CN105825383B - The generating random number and verification method that both sides participate in - Google Patents

The generating random number and verification method that both sides participate in Download PDF

Info

Publication number
CN105825383B
CN105825383B CN201610156104.0A CN201610156104A CN105825383B CN 105825383 B CN105825383 B CN 105825383B CN 201610156104 A CN201610156104 A CN 201610156104A CN 105825383 B CN105825383 B CN 105825383B
Authority
CN
China
Prior art keywords
random number
generating
user
generating random
generation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610156104.0A
Other languages
Chinese (zh)
Other versions
CN105825383A (en
Inventor
刘忆宁
梁露曦
赵全玉
赵曦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guilin University of Electronic Technology
Original Assignee
Guilin University of Electronic Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guilin University of Electronic Technology filed Critical Guilin University of Electronic Technology
Priority to CN201610156104.0A priority Critical patent/CN105825383B/en
Publication of CN105825383A publication Critical patent/CN105825383A/en
Application granted granted Critical
Publication of CN105825383B publication Critical patent/CN105825383B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses generating random numbers and verification method that a kind of both sides participate in.The described method includes: generating random number side and random number user both sides respectively provide generation parameter of the intermediate random number as final random number, final random number is generated by generating random number side.When user generates query to the random number that generation side provides, it can be to generation side's requests verification, generation side sends verification information to user, user recalculates random number according to the verification information received and compares with the former random number received, it is consistent then illustrate that both sides take part in the generation of the random number jointly, and the side of generation does not alter random number maliciously.The present invention is not only able to satisfy the randomness and authenticity that random number user verifies random number at any time, it can also be ensured that the fairness of both sides, the effective guarantee interests of each side are a kind of very useful generating random number schemes.

Description

The generating random number and verification method that both sides participate in
Technical field
The invention belongs to cryptographies and field of information security technology, and in particular to a kind of generating random number that both sides participate in and Verification method.
Background technique
The development of e-commerce accelerates application of the cryptographic technique in business activity, so that random number uses in life Frequency it is higher and higher.But now with the development of science and technology, random number is established using the communication mode of face to face Generation there is time and limitation geographically, be unable to satisfy demand already, then occur various having surmounted what time domain limited About the application of random number, and penetrate into the method face face of life.Shopping online, the lottery ticket number of shaking, train and aircraft ticket Predetermined and purchase, wechat, Alipay payment, registration, login or the other consumption occasions of all kinds of softwares can all occur at random Number is supplied to us and uses.
Presently, there are the business application about random number, the generation scheme of random number is all inequitable.Existing Random number generation scheme in, random number is by the sponsor in business activity, i.e., businessman generates, and has to random number absolute Control.And the user of random number, i.e. client can only passively receive the random number of businessman's offer, be not engaged in power, it can not It participates in the generation of random number, it is even more impossible to verify to it, such businessman can be constructed using this unjustness easily The numerical value for being conducive to the random number of businessman's interests, therefrom speculates, so that the interests of client are damaged.
Summary of the invention
The present invention provides a kind of the both sides generating random number and verification method that participate in, generating random number side (such as businessman) and Random number user (such as client) both sides can participate in the generation of random number jointly and verify, and the generation of random number is not Controllable, not by either party control of both sides, it is capable of the fairness of effective guarantee both parties, while authentication mechanism can also have Effect prevents from altering, and improves the degree of belief of random number user.It participates in generating by this both sides and the generating mode verified generates Random number, be not only able to satisfy randomness and authenticity that random number user verifies random number at any time, it can also be ensured that handing over The fairness of both parties during easily, the effective guarantee interests of consumer are a kind of very useful generating random number sides Case.
Technical solution of the present invention includes two stages, generating random number stage and verifying random number stage.
Generating random number stage key step is as follows:
(1) random number user initially sets up with generating random number side communicates.
(2) random number user selects an arbitrary parameter p to generate a random number r1=MD5 (p), and by r1It is sent to Generating random number side.
(3) generating random number side receives the random number r that random number user sends1
(4) generating random number side generates unique sequence number s, saves time t corresponding with the sequence number.
(5) generating random number side is by r1, s, t as parameter generate random number r2, it may be assumed that r2=MD5 (r1,s,t)。
(6) generating random number root is according to (r1, r2) generate final random number R=h (r1,r2)mod(m+1)。
(7) generating random number side sends R and t and gives random number user.
Wherein: h (r1,r2) it is by (r1,r2) the safe hash function of SHA as 512 bits of parameter.
It is as follows to verify random number stage key step:
(a) random number user receives the R and t that generating random number side is sent.
(b) t requests verification is sent to generating random number side if random number user generates query to R.
(c) generating random number root searches sequence corresponding with t according to the checking request of random number user in the database Number s is simultaneously sent to random number user.
(d) the sequence number s that random number user receives that generating random number side is sent calculates r2=MD5 (r1, s, t) and R' =h (r1,r2) mod (m+1), judge whether R'=R is true, verifies to R.
Specific embodiment
Technical solution of the present invention is further elaborated below by a specific embodiment.
Businessman is as generating random number side, and as random number user, both sides respectively provide an intermediate random number and make client For the generation parameter of final random number, final random number is generated by businessman.When client generates matter to the random number that businessman provides When doubting, verifying can be made requests to businessman, businessman sends verification information to client, and client is according to the verification information weight received It is new to calculate random number and compared with the former random number received, it whether unanimously to see, unanimously then illustrates that both sides take part in jointly The generation of the random number, and businessman does not alter random number maliciously.Specific step is as follows:
A. client initially sets up with businessman and communicates.It is client by the IP of businessman that client and businessman, which establish the mode of communication, Location is communicated in local area network with it.
B. client selects an arbitrary parameter p to generate a random number r1The generation of=MD5 (p) and by r1It is sent to businessman. Client generates the character string of 128 bits by MD5 algorithm, intercepts preceding 32 bit and converts thereof into one positioned at a certain range Random number, herein by range due to [0,30).
C. businessman receives the random number r that client sends1
D. businessman generates unique sequence number s, saves time t corresponding with the sequence number.Businessman uses general unique knowledge Other code generating function obtains function generating sequence number s and system time and obtains system time t corresponding with the sequence number, and S and t is saved in the database.
E. businessman is by r1, s, t as parameter generate random number r2, it may be assumed that r2=MD5 (r1,s,t).Businessman is by r1, s, t conduct Parameter equally passes through the character string that MD5 algorithm generates 128 bits, intercepts preceding 32 bit and converts thereof into one positioned at certain The random number of range, herein by range due to [0,30).
F. businessman is according to (r1, r2) generate final random number R=h (r1,r2)mod(m+1).Businessman is by (r1, r2) conduct Parameter generates the character string of 512 bits by the safe hash function of SHA of 512 bits, intercepts preceding 32 bit and is converted At one positioned at [0,30) random number in section is as final random number R.
G. the R and t that businessman sends are to client.
H. client receives the R and t that businessman sends.
I. t requests verification is sent to businessman if client generates query to R.
J. businessman searches corresponding sequence number s according to the checking request of client in the database and is sent to client.
K. the sequence number s that client receives that businessman sends calculates r2=MD5 (r1, s, t) and R'=h (r1,r2)mod(m+ 1), judge whether R'=R is true, verifies to R.
Symbol description:
(1) " MD5 (x) " is Message Digest 5.
(2) " mod " is complementation operation, such as a (modd)=amodd indicates the remainder that a is removed with N.
(3) " h (y) " is the safe hash function of SHA of 512 bits.
Random number R is generated by using the safe hash function of SHA that length is 512 bits, wherein parameter r1It is to pass through MD5 Algorithm calculates and intercepts generation, is random;r2It is to be controlled to generate by multiple parameters, it is even more uncontrollable;Sequence number s is It is generated by unique identifier generating function, there is uniqueness.Therefore either parameter or random number R itself, generation Mode be all it is random and uncontrollable, ensured the randomness and uncontrollability of random number.In addition, the generation of random number be by Both parties participate in generation jointly, so that transaction can be carried out liberally, while additionally providing authentication mechanism and being tested in real time Card, it is therefore prevented that businessman itself or third party alter the possibility of random number.
System implementations:
System architecture is broadly divided into server-side with two parts of client, mainly includes following functions in client:
(1) it is communicated with server end foundation;
(2) random number r is realized1Generation and by r1It is sent to server-side;
(3) R and time t that server end is sent are received;
(4) checking request is sent to server end;
(5) it receives the sequence number s that server end is sent and calculates r2And R is verified.
Mainly include following functions in server end:
(1) the random number r that client is sent is received1
(2) unique sequence number s and time t corresponding with the sequence number is generated;
(3) by r1, s, t as parameter generate random number r2
(4) according to (r1,r2) generate final random number R;
(5) R and t that client is sent are received;
(6) it receives the checking request of client and is sent to it series number s.

Claims (6)

1. generating random number and verification method that a kind of both sides participate in, the method includes generating random number stage and verifying are random The number stage;The generating random number stage includes the following steps:
(1) random number user initially sets up with generating random number side communicates;
(2) random number user selects an arbitrary parameter p to generate a random number r1=MD5 (p), and by r1It is sent to random Number generation side;
(3) generating random number side receives the random number r that random number user sends1
(4) generating random number side generates unique sequence number s, saves time t corresponding with the sequence number;
(5) generating random number side is by r1, s, t as parameter generate random number r2, it may be assumed that r2=MD5 (r1,s,t);
(6) generating random number root is according to (r1, r2) generate final random number R=h (r1,r2)mod(m+1);
(7) generating random number side sends R and t and gives random number user;
Wherein: h (r1,r2) it is by (r1,r2) the safe hash function of SHA as 512 bits of parameter;
The verifying random number stage includes the following steps:
(a) random number user receives the R and t that generating random number side is sent;
(b) t requests verification is sent to generating random number side if random number user generates query to R;
(c) generating random number root searches sequence number s corresponding with t simultaneously according to the checking request of random number user in the database It is sent to random number user;
(d) the sequence number s that random number user receives that generating random number side is sent calculates r2=MD5 (r1, s, t) and R'=h (r1,r2) mod (m+1), judge whether R'=R is true, verifies to R.
2. according to the method described in claim 1, random number user and generating random number side establish and lead to wherein in step (1) The mode of letter is that random number user is communicated in local area network by the IP address of generating random number side with it.
3. according to the method described in claim 1, random number user generates one by MD5 algorithm wherein in step (2) The character string of 128 bits, intercept preceding 32 bit convert thereof into one positioned at [0,30) random number in section.
4. according to the method described in claim 1, generating random number side is raw using Universally Unique Identifier wherein in step (4) Sequence number s and system time are generated at function and obtains function to obtain system time t corresponding with the sequence number, and by s and t It saves in the database.
5. according to the method described in claim 1, wherein in step (5), generating random number side is by r1, s, t it is equally logical as parameter Cross the character string that MD5 algorithm generates 128 bits, intercept preceding 32 bit convert thereof into one positioned at [0,30) section with Machine number.
6. according to the method described in claim 1, wherein in step (6), generating random number side is by (r1, r2) pass through as parameter The safe hash function of the SHA of 512 bits generates the character string of 512 bits, intercepts preceding 32 bit and converts thereof into a position In [0,30) random number in section is as final random number R.
CN201610156104.0A 2016-03-18 2016-03-18 The generating random number and verification method that both sides participate in Active CN105825383B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610156104.0A CN105825383B (en) 2016-03-18 2016-03-18 The generating random number and verification method that both sides participate in

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610156104.0A CN105825383B (en) 2016-03-18 2016-03-18 The generating random number and verification method that both sides participate in

Publications (2)

Publication Number Publication Date
CN105825383A CN105825383A (en) 2016-08-03
CN105825383B true CN105825383B (en) 2019-08-13

Family

ID=56523977

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610156104.0A Active CN105825383B (en) 2016-03-18 2016-03-18 The generating random number and verification method that both sides participate in

Country Status (1)

Country Link
CN (1) CN105825383B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108363561B (en) * 2017-12-29 2020-11-20 北京欧链科技有限公司 Data screening method and device based on block chain
CN108170403B (en) * 2017-12-29 2021-06-25 北京欧链科技有限公司 Data screening method and device
CN108334307B (en) * 2017-12-29 2020-11-20 北京欧链科技有限公司 Data screening method and device based on block chain
CN108415686B (en) * 2017-12-29 2020-07-14 北京欧链科技有限公司 Account-splitting calculation method and device in random number providing process
CN109361509A (en) * 2018-10-25 2019-02-19 杭州隐知科技有限公司 A kind of random digit generation method, device and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9026571B2 (en) * 2008-10-27 2015-05-05 Microsoft Technology Licensing, Llc Random number generation failure detection and entropy estimation
CN104408623A (en) * 2014-10-11 2015-03-11 福建升腾资讯有限公司 Identity authentication method suitable for product payment
CN104579694B (en) * 2015-02-09 2018-09-14 浙江大学 A kind of identity identifying method and system
CN105162760B (en) * 2015-07-28 2018-08-14 郝孟一 Randomly select method, apparatus and system

Also Published As

Publication number Publication date
CN105825383A (en) 2016-08-03

Similar Documents

Publication Publication Date Title
CN105825383B (en) The generating random number and verification method that both sides participate in
US7840813B2 (en) Method and system with authentication, revocable anonymity and non-repudiation
US11336446B2 (en) System and method for generating and depositing keys for multi-point authentication
EP3659082B1 (en) Computer-implemented system and method enabling secure storage of a large blockchain over a plurality of storage nodes
CN108965338B (en) Three-factor identity authentication and key agreement method under multi-server environment
CN107370600B (en) Method for generating core identity digital certificate and identity side digital certificate
CN110020541B (en) Reputation evaluation method and system based on block chain privacy protection
CN114730420A (en) System and method for generating signatures
CN105743638B (en) Method based on B/S architecture system client authorization certifications
Xiong et al. A blockchain-based privacy-awareness authentication scheme with efficient revocation for multi-server architectures
CN106411525A (en) Message authentication method and system
CN101442411A (en) Identification authentication method between peer-to-peer user nodes in P2P network
CN105827395A (en) Network user authentication method
CN109379176B (en) Password leakage resistant authentication and key agreement method
CN103338201A (en) Remote identity authentication method participated in by registration center under multi-sever environment
CN103347018A (en) Long-distance identity authentication method based on intelligent card and under multiple-service environment
Li et al. Metaopera: A cross-metaverse interoperability protocol
CN108270572B (en) Key exchange protocol based on position and password
Sudhakaran Energy efficient distributed lightweight authentication and encryption technique for IoT security
TWI786039B (en) Offline payment method, terminal equipment, backstage payment device and offline payment system
CN110866754A (en) Pure software DPVA (distributed data authentication and privacy infrastructure) identity authentication method based on dynamic password
CN107615704A (en) A kind of device, method and system of the anti-fishing of network
CN111711607B (en) Block chain-based flow type micro-service trusted loading and verifying method
Song et al. Hardening password-based credential databases
Karmakar et al. A PUF and Fuzzy Extractor-Based UAV-Ground Station and UAV-UAV authentication mechanism with intelligent adaptation of secure sessions

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant