CN105868987A - Method and system for sharing information among devices - Google Patents
Method and system for sharing information among devices Download PDFInfo
- Publication number
- CN105868987A CN105868987A CN201610182143.8A CN201610182143A CN105868987A CN 105868987 A CN105868987 A CN 105868987A CN 201610182143 A CN201610182143 A CN 201610182143A CN 105868987 A CN105868987 A CN 105868987A
- Authority
- CN
- China
- Prior art keywords
- equipment
- hit
- server
- item
- hashed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Computer Security & Cryptography (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a method and a system for sharing information among devices. According to one embodiment of the invention, the information to be shared is blacklist information. Some embodiments of the invention enhance respective participant's control of respective blacklist information, and prevent the blacklist information from being leaked to a third party.
Description
Technical field
Embodiments of the invention relate to the method and system sharing information between devices.
Background technology
Finance plays an important role in business with the blacklist of payment technical field, and the participation main body in market is intended to
Obtain the blacklist of the most effective property in time, but the information that is often limited to close rule and secret protection requirement, it is impossible to
Directly the blacklist of oneself is shared with other people.
It is the third party neutral by that blacklist shares a kind of common mode, or the big supply of blacklist
Business is distributed to all of participation main body after collecting black list information, but participates in main body for third-party letter
Appointing degree the highest, each participation main body is more weak for the degree of control of shared information.Therefore, participant under this mechanism
Enthusiasm is on the low side, and the blacklist distribution after additionally collecting also easily causes overall black because of the leakage of a certain participant
The leakage of list information.
Another kind of common blacklist shared mechanism is to be collected by a neutral third party to form blacklist storehouse, respectively
By third party's feedback query information whether participate in main body provides keyword to carry out the inquiry of information of sharing to third party,
Blacklist is had to hit keyword.Owing to needs issuer provides keyword message, third party easily gathers a large amount of ginseng
Privacy information to be protected is needed with main body.In addition the blacklist storehouse that third party collects there is also the possibility of overall leakage
Property.
Summary of the invention
A kind of method sharing information between devices, including: step 1: send from the first device-to-server
Inquiry request, this inquiry request includes the first hashed value of the major key of item to be checked and corresponding hashed password;Step
Rapid 2: from this server to the first hashed value and described hashed password described in multiple second device broadcasts;Step 3:
In each of the plurality of second equipment, the hashed password of reception is used to calculate the item that this equipment is comprised respectively
The second hashed value of major key, when this second hashed value and described first Hash value matches, with this second hash
The item of the major key that value is corresponding is hit item, and this equipment is hit equipment;Step 4: at this server, from one
Or multiple hit equipment receive by the shared key of this hit equipment encryption, wherein, this hit equipment utilization is ordered
This shared key encrypted by the major key of middle term;Step 5: send described encryption to this first equipment from this server
Shared key;Step 6: use described shared key, in described first equipment and one or more
The information of hit item is shared between hit equipment.
A kind of system sharing information between devices, including: first module, it is used for from the first equipment to service
Device sends inquiry request, and this inquiry request includes that the first hashed value of the major key of item to be checked and corresponding hash are close
Code;Second unit, is used for from this server to the first hashed value and described hash described in multiple second device broadcasts
Password;Unit the 3rd, in each of the plurality of second equipment, using the hashed password of reception respectively
Calculate the second hashed value of the major key of the item that this equipment is comprised, when this second hashed value and described first hashed value
During coupling, the item of the major key corresponding with this second hashed value is hit item, and this equipment is hit equipment;4th is single
Unit, at this server, from one or more hit equipment receive by the encryption of this hit equipment shared close
Key, wherein, this shared key encrypted by the major key of this hit equipment utilization hit item;Unit the 5th, for from
This server sends the shared key of described encryption to this first equipment;Unit the 6th, is used for using described sharing
Key, shares the information of hit item between described first equipment and one or more hit equipment.
When reading in conjunction with the accompanying following description it will also be understood that the further feature of embodiments of the invention and advantage, its
Middle accompanying drawing shows the principle of embodiments of the invention by means of example.
Accompanying drawing explanation
Fig. 1 is to participate in shared blacklist letter between main body by shared platform according to an embodiment of the invention
The Organization Chart of breath.
Fig. 2 is the schematic diagram sharing information the most between devices.
Fig. 3 is the message transmission signal of the method sharing information the most between devices
Figure.
Detailed description of the invention
Hereinafter, the principle that invention will be described in conjunction with the embodiments.It should be appreciated that the embodiment be given
It is intended merely to those skilled in the art be more fully understood that and put into practice the present invention rather than limit the model of the present invention
Enclose.This specification comprises many concrete implementation details be not necessarily to be construed as the scope to invention or may be wanted
Ask the restriction of the scope of protection, but the description specific to embodiment should be considered.According to concrete application,
It will be appreciated to those of skill in the art that the feature of the context-descriptive in each embodiment can be combined in single
Implementing in embodiment, the feature described in the context of single embodiment can be implemented in multiple embodiments.
Fig. 1 is being believed by shared platform shared blacklist between participation main body according to an embodiment of the present invention
The Organization Chart of breath.In this embodiment, information to be shared is black list information.Participate in main to strengthen each
The body control to respective black list information, the identity of protection black list information supplier, prevent black list information
Reveal from third party, devise framework as shown in Figure 1.In this framework, shared platform P is joined with each
It is connected by network with main body, and participates in main body independent of each;Each participation main body Q has to be tieed up by oneself
The blacklist BL protected.Participate in main body Q by initiating blacklist inquiry request, shared platform to shared platform P
Sharing of black list information is realized to participating in main body feedback blacklist Query Result.According to the present invention one or many
Individual embodiment, during information sharing, shared platform P the situation revealing black list information can be avoided.
Table 1 below shows an example of a blacklist, and this blacklist has two items.Participating in main body can
With the difference according to type of service, different blacklists is set.One record (item) of blacklist includes blacklist
Major key M and one or more blacklist attribute S.According to one or more embodiments of the invention, by a ginseng
Major key inquiry is initiated to shared platform, after other participates in the major key that main body finds coupling, then at this with main body
Participate in main body and other participates in carrying out point-to-point property value between main body and shares.
| M: major key | S1: name | S2: residence | S3: risk class | S4: chain of evidence | S5: source |
| 001 | Zhang San | Shanghai | High | A | Source data |
| 002 | Li Si | Beijing | Medium | B | Share data |
Table 1
Fig. 2 is the schematic diagram sharing information the most between devices.
First, the first device-to-server inquiry request is initiated, it is desirable to obtain the information of the item that major key is M,
As shown in arrow 1.This inquiry request includes that first hashed value HM of the major key M of item to be checked is with corresponding
Hashed password SQi.
Then, server according to this inquiry request to the first hashed value described in multiple second device broadcasts and described dissipate
Row password, as shown in arrow 2.
Then, in each of the plurality of second equipment, the hashed password of reception is used to calculate this equipment respectively
Second hashed value of the major key of the item comprised, when this second hashed value and described first Hash value matches, with
The item of the major key that this second hashed value is corresponding is hit item, and this equipment is hit equipment.Order from one or more
Middle device-to-server sends by the shared key of this hit equipment encryption, as shown in arrow 3.Wherein, this life
This shared key encrypted by the major key of middle equipment utilization hit item.
Then, send the shared key of described encryption to this first equipment from this server, as shown in arrow 4.
Thus, the first equipment just can use described shared key, obtains from one or more hit equipment
The information of hit item must be shared.
In an embodiment according to Fig. 2, the method sharing information between devices includes procedure below.
Step 1: sending inquiry request from the first device-to-server, this inquiry request includes the master of item to be checked
First hashed value of key and corresponding hashed password.
Step 2: from this server to the first hashed value and described hashed password described in multiple second device broadcasts.
Step 3: in each of the plurality of second equipment, use the hashed password of reception to calculate this respectively and set
Second hashed value of the major key of the standby item comprised, when this second hashed value and described first Hash value matches,
The item of the major key corresponding with this second hashed value is hit item, and this equipment is hit equipment.
Step 4: at this server, receive being total to by the encryption of this hit equipment from one or more hit equipment
Enjoying key, wherein, this shared key encrypted by the major key of this hit equipment utilization hit item.
Step 5: send the shared key of described encryption from this server to this first equipment.
Step 6: use described shared key, hits equipment at described first equipment and one or more
Between share hit item information.
In one embodiment, step 6 described above includes procedure below.
(1) at described first equipment, the major key of described item to be checked is used to decipher the shared key of this encryption,
And use this shared key to encrypt described attribute-name to be checked, send the attribute-name of encryption to this server.
(2) send the attribute-name of this encryption to one or more hit equipment from this server.
(3) one or more hit equipment each, utilize the major key of described hit item to decipher
The attribute-name of this encryption, obtains this attribute-name, and uses the major key of described hit item to encrypt corresponding property value,
And the property value of encryption is sent to this server.
(4) send the property value of described encryption to described first equipment from this server.
(5) at described first equipment, use the major key of described item to be checked to decipher the property value of this encryption, obtain
Obtain the property value of described hit item.
In one embodiment, described hashed password is dynamic hashed password, and this hashed password is based on described
The inquiry dynamic serial number of one equipment and the PKI of described first equipment generate, wherein, and described inquiry dynamic sequence
Number it is pre-assigned to described first equipment by described server.The method sharing information between devices also includes:
From this server to before the first hashed value described in multiple second device broadcasts and described hashed password, verify institute
State the first equipment, wherein, use the PKI life of inquiry dynamic serial number and the first equipment being stored in this server
In pairs according to code, but when this comparison code mates with this hashed password, determine and be proved to be successful;From this server to described
First equipment sends the inquiry dynamic serial number updated.Using dynamic hashed password, server can stop puppet
The inquiry request made.
In one embodiment, described hashed password is unified static hashed password, described server exist
The predetermined time is distributed to described first equipment and the plurality of second equipment;Wherein, in described step 2:
In response to inquiry request from this server to the first hashed value described in multiple second device broadcasts, according to time predetermined
Between be spaced, from this server to described first equipment and the plurality of second equipment distribution static hash password;?
The method sharing information between equipment also includes: in each of the plurality of second equipment, described predetermined
Time interval, the second hash of the major key of the item that this equipment of static hash cryptographic calculations that use receives is comprised
Value, for preparing with matching operation in the future.Thus, when the second equipment receives inquiry request, can make
Directly mate with the first hashed value of reception by pre-prepd second hashed value, improve search efficiency.
In one embodiment, at the plurality of second equipment, safeguard the hit record of item, wherein, when one
Second equipment receives described first hashed value and described hashed password, and when determining existence hit item, for this life
The hit record increase by 1 of middle term;And receive described first equipment of described first hashed value of transmission to this hit
The signature of record.The signature of hit record and hit record can be stored in item as chain of evidence.
Fig. 3 is the message transmission signal of the method sharing information the most between devices
Figure.In this embodiment, equipment Qi passes through the server P information to miscellaneous equipment Qs requesting query item.This
In, Qs refers to other one or more equipment.Being appreciated that in other embodiments, Qi can be with class
As mode share information with any information miscellaneous equipment of preserving in addition to Qi equipment.Hereinafter describing should
Some steps of embodiment, but it is understood that, some processes in these steps are merely exemplary,
Do not limit the invention.
Step 301
Sending inquiry request from the first equipment Qi to server P, this inquiry request includes the major key of item to be checked
First hashed value HM of M and corresponding first hashed password SQi, wherein HM=HASH (M, SQi).
In some instances, HASH (A, B) represents for text A, carries out mould and computing with B, then carries out list
To hash operations.Such as MD5 can be used, the algorithm of the uni-directional hash computing such as SHA-1, SHA-256.
In some instances, alternatively, also inquiry business type Type is sent to server P from the first equipment Qi.
This other of item that can allow server P that inquiry request is forwarded to have this type of service targetedly sets
Standby.
In some instances, this first hashed password SQi is hashed value based on search sequence QiID, phase
The hashed password answered is the PKI PKQi of described first equipment Qi, wherein, SQi=HASH (QiID, PKQi).
In other examples, this first hashed password SQi is based on search sequence QiID and Query Dates Date
Hashed value, at this moment SQi=HASH (QiID+Date, PKQi).The acquiescence of the first equipment Qi initiates QiID can
To be set to 0, follow-up QiID can be sent to Qi from by P.
After sending inquiry request from the first equipment Qi to server P, this Type inquired about of Qi storage,
HM、SQi、M。
Step 302
This first hashed value HM and the first hashed password SQi is comprised to the second equipment Qs forwarding from server P
Information.
In some instances, for improving security, at server P, verify from described first equipment Qi
Inquiry request, wherein, use the search sequence of described first equipment Qi being stored in advance in this server P
Number QiID " and PKI, PKQi ", using search sequence number as initial data, using PKI as hashed password, make
It is calculated hashed value SQi with hash function ", wherein, SQi "=HASH (QiID ", PKQi ").When this hash
Value SQi " consistent with the first hashed password SQi time, it is judged that described in be proved to be successful.
In some instances, after being proved to be successful, broadcast Type, HM, SQi from server P to Qs, and
And timing can also be started for this.
Step 303
Second equipment Qs obtains Type, HM, SQi of P broadcast.At this second equipment Qs, for by
The major key N of the item of the second equipment keeping, calculates the hash of described major key N according to described first hashed password SQi
Value HN, wherein NH=HASH (N, SQi), and determine its hashed value HN and described first hashed value HM
The item corresponding for major key N of coupling.
In some instances, at the second equipment Qs, use the SQi master to multiple of the business of parameter Type
Key N carries out hash operations one by one and obtains hashed value list.
Then, send shared key TK and described first of encryption to described server P from the second equipment Qs
The hashed value (that is, HM) of Hash value matches, described first hashed password SQi in some instances, are shared close
Key TKs can be the random number generated by Qs, and TK can obtain TK=C (TKs, M) by following formula.
Here, C (A, B) represents for text A, and using B is the result that key carries out symmetric cryptography.C " (A, B) expression
For text A, using B is that key carries out symmetrical deciphering.Can use 3DES, AES, SM1 etc. are symmetrical close
Code algorithm.In other examples, TKs use the hash value of M carry out symmetric cryptography, now
TK=C (TKs, HASH (M, 0)).Second equipment Qs records TKs, TK, M.
Step 304
Forward shared key TK and described the of described encryption to described first equipment Qi from described server P
The hashed value of one Hash value matches, described first hashed password SQi.P records TK and Qs mapping relations.
In some instances, P is after the feedback result receiving all Qs, or reaches to preset maximum duration in timing
After, form quantity N of final Query Result R, Qs, share key list TKlist.It is then possible to from P
Type, SQi, R, N, TKlist, QiID is sent to Qi ", QiID here " for initiating looking into of inquiry next time
Ask sequence number.
Step 305
First equipment Qi obtains after Type, SQi, R, N, Type in can being recorded by inquiry,
SQi obtains M.By the size of N numerical value, first equipment Qi can also judge that the scope shared is enough,
And updating QiID is QiID '.
At the first equipment Qi, the major key M of described item to be checked is used to decipher shared key TK of this encryption,
And use this shared key TKs to encrypt described attribute-name Si to be checked, send the genus of encryption to this server
Property name CSi and TK.Here, TKs=C (TKs, M).In one example, each in TKlist
TK uses HM0=HASH (M, 0) to be decrypted point-to-point shared symmetrical key TKs of acquisition, i.e.
TKs=C " (TK, HM0).Qi records TK and M, the mapping relations of TKs.
Step 306
According to the mapping relations of TK and Qs, hit equipment Qs from this server P to one or more
Send attribute-name CSi and the TK of this encryption.P supplements TK and Qi relation.
Step 307
One or more hit equipment Qs each, utilize described hit item major key or
HM0=HASH (M, 0) deciphers the attribute-name of this encryption, obtains this attribute-name, and uses described hit item
The property value Si_V that major key encryption is corresponding, and property value CSi_V, TK of encryption is sent to this server P.
Step 308
Send property value CSi_V, TK of described encryption to described first equipment Qi from this server P.Qi obtains
Take CSi_V, map according to TK, M, Tks, deciphering Si_V=(CSi_V, TKs).
Black chain of evidence mechanism
According to another embodiment of the invention, when item to be inquired about is that the record in blacklist is, introduce
Black chain of evidence mechanism, improves the reliability of inquiry.In one example, the card of Qs every blacklist record
Being that CH0 includes 0, SIGN (0, SKQs) according to the initial value of chain attribute, wherein the former is the number of times being queried to,
The latter is inquiry's signature to this record.Often increase hit at first time, then by inquiry Qi update CHn=(n,
SIGN(CHn-1,SKQi)).The value of chain of evidence is sent to Qi for inquiry in the point-to-point shared stage by Qs
Confirm.So, if Qi has a question for CHn-1, CHn-1 can be submitted to server P and carry out successively
Signature verification, prevent Qs fabrication of evidence chained record.
According to another embodiment of the invention, introduce and simplify inquiry mechanism.Owing to inquiry is required for every time
Each main body that participates in carries out the hash calculating of a full list of blacklist, needs meter when blacklist list is bigger when
Evaluation time is longer, and each main body that participates in is susceptible to the phenomenon of feedback time-out, calculates for simplifying, can be in a period of time
In, such as issued fixing hash factor S Q, query originator by platform P in 1 hour or 1 day
Carrying out uni-directional hash with SQ for keyword, each participant uses SQ to complete the uni-directional hash of blacklist in advance
Calculate, and the inquiry request received directly is mated.
Each arrow shown in Fig. 3 can be considered method step and/or be considered owing to running computer program generation
Code and the operation that causes and/or be considered the logic circuit component being configured to implement multiple couplings of correlation function.
Although operation is depicted the most in the drawings, but this is understood not to require according to shown specific suitable
Sequence or perform these operations in sequential order, or requires that the operation of all illustrations is performed, to reach preferable
Result.In some cases, multi-task parallel process is probably favourable.
According to other embodiments, invention additionally discloses herein below.
Scheme 1: a kind of system sharing information between devices, including: first module, for setting from first
Standby to server transmission inquiry request, this inquiry request includes that the first hashed value of the major key of item to be checked is with corresponding
Hashed password;Second unit, for from this server to the first hashed value described in multiple second device broadcasts and
Described hashed password;Unit the 3rd, in each of the plurality of second equipment, uses respectively and receives
Hashed password calculates the second hashed value of the major key of the item that this equipment is comprised, when this second hashed value and described the
During one Hash value matches, the item of the major key corresponding with this second hashed value is hit item, and this equipment is hit equipment;
Unit the 4th, at this server, receiving by the encryption of this hit equipment from one or more hit equipment
Shared key, wherein, this shared key encrypted by the major key of this hit equipment utilization hit item;Unit the 5th,
For sending the shared key of described encryption to this first equipment from this server;Unit the 6th, is used for using institute
State shared key, between described first equipment and one or more hit equipment, share the letter of hit item
Breath.
System as described in scheme 1, described Unit the 6th is configured to: at described first equipment, uses described
The shared key of this encryption deciphered by the major key of item to be checked, and uses the encryption of this shared key described to be checked
Attribute-name, sends the attribute-name of encryption to this server;Set to one or more hit from this server
Preparation gives the attribute-name of this encryption;One or more hit equipment each, utilize described hit
The attribute-name of this encryption deciphered by the major key of item, obtains this attribute-name, and uses the major key of described hit item to encrypt
Corresponding property value, and the property value of encryption is sent to this server;From this server to described first equipment
Send the property value of described encryption;At described first equipment, the major key of described item to be checked is used to decipher this encryption
Property value, it is thus achieved that the property value of described hit item.
System as described in scheme 1, described hashed password is dynamic hashed password, and this hashed password is based on institute
The PKI of the inquiry dynamic serial number and described first equipment of stating the first equipment generates, and wherein, described inquiry is dynamic
Sequence number is pre-assigned to described first equipment by described server;Described system also includes: from this server
Before the first hashed value described in multiple second device broadcasts and described hashed password, verify described first equipment
Device, wherein, uses the PKI of the inquiry dynamic serial number and the first equipment that are stored in this server to generate comparison
Code, but when this comparison code mates with this hashed password, determine and be proved to be successful;Set to described first from this server
Preparation send the device of the inquiry dynamic serial number of renewal.
System as described in scheme 1, described hashed password is unified static hashed password, by described service
Device is distributed to described first equipment and the plurality of second equipment in the predetermined time;Wherein, described second device
It is configured to: in response to inquiry request from this server to the first hashed value described in multiple second device broadcasts, press
According to predetermined time interval, dissipate to described first equipment and the plurality of second equipment distribution static state from this server
Row password;Described system also includes: in each of the plurality of second equipment, between the described predetermined time
Every, the dress of the second hashed value of the major key of the item that this equipment of static hash cryptographic calculations that use receives is comprised
Put, for preparing with matching operation in the future.
System as described in scheme 1, also includes: at the plurality of second equipment, safeguard the hit record of item
Device, it is configured to: when second equipment receives described first hashed value and described hashed password, and
When determining existence hit item, for the hit record increase by 1 of this hit item;And receive described first hash of transmission
The signature that this hit is recorded by described first equipment of value.
Exemplary embodiment can be implemented in hardware, software, or a combination thereof.Such as, certain aspects of the invention
Can implement within hardware, other side then can be implemented in software.Although the exemplary embodiment of the present invention
Aspect can be shown and described as block diagram, flow chart, but is well understood that, these devices described herein,
Or method can be implemented as functional module in as the system of limiting examples.Additionally, said apparatus should not
It is understood to require to carry out in all of the embodiments illustrated this separation, and should be understood that described program groups
Part and system generally can be integrated in single software product or be packaged into multiple software product.
Those skilled in the relevant art's aforementioned exemplary when reading in conjunction with the accompanying aforementioned specification, to the present invention
Various amendments and the deformation of embodiment can become obvious for those skilled in the relevant art.Therefore, the present invention
Embodiment is not limited to disclosed specific embodiment, and variation and other embodiments are intended in appended power
In the range of profit requires.
Claims (10)
1. the method sharing information between devices, it is characterised in that including:
Step 1: sending inquiry request from the first device-to-server, this inquiry request includes the master of item to be checked
First hashed value of key and corresponding hashed password;
Step 2: from this server to the first hashed value and described hashed password described in multiple second device broadcasts;
Step 3: in each of the plurality of second equipment, use the hashed password of reception to calculate this respectively and set
Second hashed value of the major key of the standby item comprised, when this second hashed value and described first Hash value matches,
The item of the major key corresponding with this second hashed value is hit item, and this equipment is hit equipment;
Step 4: at this server, receive being total to by the encryption of this hit equipment from one or more hit equipment
Enjoying key, wherein, this shared key encrypted by the major key of this hit equipment utilization hit item;
Step 5: send the shared key of described encryption from this server to this first equipment;
Step 6: use described shared key, hits equipment at described first equipment and one or more
Between share hit item information.
2. the method for claim 1, it is characterised in that described step 6 includes:
At described first equipment, use the major key of described item to be checked to decipher the shared key of this encryption, and make
Encrypt described attribute-name to be checked by this shared key, send the attribute-name of encryption to this server;
Send the attribute-name of this encryption to one or more hit equipment from this server;
One or more hit equipment each, utilize the major key of described hit item to decipher this encryption
Attribute-name, obtain this attribute-name, and use property value corresponding to the major key encryption of described hit item, and
The property value of encryption is sent to this server;
Send the property value of described encryption to described first equipment from this server;
At described first equipment, the major key of described item to be checked is used to decipher the property value of this encryption, it is thus achieved that described
The property value of hit item.
3. the method for claim 1, it is characterised in that
Described hashed password is dynamic hashed password, and the inquiry based on described first equipment of this hashed password is dynamic
The PKI of sequence number and described first equipment generates, and wherein, described inquiry dynamic serial number is pre-by described server
First distribute to described first equipment;
Described method also includes:
From this server to before the first hashed value described in multiple second device broadcasts and described hashed password, test
Demonstrate,prove described first equipment, wherein, use inquiry dynamic serial number and the public affairs of the first equipment being stored in this server
Key generates comparison code, but when this comparison code mates with this hashed password, determines and be proved to be successful;
Send, to described first equipment, the inquiry dynamic serial number updated from this server.
4. the method for claim 1, it is characterised in that
Described hashed password is unified static hashed password, described server be distributed in the predetermined time
Described first equipment and the plurality of second equipment;Wherein,
In described step 2:
In response to inquiry request from this server to the first hashed value described in multiple second device broadcasts,
At predetermined intervals, from this server to described first equipment and the plurality of second equipment distribution
Static hash password;
Described method also includes:
In each of the plurality of second equipment, in described predetermined time interval, the static state received is used to dissipate
Second hashed value of the major key of the item that this equipment of row cryptographic calculations is comprised, for doing standard with matching operation in the future
Standby.
5. the method for claim 1, it is characterised in that also include:
At the plurality of second equipment, safeguard the hit record of item, wherein,
When second equipment receives described first hashed value and described hashed password, and determine existence hit item
Time, for the hit record increase by 1 of this hit item;And
Receive and send the signature that this hit is recorded by described first equipment of described first hashed value.
6. the system sharing information between devices, it is characterised in that including:
First module, for sending inquiry request from the first device-to-server, this inquiry request includes to be checked
First hashed value of the major key of item and corresponding hashed password;
Second unit, is used for from this server to the first hashed value and described hash described in multiple second device broadcasts
Password;
Unit the 3rd, in each of the plurality of second equipment, using the hashed password meter of reception respectively
Calculate the second hashed value of the major key of the item that this equipment is comprised, when this second hashed value and described first hashed value
Timing, the item of the major key corresponding with this second hashed value is hit item, and this equipment is hit equipment;
Unit the 4th, at this server, receives from one or more hit equipment and is added by this hit equipment
Close shared key, wherein, this shared key encrypted by the major key of this hit equipment utilization hit item;
Unit the 5th, for sending the shared key of described encryption from this server to this first equipment;
Unit the 6th, is used for using described shared key, orders at described first equipment and one or more
The information of hit item is shared between middle equipment.
7. system as claimed in claim 6, it is characterised in that described Unit the 6th is configured to:
At described first equipment, use the major key of described item to be checked to decipher the shared key of this encryption, and make
Encrypt described attribute-name to be checked by this shared key, send the attribute-name of encryption to this server;
Send the attribute-name of this encryption to one or more hit equipment from this server;
One or more hit equipment each, utilize the major key of described hit item to decipher this encryption
Attribute-name, obtain this attribute-name, and use property value corresponding to the major key encryption of described hit item, and
The property value of encryption is sent to this server;
Send the property value of described encryption to described first equipment from this server;
At described first equipment, the major key of described item to be checked is used to decipher the property value of this encryption, it is thus achieved that described
The property value of hit item.
8. system as claimed in claim 6, it is characterised in that
Described hashed password is dynamic hashed password, and the inquiry based on described first equipment of this hashed password is dynamic
The PKI of sequence number and described first equipment generates, and wherein, described inquiry dynamic serial number is pre-by described server
First distribute to described first equipment;
Described system also includes:
From this server to before the first hashed value described in multiple second device broadcasts and described hashed password, test
Demonstrate,prove the device of described first equipment, wherein, use the inquiry dynamic serial number and first being stored in this server to set
Standby PKI generates comparison code, but when this comparison code mates with this hashed password, determines and be proved to be successful;
Send the device of the inquiry dynamic serial number updated to described first equipment from this server.
9. system as claimed in claim 6, it is characterised in that
Described hashed password is unified static hashed password, described server be distributed in the predetermined time
Described first equipment and the plurality of second equipment;Wherein,
Described second device is configured to:
In response to inquiry request from this server to the first hashed value described in multiple second device broadcasts,
At predetermined intervals, from this server to described first equipment and the plurality of second equipment distribution
Static hash password;
Described system also includes:
In each of the plurality of second equipment, in described predetermined time interval, the static state received is used to dissipate
The device of the second hashed value of the major key of the item that this equipment of row cryptographic calculations is comprised, for the matching operation with future
Prepare.
10. system as claimed in claim 6, it is characterised in that also include:
At the plurality of second equipment, safeguarding the device of the hit record of item, it is configured to:
When second equipment receives described first hashed value and described hashed password, and determine existence hit item
Time, for the hit record increase by 1 of this hit item;And
Receive and send the signature that this hit is recorded by described first equipment of described first hashed value.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610182143.8A CN105868987B (en) | 2016-03-28 | 2016-03-28 | A kind of method and system of shared information between devices |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610182143.8A CN105868987B (en) | 2016-03-28 | 2016-03-28 | A kind of method and system of shared information between devices |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105868987A true CN105868987A (en) | 2016-08-17 |
| CN105868987B CN105868987B (en) | 2019-08-13 |
Family
ID=56626069
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610182143.8A Active CN105868987B (en) | 2016-03-28 | 2016-03-28 | A kind of method and system of shared information between devices |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105868987B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109327418A (en) * | 2017-07-31 | 2019-02-12 | 平安科技(深圳)有限公司 | Data sharing method, device and computer readable storage medium |
| CN109948358A (en) * | 2019-01-17 | 2019-06-28 | 平安科技(深圳)有限公司 | Blacklist sharing method and device, storage medium, computer equipment |
| CN111200613A (en) * | 2020-01-07 | 2020-05-26 | 北京链道科技有限公司 | End-to-end model-based code trusted execution method |
| CN112187758A (en) * | 2020-09-21 | 2021-01-05 | 上海同态信息科技有限责任公司 | Aging privacy protection system and method for outflow data |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103873236A (en) * | 2012-12-12 | 2014-06-18 | 华为技术有限公司 | Searchable encryption method and equipment thereof |
| CN104394155A (en) * | 2014-11-27 | 2015-03-04 | 暨南大学 | Multi-user cloud encryption keyboard searching method capable of verifying integrity and completeness |
| CN104980436A (en) * | 2015-06-11 | 2015-10-14 | 努比亚技术有限公司 | Encryption transmission system, method and terminal and intermediate server |
| US20150332062A1 (en) * | 2014-05-16 | 2015-11-19 | Safe Text Ltd. | Messaging Systems and Methods |
-
2016
- 2016-03-28 CN CN201610182143.8A patent/CN105868987B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103873236A (en) * | 2012-12-12 | 2014-06-18 | 华为技术有限公司 | Searchable encryption method and equipment thereof |
| US20150332062A1 (en) * | 2014-05-16 | 2015-11-19 | Safe Text Ltd. | Messaging Systems and Methods |
| CN104394155A (en) * | 2014-11-27 | 2015-03-04 | 暨南大学 | Multi-user cloud encryption keyboard searching method capable of verifying integrity and completeness |
| CN104980436A (en) * | 2015-06-11 | 2015-10-14 | 努比亚技术有限公司 | Encryption transmission system, method and terminal and intermediate server |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109327418A (en) * | 2017-07-31 | 2019-02-12 | 平安科技(深圳)有限公司 | Data sharing method, device and computer readable storage medium |
| CN109948358A (en) * | 2019-01-17 | 2019-06-28 | 平安科技(深圳)有限公司 | Blacklist sharing method and device, storage medium, computer equipment |
| WO2020147402A1 (en) * | 2019-01-17 | 2020-07-23 | 平安科技(深圳)有限公司 | Blacklist sharing method and apparatus, storage medium, and computer device |
| CN111200613A (en) * | 2020-01-07 | 2020-05-26 | 北京链道科技有限公司 | End-to-end model-based code trusted execution method |
| CN112187758A (en) * | 2020-09-21 | 2021-01-05 | 上海同态信息科技有限责任公司 | Aging privacy protection system and method for outflow data |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105868987B (en) | 2019-08-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109033855B (en) | Data transmission method and device based on block chain and storage medium | |
| WO2020048241A1 (en) | Blockchain cross-chain authentication method and system, and server and readable storage medium | |
| CN108734028B (en) | Data management method based on block chain, block chain link point and storage medium | |
| CN108667612B (en) | Trust service architecture and method based on block chain | |
| US8667288B2 (en) | System and method for message verification in broadcast and multicast networks | |
| CN102138300B (en) | Message authentication code pre-computation with applications to secure memory | |
| CN103078841B (en) | The method and system that a kind of preventative electronic data is saved from damage | |
| CN106603246B (en) | A kind of SM2 digital signature segmentation generation method and system | |
| CN109729041B (en) | Method and device for issuing and acquiring encrypted content | |
| CN108989045B (en) | Apparatus and system for preventing global tampering | |
| CN106850229B (en) | SM2 digital signature generation method and system based on product secret division | |
| CN105868987A (en) | Method and system for sharing information among devices | |
| CN110958253A (en) | Electronic voting method, device and storage medium based on block chain | |
| CN109034796A (en) | Transaction monitoring and managing method, electronic device and readable storage medium storing program for executing based on alliance's chain | |
| CN110569666A (en) | data statistics method and device based on block chain | |
| KR20210046357A (en) | Method and apparatus for key storing and recovery for blockchain based system | |
| CN105847005A (en) | Encryption device and method | |
| EP3939202A1 (en) | Method and apparatus for effecting a data-based activity | |
| CN110378753A (en) | A kind of advertisement serving policy determines method and device | |
| CN106063186A (en) | Fair credit screened market data distribution | |
| CN103561024A (en) | Data transmission method based on weighing instrument and remote server | |
| Mahalat et al. | Puf based secure and lightweight authentication and key-sharing scheme for wireless sensor network | |
| Yuan et al. | A universally composable secure grouping‐proof protocol for RFID tags | |
| CN102222188A (en) | Information system user password generation method | |
| CN104243153A (en) | Method for spotting equipment user, and user equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |