, encryption operation is carried out on transaction data related in the interaction process, potential safety hazards generated when a third party mechanism exists are avoided, and the method has good security performance and reliability.
The technical scheme is as follows: in a first aspect, an encryption method for improving payment security is provided, and security and reliability in a data interaction process are improved by optimizing a traditional transaction mode and data encryption. The method comprises the following steps:
step 1, constructing a data transaction link;
in the process of establishing the data transaction link, each object in the data transaction process is taken as a node, a chained storage mode is adopted, and transaction data is written in a block mode. Wherein the basic information stored in the block header comprises: the hash value, the version, the timestamp, the difficulty, the random number and the Merkel root, wherein the hash of the corresponding last block and the hash of the current block in the hash value are generated by the SHA256, and chain links are formed between the last object node and the current node and between the last object node and the next node through the hash value, so that a chain transaction data link is completed. The timestamp corresponds to the time at which the object node was created. The Merkel root is in a tree structure, and the hash value corresponding to each transaction is recorded.
Step 2, executing transaction activities between two transaction objects based on the data transaction link;
step 3, adopting an RSA encryption step 31 based on Gaussian distribution improvement and a double hash function to execute synchronous encryption operation in the process of executing transaction activities;
and step 4, after the step 41 of carrying out Gaussian distribution inversion decryption verification on the encrypted information, the transaction data interaction is completed.
In some implementations of the first aspect, the process of generating the public key and the private key includes the steps of:
step (1), randomly generating two mutually prime numbers p and q;
and (2) multiplying two mutually prime numbers to obtain N, wherein the corresponding expression is as follows:
N=p*q
step (3), constructing an intermediate number L, enabling the intermediate number L to be the least common multiple, and enabling the corresponding expression to be:
L=lcm(p-1,q-1)
wherein lcm () represents the least common multiple;
step (4), obtaining E through common divisor based on constructed intermediate number, wherein the corresponding expression is:
wherein gcd () represents the greatest common divisor;
step (5), obtaining D based on the intermediate number L and the obtained E, wherein the corresponding expression is:
based on the corresponding expression, the corresponding parameters are obtained, and thus the public key (E, N), the private key (D, N), and the key pair (E, D, N) are obtained.
The step 31 of RSA encryption based on gaussian distribution improvement specifically includes:
step 311, the E power is performed on the plaintext and divided by N to obtain remainder, and the corresponding expression is:
S=M E mod N
wherein S represents ciphertext; m represents plaintext; mod represents the remainder operation;
step 312, constructing a Gaussian distribution X-N based on S and 1 (S, 1 2 );
Step 313, performing n times of random sampling on the Gaussian distribution X to obtain a sample set { X } i |i=1,2,…,n};
Step 314, collecting the sample set { x } i I=1, 2, …, n } is stored as a password file, where n is the number of samples of the sample set;
step 315, collecting { x } samples i I=1, 2, …, n } is split into multiple subsets of samples, which are sent out and transmitted as separate subsets of samples at transmission, completing the gaussian distribution based modified RSA encryption.
The gaussian distribution inversion decryption verification step 41 specifically includes:
step 411, receiving a plurality of sample subsets, and fusing the plurality of sample subsets to obtain a synthesized sample set { x } j I j = 1,2, …, m, where m is the number of samples in the composite sample set;
step 412, checking the synthesized sample set { x } j Whether i j=1, 2, …, m } meets gaussian distribution, if yes, go to step 413; if not, sending out early warning of decryption failure;
step 413, based on the synthesized sample set { x } j I j=1, 2, …, m } gives a gaussian distribution Y to N (T, 1) 2 );
Step 414, performing a neighbor rounding operation on T, which satisfies:
S'=int(T)
wherein, int () represents rounding to get S' nearest to T as inversion ciphertext;
step 415, the remainder of dividing the inverted ciphertext S' by N after performing the D power, where the corresponding expression is:
M=S' D mod N
wherein M represents plaintext; s' represents an inversion ciphertext; mod represents the remainder operation.
In some implementations of the first aspect, the data transaction link adopts a distributed data recording manner, and adopts a consensus mechanism to complete consensus among different object nodes, and introduces an information signature verification mechanism into the consensus mechanism. Firstly, a sender in a transaction object assigns signature information and transaction information to be sent to a leader node; secondly, the leader node confirms the received data information; thirdly, after the leader node completes information confirmation, copying the corresponding data information to the corresponding follower node; the slave node receives the corresponding data information, then adds the data information to a local log of the slave node, and sends confirmation information to the leader node; finally, the leader node verifies the information from the follower nodes, and after receiving the confirmation information of more than half of follower nodes, sets the data information state to be synchronized, and then sends the information confirming the synchronization to the follower nodes again, so that the follower nodes are informed of synchronously executing data updating.
In the process of executing the transaction activity, when the transaction object is the condition that the transaction frequency exceeds the preset value, executing the transaction operation in an out-of-chain payment mode, and only leading and trailing balances in each transaction process to corresponding blocks in a mode of establishing a common account.
In a second aspect, an encryption system for improving payment security is provided, for implementing an encryption method for improving payment security, the system comprising the following modules:
the link construction module is used for constructing a communication link between two transaction parties;
the triggering module is used for triggering the execution of the transaction task according to the actual interaction requirement;
an encryption module for performing data encryption during execution of a transaction task;
a decryption module for performing a gaussian distribution inversion decryption verification operation on the received encrypted data;
and the execution module is used for executing transaction operation after finishing transaction data decryption and authentication.
In some implementations of the second aspect, in order to improve security performance in the payment process during execution of the payment transaction, a link construction module is first used to build a transaction communication link between different transaction objects; secondly, based on the established link, triggering transaction task execution by using a triggering module according to actual interaction requirements; thirdly, after the task triggering is completed, encrypting the transaction data by utilizing an encryption module in the process of executing the transaction task, signing the information of a transaction sender, and sending the corresponding encrypted information to a receiver; after receiving the encrypted information from the secondary side, the receiver decrypts the information absolutely received by using a decryption module and performs signature verification on the decrypted information; finally, after the transaction data decryption and the authentication are completed, the execution module is utilized to execute the transaction operation.
Based on the security performance requirement of electronic payment, the recording of transaction data is completed by adopting a chained recording mode aiming at the transaction process, and meanwhile, a decentralization mode is adopted, and transaction links are established for nodes by different transaction objects, so that the possibility that the data is tampered when encountering malicious attacks is effectively avoided, and the data security and reliability are improved.
And triggering the transaction parties to start executing the transaction process by the triggering module based on the constructed transaction link according to the actual transaction requirements. In the process of transaction, in order to improve the security of data, the encryption module adopts RSA encryption based on Gaussian distribution improvement and double hash functions to execute synchronous encryption operation.
The decryption module is used for executing Gaussian distribution inversion decryption verification on the decryption result of the encryption module and completing identity verification of both sides of the transaction according to the decryption result.
In a third aspect, there is provided an encryption device for perfecting payment security, the device comprising: a processor and a memory storing computer program instructions; the processor, when reading and executing the computer program instructions, implements the encryption method of the first aspect or of some of the realizations of the first aspect to perfect payment security.
In a fourth aspect, there is provided a computer storage medium having stored thereon computer program instructions which, when executed by a processor, implement the encryption method of the first aspect or some of the realizations of the first aspect to perfect payment security.
The beneficial effects are that:
(1) The invention provides an encryption method and an encryption system for improving payment safety performance, which optimize the traditional data interaction mode according to the requirement on the safety performance in the actual data interaction process, and execute encryption operation on transaction data related in the interaction process, thereby avoiding potential safety hazards generated when a third party mechanism exists, and having good safety performance and reliability.
(2) Compared with the traditional RSA encryption and decryption, the invention adopts Gaussian distribution for improvement, and the random characteristic of the Gaussian distribution is utilized to independently send the sub-set of the samples sampled for multiple times, thereby improving the safety, further utilizing Gaussian inversion to obtain the ciphertext, and avoiding direct leakage of the ciphertext.
Drawings
FIG. 1 is a flow chart of data processing according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of data synchronization based on a consensus mechanism according to an embodiment of the present invention.
FIG. 3 is a schematic diagram of a leader node candidate according to an embodiment of the present invention.
Detailed Description
In the following description, numerous specific details are set forth in order to provide a more thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the invention may be practiced without one or more of these details. In other instances, well-known features have not been described in detail in order to avoid obscuring the invention.
Example 1
In one embodiment, under the push of the electronic informatization age, the traditional paper transaction activity is gradually replaced by electronic payment, and as the traditional digital transaction can realize the transaction process only by relying on a third party mechanism, when a malicious attack exists, a great potential safety hazard exists. Aiming at the requirement on the security performance in the actual transaction process, the embodiment provides an encryption method for improving the payment security performance, and the security and the reliability in the data interaction process are improved by optimizing the traditional transaction mode and data encryption. As shown in fig. 1, the method comprises the steps of:
step 1, constructing a data transaction link;
specifically, each object in the data transaction process is taken as a node, and the storage of transaction data information is executed at the node. In the process of data information storage, chained storage is adopted, and data writing is carried out on the object nodes in a block mode. The block comprises a block head and a block body, wherein the block head contains basic information for realizing chain storage, and the block body contains specific information for executing each transaction.
Wherein the basic information stored in the block header comprises: the hash value, the version, the timestamp, the difficulty, the random number and the Merkel root, wherein the hash of the corresponding last block and the hash of the current block in the hash value are generated by the SHA256, and chain links are formed between the last object node and the current node and between the last object node and the next node through the hash value, so that a chain transaction data link is completed. The timestamp corresponds to the time at which the object node was created. The Merkel root is in a tree structure, and the hash value corresponding to each transaction is recorded.
Because the data transaction link constructed in the present example is a chain link based on front and back hash values, once malicious data tampering occurs in the transaction process, the hash value obtained by the current transaction object changes, so that abnormality can be found when the original hash value is compared later, and the situation of malicious tampering of information data is effectively avoided; meanwhile, compared with the traditional technology, the distributed structure weakens the function of the centralized organization, and avoids the defects of single-point failure, lack of privacy safety and easiness in network attack.
Step 2, executing transaction activities between two transaction objects based on the data transaction link;
step 3, adopting an RSA encryption and double hash function based on Gaussian distribution improvement to execute synchronous encryption operation in the process of executing transaction activities;
in particular, in order to improve data security during a transaction, a symmetric encryption technique for encrypting and decrypting the same key is often used to encrypt corresponding data. When different keys are adopted for encryption and decryption, the public key can be disclosed, the private key can not be disclosed, and the other key can not be calculated through one of the public key and the private key without necessary connection, so that in order to ensure the integrity of transaction data in transmission, the encryption key is generated by adopting an RSA encryption algorithm based on Gaussian distribution improvement.
When the representation of the public key is (E, N), the representation of the private key is (D, N), and the representation of the key pair is D (E, D, N), the process of generating the public and private keys comprises the steps of:
step (1), randomly generating two mutually prime numbers p and q;
and (2) multiplying two mutually prime numbers to obtain N, wherein the corresponding expression is as follows:
N=p*q
step (3), constructing an intermediate number L, enabling the intermediate number L to be the least common multiple, and enabling the corresponding expression to be:
L=lcm(p-1,q-1)
where lcm () represents the least common multiple.
Step (4), obtaining E through common divisor based on constructed intermediate number, wherein the corresponding expression is:
in the formula, gcd () represents the greatest common divisor.
Step (5), obtaining D based on the intermediate number L and the obtained E, wherein the corresponding expression is:
based on the obtained public key and secret key, the RSA encryption step 31 based on gaussian distribution improvement specifically comprises:
step 311, the E power is performed on the plaintext and divided by N to obtain remainder, and the corresponding expression is:
S=M E mod N
wherein S represents ciphertext; m represents plaintext; mod represents the remainder operation;
step 312, constructing a Gaussian distribution X-N based on S and 1 (S, 1 2 );
Step 313, performing n times of random sampling on the Gaussian distribution X to obtain a sample set { X } i |i=1,2,…,n};
Step 314, collecting the sample set { x } i I=1, 2, …, n } is stored as a password file, where n is the number of samples of the sample set;
step 315, collecting { x } samples i I=1, 2, …, n } is split into multiple subsets of samples, which are sent out and transmitted as separate subsets of samples at transmission, completing the gaussian distribution based modified RSA encryption.
Step 4, after the encryption information is subjected to a Gaussian distribution inversion decryption verification step 41, transaction data interaction is completed;
the gaussian distribution inversion decryption verification step 41 specifically includes:
step 411, receiving a plurality of sample subsets, and fusing the plurality of sample subsets to obtain a synthesized sample set { x } j I j = 1,2, …, m, where m is the number of samples in the composite sample set;
step 412, checking the synthesized sample set { x } j Whether i j=1, 2, …, m } meets gaussian distribution, if yes, go to step 413; if not, sending out early warning of decryption failure;
step 413, based on the synthesized sample set { x } j I j=1, 2, …, m } gives a gaussian distribution Y to N (T, 1) 2 );
Step 414, performing a neighbor rounding operation on T, which satisfies:
S'=int(T)
wherein, int () represents rounding to get S' nearest to T as inversion ciphertext;
step 415, the remainder of dividing the inverted ciphertext S' by N after performing the D power, where the corresponding expression is:
M=S' D mod N
wherein M represents plaintext; s' represents an inversion ciphertext; mod represents the remainder operation.
In a preferred embodiment, two parties in the data transaction process are defined as a sender and a receiver, and when a task of payment interaction occurs, a public key and a private key are first generated through encryption, and the public key is broadcast to the receiver. And then, carrying out hash value calculation on plaintext data by using an SHA256 hash function aiming at the generated transaction data, carrying out encryption signature on the generated hash value by using a private key, and finally, transmitting the encrypted data and the signature to a receiver by a sender. After receiving the encrypted transaction information, the receiver firstly decrypts the signature by using the public key, restores the hash value before the signature, and further confirms the identity of the sender.
In a further embodiment, since each object node needs to maintain the same account book in the data transaction link, a consensus mechanism is introduced to realize a consensus process between different nodes, and in order to avoid malicious operations of the Bayesian nodes, the embodiment further introduces an information signature verification mechanism in the consensus mechanism, thereby reducing the possibility of malicious tampering of information.
Specifically, the consensus mechanism involves three roles of a leader node, a follower node and a candidate node, wherein the leader node is used for processing the requirement of a client, managing log replication and maintaining the status of the rest leader nodes; the follower node is responsible for responding to log replication requests of the leader node and responding to election requests from candidate nodes, and all nodes are follower nodes in the beginning; the candidate nodes are responsible for initiating election and voting tasks, reinitiating the election when the leader node is in downtime, and switching the roles into the leader node after the election is successful.
In the process of executing data consistency, firstly, a leader node receives a corresponding task request, adds corresponding log information to a local log, and then assigns the corresponding information to the rest follower nodes; the follower node receives the corresponding log information, then adds the corresponding log information into a local log of the follower node, and sends confirmation information to the leader node; after receiving the confirmation information of more than half of follower nodes, the leader node sets the log state as submitted, and sends the confirmation submitted information to the follower nodes again, so that the follower nodes are informed of synchronously executing log submission.
In a preferred embodiment, a signature verification mechanism is introduced into the consensus mechanism, and as shown in fig. 2, the process of completing data consistency through the consensus mechanism comprises the following steps: firstly, a sender in a transaction object assigns signature information and transaction information to be sent to a leader node; secondly, the leader node confirms the received data information; thirdly, after the leader node completes information confirmation, copying the corresponding data information to the corresponding follower node; the slave node receives the corresponding data information, then adds the data information to a local log of the slave node, and sends confirmation information to the leader node; finally, the leader node verifies the information from the follower nodes, and after receiving the confirmation information of more than half of follower nodes, sets the data information state to be synchronized, and then sends the information confirming the synchronization to the follower nodes again, so that the follower nodes are informed of synchronously executing data updating. For example, the corresponding data processing pseudocode is:
Input:Message signature x+D Message number y
Begin
(x+D,y)→L
L→Verfication(x+D,y)
(x,y)→F
L←Verify from F
End
wherein F represents a follower node; l represents a leader node; (x, y) represents data information to be synchronously transmitted; x+d represents data information containing a signature; the verifications represent verifying the current data information; and the corresponding data processing direction is shown. In a further embodiment, as shown in fig. 3, when the leader node goes down, or the leader node fails in the current time period, the candidate node initiates a new round of leader node selection. In the process of selecting a new leader node, when the candidate node receives more than half of the consent to select the ticket number, the candidate node is identified as the new leader node.
Aiming at the requirement of the actual data interaction process on the security performance, the embodiment optimizes the traditional data interaction mode, and executes encryption operation on the transaction data related in the interaction process, thereby avoiding the potential safety hazard generated when a third party mechanism exists, and having good security performance and reliability.
Example two
In a further embodiment based on the first embodiment, a huge computing resource overhead and a long identity time are often generated in the process of executing the payment transaction, so that in practical application, the requirement of the internet of things market cannot be completely met. Therefore, based on the chained communication link and chained transaction record mode proposed in the embodiments, an off-chained payment mode is further proposed, which is used for eliminating each submitted private transaction request, the transaction parties establish a common account for making multiple payments, only the head and tail balances need to be registered in the corresponding blocks, and the update mode of the corresponding channel balance is agreed by the transaction parties.
Specifically, based on the need for scalability, the transaction objects deposit some money into a multi-signature wallet and allocate ownership of the shares, create a payment channel between the transaction objects, and establish multi-hop payments from source to destination through intermediate nodes. After all transactions are completed, only the final share is recorded in the block of the transaction object record data, so that the occupied computing resources are effectively reduced when each transaction needs to call the block to execute the record.
The out-of-chain payment mode provided by the embodiment not only supports a quick and high-frequency payment scene, but also well hides a large amount of intermediate transaction information because only the head balance and the tail balance are recorded in the corresponding blocks according to the agreed mode, thereby meeting the actual application requirements of quantity and time.
Example III
In one embodiment, an encryption system for improving payment security is provided, for implementing an encryption method for improving payment security, the system comprising the following modules: the system comprises a link construction module, a triggering module, an encryption module, a decryption module and an execution module. The link construction module is used for constructing a communication link between payment interactions; the triggering module is used for triggering execution of the transaction task according to the actual interaction requirement; the encryption module is used for executing data encryption in the process of executing the transaction task; the decryption module is used for executing decryption operation on the received encrypted data; the execution module is used for executing transaction operation after the transaction data decryption and the authentication are completed.
In the process of executing payment transaction, in order to perfect the safety performance in the payment process, a link construction module is adopted to build transaction communication links among different transaction objects; secondly, based on the established link, triggering transaction task execution by using a triggering module according to actual interaction requirements; thirdly, after the task triggering is completed, encrypting the transaction data by utilizing an encryption module in the process of executing the transaction task, signing the information of a transaction sender, and sending the corresponding encrypted information to a receiver; after receiving the encrypted information from the secondary side, the receiver decrypts the information absolutely received by using a decryption module and performs signature verification on the decrypted information; finally, after the transaction data decryption and the authentication are completed, the execution module is utilized to execute the transaction operation.
In a further embodiment, based on the security performance requirement of electronic payment, the recording of transaction data is completed by adopting a chained recording mode aiming at the transaction process, and meanwhile, a decentralization mode is adopted, and transaction links are established to nodes by different transaction objects, so that the possibility of tampering the data when encountering malicious attacks is effectively avoided, and the data security and reliability are improved.
And triggering the transaction parties to start executing the transaction process by the triggering module based on the constructed transaction link according to the actual transaction requirements. In the process of transaction, in order to improve the security of data, the encryption module adopts RSA encryption based on Gaussian distribution improvement and double hash functions to execute synchronous encryption operation.
The decryption module is used for executing decryption on the decryption result of the encryption module and completing the identity verification of the two parties of the transaction according to the decryption result.
Example IV
In one embodiment, an encryption device for perfecting payment security is provided, the device comprising: a processor and a memory storing computer program instructions; the processor reads and executes the computer program instructions to realize an encryption method for improving the payment security performance.
Example five
In one embodiment, a computer storage medium having stored thereon computer program instructions that when executed by a processor implement an encryption method that improves payment security performance is provided.
As described above, although the present invention has been shown and described with reference to certain preferred embodiments, it is not to be construed as limiting the invention itself. Various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. An encryption method for perfecting payment security performance, comprising the steps of:
step 1, constructing a data transaction link;
step 2, executing transaction activities between two transaction objects based on the data transaction link;
step 3, adopting an RSA encryption step 31 based on Gaussian distribution improvement and a double hash function to execute synchronous encryption operation in the process of executing transaction activities;
and step 4, after the step 41 of carrying out Gaussian distribution inversion decryption verification on the encrypted information, the transaction data interaction is completed.
2. An encryption method for perfecting payment security according to claim 1, wherein in the process of establishing said data transaction link, each object in the data transaction process is taken as a node, a chained storage mode is adopted, and the writing of transaction data is performed in the form of blocks.
3. An encryption method for perfecting the payment security according to claim 1, characterized in that in the course of executing the transaction activity, an encryption step S1 of the transaction data is performed by generating a public key (E, N) and a private key (D, N), and the identity of the transaction parties is verified;
the process of generating the public key and the private key comprises the steps of:
step (1), randomly generating two mutually prime numbers p and q;
and (2) multiplying two mutually prime numbers to obtain N, wherein the corresponding expression is as follows:
N=p*q
step (3), constructing an intermediate number L, enabling the intermediate number L to be the least common multiple, and enabling the corresponding expression to be:
L=lcm(p-1,q-1)
wherein lcm () represents the least common multiple;
step (4), obtaining E through common divisor based on constructed intermediate number, wherein the corresponding expression is:
wherein gcd () represents the greatest common divisor;
step (5), obtaining D based on the intermediate number L and the obtained E, wherein the corresponding expression is:
based on the corresponding expression, the corresponding parameters are obtained, thereby obtaining a public key (E, N), a private key (D, N), and a key pair (E, D, N).
4. An encryption method for perfecting payment security according to claim 3, wherein said gaussian distribution improvement based RSA encryption step 31 specifically comprises:
step 311, the E power is performed on the plaintext and divided by N to obtain remainder, and the corresponding expression is:
S=M E mod N
wherein S represents ciphertext; m represents plaintext; mod represents the remainder operation;
step 312, constructing a Gaussian distribution X-N based on S and 1 (S, 1 2 );
Step 313, performing n times of random sampling on the Gaussian distribution X to obtain a sample set { X } i |i=1,2,…,n};
Step 314, collecting the sample set { x } i I=1, 2, …, n } is stored as a password file, where n is the number of samples of the sample set;
step 315, collecting { x } samples i I=1, 2, …, n } is split into multiple subsets of samples, which are sent out and transmitted as separate subsets of samples at transmission, completing the gaussian distribution based modified RSA encryption.
5. An encryption method for perfecting payment security according to claim 3, wherein,
the gaussian distribution inversion decryption verification step 41 specifically includes:
step 411, receiving a plurality of sample subsets, and fusing the plurality of sample subsets to obtain a synthesized sample set { x } j I j = 1,2, …, m, where m is the number of samples in the composite sample set;
step 412, checking the synthesized sample set { x } j Whether i j=1, 2, …, m } meets gaussian distribution, if yes, go to step 413; if not, sending out early warning of decryption failure;
step 413, based on the synthesized sample set { x } j I j=1, 2, …, m } gives a gaussian distribution Y to N (T, 1) 2 );
Step 414, performing a neighbor rounding operation on T, which satisfies:
S'=int(T)
wherein, int () represents rounding to get S' nearest to T as inversion ciphertext;
step 415, the remainder of dividing the inverted ciphertext S' by N after performing the D power, where the corresponding expression is:
M=S' D mod N
wherein M represents plaintext; s' represents an inversion ciphertext; mod represents the remainder operation.
6. An encryption method for perfecting payment security according to claim 1, wherein the data transaction link adopts a distributed data recording mode, and adopts a consensus mechanism to complete the consensus among different object nodes, and an information signature verification mechanism is introduced into the consensus mechanism.
7. An encryption method for perfecting payment security according to claim 1, wherein in executing transaction activities, when the transaction object is the transaction frequency exceeding the preset value, the transaction operation is executed by using an out-of-chain payment mode, and only the head and tail balance in each transaction process is transferred to the corresponding block by establishing a common account.
8. An encryption system for perfecting payment security performance, an encryption method for implementing perfecting payment security performance according to any one of claims 1-7, comprising the following modules:
the link construction module is arranged to build a communication link between two parties of the transaction;
the triggering module is arranged to trigger execution of the transaction task according to the actual interaction requirement;
an encryption module configured to perform data encryption during execution of a transaction task;
the decryption module is used for executing Gaussian distribution inversion decryption verification operation on the received encrypted data;
and the execution module is used for executing transaction operation after finishing transaction data decryption and identity verification.
9. An encryption device for perfecting payment security, the device comprising:
a processor and a memory storing computer program instructions;
the processor reads and executes the computer program instructions to implement an encryption method of perfecting payment security performance as defined in any one of claims 1-7.
10. A computer readable storage medium, having stored thereon computer program instructions which, when executed by a processor, implement an encryption method of perfecting payment security performance as defined in any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310458516.XA CN116757698A (en) | 2023-04-20 | 2023-04-20 | Encryption method and system for improving payment security performance |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310458516.XA CN116757698A (en) | 2023-04-20 | 2023-04-20 | Encryption method and system for improving payment security performance |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116757698A true CN116757698A (en) | 2023-09-15 |
Family
ID=87955987
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310458516.XA Pending CN116757698A (en) | 2023-04-20 | 2023-04-20 | Encryption method and system for improving payment security performance |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116757698A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117353893A (en) * | 2023-10-12 | 2024-01-05 | 扬州宝科信息技术咨询有限公司 | Network information security verification method and system based on blockchain technology |
| CN117353893B (en) * | 2023-10-12 | 2024-04-26 | 扬州宝科信息技术咨询有限公司 | Network information security verification method and system based on blockchain technology |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2012150399A (en) * | 2011-01-21 | 2012-08-09 | Nippon Telegr & Teleph Corp <Ntt> | Proxy re-encryption system, transfer information generation device, transferred information generation device, conversion key generation device, ciphertext conversion device, proxy re-encryption method, and program thereof |
| JP2014186097A (en) * | 2013-03-22 | 2014-10-02 | Kddi Corp | Solution device of shortest vector problem using parallel gauss sieve algorithm in public key encryption system, solution method and program |
| CN104580129A (en) * | 2013-10-29 | 2015-04-29 | 杭州迪普科技有限公司 | SSL asynchronization agent method based on stream processing |
| US20170293913A1 (en) * | 2016-04-12 | 2017-10-12 | The Governing Council Of The University Of Toronto | System and methods for validating and performing operations on homomorphically encrypted data |
| CN109040111A (en) * | 2018-09-03 | 2018-12-18 | 平安普惠企业管理有限公司 | Data ciphering method, device, computer equipment and storage medium |
| CN109633546A (en) * | 2018-12-18 | 2019-04-16 | 中国电子科技集团公司第四十九研究所 | A kind of encryption information cluster formula high-fidelity naval target detection device |
| US20190164156A1 (en) * | 2017-11-27 | 2019-05-30 | Nok Nok Labs, Inc. | Extending a secure key storage for transaction confirmation and cryptocurrency |
| CN109949019A (en) * | 2018-11-15 | 2019-06-28 | 陕西医链区块链集团有限公司 | A kind of payment system based on medical block chain |
| CN110545179A (en) * | 2019-08-29 | 2019-12-06 | 中芯昊月(深圳)科技控股有限公司 | R-LWE-based NTRU encryption method and security proving method thereof |
| CN113393225A (en) * | 2021-06-30 | 2021-09-14 | 杭州链网科技有限公司 | Digital currency encryption payment method and system |
| CN114219483A (en) * | 2021-12-14 | 2022-03-22 | 云南财经大学 | Method, equipment and storage medium for sharing block chain data based on LWE-CPBE |
-
2023
- 2023-04-20 CN CN202310458516.XA patent/CN116757698A/en active Pending
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2012150399A (en) * | 2011-01-21 | 2012-08-09 | Nippon Telegr & Teleph Corp <Ntt> | Proxy re-encryption system, transfer information generation device, transferred information generation device, conversion key generation device, ciphertext conversion device, proxy re-encryption method, and program thereof |
| JP2014186097A (en) * | 2013-03-22 | 2014-10-02 | Kddi Corp | Solution device of shortest vector problem using parallel gauss sieve algorithm in public key encryption system, solution method and program |
| CN104580129A (en) * | 2013-10-29 | 2015-04-29 | 杭州迪普科技有限公司 | SSL asynchronization agent method based on stream processing |
| US20170293913A1 (en) * | 2016-04-12 | 2017-10-12 | The Governing Council Of The University Of Toronto | System and methods for validating and performing operations on homomorphically encrypted data |
| US20190164156A1 (en) * | 2017-11-27 | 2019-05-30 | Nok Nok Labs, Inc. | Extending a secure key storage for transaction confirmation and cryptocurrency |
| CN109040111A (en) * | 2018-09-03 | 2018-12-18 | 平安普惠企业管理有限公司 | Data ciphering method, device, computer equipment and storage medium |
| CN109949019A (en) * | 2018-11-15 | 2019-06-28 | 陕西医链区块链集团有限公司 | A kind of payment system based on medical block chain |
| CN109633546A (en) * | 2018-12-18 | 2019-04-16 | 中国电子科技集团公司第四十九研究所 | A kind of encryption information cluster formula high-fidelity naval target detection device |
| CN110545179A (en) * | 2019-08-29 | 2019-12-06 | 中芯昊月(深圳)科技控股有限公司 | R-LWE-based NTRU encryption method and security proving method thereof |
| CN113393225A (en) * | 2021-06-30 | 2021-09-14 | 杭州链网科技有限公司 | Digital currency encryption payment method and system |
| CN114219483A (en) * | 2021-12-14 | 2022-03-22 | 云南财经大学 | Method, equipment and storage medium for sharing block chain data based on LWE-CPBE |
Non-Patent Citations (3)
| Title |
|---|
| ALEKSEY KOVAL等: ""Analysis of RSA over Gaussian Integers Algorithm"", FIFTH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, vol. 18, no. 1, 31 December 2003 (2003-12-31), pages 101 - 105 * |
| JOHN KWAO DAWSON等: "An Enhanced Rsa Algorithm For Data Security Using Gaussian Interpolation Formula", RESEARCH SQUARE, 16 February 2022 (2022-02-16), pages 1 - 15 * |
| SUSHMA PRADHAN等: "A Modified Variant of RSA Algorithm for Gaussian Integers", INTERNATIONAL JOURNAL OF INFORMATION & NETWORK SECURITY, vol. 2, no. 4, 31 December 2014 (2014-12-31), pages 183 - 187 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117353893A (en) * | 2023-10-12 | 2024-01-05 | 扬州宝科信息技术咨询有限公司 | Network information security verification method and system based on blockchain technology |
| CN117353893B (en) * | 2023-10-12 | 2024-04-26 | 扬州宝科信息技术咨询有限公司 | Network information security verification method and system based on blockchain technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113424185A (en) | Fast inadvertent transmission | |
| CN111066285A (en) | Method for recovering public key based on SM2 signature | |
| CN114730420A (en) | System and method for generating signatures | |
| TW201733303A (en) | Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys | |
| CN107948736A (en) | A kind of audio and video preservation of evidence method and system | |
| CN107483212A (en) | A kind of method of both sides' cooperation generation digital signature | |
| CN110599163B (en) | Transaction record outsourcing method facing block chain transaction supervision | |
| CN111429138A (en) | Block link point data safety interaction method and first interaction node | |
| CN110545169B (en) | Block chain method and system based on asymmetric key pool and implicit certificate | |
| CN113630248A (en) | Session key negotiation method | |
| CN111738857B (en) | Generation and verification method and device of concealed payment certificate applied to block chain | |
| US7971234B1 (en) | Method and apparatus for offline cryptographic key establishment | |
| KR20230093432A (en) | Identification of Denial of Service Attacks | |
| TW202232913A (en) | Generating shared keys | |
| CN116132118A (en) | Encryption communication method and system based on block chain technology | |
| US20240121109A1 (en) | Digital signatures | |
| KR20230002941A (en) | (EC)DSA Threshold Signature with Secret Sharing | |
| CN110784318B (en) | Group key updating method, device, electronic equipment, storage medium and communication system | |
| CN110048852B (en) | Quantum communication service station digital signcryption method and system based on asymmetric key pool | |
| CN112003690A (en) | Password service system, method and device | |
| Boyd et al. | Design and analysis of key exchange protocols via secure channel identification | |
| CN116757698A (en) | Encryption method and system for improving payment security performance | |
| CN112019335B (en) | SM2 algorithm-based multiparty collaborative encryption and decryption method, device, system and medium | |
| CN117917041A (en) | Generating a shared encryption key | |
| Tabassum et al. | Securely Transfer Information with RSA and Digital Signature by using the concept of Fog Computing and Blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |