CN105825383B - The generating random number and verification method that both sides participate in - Google Patents
The generating random number and verification method that both sides participate in Download PDFInfo
- Publication number
- CN105825383B CN105825383B CN201610156104.0A CN201610156104A CN105825383B CN 105825383 B CN105825383 B CN 105825383B CN 201610156104 A CN201610156104 A CN 201610156104A CN 105825383 B CN105825383 B CN 105825383B
- Authority
- CN
- China
- Prior art keywords
- random number
- generating
- user
- generating random
- generation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses generating random numbers and verification method that a kind of both sides participate in.The described method includes: generating random number side and random number user both sides respectively provide generation parameter of the intermediate random number as final random number, final random number is generated by generating random number side.When user generates query to the random number that generation side provides, it can be to generation side's requests verification, generation side sends verification information to user, user recalculates random number according to the verification information received and compares with the former random number received, it is consistent then illustrate that both sides take part in the generation of the random number jointly, and the side of generation does not alter random number maliciously.The present invention is not only able to satisfy the randomness and authenticity that random number user verifies random number at any time, it can also be ensured that the fairness of both sides, the effective guarantee interests of each side are a kind of very useful generating random number schemes.
Description
Technical field
The invention belongs to cryptographies and field of information security technology, and in particular to a kind of generating random number that both sides participate in and
Verification method.
Background technique
The development of e-commerce accelerates application of the cryptographic technique in business activity, so that random number uses in life
Frequency it is higher and higher.But now with the development of science and technology, random number is established using the communication mode of face to face
Generation there is time and limitation geographically, be unable to satisfy demand already, then occur various having surmounted what time domain limited
About the application of random number, and penetrate into the method face face of life.Shopping online, the lottery ticket number of shaking, train and aircraft ticket
Predetermined and purchase, wechat, Alipay payment, registration, login or the other consumption occasions of all kinds of softwares can all occur at random
Number is supplied to us and uses.
Presently, there are the business application about random number, the generation scheme of random number is all inequitable.Existing
Random number generation scheme in, random number is by the sponsor in business activity, i.e., businessman generates, and has to random number absolute
Control.And the user of random number, i.e. client can only passively receive the random number of businessman's offer, be not engaged in power, it can not
It participates in the generation of random number, it is even more impossible to verify to it, such businessman can be constructed using this unjustness easily
The numerical value for being conducive to the random number of businessman's interests, therefrom speculates, so that the interests of client are damaged.
Summary of the invention
The present invention provides a kind of the both sides generating random number and verification method that participate in, generating random number side (such as businessman) and
Random number user (such as client) both sides can participate in the generation of random number jointly and verify, and the generation of random number is not
Controllable, not by either party control of both sides, it is capable of the fairness of effective guarantee both parties, while authentication mechanism can also have
Effect prevents from altering, and improves the degree of belief of random number user.It participates in generating by this both sides and the generating mode verified generates
Random number, be not only able to satisfy randomness and authenticity that random number user verifies random number at any time, it can also be ensured that handing over
The fairness of both parties during easily, the effective guarantee interests of consumer are a kind of very useful generating random number sides
Case.
Technical solution of the present invention includes two stages, generating random number stage and verifying random number stage.
Generating random number stage key step is as follows:
(1) random number user initially sets up with generating random number side communicates.
(2) random number user selects an arbitrary parameter p to generate a random number r1=MD5 (p), and by r1It is sent to
Generating random number side.
(3) generating random number side receives the random number r that random number user sends1。
(4) generating random number side generates unique sequence number s, saves time t corresponding with the sequence number.
(5) generating random number side is by r1, s, t as parameter generate random number r2, it may be assumed that r2=MD5 (r1,s,t)。
(6) generating random number root is according to (r1, r2) generate final random number R=h (r1,r2)mod(m+1)。
(7) generating random number side sends R and t and gives random number user.
Wherein: h (r1,r2) it is by (r1,r2) the safe hash function of SHA as 512 bits of parameter.
It is as follows to verify random number stage key step:
(a) random number user receives the R and t that generating random number side is sent.
(b) t requests verification is sent to generating random number side if random number user generates query to R.
(c) generating random number root searches sequence corresponding with t according to the checking request of random number user in the database
Number s is simultaneously sent to random number user.
(d) the sequence number s that random number user receives that generating random number side is sent calculates r2=MD5 (r1, s, t) and R'
=h (r1,r2) mod (m+1), judge whether R'=R is true, verifies to R.
Specific embodiment
Technical solution of the present invention is further elaborated below by a specific embodiment.
Businessman is as generating random number side, and as random number user, both sides respectively provide an intermediate random number and make client
For the generation parameter of final random number, final random number is generated by businessman.When client generates matter to the random number that businessman provides
When doubting, verifying can be made requests to businessman, businessman sends verification information to client, and client is according to the verification information weight received
It is new to calculate random number and compared with the former random number received, it whether unanimously to see, unanimously then illustrates that both sides take part in jointly
The generation of the random number, and businessman does not alter random number maliciously.Specific step is as follows:
A. client initially sets up with businessman and communicates.It is client by the IP of businessman that client and businessman, which establish the mode of communication,
Location is communicated in local area network with it.
B. client selects an arbitrary parameter p to generate a random number r1The generation of=MD5 (p) and by r1It is sent to businessman.
Client generates the character string of 128 bits by MD5 algorithm, intercepts preceding 32 bit and converts thereof into one positioned at a certain range
Random number, herein by range due to [0,30).
C. businessman receives the random number r that client sends1。
D. businessman generates unique sequence number s, saves time t corresponding with the sequence number.Businessman uses general unique knowledge
Other code generating function obtains function generating sequence number s and system time and obtains system time t corresponding with the sequence number, and
S and t is saved in the database.
E. businessman is by r1, s, t as parameter generate random number r2, it may be assumed that r2=MD5 (r1,s,t).Businessman is by r1, s, t conduct
Parameter equally passes through the character string that MD5 algorithm generates 128 bits, intercepts preceding 32 bit and converts thereof into one positioned at certain
The random number of range, herein by range due to [0,30).
F. businessman is according to (r1, r2) generate final random number R=h (r1,r2)mod(m+1).Businessman is by (r1, r2) conduct
Parameter generates the character string of 512 bits by the safe hash function of SHA of 512 bits, intercepts preceding 32 bit and is converted
At one positioned at [0,30) random number in section is as final random number R.
G. the R and t that businessman sends are to client.
H. client receives the R and t that businessman sends.
I. t requests verification is sent to businessman if client generates query to R.
J. businessman searches corresponding sequence number s according to the checking request of client in the database and is sent to client.
K. the sequence number s that client receives that businessman sends calculates r2=MD5 (r1, s, t) and R'=h (r1,r2)mod(m+
1), judge whether R'=R is true, verifies to R.
Symbol description:
(1) " MD5 (x) " is Message Digest 5.
(2) " mod " is complementation operation, such as a (modd)=amodd indicates the remainder that a is removed with N.
(3) " h (y) " is the safe hash function of SHA of 512 bits.
Random number R is generated by using the safe hash function of SHA that length is 512 bits, wherein parameter r1It is to pass through MD5
Algorithm calculates and intercepts generation, is random;r2It is to be controlled to generate by multiple parameters, it is even more uncontrollable;Sequence number s is
It is generated by unique identifier generating function, there is uniqueness.Therefore either parameter or random number R itself, generation
Mode be all it is random and uncontrollable, ensured the randomness and uncontrollability of random number.In addition, the generation of random number be by
Both parties participate in generation jointly, so that transaction can be carried out liberally, while additionally providing authentication mechanism and being tested in real time
Card, it is therefore prevented that businessman itself or third party alter the possibility of random number.
System implementations:
System architecture is broadly divided into server-side with two parts of client, mainly includes following functions in client:
(1) it is communicated with server end foundation;
(2) random number r is realized1Generation and by r1It is sent to server-side;
(3) R and time t that server end is sent are received;
(4) checking request is sent to server end;
(5) it receives the sequence number s that server end is sent and calculates r2And R is verified.
Mainly include following functions in server end:
(1) the random number r that client is sent is received1;
(2) unique sequence number s and time t corresponding with the sequence number is generated;
(3) by r1, s, t as parameter generate random number r2;
(4) according to (r1,r2) generate final random number R;
(5) R and t that client is sent are received;
(6) it receives the checking request of client and is sent to it series number s.
Claims (6)
1. generating random number and verification method that a kind of both sides participate in, the method includes generating random number stage and verifying are random
The number stage;The generating random number stage includes the following steps:
(1) random number user initially sets up with generating random number side communicates;
(2) random number user selects an arbitrary parameter p to generate a random number r1=MD5 (p), and by r1It is sent to random
Number generation side;
(3) generating random number side receives the random number r that random number user sends1;
(4) generating random number side generates unique sequence number s, saves time t corresponding with the sequence number;
(5) generating random number side is by r1, s, t as parameter generate random number r2, it may be assumed that r2=MD5 (r1,s,t);
(6) generating random number root is according to (r1, r2) generate final random number R=h (r1,r2)mod(m+1);
(7) generating random number side sends R and t and gives random number user;
Wherein: h (r1,r2) it is by (r1,r2) the safe hash function of SHA as 512 bits of parameter;
The verifying random number stage includes the following steps:
(a) random number user receives the R and t that generating random number side is sent;
(b) t requests verification is sent to generating random number side if random number user generates query to R;
(c) generating random number root searches sequence number s corresponding with t simultaneously according to the checking request of random number user in the database
It is sent to random number user;
(d) the sequence number s that random number user receives that generating random number side is sent calculates r2=MD5 (r1, s, t) and R'=h
(r1,r2) mod (m+1), judge whether R'=R is true, verifies to R.
2. according to the method described in claim 1, random number user and generating random number side establish and lead to wherein in step (1)
The mode of letter is that random number user is communicated in local area network by the IP address of generating random number side with it.
3. according to the method described in claim 1, random number user generates one by MD5 algorithm wherein in step (2)
The character string of 128 bits, intercept preceding 32 bit convert thereof into one positioned at [0,30) random number in section.
4. according to the method described in claim 1, generating random number side is raw using Universally Unique Identifier wherein in step (4)
Sequence number s and system time are generated at function and obtains function to obtain system time t corresponding with the sequence number, and by s and t
It saves in the database.
5. according to the method described in claim 1, wherein in step (5), generating random number side is by r1, s, t it is equally logical as parameter
Cross the character string that MD5 algorithm generates 128 bits, intercept preceding 32 bit convert thereof into one positioned at [0,30) section with
Machine number.
6. according to the method described in claim 1, wherein in step (6), generating random number side is by (r1, r2) pass through as parameter
The safe hash function of the SHA of 512 bits generates the character string of 512 bits, intercepts preceding 32 bit and converts thereof into a position
In [0,30) random number in section is as final random number R.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610156104.0A CN105825383B (en) | 2016-03-18 | 2016-03-18 | The generating random number and verification method that both sides participate in |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610156104.0A CN105825383B (en) | 2016-03-18 | 2016-03-18 | The generating random number and verification method that both sides participate in |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105825383A CN105825383A (en) | 2016-08-03 |
CN105825383B true CN105825383B (en) | 2019-08-13 |
Family
ID=56523977
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610156104.0A Active CN105825383B (en) | 2016-03-18 | 2016-03-18 | The generating random number and verification method that both sides participate in |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105825383B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108363561B (en) * | 2017-12-29 | 2020-11-20 | 北京欧链科技有限公司 | Data screening method and device based on block chain |
CN108170403B (en) * | 2017-12-29 | 2021-06-25 | 北京欧链科技有限公司 | Data screening method and device |
CN108334307B (en) * | 2017-12-29 | 2020-11-20 | 北京欧链科技有限公司 | Data screening method and device based on block chain |
CN108415686B (en) * | 2017-12-29 | 2020-07-14 | 北京欧链科技有限公司 | Account-splitting calculation method and device in random number providing process |
CN109361509A (en) * | 2018-10-25 | 2019-02-19 | 杭州隐知科技有限公司 | A kind of random digit generation method, device and storage medium |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9026571B2 (en) * | 2008-10-27 | 2015-05-05 | Microsoft Technology Licensing, Llc | Random number generation failure detection and entropy estimation |
CN104408623A (en) * | 2014-10-11 | 2015-03-11 | 福建升腾资讯有限公司 | Identity authentication method suitable for product payment |
CN104579694B (en) * | 2015-02-09 | 2018-09-14 | 浙江大学 | A kind of identity identifying method and system |
CN105162760B (en) * | 2015-07-28 | 2018-08-14 | 郝孟一 | Randomly select method, apparatus and system |
-
2016
- 2016-03-18 CN CN201610156104.0A patent/CN105825383B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN105825383A (en) | 2016-08-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105825383B (en) | The generating random number and verification method that both sides participate in | |
US7840813B2 (en) | Method and system with authentication, revocable anonymity and non-repudiation | |
US11336446B2 (en) | System and method for generating and depositing keys for multi-point authentication | |
EP3659082B1 (en) | Computer-implemented system and method enabling secure storage of a large blockchain over a plurality of storage nodes | |
CN108965338B (en) | Three-factor identity authentication and key agreement method under multi-server environment | |
CN107370600B (en) | Method for generating core identity digital certificate and identity side digital certificate | |
CN110020541B (en) | Reputation evaluation method and system based on block chain privacy protection | |
CN114730420A (en) | System and method for generating signatures | |
CN105743638B (en) | Method based on B/S architecture system client authorization certifications | |
Xiong et al. | A blockchain-based privacy-awareness authentication scheme with efficient revocation for multi-server architectures | |
CN106411525A (en) | Message authentication method and system | |
CN101442411A (en) | Identification authentication method between peer-to-peer user nodes in P2P network | |
CN105827395A (en) | Network user authentication method | |
CN109379176B (en) | Password leakage resistant authentication and key agreement method | |
CN103338201A (en) | Remote identity authentication method participated in by registration center under multi-sever environment | |
CN103347018A (en) | Long-distance identity authentication method based on intelligent card and under multiple-service environment | |
Li et al. | Metaopera: A cross-metaverse interoperability protocol | |
CN108270572B (en) | Key exchange protocol based on position and password | |
Sudhakaran | Energy efficient distributed lightweight authentication and encryption technique for IoT security | |
TWI786039B (en) | Offline payment method, terminal equipment, backstage payment device and offline payment system | |
CN110866754A (en) | Pure software DPVA (distributed data authentication and privacy infrastructure) identity authentication method based on dynamic password | |
CN107615704A (en) | A kind of device, method and system of the anti-fishing of network | |
CN111711607B (en) | Block chain-based flow type micro-service trusted loading and verifying method | |
Song et al. | Hardening password-based credential databases | |
Karmakar et al. | A PUF and Fuzzy Extractor-Based UAV-Ground Station and UAV-UAV authentication mechanism with intelligent adaptation of secure sessions |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |