CN105868987B - A kind of method and system of shared information between devices - Google Patents
A kind of method and system of shared information between devices Download PDFInfo
- Publication number
- CN105868987B CN105868987B CN201610182143.8A CN201610182143A CN105868987B CN 105868987 B CN105868987 B CN 105868987B CN 201610182143 A CN201610182143 A CN 201610182143A CN 105868987 B CN105868987 B CN 105868987B
- Authority
- CN
- China
- Prior art keywords
- equipment
- hit
- server
- item
- hashed
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Abstract
The present invention discloses a kind of method and system of shared information between devices.According to an embodiment of the present invention, information to be sharing is black list information.Some embodiments of the present invention enhance control of each participation main body to respective black list information, prevent black list information from revealing from third party.
Description
Technical field
The embodiment of the present invention is related to the method and system of shared information between devices.
Background technique
The blacklist of finance and payment technical field plays an important role in business, and the participation main body in market is intended in time
Obtain the blacklist of most time-effectiveness, but be often limited to information and close rule and secret protection requirement, can not directly by oneself
Blacklist is shared with other people.
The common mode of the shared one kind of blacklist is the big supplier couple by a neutral third party or blacklist
Black list information is distributed to all participation main bodys after being summarized, but participation main body is not high for third-party degree of belief, respectively
It is weaker for the degree of control of shared information to participate in main body.Therefore, participant's enthusiasm is relatively low under this mechanism, after in addition summarizing
Blacklist distribution be also easy to cause the leakage of whole black list information because of the leakage of a certain participant.
Another common blacklist shared mechanism is to be aggregated to form blacklist library by a neutral third party, each to participate in
Main body provides the inquiry that keyword carries out shared information to third party, whether has blacklist hit by third party's feedback query information
Keyword.Due to needing issuer to provide keyword message, third party's a large amount of participation main bodys easy to collect need privacy to be protected
Information.Furthermore there is also whole a possibility that revealing in the blacklist library that third party summarizes.
Summary of the invention
A method of shared information between devices, comprising: step 1: inquiry is sent to server from the first equipment and is asked
It asks, which includes the first hashed value and corresponding hashed password of the major key of item to be checked;Step 2: from the server
To the first hashed value described in multiple second device broadcasts and the hashed password;Step 3: in each of the multiple second equipment
It is a, the second hashed value of the major key for the item that the equipment is included is calculated using received hashed password respectively, when second hash
When value is with first Hash value matches, the item of major key corresponding with second hashed value is hit item, which is that hit is set
It is standby;Step 4: in the server, the shared key encrypted by the hit equipment is received from one or more hit equipment,
In, the major key of the hit equipment utilization hit item encrypts the shared key;Step 5: being sent out from the server to first equipment
Send the shared key of the encryption;Step 6: the shared key is used, in first equipment and one or more of
Hit the information that hit item is shared between equipment.
A kind of system of shared information between devices, comprising: first unit, for being sent from the first equipment to server
Inquiry request, the inquiry request include the first hashed value and corresponding hashed password of the major key of item to be checked;Second unit is used
In from the server to the first hashed value described in multiple second device broadcasts and the hashed password;Third unit, in institute
Each for stating multiple second equipment, calculates the second of the major key for the item that the equipment is included using received hashed password respectively
Hashed value, when second hashed value and first Hash value matches, the Xiang Weiming of major key corresponding with second hashed value
Middle term, the equipment are hit equipment;Unit the 4th, for being received by this from one or more hit equipment in the server
Hit the shared key of equipment encryption, wherein the major key of the hit equipment utilization hit item encrypts the shared key;5th is single
Member, for sending the shared key of the encryption from the server to first equipment;Unit the 6th, for using described shared
Key shares the information of hit item between first equipment and one or more of hit equipment.
The other feature and advantage that also will be understood that the embodiment of the present invention when being read in conjunction with the figure and being described below, wherein attached
Figure shows the principle of the embodiment of the present invention by means of example.
Detailed description of the invention
Fig. 1 be it is according to an embodiment of the invention by shared platform participate in main body between share black list information
Architecture diagram.
Fig. 2 is the schematic diagram of shared information between devices according to an embodiment of the invention.
Fig. 3 is the message transmission schematic diagram of the method for shared information between devices according to an embodiment of the invention.
Specific embodiment
Hereinafter, the principle that invention will be described in conjunction with the embodiments.It should be understood that the embodiment provided is only
Those skilled in the art more fully understand and practice the present invention, are not intended to limit the scope of the invention.It is wrapped in this specification
It is not necessarily to be construed as the limitation to the range or the range that may be claimed of invention containing many specific implementation details, but
It should be considered as the description specific to embodiment.According to specific application, it will be appreciated to those of skill in the art that in each reality
The feature for applying the context-descriptive of example, which can be combined in single embodiment, to be implemented, in the described in the text up and down of single embodiment
Feature can implement in multiple embodiments.
Fig. 1 is to participate in sharing black list information between main body by shared platform according to embodiment of the present invention
Architecture diagram.In this embodiment, information to be sharing is black list information.In order to reinforce each participation main body to respective black name
The identity of black list information supplier is protected in the control of single information, prevents black list information from revealing from third party, is devised such as figure
Framework shown in 1.In this architecture, shared platform P and each participation main body pass through network connection, and independently of each ginseng
With main body;Each main body Q that participates in has the blacklist BL safeguarded by oneself.Main body Q is participated in by initiating black name to shared platform P
Single inquiry request, shared platform realize the shared of black list information to main body feedback blacklist query result is participated in.According to this hair
Bright one or more embodiments can be kept away during information sharing by the case where shared platform P leakage black list information
Exempt from.
The following table 1 shows an example of a blacklist, and there are two items on this blacklist.Participating in main body can basis
Different blacklists is arranged in the difference of type of service.One record (item) of blacklist includes blacklist major key M and one or more
A blacklist attribute S.One or more embodiment according to the present invention, initiates major key to shared platform from a participation main body and looks into
It askes, find matched major key in other participation main bodys and then is carried out between the participation main body and other participation main bodys a little pair
The attribute value of point is shared.
M: major key | S1: name | S2: residence | S3: risk class | S4: chain of evidence | S5: source |
001 | Zhang San | Shanghai | It is high | A | Source data |
002 | Li Si | Beijing | It is medium | B | Shared data |
Table 1
Fig. 2 is the schematic diagram of shared information between devices according to an embodiment of the invention.
Firstly, initiating inquiry request from the first equipment to server, it is desirable that the information for obtaining the item that major key is M, such as arrow 1
It is shown.The inquiry request includes the first hashed value HM and corresponding hashed password SQi of the major key M of item to be checked.
Then, server is close to the first hashed value described in multiple second device broadcasts and the hash according to the inquiry request
Code, as shown in arrow 2.
Then, the multiple second equipment each, calculate the equipment using received hashed password respectively and wrapped
Second hashed value of the major key of the item contained, when second hashed value and first Hash value matches, with second hashed value
The item of corresponding major key is hit item, which is hit equipment.From one or more hit equipment to server send by
The shared key of hit equipment encryption, as shown in arrow 3.Wherein, the major key of the hit equipment utilization hit item encrypts this
Shared key.
Then, the shared key of the encryption, as shown in arrow 11 are sent from the server to first equipment
The first equipment is just able to use the shared key as a result, is total to from one or more of hit equipment
Enjoy the information of hit item.
In one embodiment according to fig. 2, the method for shared information includes following procedure between devices.
Step 1: sending inquiry request from the first equipment to server, which includes the of the major key of item to be checked
One hashed value and corresponding hashed password.
Step 2: from the server to the first hashed value described in multiple second device broadcasts and the hashed password.
Step 3: in each of the multiple second equipment, calculating the equipment using received hashed password respectively and wrapped
Second hashed value of the major key of the item contained, when second hashed value and first Hash value matches, with second hashed value
The item of corresponding major key is hit item, which is hit equipment.
Step 4: in the server, being received from one or more hit equipment close by sharing of encrypting of the hit equipment
Key, wherein the major key of the hit equipment utilization hit item encrypts the shared key.
Step 5: the shared key of the encryption is sent from the server to first equipment.
Step 6: using the shared key, between first equipment and one or more of hit equipment altogether
Enjoy the information of hit item.
In one embodiment, step 6 described above includes following procedure.
(1) in first equipment, the shared key of the encryption is decrypted using the major key of the item to be checked, and use
The shared key encrypts the attribute-name to be checked, and the attribute-name of encryption is sent to the server.
(2) attribute-name of the encryption is sent from the server to one or more of hit equipment.
(3) in each one or more of for hitting equipment, the encryption is decrypted using the major key of the hit item
Attribute-name, obtain the attribute-name, and encrypt corresponding attribute value using the major key of the hit item, and to the server
Send the attribute value of encryption.
(4) attribute value of the encryption is sent from the server to first equipment.
(5) in first equipment, the attribute value of the encryption is decrypted using the major key of the item to be checked, obtains the life
The attribute value of middle term.
In one embodiment, the hashed password is dynamic hashed password, which is based on described first and sets
The public key of standby inquiry dynamic serial number and first equipment generates, wherein the inquiry dynamic serial number is by the service
Device is pre-assigned to first equipment.The method of shared information between devices further include: from the server to multiple
Before first hashed value and the hashed password described in two device broadcasts, first equipment is verified, wherein using being stored in this
The inquiry dynamic serial number of server and the public key of the first equipment generate control code, but the control code is matched with the hashed password
When, determination is proved to be successful;The inquiry dynamic serial number updated is sent from the server to first equipment.It is dissipated using dynamic
Column password, server can prevent the inquiry request forged.
In one embodiment, the hashed password is unified static hashed password, by the server predetermined
Time be distributed to first equipment and the multiple second equipment;Wherein, in the step 2: in response to inquiry request
From the server to the first hashed value described in multiple second device broadcasts, at predetermined intervals, from the server to institute
State the first equipment and the multiple second equipment distribution static hash password;The method of shared information between devices further include:
It is somebody's turn to do in the scheduled time interval using received static hash cryptographic calculations in each of the multiple second equipment
Second hashed value of the major key for the item that equipment is included, to prepare with the matching operation in future.It is received as a result, in the second equipment
When to inquiry request, pre-prepd second hashed value can be used and directly matched with received first hashed value, improves
Search efficiency.
In one embodiment, in the multiple second equipment, the hit record of item is safeguarded, wherein set when one second
It is standby to receive first hashed value and the hashed password, and determine there are when hit item, it is recorded for the hit of the hit item
Increase by 1;And it receives and sends the signature that first equipment of first hashed value records the hit.Hit record and life
The signature of middle record can be used as chain of evidence and be stored in item.
Fig. 3 is the message transmission schematic diagram of the method for shared information between devices according to an embodiment of the invention.
In this embodiment, equipment Qi requests the information of query term by server P to other equipment Qs.Here, Qs refers to other one
A or multiple equipment.It is appreciated that in other embodiments, Qi can in a similar way with it is any in addition to Qi equipment
Preserve the other collaborative share information of information.Some steps of the embodiment are described below, but it is understood that, these steps
Some processes in rapid are only exemplary, and are not limited the invention.
Step 301
Inquiry request is sent from the first equipment Qi to server P, which includes the first of the major key M of item to be checked
Hashed value HM and corresponding first hashed password SQi, wherein HM=HASH (M, SQi).
In some instances, HASH (A, B) is indicated for text A, carries out mould and operation with B, then carry out uni-directional hash fortune
It calculates.Such as MD5, the algorithm of the uni-directional hash operation such as SHA-1, SHA-256 can be used.
In some instances, optionally, inquiry business type Type also is sent to server P from the first equipment Qi.This can
To allow server P that inquiry request is targetedly forwarded to other equipment of the item with the type of service.
In some instances, first hashed password SQi is the hashed value based on search sequence QiID, corresponding to hash
Password is the public key PKQi of the first equipment Qi, wherein SQi=HASH (QiID, PKQi).In other examples, this
One hashed password SQi is the hashed value based on search sequence QiID and Query Dates Date, at this moment SQi=HASH (QiID+
Date,PKQi).The default starting QiID of first equipment Qi can be set to 0, and subsequent QiID can be sent to Qi from by P.
After sending inquiry request to server P from the first equipment Qi, the Type, HM, SQi of Qi storage this time inquiry,
M。
Step 302
It include the information of the first hashed value HM and the first hashed password SQi from server P to the second equipment Qs forwarding.
In some instances, to improve safety, at server P, inquiry of the verifying from the first equipment Qi is asked
It asks, wherein using the search sequence QiID " and public key of the first equipment Qi for being stored in advance in server P, PKQi ",
Hashed value SQi " is calculated using hash function using public key as hashed password as initial data in search sequence number,
In, SQi "=HASH (QiID ", PKQi ").When the hashed value SQi " is consistent with the first hashed password SQi, the verifying is judged
Success.
In some instances, after being proved to be successful, Type, HM, SQi are broadcasted from server P to Qs, and can also be thus
Start timing.
Step 303
Second equipment Qs obtains Type, HM, SQi of P broadcast.At second equipment Qs, for being taken care of by the second equipment
Item major key N, the hashed value HN of the major key N is calculated according to the first hashed password SQi, wherein NH=HASH (N,
SQi), and its hashed value HN item corresponding with the matched major key N of the first hashed value HM is determined.
In some instances, in the second equipment Qs, using SQi to multiple major key N of the business of parameter Type one by one
It carries out hash operations and obtains hash value list.
Then, the shared key TK encrypted and first hashed value are sent from the second equipment Qs to the server P
In some instances, shared key TKs, which can be, to be generated by Qs by the hashed value (that is, HM) matched, the first hashed password SQi
Random number, and TK can obtain TK=C (TKs, M) by following formula.Here, C (A, B) is indicated for text A, the use of B is secret
The result of key progress symmetric cryptography.C " (A, B) is indicated for text A, the use of B is that code key is symmetrically decrypted.It can be used
The symmetric cryptographic algorithms such as 3DES, AES, SM1.In other examples, symmetric cryptography is carried out using the hash value of M to TKs, at this time
TK=C (TKs, HASH (M, 0)).Second equipment Qs records TKs, TK, M.
Step 304
The shared key TK of the encryption is forwarded from the server P to the first equipment Qi, is hashed with described first
It is worth matched hashed value, the first hashed password SQi.P records TK and Qs mapping relations.
In some instances, P is after the feedback result for receiving all Qs, or after timing reaches default maximum duration, shape
At the quantity N of final query result R, Qs, shared code key list TKlist.It is then possible to from P to Qi send Type, SQi, R,
N, TKlist, QiID ", QiID " is the search sequence number for initiating inquiry next time here.
Step 305
After first equipment Qi obtains Type, SQi, R, N, M can be obtained by Type, SQi in inquiry record.First
Equipment Qi can also judge whether shared range is enough by the size of N numerical value, and updating QiID is QiID '.
In the first equipment Qi, the shared key TK of the encryption is decrypted using the major key M of the item to be checked, and using should
Shared key TKs encrypts the attribute-name Si to be checked, and the attribute-name CSi and TK of encryption are sent to the server.Here,
TKs=C (TKs, M).In one example, acquisition is decrypted using HM0=HASH (M, 0) for each TK in TKlist
It is point-to-point to share symmetrical code key TKs, i.e. TKs=C " (TK, HM0).The mapping relations of Qi record TK and M, TKs.
Step 306
According to the mapping relations of TK and Qs, sending from server P to one or more of hit equipment Qs should add
Close attribute-name CSi and TK.P supplements TK and Qi relationship.
Step 307
In each of one or more of hit equipment Qs, the major key or HM0=of the hit item are utilized
The attribute-name that HASH (M, 0) decrypts the encryption obtains the attribute-name, and encrypts corresponding category using the major key of the hit item
Property value Si_V, and to server P send encryption attribute value CSi_V, TK.
Step 308
Attribute value CSi_V, TK of the encryption are sent from server P to the first equipment Qi.Qi obtains CSi_V,
It is mapped, is decrypted Si_V=(CSi_V, TKs) according to TK, M, Tks.
Black chain of evidence mechanism
According to another embodiment of the invention, when the item to be inquired is that record in blacklist is, black is introduced
Chain of evidence mechanism, to improve the reliability of inquiry.In one example, the chain of evidence attribute of every blacklist of Qs record is initial
Value is that CH0 includes 0, SIGN (0, SKQs), and wherein the former is the number being queried to, and the latter is label of the inquiry to the record
Name.Every increase hit at first time then updates CHn=(n, SIGN (CHn-1, SKQi)) by inquiry Qi.Qs is in point-to-point shared rank
The value of chain of evidence is sent to Qi and confirmed for inquiry by section.If CHn-1 can be submitted in this way, Qi has a question for CHn-1
Server P carries out layer-by-layer signature verification, prevents Qs fabrication of evidence chained record.
According to another embodiment of the invention, introduces and simplify inquiry mechanism.Each ginseng is required due to inquiring every time
The hash for carrying out a full list of blacklist with main body calculates, and it is longer to need to calculate the time when blacklist list is larger,
The phenomenon that each participation main body is easy to happen feedback time-out to simplify the calculation can whithin a period of time, for example in 1 hour or 1 day
One fixed hash factor S Q is issued by platform P, query originator carries out uni-directional hash, each participant for keyword with SQ
It is calculated in advance using the uni-directional hash that SQ completes blacklist, and the inquiry request received is directly matched.
Each arrow shown in Fig. 3 can be considered as method and step, and/or be considered as due to operation computer program code and
It is caused to operate, and/or be considered as being configured to implement the logic circuit component of multiple couplings of correlation function.Although operation is by spy
Fixed sequence is depicted in figure, but this is understood not to require shown in particular order or execute in sequential order
These operations, or the operation of all illustrations is required to be performed, to do the trick.In some cases, multi-task parallel
Processing may be advantageous.
According to other embodiments, invention additionally discloses the following contents.
A kind of scheme 1: system of shared information between devices, comprising: first unit, for from the first equipment to service
Device sends inquiry request, which includes the first hashed value and corresponding hashed password of the major key of item to be checked;Second
Unit, for from the server to the first hashed value described in multiple second device broadcasts and the hashed password;Third unit is used
In the multiple second equipment each, the major key for the item that the equipment is included is calculated using received hashed password respectively
The second hashed value, when second hashed value and when first Hash value matches, major key corresponding with second hashed value
Item is hit item, which is hit equipment;Unit the 4th, for being connect from one or more hit equipment in the server
Receive the shared key that is encrypted by the hit equipment, wherein the major key of the hit equipment utilization hit item encrypts the shared key;
Unit the 5th, for sending the shared key of the encryption from the server to first equipment;Unit the 6th, for using institute
Shared key is stated, the information of hit item is shared between first equipment and one or more of hit equipment.
System as described in scheme 1, Unit the 6th are configured to: in first equipment, using described to be checked
The major key of item decrypts the shared key of the encryption, and encrypts the attribute-name to be checked using the shared key, to the clothes
Business device sends the attribute-name of encryption;The attribute-name of the encryption is sent from the server to one or more of hit equipment;
In each of one or more of hit equipment, the attribute-name of the encryption is decrypted using the major key of the hit item, is obtained
Corresponding attribute value is encrypted to the attribute-name, and using the major key of the hit item, and sends encryption to the server
Attribute value;The attribute value of the encryption is sent from the server to first equipment;In first equipment, using it is described to
The major key of query term decrypts the attribute value of the encryption, obtains the attribute value of the hit item.
System as described in scheme 1, the hashed password are dynamic hashed passwords, which is based on described first
The public key of the inquiry dynamic serial number of equipment and first equipment generates, wherein the inquiry dynamic serial number is by the clothes
Business device is pre-assigned to first equipment;The system also includes: from the server to described in multiple second device broadcasts
Before first hashed value and the hashed password, the device of first equipment is verified, wherein using being stored in the server
The public key for inquiring dynamic serial number and the first equipment generates control code, but when the control code is matched with the hashed password, determines and test
It demonstrate,proves successfully;The device of the inquiry dynamic serial number updated is sent from the server to first equipment.
System as described in scheme 1, the hashed password is unified static hashed password, by the server pre-
The fixed time is distributed to first equipment and the multiple second equipment;Wherein, the second device is configured to: in response to
Inquiry request is from the server to the first hashed value described in multiple second device broadcasts, at predetermined intervals, from the clothes
Business device distributes static hash password to first equipment and the multiple second equipment;The system also includes: described more
Each of a second equipment is wrapped in the scheduled time interval using received static hash cryptographic calculations equipment
The device of second hashed value of the major key of the item contained, to prepare with the matching operation in future.
System as described in scheme 1, further includes: in the multiple second equipment, safeguard the device of the hit record of item,
It is configured to: when second equipment receives first hashed value and the hashed password, and determining there are when hit item,
Increase by 1 for the hit record of the hit item;And first equipment for sending first hashed value is received to hit note
The signature of record.
Exemplary embodiment can be implemented in hardware, software, or a combination thereof.For example, certain aspects of the invention can be hard
Implement in part, and other aspects can then be implemented in software.Although the aspect of exemplary embodiment of the present invention can be shown and
It is described as block diagram, flow chart, but is well understood that, these devices described herein or method can be as non-limiting reality
Functional module is implemented as in the system of example.In addition, above-mentioned apparatus is understood not to require to carry out in all of the embodiments illustrated
This separation, and should be understood that described program assembly and system and generally can be integrated in single software product
Or it is packaged into multiple software product.
Those skilled in the relevant art implement aforementioned exemplary of the invention when aforementioned specification is read in conjunction with the figure
The various modifications of example and deformation can become obvious for those skilled in the relevant art.Therefore, the embodiment of the present invention is not limited to
Disclosed specific embodiment, and variation and other embodiments are intended within the scope of the appended claims.
Claims (10)
1. a kind of method of shared information between devices characterized by comprising
Step 1: from the first equipment to server send inquiry request, the inquiry request include the major key of item to be checked first dissipate
Train value and corresponding hashed password;
Step 2: from the server to the first hashed value described in multiple second device broadcasts and the hashed password;
Step 3: in each of the multiple second equipment, calculating the equipment using received hashed password respectively is included
Second hashed value of the major key of item, it is corresponding with second hashed value when second hashed value and first Hash value matches
Major key item be hit item, the equipment be hit equipment;
Step 4: in the server, the shared key encrypted by the hit equipment is received from one or more hit equipment,
In, the major key of the hit equipment utilization hit item encrypts the shared key;
Step 5: the shared key of the encryption is sent from the server to first equipment;
Step 6: using the shared key, life is shared between first equipment and one or more of hit equipment
The information of middle term.
2. the method as described in claim 1, which is characterized in that the step 6 includes:
In first equipment, the shared key of the encryption is decrypted using the major key of the item to be checked, and shared using this
Key encrypts the attribute-name to be checked, and the attribute-name of encryption is sent to the server;
The attribute-name of the encryption is sent from the server to one or more of hit equipment;
In each of one or more of hit equipment, the attribute of the encryption is decrypted using the major key of the hit item
Name obtains the attribute-name, and encrypts corresponding attribute value using the major key of the hit item, and send and add to the server
Close attribute value;
The attribute value of the encryption is sent from the server to first equipment;
In first equipment, the attribute value of the encryption is decrypted using the major key of the item to be checked, obtains the hit item
Attribute value.
3. the method as described in claim 1, which is characterized in that
The hashed password is dynamic hashed password, inquiry dynamic serial number of the hashed password based on first equipment and
The public key of first equipment generates, wherein the inquiry dynamic serial number is pre-assigned to described first by the server
Equipment;
The method also includes:
Before from the server to the first hashed value described in multiple second device broadcasts and the hashed password, described the is verified
One equipment, wherein control code is generated using the public key for the inquiry dynamic serial number and the first equipment for being stored in the server, when this
When control code is matched with the hashed password, determination is proved to be successful;
The inquiry dynamic serial number updated is sent from the server to first equipment.
4. the method as described in claim 1, which is characterized in that
The hashed password is unified static hashed password, is distributed to described first in the scheduled time by the server
Equipment and the multiple second equipment;Wherein,
In the step 2:
In response to inquiry request from the server to the first hashed value described in multiple second device broadcasts,
At predetermined intervals, distribute static hash from the server to first equipment and the multiple second equipment
Password;
The method also includes:
Received static hash password meter is used in the scheduled time interval in each of the multiple second equipment
The second hashed value of the major key for the item that the equipment is included is calculated, to prepare with the matching operation in future.
5. the method as described in claim 1, which is characterized in that further include:
In the multiple second equipment, the hit record of item is safeguarded, wherein
It when second equipment receives first hashed value and the hashed password, and determines there are when hit item, for this
The hit record of hit item increases by 1;And
It receives and sends the signature that first equipment of first hashed value records the hit.
6. a kind of system of shared information between devices characterized by comprising
First unit, for sending inquiry request from the first equipment to server, which includes the major key of item to be checked
The first hashed value and corresponding hashed password;
Second unit, for from the server to the first hashed value described in multiple second device broadcasts and the hashed password;
Third unit, for the multiple second equipment each, calculate the equipment using received hashed password respectively
Second hashed value of the major key for the item for being included second is dissipated when second hashed value and when first Hash value matches with this
The item of the corresponding major key of train value is hit item, which is hit equipment;
Unit the 4th, for receiving from one or more hit equipment and being shared by what the hit equipment encrypted in the server
Key, wherein the major key of the hit equipment utilization hit item encrypts the shared key;
Unit the 5th, for sending the shared key of the encryption from the server to first equipment;
Unit the 6th, for using the shared key, first equipment and one or more of hit equipment it
Between share hit item information.
7. system as claimed in claim 6, which is characterized in that Unit the 6th is configured to:
In first equipment, the shared key of the encryption is decrypted using the major key of the item to be checked, and shared using this
Key encrypts the attribute-name to be checked, and the attribute-name of encryption is sent to the server;
The attribute-name of the encryption is sent from the server to one or more of hit equipment;
In each of one or more of hit equipment, the attribute of the encryption is decrypted using the major key of the hit item
Name obtains the attribute-name, and encrypts corresponding attribute value using the major key of the hit item, and send and add to the server
Close attribute value;
The attribute value of the encryption is sent from the server to first equipment;
In first equipment, the attribute value of the encryption is decrypted using the major key of the item to be checked, obtains the hit item
Attribute value.
8. system as claimed in claim 6, which is characterized in that
The hashed password is dynamic hashed password, inquiry dynamic serial number of the hashed password based on first equipment and
The public key of first equipment generates, wherein the inquiry dynamic serial number is pre-assigned to described first by the server
Equipment;
The system also includes:
Before from the server to the first hashed value described in multiple second device broadcasts and the hashed password, described the is verified
The device of one equipment, wherein generate control using the public key for the inquiry dynamic serial number and the first equipment for being stored in the server
Code, when the control code is matched with the hashed password, determination is proved to be successful;
The device of the inquiry dynamic serial number updated is sent from the server to first equipment.
9. system as claimed in claim 6, which is characterized in that
The hashed password is unified static hashed password, is distributed to described first in the scheduled time by the server
Equipment and the multiple second equipment;Wherein,
The second unit is configured to:
In response to inquiry request from the server to the first hashed value described in multiple second device broadcasts,
At predetermined intervals, distribute static hash from the server to first equipment and the multiple second equipment
Password;
The system also includes:
Received static hash password meter is used in the scheduled time interval in each of the multiple second equipment
The device of the second hashed value of the major key for the item that the equipment is included is calculated, to prepare with the matching operation in future.
10. system as claimed in claim 6, which is characterized in that further include:
In the multiple second equipment, safeguards the device of the hit record of item, is configured to:
It when second equipment receives first hashed value and the hashed password, and determines there are when hit item, for this
The hit record of hit item increases by 1;And
It receives and sends the signature that first equipment of first hashed value records the hit.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610182143.8A CN105868987B (en) | 2016-03-28 | 2016-03-28 | A kind of method and system of shared information between devices |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610182143.8A CN105868987B (en) | 2016-03-28 | 2016-03-28 | A kind of method and system of shared information between devices |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105868987A CN105868987A (en) | 2016-08-17 |
CN105868987B true CN105868987B (en) | 2019-08-13 |
Family
ID=56626069
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610182143.8A Active CN105868987B (en) | 2016-03-28 | 2016-03-28 | A kind of method and system of shared information between devices |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105868987B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109327418A (en) * | 2017-07-31 | 2019-02-12 | 平安科技(深圳)有限公司 | Data sharing method, device and computer readable storage medium |
CN109948358A (en) * | 2019-01-17 | 2019-06-28 | 平安科技(深圳)有限公司 | Blacklist sharing method and device, storage medium, computer equipment |
CN111200613B (en) * | 2020-01-07 | 2022-06-07 | 北京链道科技有限公司 | End-to-end model-based code trusted execution method |
CN112187758A (en) * | 2020-09-21 | 2021-01-05 | 上海同态信息科技有限责任公司 | Aging privacy protection system and method for outflow data |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103873236A (en) * | 2012-12-12 | 2014-06-18 | 华为技术有限公司 | Searchable encryption method and equipment thereof |
CN104394155A (en) * | 2014-11-27 | 2015-03-04 | 暨南大学 | Multi-user cloud encryption keyboard searching method capable of verifying integrity and completeness |
CN104980436A (en) * | 2015-06-11 | 2015-10-14 | 努比亚技术有限公司 | Encryption transmission system, method and terminal and intermediate server |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9361476B2 (en) * | 2014-05-16 | 2016-06-07 | Safe Text Ltd. | Messaging systems and methods |
-
2016
- 2016-03-28 CN CN201610182143.8A patent/CN105868987B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103873236A (en) * | 2012-12-12 | 2014-06-18 | 华为技术有限公司 | Searchable encryption method and equipment thereof |
CN104394155A (en) * | 2014-11-27 | 2015-03-04 | 暨南大学 | Multi-user cloud encryption keyboard searching method capable of verifying integrity and completeness |
CN104980436A (en) * | 2015-06-11 | 2015-10-14 | 努比亚技术有限公司 | Encryption transmission system, method and terminal and intermediate server |
Also Published As
Publication number | Publication date |
---|---|
CN105868987A (en) | 2016-08-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109033855B (en) | Data transmission method and device based on block chain and storage medium | |
US10810315B2 (en) | Enabling access to data | |
CN109729041B (en) | Method and device for issuing and acquiring encrypted content | |
JP5562687B2 (en) | Securing communications sent by a first user to a second user | |
CN109034796B (en) | Alliance chain-based transaction supervision method, electronic device and readable storage medium | |
KR101985179B1 (en) | Blockchain based id as a service | |
US20160294553A1 (en) | Information delivery system | |
US9178881B2 (en) | Proof of device genuineness | |
US9372987B1 (en) | Apparatus and method for masking a real user controlling synthetic identities | |
CN105868987B (en) | A kind of method and system of shared information between devices | |
CN107370595A (en) | One kind is based on fine-grained ciphertext access control method | |
KR101615137B1 (en) | Data access method based on attributed | |
CN107613316A (en) | A kind of network direct broadcasting plug-flow verification method and system | |
EP3939202A1 (en) | Method and apparatus for effecting a data-based activity | |
CN106850229A (en) | SM2 digital signature generation method and system based on the secret segmentation of product | |
CN110958253A (en) | Electronic voting method, device and storage medium based on block chain | |
CN109492424B (en) | Data asset management method, data asset management device, and computer-readable medium | |
CN107070856A (en) | Encryption/decryption speed improvement method of encryption is applied compoundly | |
KR102298266B1 (en) | Data access control method and system using attribute-based password for secure and efficient data sharing in cloud environment | |
CN108616516A (en) | A kind of third party's plaintext password method of calibration based on multiple encryption algorithms | |
Reedy et al. | A Secure Framework for Ensuring EHR's Integrity Using Fine-Grained Auditing and CP-ABE | |
CN109525747B (en) | Picture uploading method, encryption and decryption method, device and system and electronic equipment | |
CN116366289A (en) | Safety supervision method and device for remote sensing data of unmanned aerial vehicle | |
CN106357659B (en) | Cloud storage authentication system and method and data transmission method | |
KR100989371B1 (en) | DRM security mechanism for the personal home domain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |