CN106534160A - Identity authentication method and system based on block chain - Google Patents

Identity authentication method and system based on block chain Download PDF

Info

Publication number
CN106534160A
CN106534160A CN201611094966.1A CN201611094966A CN106534160A CN 106534160 A CN106534160 A CN 106534160A CN 201611094966 A CN201611094966 A CN 201611094966A CN 106534160 A CN106534160 A CN 106534160A
Authority
CN
China
Prior art keywords
information
transaction
authentication
block chain
script
Prior art date
Application number
CN201611094966.1A
Other languages
Chinese (zh)
Inventor
汪德嘉
郭宇
王少凡
柴泉
Original Assignee
江苏通付盾科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 江苏通付盾科技有限公司 filed Critical 江苏通付盾科技有限公司
Priority to CN201611094966.1A priority Critical patent/CN106534160A/en
Publication of CN106534160A publication Critical patent/CN106534160A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network

Abstract

The invention discloses an identity authentication method and system based on a block chain. The method includes the steps of a terminal device sending an identity authentication request including an authentication factor to an application server, an application server receiving the identity authentication request and generating first transaction information according to the authentication factor in the identity authentication request, the application server broadcasting the first transaction information to a block chain network, the application server sending the first transaction number information of the first transaction information to the terminal device, the terminal device receiving the first transaction number information, generating second transaction information according to the first transaction number information and the authentication factor and broadcasting the second transaction information to the block chain network, and the block chain network conducting identity authentication for the terminal device according to the first transaction information and the second transaction information to obtain the authentication result. According to the technical scheme of the invention, identity authentication for a terminal device can be safety and conveniently carried out through a block chain network.

Description

基于区块链的身份认证方法及系统 Identity-based authentication method and system block chain

技术领域 FIELD

[0001] 本发明涉及互联网技术领域,具体涉及一种基于区块链的身份认证方法及系统。 [0001] The present invention relates to the field of Internet technologies, particularly to a method and system authentication based block chain. 背景技术 Background technique

[0002] 在互联网技术中,当用户登录某个应用服务器时,该应用服务器经常需要对用户进行身份认证,从而确定该用户是否具有访问某些资源和使用某些资源的权限,即确定该用户是否为授权用户,进而使互联网的访问策略能够可靠、有效地执行,防止攻击者假冒授权用户获得资源的访问权限和使用权限,保证数据安全以及授权用户的合法利益。 [0002] In the Internet technology, when a user logs on an application server, the application server often requires the user authentication to determine whether the user has permission to access certain resources and use of certain resources that determine the user whether the authorized user, thereby enabling Internet access policies can be reliably and effectively implemented, to prevent attackers from counterfeit authorized users gain access to and use of authority resources to ensure that the legitimate interests of data security and authorized users.

[0003] 在现有技术中,可通过第三方认证服务器进行身份认证,具体过程为:用户通过终端设备向第三方认证服务器发送身份认证请求,该身份认证请求中包含有应用服务器要求的信息,接着第三方认证服务器对该身份认证请求进行验证,验证通过后对应用服务器要求的信息进行签名,并将认证结果返回给终端设备,该认证结果中包含有第三方认证服务器对应用服务器要求的信息的签名,然后终端设备将该认证结果发送至应用服务器,应用服务器根据认证结果中的签名就可验证终端设备的身份。 [0003] In the prior art, can be carried out by a third party authentication server authentication, the specific process of: sending a user authentication request to a third party authentication server through a terminal device, the authentication request includes information required by the application server, a third party authentication server then verifies the identity authentication request, the application server authentication information required by a sign post, and returns the authentication result to the terminal device, the authentication result of the authentication server contains information on the third party application servers required signature, then the terminal device sends the authentication result to the application server, the application server can authenticate the terminal apparatus based on the authentication result of the signature. 但是,如果第三方认证服务器出现信息泄露或者信息被篡改,将可能会给终端设备侧的用户和应用服务器带来巨大损失。 However, if a third-party authentication server appear to information disclosure or information it has been tampered with, will likely bring huge losses give the device side end users and application servers. 发明内容 SUMMARY

[0004] 鉴于上述问题,提出了本发明以便提供一种克服上述问题或者至少部分地解决上述问题的基于区块链的身份认证方法及系统。 [0004] In view of the above problems, the present invention is proposed in order to overcome the above problems or to provide an identity-based authentication method and system block chain at least partly solve the above problems.

[0005] 根据本发明的一个方面,提供了一种基于区块链的身份认证方法,该方法包括: [0005] In accordance with one aspect of the present invention, there is provided a chain block based authentication method, the method comprising:

[0006] 终端设备向应用服务器发送身份认证请求;其中,身份认证请求包括认证因子; [0006] The terminal device transmits authentication request to an application server; wherein the authentication request including authentication factor;

[0007] 应用服务器接收身份认证请求,根据身份认证请求中的认证因子,生成第一交易信息; [0007] The application server receives the authentication request, the authentication request according to the identity authentication factor to generate a first transaction information;

[0008] 应用服务器将第一交易信息广播至区块链网络; [0008] The first application server transaction information to the broadcast network block chains;

[0009] 应用服务器将第一交易信息的第一交易编号信息发送至终端设备; [0009] The first application server transaction number information of the first transaction information is transmitted to the terminal device;

[0010] 终端设备接收第一交易编号信息,根据第一交易编号信息和认证因子,生成第二交易信息,并将第二交易信息广播至区块链网络; [0010] The terminal device receives the first information is a transaction number, transaction number according to the first information and authentication factor to generate a second transaction information, transaction information and a second block chain to a broadcast network;

[0011] 区块链网络根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [0011] network in accordance with a first block chain and the second trade information, transaction information, the terminal device authentication, authentication result.

[0012] 根据本发明的另一方面,提供了一种基于区块链的身份认证系统,该系统包括:终端设备、应用服务器和区块链网络;其中, [0012] According to another aspect of the present invention, there is provided an authentication system based block chain, the system comprising: a terminal device, an application server and a network block chains; wherein,

[0013] 终端设备用于:向应用服务器发送身份认证请求;其中,身份认证请求包括认证因子; [0013] The terminal device configured to: send identity authentication request to an application server; wherein the authentication request including authentication factor;

[0014] 应用服务器用于:接收身份认证请求,根据身份认证请求中的认证因子,生成第一交易信息;将第一交易信息广播至区块链网络,并将第一交易信息的第一交易编号信息发送至终端设备; [0014] The application server configured to: receive an identity authentication request, the authentication request according to the identity authentication factor to generate a first transaction information; and a first transaction information to the broadcast network block chain, and the first transaction of the first transaction information No information is transmitted to the terminal device;

[0015] 终端设备进一步用于:接收第一交易编号信息,根据第一交易编号信息和认证因子,生成第二交易信息,并将第二交易信息广播至区块链网络; [0015] The terminal device is further for: receiving a first transaction number information, based on the first authentication information and the transaction number factor, generating a second transaction information, transaction information and a second block chain to a broadcast network;

[0016] 区块链网络用于:根据第一交易信息和第二交易信息,对终端设备进行身份认证, 得到认证结果。 [0016] The block chain for network: the transaction according to the first information and the second transaction information, the terminal device authentication, authentication result.

[0017] 根据本发明提供的技术方案,应用服务器根据终端设备的身份认证请求中的认证因子,生成第一交易信息,将第一交易信息广播至区块链网络,并将第一交易信息的第一交易编号信息发送至终端设备,接着终端设备根据第一交易编号信息和认证因子,生成第二交易信息,并将第二交易信息广播至区块链网络,然后区块链网络根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [0017] According to the present invention provides, according to the application server requests authentication of the authentication terminal device factor to generate a first transaction information, transaction information to the first broadcast network block chain, and a first transaction information first transaction ID information is transmitted to the terminal device, then the terminal apparatus according to the first authentication information and the transaction number factor, generating a second transaction information, transaction information and a second block chain to the broadcast network, and the network according to a first block chain second transaction information and transaction information, the terminal device authentication, authentication result. 根据本发明提供的技术方案,通过区块链网络能够安全、便捷地对终端设备进行身份认证,另外,利用区块链不可篡改的特性,还增加了身份认证的可信度。 According to the present invention is provided by the block chain network can be convenient, secure authentication of the terminal device, in addition, properties of the chain block can not be altered, further increasing the reliability of the authentication.

[0018] 上述说明仅是本发明技术方案的概述,为了能够更清楚了解本发明的技术手段, 而可依照说明书的内容予以实施,并且为了让本发明的上述和其它目的、特征和优点能够更明显易懂,以下特举本发明的具体实施方式。 [0018] The above description is only an overview of the technical solution of the present invention, in order to more fully understood from the present invention, but may be implemented in accordance with the contents of the specification, and in order to make the aforementioned and other objects, features and advantages of the present invention can be more apparent from the following specific embodiments cite Patent of the present invention. 附图说明 BRIEF DESCRIPTION

[0019] 通过阅读下文优选实施方式的详细描述,各种其他的优点和益处对于本领域普通技术人员将变得清楚明了。 [0019] By reading the following detailed description of preferred embodiments Hereinafter, a variety of other advantages and benefits to those of ordinary skill in the art will become apparent. 附图仅用于示出优选实施方式的目的,而并不认为是对本发明的限制。 The drawings are only for purposes of illustrating a preferred embodiment and are not to be considered limiting of the present invention. 而且在整个附图中,用相同的参考符号表示相同的部件。 But throughout the drawings, like parts with the same reference symbols. 在附图中: In the drawings:

[0020] 图1示出了根据本发明一个实施例的基于区块链的身份认证方法的信令流程图; [0020] FIG. 1 shows a flowchart of a method for identity authentication based on a signaling block chain to an embodiment of the present invention;

[0021] 图2示出了根据本发明另一个实施例的基于区块链的身份认证方法的信令流程图; [0021] FIG 2 illustrates a method of authentication based on a signaling flowchart block chain according to another embodiment of the present invention;

[0022] 图3示出了根据本发明一个实施例的基于区块链的身份认证系统的结构框图。 [0022] FIG. 3 shows a block diagram of the block-based authentication system according to the present invention, the chain to one embodiment. 具体实施方式[〇〇23] 下面将参照附图更详细地描述本公开的示例性实施例。 DETAILED DESCRIPTION [〇〇23] The following exemplary embodiments of the present disclosure will be described in more detail with reference to the drawings. 虽然附图中显示了本公开的示例性实施例,然而应当理解,可以以各种形式实现本公开而不应被这里阐述的实施例所限制。 While the exemplary embodiment shows an exemplary embodiment of the present disclosure in the drawings, it should be understood that the present disclosure may be implemented embodiments and should not be set forth herein to limit in various forms. 相反,提供这些实施例是为了能够更透彻地理解本公开,并且能够将本公开的范围完整的传达给本领域的技术人员。 Rather, these embodiments are able to more thorough understanding of the present disclosure, and the scope of the present disclosure can be completely conveying to those skilled in the art.

[0024]图1示出了根据本发明一个实施例的基于区块链的身份认证方法的信令流程图, 如图1所示,该方法包括如下步骤:[〇〇25] 步骤S100,终端设备向应用服务器发送身份认证请求。 [0024] FIG 1 illustrates a method of authentication based on a signaling flowchart block chain in accordance with one embodiment of the present invention, shown in Figure 1, the method comprising the steps of: [〇〇25] step S100, the terminal identity authentication device sends a request to the application server. [〇〇26] 其中,身份认证请求包括认证因子。 [〇〇26] wherein the authentication request includes an authentication factor. 具体地,认证因子包括以下一项或多项:用户名信息、用户密码信息、设备指纹信息、动态码和行为习惯信息。 Specifically, the authentication factors include one or more of the following: user name information, user password information, device fingerprint information, dynamic code and behavior information. 另外,认证因子还可包括其他可用于认证身份的信息,此处不做限定。 In addition, the authentication factors may include information used to authenticate the identity of the other, is not limited herein. [〇〇27] 步骤S101,应用服务器接收身份认证请求,根据身份认证请求中的认证因子,生成第一交易信息。 [〇〇27] step S101, the application server receives the authentication request, the authentication request according to the identity authentication factor to generate a first transaction information. [〇〇28] 应用服务器接收终端设备发送的身份认证请求,接着根据身份认证请求中的认证因子,生成第一交易信息。 [〇〇28] Authentication server application request sent by the reception terminal device, and then the authentication request according to the identity authentication factor to generate a first transaction information.

[0029] 步骤S102,应用服务器将第一交易信息广播至区块链网络。 [0029] step S102, the first application server transaction information to the broadcast network block chain.

[0030] 在生成了第一交易信息之后,应用服务器将第一交易信息广播至区块链网络。 [0030] After generation of the first transaction information, transaction information of the first application server to a broadcast network block chain. 其中,区块链具有不可篡改的特性。 Wherein the block chain having characteristics of non-manipulatable.

[0031] 步骤S103,应用服务器将第一交易信息的第一交易编号信息发送至终端设备。 [0031] step S103, the application server transaction number of the first information of the first transaction information is transmitted to the terminal device.

[0032] 具体地,第一交易信息的第一交易编号信息可为利用哈希算法对第一交易信息进行计算得到的。 [0032] Specifically, the first information of a first transaction number for the transaction information may be calculated to obtain first transaction information using a hashing algorithm. 为了使终端设备能够获得第一交易信息,应用服务器将第一交易信息的第一交易编号信息发送至终端设备。 In order to enable the terminal device to obtain first transaction information, the first application server transaction number information of the first transaction information is transmitted to the terminal device. [〇〇33] 步骤S104,终端设备接收第一交易编号信息,根据第一交易编号信息和认证因子, 生成第二交易信息,并将第二交易信息广播至区块链网络。 [〇〇33] Step S104, the terminal device receives the first information is a transaction number, transaction number according to the first information and authentication factor to generate a second transaction information, transaction information and a second block chain to the broadcast network.

[0034] 终端设备在接收了应用服务器发送的第一交易编号信息之后,根据第一交易编号信息和认证因子,生成第二交易信息,接着将所生成的第二交易信息广播至区块链网络。 [0034] The terminal device after receiving the first transaction number information sent by the server application, according to the first transaction number information and authentication factor to generate a second transaction information, a second transaction then the generated information to the broadcast network block chains . [〇〇35] 步骤S105,区块链网络根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [〇〇35] step S105, the block chain network in accordance with the first transaction information and the second transaction information, the terminal device authentication, authentication result. [〇〇36]由于第一交易信息和第二交易信息都广播至了区块链网络,那么在步骤S105中, 区块链网络就可根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [〇〇36] Since the first transaction information and the transaction information is broadcast to the second block chain of the network, then in step S105, the block chain network can be based on the first transaction information and the second transaction information, the terminal device identity authentication, authentication result. 其中,认证结果包括:第一认证结果和第二认证结果。 Wherein the authentication result includes: a first authentication result and the second authentication result. 具体地,第一认证结果为认证成功的认证结果,第二认证结果为认证失败的认证结果。 Specifically, the first authentication result is authentication successful authentication result, the authentication of the second authentication result is authentication failure result. [〇〇37] 根据本发明实施例提供的基于区块链的身份认证方法,应用服务器根据终端设备的身份认证请求中的认证因子,生成第一交易信息,将第一交易信息广播至区块链网络,并将第一交易信息的第一交易编号信息发送至终端设备,接着终端设备根据第一交易编号信息和认证因子,生成第二交易信息,并将第二交易信息广播至区块链网络,然后区块链网络根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [〇〇37] According to embodiments of the present invention provides a method of authentication based block chain, according to the application server requests authentication of the authentication terminal device factor to generate a first transaction information, transaction information is broadcast to the first block chain network, and transmits information of a first transaction number in a first transaction information to the terminal device, then the terminal apparatus according to the first authentication information and the transaction number factor, generating a second transaction information, transaction information and a second block chain to broadcast network and chain network in accordance with the first block and the second trade information, transaction information, the terminal device authentication, authentication result. 根据本发明提供的技术方案,通过区块链网络能够安全、便捷地对终端设备进行身份认证,另外,利用区块链不可篡改的特性,还增加了身份认证的可信度。 According to the present invention is provided by the block chain network can be convenient, secure authentication of the terminal device, in addition, properties of the chain block can not be altered, further increasing the reliability of the authentication. [〇〇38]图2示出了根据本发明另一个实施例的基于区块链的身份认证方法的信令流程图,如图2所示,该方法包括如下步骤:[〇〇39] 步骤S200,终端设备向应用服务器发送身份认证请求。 [〇〇38] FIG 2 illustrates a method of authentication based on a signaling flowchart block chain according to another embodiment of the present invention, shown in Figure 2, the method comprising the steps of: [〇〇39] Step S200, the terminal device transmits authentication request to the application server. [〇〇4〇] 其中,身份认证请求包括认证因子。 [〇〇4〇] wherein the authentication request includes an authentication factor. 具体地,认证因子包括以下一项或多项:用户名信息、用户密码信息、设备指纹信息、动态码和行为习惯信息。 Specifically, the authentication factors include one or more of the following: user name information, user password information, device fingerprint information, dynamic code and behavior information. 本领域技术人员还可根据实际需要将其他可用于认证身份的信息作为认证因子,此处不做限定。 Those skilled in the art may also be based on actual needs additional information can be used to authenticate the identity as an authentication factor, it is not limited here.

[0041] 步骤S201,应用服务器接收身份认证请求,根据身份认证请求,生成脚本信息。 [0041] step S201, the application server receives the authentication request, according to the identity authentication request, generates scenario information. [〇〇42] 应用服务器在接收了身份认证请求之后,会根据身份认证请求,生成脚本信息。 [〇〇42] application server after receiving the authentication request, based identity authentication request information generated script. [〇〇43] 步骤S202,应用服务器利用身份认证请求中的认证因子和脚本信息,得到数学变换结果。 [〇〇43] step S202, the application server and the script information using the authentication factor authentication request, to obtain a mathematical transformation result. [〇〇44]具体地,利用脚本信息对身份认证请求中的认证因子进行数学变化,得到数学变换结果。 [〇〇44] Specifically, the script information using the authentication request authentication mathematical factor changes, to obtain a mathematical transformation result. 例如,将身份认证请求中的认证因子作为脚本信息对应的输入信息,利用脚本信息得到输出信息,所得到的输出信息即为数学变换结果。 For example, the authentication request as the authentication factor script information corresponding to input information, output information obtained using the scenario information, the output information is the mathematical transformation of the obtained results. 其中,数学变化包括但不限于加运算、减运算、与运算、异或运算和哈希运算等。 Wherein mathematical variation including but not limited to the addition operation, a subtraction operation, an AND operation, an exclusive OR operation and hashed like. [〇〇45] 步骤S203,应用服务器利用哈希算法计算得到脚本信息对应的脚本哈希值。 [〇〇45] step S203, the server application by using the hash algorithm Hash value obtained script corresponding to the script information.

[0046] 应用服务器利用哈希算法对脚本信息进行哈希运算,得到脚本信息对应的脚本哈希值。 [0046] The application server uses a hashing algorithm to the scenario information is hashed to obtain a hash value of script information corresponding to the script.

[0047] 步骤S204,应用服务器根据脚本信息的区块链地址信息、脚本哈希值和数学变换结果,生成第一交易信息。 [0047] step S204, the application server according to the address information of block chain of script information, and scripts hash value results mathematical transformations to generate a first transaction information.

[0048] 其中,脚本信息具有对应的区块链地址信息,根据脚本信息的区块链地址信息可得到脚本信息。 [0048] wherein, the script information with address information corresponding to the block chain, block chain obtained according to the scenario information the address information of the script information. 由于交易信息包括交易输入信息和交易输出信息,那么在步骤S204中,应用服务器可将区块链的代币作为第一交易信息的交易输入信息,将脚本信息的区块链地址信息、脚本哈希值和数学变换结果作为第一交易信息的交易输出信息,从而生成第一交易信息。 Since the transaction information including the transaction information input and output transaction, then in step S204, the application server may be tokens block chain as the first transaction information input transaction information, address information of the block chain of script information, the script ha Xi values ​​and mathematical transform output information as a result of the transaction first transaction information, thereby generating a first transaction information.

[0049] 步骤S205,应用服务器将第一交易信息广播至区块链网络。 [0049] step S205, the first application server transaction information to the broadcast network block chain.

[0050] 在生成了第一交易信息之后,应用服务器将第一交易信息广播至区块链网络。 [0050] After generation of the first transaction information, transaction information of the first application server to a broadcast network block chain. 相当于应用服务器将脚本信息的区块链地址信息、脚本哈希值和数学变换结果以第一交易信息的形式广播至区块链网络。 Equivalent to the application server address information in the script block chain information, scripts hash value and the results of mathematical transformations to broadcast the network in the form of the first block chain transaction information.

[0051] 步骤S206,应用服务器将第一交易信息的第一交易编号信息发送至终端设备。 [0051] Step S206, the first application server transaction number information of the first transaction information is transmitted to the terminal device. [〇〇52]具体地,第一交易信息的第一交易编号信息为利用哈希算法对第一交易信息进行计算得到的。 [〇〇52] Specifically, the first transaction number information for the first transaction information using a hashing algorithm to calculate a first transaction information obtained. 可选地,在步骤S206之前,该方法还可包括:应用服务器利用哈希算法对第一交易信息进行计算,得到第一交易信息的第一交易编号信息的步骤。 Alternatively, before step S206, the method may further comprise: an application server using a hashing algorithm to calculate a first transaction information, the step of the first transaction number information to obtain first transaction information. [〇〇53] 步骤S207,终端设备接收第一交易编号信息,根据第一交易编号信息,获取第一交易信息。 [〇〇53] step S207, the terminal device receives the first information is a transaction number, transaction number in accordance with a first information obtaining first transaction information.

[0054]由于第一交易信息的第一交易编号信息为利用哈希算法对第一交易信息进行计算得到的,那么在终端设备接收了第一交易编号信息之后,就可根据第一交易编号信息,获取第一交易信息。 [0054] Since the first transaction number information for the first transaction information using a hashing algorithm to calculate a first transaction information obtained, the first transaction number received information after the terminal device, according to a first transaction number information can to obtain first transaction information. [〇〇55] 步骤S208,终端设备根据第一交易信息,得到脚本信息。 [〇〇55] step S208, the terminal apparatus according to the first transaction information, script information obtained.

[0056]由于第一交易信息是根据脚本信息的区块链地址信息、脚本哈希值和数学变换结果生成的,那么终端设备根据第一交易信息就可得到脚本信息的区块链地址信息,接着根据脚本信息的区块链地址信息就可得到脚本信息。 [0056] Since the first block chain is a transaction information address information of the script information, and scripts mathematical transformations hash value generated as a result, the terminal apparatus can obtain the address information of scenario information block chain according to the first transaction information, then the scenario information can be obtained in accordance with the address information of the script block chain information. [〇〇57] 步骤S209,终端设备根据第一交易编号信息、脚本信息、认证因子和应用服务器的区块链地址信息,生成第二交易信息。 [〇〇57] step S209, the terminal device in accordance with the address information of the first block chain transaction number information, script information, and application servers factor authentication, generates a second transaction information.

[0058] 应用服务器具有对应的区块链地址信息,根据应用服务器的区块链地址信息可确定应用服务器。 [0058] the application server having the address information corresponding to the chain block, the block may be determined according to the application server address information of the application server chain. 具体地,终端设备可将第一交易编号信息、脚本信息、认证因子作为第二交易信息的交易输入信息,将应用服务器的区块链地址信息作为第二交易信息的交易输出信息,从而生成第二交易信息。 Specifically, the terminal device may be the first transaction number information, script information, the authentication information of the second factor as a transaction input transaction information, the block chains as the address of the application server transaction information output information of the second transaction information, thereby generating the two transactions.

[0059] 步骤S210,终端设备将第二交易信息广播至区块链网络。 [0059] step S210, the transaction information terminal device a second block chain to the broadcast network.

[0060] 在生成了第二交易信息之后,终端设备将第二交易信息广播至区块链网络。 [0060] After the generation of the second transaction information, transaction information terminal device a second block chain to the broadcast network. 相当于终端设备将第一交易编号信息、脚本信息、认证因子和应用服务器的区块链地址信息以第二交易信息的形式广播至区块链网络。 Terminal device corresponding to the first address of the block chain transaction number information, script information, and application servers factor authentication information broadcast to the network in the form of block chains second transaction information.

[0061] 步骤S211,区块链网络根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [0061] step S211, the block chains network in accordance with the first transaction information and the second transaction information, the terminal device authentication, authentication result.

[0062] 由于第一交易信息和第二交易信息都广播至了区块链网络,那么在步骤S211中,区块链网络就可根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [0062] Since the first transaction information and the transaction information is broadcast to the second block chain of the network, then in step S211, the block chain network can be based on the first transaction information and the second transaction information, the identity of the terminal device certification, certified the results.

[0063] 由于第一交易信息是根据脚本信息的区块链地址信息、脚本哈希值和数学变换结果生成的,那么区块链网络根据第一交易信息,可得到第一交易信息对应的脚本信息的区块链地址信息、脚本哈希值和数学变换结果,同理,第二交易信息是根据第一交易编号信息、脚本信息、认证因子和应用服务器的区块链地址信息生成的,区块链网络根据第二交易信息,可得到第二交易信息对应的第一交易编号信息、脚本信息、认证因子和应用服务器的区块链地址信息。 [0063] Since the first block chain is a transaction information address information of the script information, and scripts mathematical transformations hash value generated as a result, the block chain network in accordance with a first transaction information, transaction information corresponding to a first available scripts block chain address information, scripts hash value and mathematical transform results. Similarly, the second transaction information is information generated based on the address of the first block chain transaction number information, script information, authentication factor and application servers, district according to a second block chain network transaction information, a first transaction number to obtain information corresponding to the second transaction information, the address information of scenario information block chain, and factor authentication application server.

[0064] 具体地,区块链网络根据第二交易信息,得到第二交易信息对应的脚本信息;利用哈希算法对第二交易信息对应的脚本信息进行计算,得到待认证脚本哈希值。 [0064] In particular, according to a second block chain network transaction information, script information to give the corresponding second transaction information; script information using the hash algorithm corresponding to the second transaction information has been calculated, the script to be authenticated hash value. 区块链网络根据第一交易信息,得到第一交易信息对应的脚本哈希值。 Block chain network in accordance with a first transaction information, a hash value obtained script information corresponding to the first transaction. [〇〇65] 在得到了待认证脚本哈希值和第一交易信息对应的脚本哈希值之后,区块链网络判断待认证脚本哈希值是否与第一交易信息对应的脚本哈希值相同。 [〇〇65] After the obtained script to be authenticated hash value and the hash value of script information corresponding to the first transaction, the block chain network script hash value is determined to be authenticated hash value is a script corresponding to the first transaction information the same.

[0066]如果区块链网络判断得到待认证脚本哈希值与第一交易信息对应的脚本哈希值相同,则区块链网络根据第二交易信息,得到第二交易信息对应的认证因子,并根据第二交易信息对应的认证因子和脚本信息,得到待认证数学变换结果;接着区块链网络根据第一交易信息,得到第一交易信息对应的数学变换结果;在得到了待认证数学变换结果和第一交易信息对应的数学变换结果之后,区块链网络判断待认证数学变换结果是否与第一交易信息对应的数学变换结果相同。 [0066] If the network determines block chain obtained script to be authenticated hash value identical to the hash value of script information corresponding to the first transaction, a second network in accordance with the block chains transaction information, transaction information corresponding to obtain a second factor authentication, and script information according to the authentication factor and a second transaction information corresponding to a mathematical transformation to obtain a result to be authenticated; Next block chain network in accordance with a first transaction information, a mathematical transformation to obtain a first result information corresponding to the transaction; be authenticated in a mathematical transformation to obtain results after the first mathematical transformation corresponding to the transaction information, the network is determined to be authenticated block chains mathematical transform result is the same as the first mathematical transformation result information corresponding to the transaction. 如果判断得到认证数学变换结果与第一交易信息对应的数学变换结果相同,则区块链网络得到第一认证结果,即得到认证成功的认证结果;如果判断得到认证数学变换结果不与第一交易信息对应的数学变换结果相同,则区块链网络得到第二认证结果,即得到认证失败的认证结果。 If the result of the authentication is determined to obtain a mathematical transformation of the first mathematical transformation results corresponding to the same transaction information, the first block chain network authentication result obtained, i.e. the results obtained and successfully authenticated authentication; if the authentication is determined to give the results of the mathematical transformation is not the first transaction mathematical transformation information corresponding to the same result, then obtain a second block chain network authentication result, i.e., obtain an authentication result of the authentication failure. [〇〇67]如果区块链网络判断得到待认证脚本哈希值不与第一交易信息对应的脚本哈希值相同,则区块链网络得到第二认证结果。 [〇〇67] If the network determines block chain obtained script to be authenticated hash value is not the same as the hash value of script information corresponding to the first transaction, to obtain a second block chain network authentication result. [〇〇68] 在本实施例中,在区块链网络对终端设备进行身份认证的过程中,区块链网络不仅验证脚本哈希值,还验证数学变换结果,从而能够更加全面、准确地进行身份认证,进而获得可靠的认证结果。 [〇〇68] In the present embodiment, the process of block chains network authenticates the terminal device, the network not only the validation script block chains hash value, also verify a mathematical transformation a result, it is possible to more fully and accurately authenticate, and then get reliable authentication result. [〇〇69] 其中,其他的验证交易合法性的方式与现有技术中区块链网络验证交易合法性的方式相同,此处不再赘述。 [〇〇69] wherein verify the legitimacy of transactions other manner as the prior art block chain to verify the legitimacy of transactions in a network the same manner, it is not repeated here.

[0070] 在实际应用中,可由区块链网络中的矿工节点根据第一交易信息和第二交易信息,对终端设备进行身份认证。 [0070] In practical applications, the network may block chain miners node according to the first transaction information and the second transaction information, the terminal device authentication. 如果经区块链网络中的矿工节点对终端设备进行身份认证, 得到第一认证结果,即认证成功,那么矿工节点在区块链网络中广播第二交易信息,在区块链网络中的各节点达成共识后写入区块链。 If the block chain via the network node miners authentication terminal device, a first authentication result obtained, i.e., authentication is successful, a second node broadcasts transactions miners information block chain network, each network in the block chain after the node write block chain to reach a consensus.

[0071] 步骤S212,区块链网络将认证结果发送至应用服务器。 [0071] step S212, the block chain network transmits an authentication result to the application server.

[0072] 区块链网络根据第二交易信息可得到应用服务器的区块链地址信息,根据应用服务器的区块链地址信息,就可将认证结果发送至应用服务器,以便应用服务器获知终端设备的身份认证是否认证成功。 [0072] The block chain block chains network address information of the second transaction information available application server, in accordance with the address information of the application server block chain, and can send the authentication result to the application server, the application server in order to learn the terminal device authentication whether authentication is successful. [〇〇73] 根据本发明实施例提供的基于区块链的身份认证方法,应用服务器根据脚本信息的区块链地址信息、脚本哈希值和数学变换结果,生成第一交易信息,将第一交易信息广播至区块链网络,并将第一交易信息的第一交易编号信息发送至终端设备,终端设备根据第一交易编号信息、脚本信息、认证因子和应用服务器的区块链地址信息,生成第二交易信息,并将第二交易信息广播至区块链网络,然后区块链网络根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [〇〇73] According to embodiments of the present invention provides a method of authentication based block chain, block chain in accordance with the application server address information of the scenario information, and the hash value script mathematical transformations result, generates a first transaction information, the first transaction information to a broadcast network block chain, and a first transaction number information to the terminal device, the terminal device information of the first transaction information in accordance with the address of the first block chain transaction number information, script information, authentication factor and application servers generating a second transaction information, transaction information and a second block chain to a broadcast network and chain network in accordance with a first block and the second trade information, transaction information, the terminal device authentication, authentication result. 根据本发明提供的技术方案,通过区块链网络保存并验证脚本哈希值和数学变换结果,从而能够安全、便捷、准确地对终端设备进行身份认证,另外,利用区块链不可篡改的特性,还增加了身份认证的可信度。 According to the present invention is provided by the network storage block chain and the hash value and the validation scripts mathematical transform results, to enable safe, convenient and accurate authentication of the terminal device, further, the use of tamper-proof characteristics of the block chain , also increased the identity of credibility.

[0074]图3示出了根据本发明一个实施例的基于区块链的身份认证系统的结构框图,如图3所示,该系统包括:终端设备310、应用服务器320和区块链网络330。 [0074] FIG. 3 shows a block diagram of identity-based authentication system block chain of an embodiment of the present invention, shown in Figure 3, the system comprising: a terminal device 310, the application server 320 and the network 330 Block Chaining . [〇〇75] 终端设备310用于:向应用服务器320发送身份认证请求。 [〇〇75] terminal device 310 configured to: send the authentication request to the application server 320. [〇〇76] 其中,身份认证请求包括认证因子。 [〇〇76] wherein the authentication request includes an authentication factor. 本领域技术人员可根据实际需要将可用于认证身份的信息作为认证因子,此处不做限定。 Those skilled in the art can be used as the authentication factor based on the information is not limited herein it will be used to authenticate the identity of the actual needs. 例如,认证因子可包括以下一项或多项:用户名信息、用户密码信息、设备指纹信息、动态码和行为习惯信息。 For example, the authentication factors may include one or more of the following: user name information, user password information, device fingerprint information, dynamic code and behavior information. [〇〇77] 应用服务器320用于:接收身份认证请求,根据身份认证请求中的认证因子,生成第一交易信息;将第一交易信息广播至区块链网络,并将第一交易信息的第一交易编号信息发送至终端设备。 [〇〇77] 320 application server configured to: receive an identity authentication request, the authentication request according to the identity authentication factor to generate a first transaction information; and a first transaction information to the broadcast network block chain, and a first transaction information first transaction ID information is transmitted to the terminal device. [〇〇78]具体地,应用服务器320包括:第一接收模块321、第一处理模块322、第一生成模块323、第一广播模块324和第一发送模块325。 [〇〇78] Specifically, the application server 320 comprises: a first receiving module 321, a first processing module 322, first generation module 323, a first broadcast module 324 and a first sending module 325. 其中,第一接收模块321用于:接收身份认证请求。 Wherein the first receiving module 321 configured to: receive an identity authentication request. 第一处理模块322用于:根据身份认证请求,生成脚本信息;利用身份认证请求中的认证因子和脚本信息,得到数学变换结果;利用哈希算法计算得到脚本信息对应的脚本哈希值。 A first processing module 322 configured to: according to the identity authentication request, generate script information; and script information using the authentication factor authentication request, to obtain a mathematical transformation result; obtained using a hash algorithm Hash value script information corresponding to the script. 第一生成模块323用于:根据脚本信息的区块链地址信息、脚本哈希值和数学变换结果,生成第一交易信息。 A first generation module 323 configured to: according to the address information of block chain of script information, and scripts hash value results mathematical transformations to generate a first transaction information. 第一广播模块324用于:将第一交易信息广播至区块链网络。 A first broadcast module 324 is used: the first transaction information to the broadcast network block chain. 第一发送模块325用于:将第一交易信息的第一交易编号信息发送至终端设备310。 A first transmitting module 325 configured to: send a first transaction number to the transaction information of the first information to the terminal device 310. [〇〇79] 其中,应用服务器320中的第一处理模块322利用脚本信息对身份认证请求中的认证因子进行数学变化,得到数学变换结果。 [〇〇79] wherein the application server 320 in the first processing module 322 using the script information in the authentication request identity authentication mathematical factor changes, to obtain a mathematical transformation result. 例如,将身份认证请求中的认证因子作为脚本信息对应的输入信息,利用脚本信息得到输出信息,所得到的输出信息即为数学变换结果。 For example, the authentication request as the authentication factor script information corresponding to input information, output information obtained using the scenario information, the output information is the mathematical transformation of the obtained results. 数学变化包括但不限于加运算、减运算、与运算、异或运算和哈希运算等。 Mathematical variations add operations including but not limited to, subtraction, and calculation, exclusive OR operation and hashed like.

[0080] 由于交易信息包括交易输入信息和交易输出信息,那么应用服务器320中的第一生成模块323可将区块链的代币作为第一交易信息的交易输入信息,将脚本信息的区块链地址信息、脚本哈希值和数学变换结果作为第一交易信息的交易输出信息,从而生成第一交易信息。 [0080] Since the input transaction information including the transaction information and the transaction information is output, then the application server 320 in the first module 323 may generate tokens as the block chain of the first transaction information input transaction information, the scenario information block chain address information, scripts hash value and mathematical transformations as a result of the transaction output information of the first transaction information, thereby generating a first transaction information. 在第一生成模块323生成了第一交易信息之后,应用服务器320中的第一广播模块324将第一交易信息广播至区块链网络330,相当于第一广播模块324将脚本信息的区块链地址信息、脚本哈希值和数学变换结果以第一交易信息的形式广播至区块链网络。 After a first generation module 323 generates a first transaction information, the application server 320 of the first broadcast module 324 will broadcast the first transaction information block chain to network 330, corresponding to the first broadcast module 324 to the script information block chain address information, scripts hash value and the results of mathematical transformations to broadcast the network in the form of the first block chain transaction information.

[0081] 可选地,应用服务器320还用于:利用哈希算法对第一交易信息进行计算,得到第一交易信息的第一交易编号信息。 [0081] Alternatively, the application server 320 is further configured to: for a first transaction information is calculated using a hashing algorithm, the first transaction number to obtain information for the first transaction information. 具体地,应用服务器320中的第一处理模块322利用哈希算法对第一交易信息进行计算,得到第一交易信息的第一交易编号信息。 Specifically, the application server 320 in the first processing module 322 first transaction number information for the first transaction information calculated using a hashing algorithm, to obtain first transaction information. [〇〇82] 终端设备310还用于:接收第一交易编号信息,根据第一交易编号信息和认证因子,生成第二交易信息,并将第二交易信息广播至区块链网络。 [〇〇82] the terminal device 310 is further configured to: receive a first transaction number information, based on the first authentication information and the transaction number factor, generating a second transaction information, transaction information and a second block chain to the broadcast network. [〇〇83]具体地,终端设备310包括:第二发送模块311、第二接收模块312、第二处理模块313、第二生成模块314和第二广播模块315。 [〇〇83] Specifically, the terminal device 310 comprises: a second sending module 311, a second receiving module 312, a second processing module 313, second generation module 314 and the second broadcast module 315. 其中,第二发送模块311用于:向应用服务器320发送身份认证请求。 Wherein the second sending module 311 configured to: send the authentication request to the application server 320. 第二接收模块312用于:接收第一交易编号信息。 A second receiving module 312 configured to: receive a first transaction number information. 第二处理模块313用于:根据第一交易编号信息,获取第一交易信息;根据第一交易信息,得到脚本信息。 The second processing module 313 configured to: according to a first transaction number information, obtaining first transaction information; according to a first transaction information, script information obtained. 第二生成模块314用于:根据第一交易编号信息、脚本信息、认证因子和应用服务器的区块链地址信息,生成第二交易信息。 The second generation module 314 configured to: according to the address information of the first block chain transaction number information, script information, and application servers factor authentication, generates a second transaction information. 第二广播模块315用于:将第二交易信息广播至区块链网络330。 A second broadcast module 315: second transaction information broadcast network 330 to block chain. [〇〇84]由于第一交易信息的第一交易编号信息为利用哈希算法对第一交易信息进行计算得到的,那么终端设备310中的第二接收模块312接收了第一交易编号信息之后,第二处理模块313根据第一交易编号信息,获取第一交易信息。 After [〇〇84] Since the first transaction number information for the first transaction information using a hashing algorithm to calculate a first transaction information, then the receiving module 312 of the second terminal device 310 receives the first transaction number information The second processing module 313 according to the first transaction number information, to obtain first transaction information. 由于第一交易信息是根据脚本信息的区块链地址信息、脚本哈希值和数学变换结果生成的,那么第二处理模块313根据第一交易信息就可得到脚本信息的区块链地址信息,根据脚本信息的区块链地址信息就可得到脚本信息。 Since the first block chain transaction information is based on the address information of the script information, and scripts mathematical transformations hash value generated as a result, the second process module 313 can obtain the address information of scenario information block chain according to the first transaction information, according to the script block chain information address information can be obtained script information.

[0085] 接着终端设备310中的第二生成模块314就可根据第一交易编号信息、脚本信息、 认证因子和应用服务器的区块链地址信息,生成第二交易信息。 [0085] Next a second generation module 314 can be in the terminal device 310 according to the address information of the first block chain transaction number information, script information, and application servers factor authentication, generates a second transaction information. 具体地,第二生成模块314 可将第一交易编号信息、脚本信息、认证因子作为第二交易信息的交易输入信息,将应用服务器的区块链地址信息作为第二交易信息的交易输出信息,从而生成第二交易信息。 Specifically, the second module 314 may generate a first transaction number information, script information, the authentication information of the second factor as a transaction input transaction information, the block chains as the address of the application server transaction information output information of the second transaction information, thereby generating a second transaction information. 在第二生成模块314生成了第二交易信息之后,第二广播模块315将第二交易信息广播至区块链网络330,相当于第二广播模块315将第一交易编号信息、脚本信息、认证因子和应用服务器的区块链地址信息以第二交易信息的形式广播至区块链网络330。 After the second generation module 314 generates a second transaction information, the second broadcast module 315 of the second block chain to the transaction information broadcast network 330, the second broadcast module 315 corresponds to the first transaction number information, script information, certification block chain factor and the application server address information to the broadcast network 330 in the form of block chains second transaction information.

[0086] 区块链网络330用于:根据第一交易信息和第二交易信息,对终端设备310进行身份认证,得到认证结果。 [0086] Network 330 for block chain: the transaction according to the first information and the second transaction information, the terminal device 310 for authentication, authentication result. [〇〇87] 其中,区块链网络330包括:第三接收模块331、第三处理模块332、第一认证模块333、第四处理模块334、第二认证模块335和结果生成模块336。 [〇〇87] wherein the block chain network 330 includes: a third receiving module 331, a third processing module 332, a first authentication module 333, a fourth processing module 334, second module 335 and the authentication result generation module 336. [〇〇88] 第三接收模块331用于:接收第一交易信息和第二交易信息。 [〇〇88] The third receiving module 331 configured to: receive a first transaction information and the second transaction information. [〇〇89] 第三处理模块332用于:根据第二交易信息,得到第二交易信息对应的脚本信息; 利用哈希算法对第二交易信息对应的脚本信息进行计算,得到待认证脚本哈希值;根据第一交易信息,得到第一交易信息对应的脚本哈希值。 [〇〇89] The third processing module 332 configured to: according to a second transaction information, script information to give the corresponding second transaction information; script information using the hash algorithm corresponding to the second transaction information has been calculated, the script to be authenticated Ha Xi value; transaction information in accordance with a first, a hash value obtained script information corresponding to the first transaction.

[0090] 第一认证模块333用于:判断待认证脚本哈希值是否与第一交易信息对应的脚本哈希值相同。 [0090] 333 for a first authentication module: determines the script to be authenticated hash value is identical with the hash value of script information corresponding to the first transaction.

[0091] 第四处理模块334用于:若第一认证模块333判断得到待认证脚本哈希值与第一交易信息对应的脚本哈希值相同,则根据第二交易信息,得到第二交易信息对应的认证因子, 并根据第二交易信息对应的认证因子和脚本信息,得到待认证数学变换结果;根据第一交易信息,得到第一交易信息对应的数学变换结果。 [0091] The fourth module 334 for processing: a first authentication module 333 determines if the obtained script to be authenticated hash value identical to the hash value script information corresponding to the first transaction, a second transaction in accordance with the information to obtain second transaction information the authentication factor, and the factor and script information according to the authentication information corresponding to the second transaction, a mathematical transformation to obtain a result to be authenticated; transaction information in accordance with a first, a mathematical transformation to obtain a first result information corresponding to the transaction. [〇〇92] 第二认证模块335用于:判断待认证数学变换结果是否与第一交易信息对应的数学变换结果相同。 [〇〇92] second authentication module 335 for: determining a mathematical transformation to be authenticated is identical to the result of a mathematical transform result information corresponding to the first transaction. [〇〇93]结果生成模块336用于:若第一认证模块333判断得到待认证脚本哈希值不与第一交易信息对应的脚本哈希值相同,则得到第二认证结果;若第二认证模块335判断得到待认证数学变换结果与第一交易信息对应的数学变换结果相同,则得到第一认证结果;若第二认证模块335判断得到待认证数学变换结果不与第一交易信息对应的数学变换结果相同, 则得到第二认证结果。 [〇〇93] The results for generation module 336: a first authentication module 333 determines if the obtained script to be authenticated hash value is not the same as the hash value of script information corresponding to the first transaction, a second authentication result is obtained; if the second the authentication module 335 determines the results obtained with the mathematical transformation to be authenticated result of the first mathematical transformation information corresponding to the same transaction, a first authentication result is obtained; if the second authentication module 335 determines to be authenticated to obtain a mathematical transformation of the first result does not correspond to the transaction information the same mathematical transformation a result, the second authentication result is obtained. [〇〇94] 在本实施例中,区块链网络不仅验证脚本哈希值,还验证数学变换结果,从而能够更加全面、准确地进行身份认证,进而获得可靠的认证结果。 [〇〇94] In this embodiment, the block chain network not only validation script hash value, also verify mathematical transformation result, it is possible to more fully and accurately authenticate, and then get reliable authentication result.

[0095] 可选地,区块链网络330还用于将认证结果发送至应用服务器320,以便应用服务器320获知终端设备310的身份认证是否认证成功。 [0095] Alternatively, the block 330 further chain network for transmitting the authentication result to the application server 320, application server 320 to the authentication terminal device 310 to know whether the authentication succeeds. 具体地,区块链网络330可包括第三发送模块(图中未示出),第三发送模块用于将认证结果发送至应用服务器320。 Specifically, block 330 may include a third chain network transmission module (not shown), a third sending module configured to send the authentication result to the application server 320.

[0096] 根据本发明提供的基于区块链的身份认证系统,应用服务器根据脚本信息的区块链地址信息、脚本哈希值和数学变换结果,生成第一交易信息,将第一交易信息广播至区块链网络,并将第一交易信息的第一交易编号信息发送至终端设备,终端设备根据第一交易编号信息、脚本信息、认证因子和应用服务器的区块链地址信息,生成第二交易信息,并将第二交易信息广播至区块链网络,然后区块链网络根据第一交易信息和第二交易信息,对终端设备进行身份认证,得到认证结果。 [0096] According to the present invention provides the authentication system block chain, block chain in accordance with the application server address information of the scenario information, and the hash value script mathematical transformations result, generates a first transaction information, transaction information broadcast on the first block chain to the network, and transmits information of a first transaction number in a first transaction information to the terminal device, the terminal device in accordance with the address information of the first block chain transaction number information, script information, and application servers factor authentication, generating a second transaction information, transaction information and a second block chain to a broadcast network and chain network in accordance with a first block and the second trade information, transaction information, the terminal device authentication, authentication result. 根据本发明提供的技术方案,通过区块链网络保存并验证脚本哈希值和数学变换结果,从而能够安全、便捷、准确地对终端设备进行身份认证,另外,利用区块链不可篡改的特性,还增加了身份认证的可信度。 According to the present invention is provided by the network storage block chain and the hash value and the validation scripts mathematical transform results, to enable safe, convenient and accurate authentication of the terminal device, further, the use of tamper-proof characteristics of the block chain , also increased the identity of credibility. [〇〇97] 至此,本领域技术人员应认识到,虽然本文已详尽示出和描述了本发明的多个示例性实施例,但是,在不脱离本发明精神和范围的情况下,仍可根据发明公开的内容直接确定或推导出符合本发明原理的许多其他变型或修改。 [〇〇97] Thus, the skilled artisan will recognize that although in detail herein, have been shown and described, a plurality of exemplary embodiments of the present invention, however, without departing from the spirit and scope of the present invention, still determining directly or infer that numerous other variations or modifications consistent with the principles of the present invention from the disclosure disclosed. 因此,本发明的范围应该被理解和认定为覆盖了所有这些其他变型或修改。 Accordingly, the scope of the invention should be understood and recognized as covering all such other modifications or changes. [〇〇98] 本领域技术人员应当理解,本发明的实施方式可以实现为一种系统、装置、设备、 方法或计算机程序产品。 [〇〇98] Those skilled in the art will appreciate, embodiments of the present invention may be implemented as a system, apparatus, device, method or computer program product. 此外,本发明也不针对任何特定编程语言,应当明白,可以利用各种编程语言实现本发明描述的内容,并且上面对特定语言所做的描述是为了披露本发明的最佳实施方式。 Further, the present invention is not to any particular programming language, it will be appreciated that a variety of programming languages ​​may be utilized to achieve the present invention will be described, and the description of a particular language is made to the disclosure of preferred embodiments of the present invention. [〇〇99]需要注意的是,尽管在上面的说明中详细描述了基于区块链的身份认证系统中的若干模块,但是这种划分仅仅是示例性的,并非是强制性的。 [〇〇99] It is noted that, although described in detail in the above description of several modules based on the authentication system in the block chain, such partitioning is only exemplary, and not mandatory. 本领域的技术人员可以理解, 实际上,可以对实施例中的模块进行自适应性地改变,将实施例中的多个模块组合成一个模块,也可将一个模块划分成多个模块。 Those skilled in the art will be appreciated, in fact, may be made to the embodiment of adaptively changing module, the plurality of modules in the embodiment of the embodiment are combined into a module, a module may be divided into a plurality of modules.

[0100] 此外,尽管在附图中以特定顺序描述了本发明实施操作,但是,这并非要求或者暗示必须按照该特定顺序来执行这些操作,或是必须执行全部所示的操作才能实现期望的结果。 [0100] In addition, although the present invention is depicted in the drawings in a particular order of operation embodiment, however, it does not require or imply that these operations must be performed in accordance with the predetermined order, or to carry out actions in order to achieve the desired all illustrated result. 可以省略某些步骤,将多个步骤合并为一个步骤执行,或者将一个步骤分成多个步骤执行。 Some steps may be omitted, combined into a plurality of step steps, or a step into a plurality of steps.

[0101] 综上所述,应用本发明所述的基于区块链的身份认证方法和系统,通过区块链网络能够安全、便捷地对终端设备进行身份认证,另外,利用区块链不可篡改的特性,还增加了身份认证的可信度。 [0101] In summary, a method and system based on authentication of the block chain, block chains via the network to the application of the present invention is safe, easy to authenticate the terminal device, further, the use of block chains can not be tampered features, but also adds authentication credibility.

[0102] 以上对本发明的方法和具体实施方法进行了详细的介绍,并给出了相应的实施例。 [0102] for the above method of the present invention and specific embodiments of the methods described in detail, and the corresponding embodiments. 当然,除上述实施例外,本发明还可以有其它实施方式,凡采用等同替换或等效变换形成的技术方案,均落在本发明所要保护的范围之内。 Of course, in addition to the above-described embodiment exceptions, the present invention is capable of other embodiments, where the use of equivalent replacement or equivalent transformation formed technical solutions are to be protected within the scope of the present invention.

[0103] 本发明公开了: [0103] The present invention discloses:

[0104] A1、一种基于区块链的身份认证方法,其特征在于,包括: [0104] A1, an identity authentication method based on block chain, characterized by comprising:

[0105] 终端设备向应用服务器发送身份认证请求;其中,所述身份认证请求包括认证因子; [0105] the terminal device transmits authentication request to an application server; wherein the authentication request including authentication factor;

[0106] 所述应用服务器接收所述身份认证请求,根据所述身份认证请求中的认证因子,生成第一交易信息; [0106] The application server receives the authentication request, the authentication request according to the identity authentication factor to generate a first transaction information;

[0107] 所述应用服务器将所述第一交易信息广播至区块链网络; [0107] the application server of said first block chain to the transaction information broadcast network;

[0108] 所述应用服务器将第一交易信息的第一交易编号信息发送至所述终端设备; [0108] the application server of said first transaction number information of the first transaction information is transmitted to the terminal device;

[0109] 所述终端设备接收所述第一交易编号信息,根据所述第一交易编号信息和所述认证因子,生成第二交易信息,并将所述第二交易信息广播至所述区块链网络;[〇11〇] 所述区块链网络根据所述第一交易信息和所述第二交易信息,对所述终端设备进行身份认证,得到认证结果。 [0109] The terminal apparatus receives the first information is a transaction number, transaction number based on the first authentication information and the factor to generate a second transaction information and the transaction information is broadcast to the second block chain network; [〇11〇] the block chain network according to the first transaction information and the second transaction information, the terminal device authentication, authentication result.

[0111] A2、根据A1所述的基于区块链的身份认证方法,其特征在于,所述认证因子包括以下一项或多项:用户名信息、用户密码信息、设备指纹信息、动态码和行为习惯信息。 [0111] A2, according to the authentication method based on the block chain A1, wherein said authentication factor comprises one or more of the following: the user name information, user password information, fingerprint information device, dynamic code, and behavior information. [〇112] A3、根据A1所述的基于区块链的身份认证方法,其特征在于,所述应用服务器接收所述身份认证请求,根据所述身份认证请求中的认证因子,生成第一交易信息进一步包括: [〇113] 所述应用服务器接收所述身份认证请求,根据所述身份认证请求,生成脚本信息; [〇114] 所述应用服务器利用所述身份认证请求中的认证因子和所述脚本信息,得到数学变换结果; [〇112] A3, the identity authentication method based on the block chain A1, wherein said application server receives the authentication request, the authentication request according to the identity authentication factor to generate a first transaction information further comprises: [〇113] the application server receives the authentication request, according to the identity authentication request, generate script information; [〇114] the application server using the authentication factor and the authentication request said script information, a mathematical transformation to obtain a result;

[0115] 所述应用服务器利用哈希算法计算得到所述脚本信息对应的脚本哈希值; [0115] The application server using the calculated hash value for the hash algorithm script corresponding to the script information;

[0116] 所述应用服务器根据脚本信息的区块链地址信息、所述脚本哈希值和所述数学变换结果,生成第一交易信息。 [0116] The application server according to the address information of the block chain of script information, the script and the hash value of the results of the mathematical transformation to generate a first transaction information. [〇117] A4、根据A1所述的基于区块链的身份认证方法,其特征在于,在所述应用服务器将第一交易信息的第一交易编号信息发送至所述终端设备之前,所述方法还包括: [〇117] A4, according to the authentication method based on the block chain A1, wherein the first information of the first transaction number prior to transmitting the transaction information to the terminal device in the server application, the the method further comprises:

[0118] 所述应用服务器利用哈希算法对所述第一交易信息进行计算,得到所述第一交易信息的第一交易编号信息。 [0118] The application server uses a hashing algorithm to calculate the first transaction information, transaction information to obtain the first information to the first transaction number.

[0119] A5、根据A3所述的基于区块链的身份认证方法,其特征在于,所述终端设备接收所述第一交易编号信息,根据所述第一交易编号信息和所述认证因子,生成第二交易信息,并将所述第二交易信息广播至所述区块链网络进一步包括: [0119] A5, according to the authentication method based on the block chain A3, wherein said first terminal device receives the transaction number information, based on the first authentication information and the transaction number factor, generating a second transaction information, transaction information and a second block chain to the broadcast network further comprises:

[0120] 所述终端设备接收所述第一交易编号信息,根据所述第一交易编号信息,获取所述第一交易信息; [0120] The terminal device receives the first transaction number information, according to the first transaction number information, acquires the first transaction information;

[0121] 所述终端设备根据所述第一交易信息,得到所述脚本信息; [0121] The terminal apparatus according to the first transaction information, obtain the script information;

[0122] 所述终端设备根据所述第一交易编号信息、所述脚本信息、所述认证因子和应用服务器的区块链地址信息,生成第二交易信息; [0122] The terminal apparatus according to the first transaction number information, the script information, address information of the authentication block chain factor and application servers, generate a second transaction information;

[0123] 所述终端设备将所述第二交易信息广播至所述区块链网络。 [0123] the terminal device, the second transaction information to the broadcast network block chain.

[0124] A6、根据A5所述的基于区块链的身份认证方法,其特征在于,所述区块链网络根据所述第一交易信息和所述第二交易信息,对所述终端设备进行身份认证,得到认证结果进一步包括: [0124] A6, the identity authentication method based on the block chain A5, wherein said block chains transaction network according to the first information and the second transaction information, the terminal device authentication, authentication result further comprises:

[0125] 所述区块链网络根据所述第二交易信息,得到所述第二交易信息对应的脚本信息; [0125] The block chain network according to the second transaction information, script information to give the corresponding second transaction information;

[0126] 所述区块链网络利用哈希算法对所述第二交易信息对应的脚本信息进行计算,得到待认证脚本哈希值; [0126] The network uses the hash algorithm block chain of script information corresponding to said second transaction information has been calculated, the script to be authenticated hash value;

[0127] 所述区块链网络根据所述第一交易信息,得到所述第一交易信息对应的脚本哈希值; [0127] The block chain network according to the first transaction information, a hash value obtained script information corresponding to the first transaction;

[0128] 所述区块链网络判断所述待认证脚本哈希值是否与所述第一交易信息对应的脚本哈希值相同; [0128] The block chain network determines the script to be authenticated hash value is identical with the hash value of script information corresponding to the first transaction;

[0129] 若所述区块链网络判断得到所述待认证脚本哈希值与所述第一交易信息对应的脚本哈希值相同,则所述区块链网络根据所述第二交易信息,得到所述第二交易信息对应的认证因子,并根据所述第二交易信息对应的认证因子和脚本信息,得到待认证数学变换结果;所述区块链网络根据所述第一交易信息,得到所述第一交易信息对应的数学变换结果;所述区块链网络判断所述待认证数学变换结果是否与所述第一交易信息对应的数学变换结果相同;若是,则所述区块链网络得到第一认证结果;若否,则所述区块链网络得到第二认证结果;[〇13〇] 若所述区块链网络判断得到所述待认证脚本哈希值不与所述第一交易信息对应的脚本哈希值相同,则所述区块链网络得到第二认证结果。 [0129] determines if the block chain network script to be authenticated to obtain the same hash value as the script information corresponding to the hash value of the first transaction, then the block chain network information according to the second transaction, to obtain the second information corresponding to the transaction authentication factor, and the factor according to the authentication information and the script information corresponding to the second transaction, a mathematical transformation to obtain a result to be authenticated; the block chain network according to the first transaction information, to give mathematical transformation result of the information corresponding to the first transaction; the block chain determination of the network to be authenticated is identical to the mathematical transform result information corresponding to the results of a mathematical transformation to the first transaction; if yes, the block chains network to obtain a first authentication result; if not, then the block chain network to obtain a second authentication result; [〇13〇] determines if the block chain network to obtain the hash value of the script to be authenticated is not the first transaction script hash information corresponding to the same value, the second block chain network authentication result obtained.

[0131] A7、根据A1-A6任一项所述的基于区块链的身份认证方法,其特征在于,在所述区块链网络根据所述第一交易信息和所述第二交易信息,对所述终端设备进行身份认证,得到认证结果之后,所述方法还包括:[〇132] 所述区块链网络将所述认证结果发送至所述应用服务器。 [0131] A7, A1-A6 according to the authentication method based on block chain, wherein any one of, the block chains in the first network according to the transaction information and the second transaction information, the authentication terminal device, after the authentication result, the method further comprises: [〇132] the block chain network sends the authentication result to the application server.

[0133] 本发明还公开了: [0133] The present invention further discloses:

[0134] B8、一种基于区块链的身份认证系统,其特征在于,包括:终端设备、应用服务器和区块链网络;其中, [0134] B8, an identity authentication system based block chain, characterized by comprising: a terminal device, an application server and a network block chains; wherein,

[0135] 所述终端设备用于:向所述应用服务器发送身份认证请求;其中,所述身份认证请求包括认证因子; [0135] The terminal device configured to: send identity authentication request to the application server; wherein the authentication request including authentication factor;

[0136] 所述应用服务器用于:接收所述身份认证请求,根据所述身份认证请求中的认证因子,生成第一交易信息;将所述第一交易信息广播至区块链网络,并将第一交易信息的第一交易编号信息发送至所述终端设备; [0136] The application server is configured to: receive the authentication request, the authentication request according to the identity authentication factor to generate a first transaction information; the first block chain to the transaction information broadcast network, and a first transaction number information of the first transaction information is transmitted to the terminal device;

[0137] 所述终端设备进一步用于:接收所述第一交易编号信息,根据所述第一交易编号信息和所述认证因子,生成第二交易信息,并将所述第二交易信息广播至所述区块链网络; [0137] The terminal device is further configured to: receive the first transaction number information, based on the first authentication information and the transaction number factor, generating a second transaction information and the transaction information is broadcast to the second the block chain network;

[0138] 所述区块链网络用于:根据所述第一交易信息和所述第二交易信息,对所述终端设备进行身份认证,得到认证结果。 [0138] The block chain network for: based on the first transaction information and the second transaction information, the terminal device authentication, authentication result.

[0139] B9、根据B8所述的基于区块链的身份认证系统,其特征在于,所述认证因子包括以下一项或多项:用户名信息、用户密码信息、设备指纹信息、动态码和行为习惯信息。 [0139] B9, based on the identity authentication system according to the block B8 chain, wherein said authentication factor comprises one or more of the following: the user name information, user password information, fingerprint information device, dynamic code, and behavior information. [〇14〇] B10、根据B8所述的基于区块链的身份认证系统,其特征在于,所述应用服务器包括:第一接收模块、第一处理模块、第一生成模块、第一广播模块和第一发送模块; [〇14〇] BlO, based on the identity authentication system according to the block B8 chain, wherein the application server comprises: a first receiving module, a first processing module, a first generating module, a first broadcast module and a first transmitting module;

[0141] 所述第一接收模块用于:接收所述身份认证请求; [0141] The first receiving module is configured to: receive the authentication request;

[0142] 所述第一处理模块用于:根据所述身份认证请求,生成脚本信息;利用所述身份认证请求中的认证因子和所述脚本信息,得到数学变换结果;利用哈希算法计算得到所述脚本信息对应的脚本哈希值; [0142] The first processing module is configured to: according to the identity authentication request, generate script information; factor authentication using the script information and the authentication request, to obtain a mathematical transformation result; calculated using a hashing algorithm the script information corresponding to the hash value of a script;

[0143] 所述第一生成模块用于:根据脚本信息的区块链地址信息、所述脚本哈希值和所述数学变换结果,生成第一交易信息; [0143] The first generation module is configured to: according to the address information of block chain of script information, the script and the hash value of the results of the mathematical transformation to generate a first transaction information;

[0144] 所述第一广播模块用于:将所述第一交易信息广播至区块链网络; [0144] the first broadcast module configured to: broadcast information to the network of the first block chain to the transaction;

[0145] 所述第一发送模块用于:将第一交易信息的第一交易编号信息发送至所述终端设备。 [0145] The first sending module is configured: to transmit a first information of the first transaction number to the transaction information to the terminal device.

[0146] B11、根据B8所述的基于区块链的身份认证系统,其特征在于,所述应用服务器进一步用于: [0146] B11, B8 The authentication system based on the chain block, wherein the application server is further configured to:

[0147] 利用哈希算法对所述第一交易信息进行计算,得到所述第一交易信息的第一交易编号彳目息。 [0147] the first transaction information calculated using a hashing algorithm, the first transaction information to obtain a first transaction number left foot mesh information.

[0148] B12、根据B10所述的基于区块链的身份认证系统,其特征在于,所述终端设备包括:第二发送模块、第二接收模块、第二处理模块、第二生成模块和第二广播模块; [0148] B12, based on the identity authentication system according to the block chain B10, wherein the terminal device comprises: a second sending module, a second receiving module, a second processing module, and a second generation module second broadcast module;

[0149] 所述第二发送模块用于:向所述应用服务器发送所述身份认证请求;[〇15〇] 所述第二接收模块用于:接收所述第一交易编号信息;[〇151] 所述第二处理模块用于:根据所述第一交易编号信息,获取所述第一交易信息;根据所述第一交易信息,得到所述脚本信息;[〇152] 所述第二生成模块用于:根据所述第一交易编号信息、所述脚本信息、所述认证因子和应用服务器的区块链地址信息,生成第二交易信息; [0149] The second sending module is configured to: send the authentication request to the application server; [〇15〇] The second receiving module is configured to: receive the first transaction number information; [〇151 ] the second processing module is configured to: according to the first transaction number information, acquires the first transaction information; information according to the first transaction, to obtain the script information; [〇152] the second generation module is configured to: according to the first transaction number information, the script information, address information of the authentication block chain factor and application servers, generate a second transaction information;

[0153] 所述第二广播模块用于:将所述第二交易信息广播至所述区块链网络。 [0153] for the second broadcast module: the second transaction information to the broadcast network block chain.

[0154] B13、根据B12所述的基于区块链的身份认证系统,其特征在于,所述区块链网络包括:第三接收模块、第三处理模块、第一认证模块、第四处理模块、第二认证模块和结果生成丰旲块; [0154] B13, B12 according to the authentication system based on a chain block, wherein the block chain network comprising: a third receiving module, a third processing module, a first authentication module, a fourth processing module , and a second authentication result generation module abundance Dae block;

[0155] 所述第三接收模块用于:接收所述第一交易信息和所述第二交易信息;[〇156] 所述第三处理模块用于:根据所述第二交易信息,得到所述第二交易信息对应的脚本信息;利用哈希算法对所述第二交易信息对应的脚本信息进行计算,得到待认证脚本哈希值;根据所述第一交易信息,得到所述第一交易信息对应的脚本哈希值; [0155] The third receiving module is configured to: receive the first transaction information and the second transaction information; [〇156] the third processing module is configured to: according to the second transaction information, obtain scenario information corresponding to said second transaction information; using a hash algorithm calculates the scenario information corresponding to the second transaction information, the script to be authenticated to obtain a hash value; a first transaction based on said information, said first transaction to give script information corresponding hash value;

[0157] 所述第一认证模块用于:判断所述待认证脚本哈希值是否与所述第一交易信息对应的脚本哈希值相同;[〇158] 所述第四处理模块用于:若所述第一认证模块判断得到所述待认证脚本哈希值与所述第一交易信息对应的脚本哈希值相同,则根据所述第二交易信息,得到所述第二交易信息对应的认证因子,并根据所述第二交易信息对应的认证因子和脚本信息,得到待认证数学变换结果;根据所述第一交易信息,得到所述第一交易信息对应的数学变换结果;[〇159] 所述第二认证模块用于:判断所述待认证数学变换结果是否与所述第一交易信息对应的数学变换结果相同;[〇16〇] 所述结果生成模块用于:若所述第一认证模块判断得到所述待认证脚本哈希值不与所述第一交易信息对应的脚本哈希值相同,则得到第二认证结果;若所述第二认证模块判断得到所述待认 [0157] The first authentication module is configured to: determine whether the script to be authenticated hash value is identical with the hash value of script information corresponding to the first transaction; [〇158] The fourth processing module is configured to: determining if the first authentication module to obtain the hash value to be authenticated script script information corresponding to the hash value identical to the first transaction, the transaction information according to the second, to obtain the corresponding second transaction information factor authentication, and the authentication information of the second factor and the script information corresponding to the transaction, to obtain a mathematical transformation result to be authenticated; information based on the first transaction, to obtain a mathematical transformation of the result information corresponding to the first transaction; [〇159 ] the second authentication module is configured to: determine whether the result of a mathematical transformation to be authenticated is identical to the result of a mathematical transformation information corresponding to said first transaction; [〇16〇] the result generating module configured to: if the first an authentication module determines that the obtained script to be authenticated hash value is not the same as the hash value of script information corresponding to the first transaction, a second authentication result is obtained; and if the second module determines authentication to be recognized to give the 数学变换结果与所述第一交易信息对应的数学变换结果相同,则得到第一认证结果;若所述第二认证模块判断得到所述待认证数学变换结果不与所述第一交易信息对应的数学变换结果相同,则得到第二认证结果。 Results with the mathematical transformation of the first mathematical transformation result information corresponding to the same transaction, a first authentication result is obtained; and if the second module determines authentication to be authenticated to obtain a mathematical transformation of said first result does not correspond to the transaction information the same mathematical transformation a result, the second authentication result is obtained.

[0161] B14、根据B8-B13任一项所述的基于区块链的身份认证系统,其特征在于,所述区块链网络进一步用于: [0161] B14, according to the authentication system based on the block B8-B13 chain of any one of, wherein said block chains network further configured to:

[0162] 将所述认证结果发送至所述应用服务器。 [0162] The authentication result to the application server.

Claims (10)

1.一种基于区块链的身份认证方法,其特征在于,包括:终端设备向应用服务器发送身份认证请求;其中,所述身份认证请求包括认证因子; 所述应用服务器接收所述身份认证请求,根据所述身份认证请求中的认证因子,生成第一交易信息;所述应用服务器将所述第一交易信息广播至区块链网络;所述应用服务器将第一交易信息的第一交易编号信息发送至所述终端设备;所述终端设备接收所述第一交易编号信息,根据所述第一交易编号信息和所述认证因子,生成第二交易信息,并将所述第二交易信息广播至所述区块链网络;所述区块链网络根据所述第一交易信息和所述第二交易信息,对所述终端设备进行身份认证,得到认证结果。 An authentication method based on block chain, characterized by comprising: a terminal device transmits authentication request to an application server; wherein the authentication request including authentication factor; the application server receives the authentication request the identity authentication request to the authentication factor to generate a first transaction information; the first application server, the transaction information to the broadcast network block chains; the first application server transaction number of the first transaction information information to the terminal device; the terminal device receives the information of the first transaction number, transaction number based on the first authentication information and the factor to generate a second transaction information, transaction information and the second broadcast block chain to the network; the block chain network according to the first transaction information and the second transaction information, the terminal device authentication, authentication result.
2.根据权利要求1所述的基于区块链的身份认证方法,其特征在于,所述认证因子包括以下一项或多项:用户名信息、用户密码信息、设备指纹信息、动态码和行为习惯信息。 2. The method according to claim authentication based block chain, wherein 1, the authentication factor comprises one or more of the following: the user name information, user password information, fingerprint information device, and the dynamic behavior of the code habit information.
3.根据权利要求1所述的基于区块链的身份认证方法,其特征在于,所述应用服务器接收所述身份认证请求,根据所述身份认证请求中的认证因子,生成第一交易信息进一步包括:所述应用服务器接收所述身份认证请求,根据所述身份认证请求,生成脚本信息; 所述应用服务器利用所述身份认证请求中的认证因子和所述脚本信息,得到数学变换结果;所述应用服务器利用哈希算法计算得到所述脚本信息对应的脚本哈希值;所述应用服务器根据脚本信息的区块链地址信息、所述脚本哈希值和所述数学变换结果,生成第一交易信息。 3. The method of authentication based block chain, characterized according to claim 1, the application server receives the authentication request, the authentication request according to the identity authentication factor to generate a first transaction information further comprising: the application server receives the authentication request, according to the identity authentication request, generate script information; an authentication factor and the script information using the identity of the application server authentication request, to obtain a mathematical transformation result; as said application server using a hash calculation algorithm to obtain a hash value script corresponding to the script information; an application server according to the address information of the block chain of script information, the script and the hash value of the results of the mathematical transformation to generate a first Trading Information.
4.根据权利要求1所述的基于区块链的身份认证方法,其特征在于,在所述应用服务器将第一交易信息的第一交易编号信息发送至所述终端设备之前,所述方法还包括:所述应用服务器利用哈希算法对所述第一交易信息进行计算,得到所述第一交易信息的第一交易编号信息。 4. The authentication method based on block chain, wherein one of the preceding claims, the first transaction of the first transaction information terminal ID information to the device prior to the application server, the method further comprising: said application server uses a hashing algorithm to calculate the first transaction information, a first transaction number to obtain information of the first transaction information.
5.根据权利要求3所述的基于区块链的身份认证方法,其特征在于,所述终端设备接收所述第一交易编号信息,根据所述第一交易编号信息和所述认证因子,生成第二交易信息, 并将所述第二交易信息广播至所述区块链网络进一步包括:所述终端设备接收所述第一交易编号信息,根据所述第一交易编号信息,获取所述第一交易信息;所述终端设备根据所述第一交易信息,得到所述脚本信息;所述终端设备根据所述第一交易编号信息、所述脚本信息、所述认证因子和应用服务器的区块链地址信息,生成第二交易信息;所述终端设备将所述第二交易信息广播至所述区块链网络。 The authentication method based on block chain, characterized according to claim 3, said terminal apparatus receives the first information is a transaction number, transaction number based on the first authentication information and the factor to generate a second transaction information, transaction information and a second block chain to the broadcast network further comprises: receiving the said first transaction number information terminal apparatus according to the first transaction number information, acquires the first a transaction information; the terminal device according to the first transaction information, obtain the script information; said information terminal device according to the first transaction number, the script information, the application server and the authentication factor block address information of the chain, generating a second transaction information; the terminal device, the second transaction information to the broadcast network block chain.
6.根据权利要求5所述的基于区块链的身份认证方法,其特征在于,所述区块链网络根据所述第一交易信息和所述第二交易信息,对所述终端设备进行身份认证,得到认证结果进一步包括:所述区块链网络根据所述第二交易信息,得到所述第二交易信息对应的脚本信息; 所述区块链网络利用哈希算法对所述第二交易信息对应的脚本信息进行计算,得到待认证脚本哈希值;所述区块链网络根据所述第一交易信息,得到所述第一交易信息对应的脚本哈希值;所述区块链网络判断所述待认证脚本哈希值是否与所述第一交易信息对应的脚本哈希值相同;若所述区块链网络判断得到所述待认证脚本哈希值与所述第一交易信息对应的脚本哈希值相同,则所述区块链网络根据所述第二交易信息,得到所述第二交易信息对应的认证因子,并根据所述第二交易信息对应 6. The authentication method based on block chain, characterized according to claim 5, said first block chain network according to the transaction information and the second transaction information, the identity of the terminal device authentication, authentication result further comprising: a block chain network according to the second transaction information, script information to give the corresponding second transaction information; the block chain network using a hashing algorithm to the second transaction corresponding to the script information has been calculated, the script to be authenticated hash value; said first block chain network according to the transaction information, a hash value obtained script information corresponding to the first transaction; the block chain network Analyzing the script to be authenticated hash value is identical with the hash value of script information corresponding to the first transaction; if the network is determined to obtain the block chain script to be authenticated hash value corresponding to the first transaction information script same hash value, the second block chain network according to the transaction information, transaction information corresponding to obtain the second authentication factor, and the corresponding information according to the second transaction 认证因子和脚本信息,得到待认证数学变换结果; 所述区块链网络根据所述第一交易信息,得到所述第一交易信息对应的数学变换结果;所述区块链网络判断所述待认证数学变换结果是否与所述第一交易信息对应的数学变换结果相同;若是,则所述区块链网络得到第一认证结果;若否,则所述区块链网络得到第二认证结果;若所述区块链网络判断得到所述待认证脚本哈希值不与所述第一交易信息对应的脚本哈希值相同,则所述区块链网络得到第二认证结果。 Factor authentication and script information, to obtain a mathematical transformation result to be authenticated; the block chain network according to the first transaction information, the result of a mathematical transformation to obtain information corresponding to the first transaction; the block chain of the network to be determined whether the authentication result of the same mathematical transformation result and the mathematical transformation corresponding first transaction information; if yes, the block chains to give a first network authentication result; if not, then the block chain network to obtain a second authentication result; determining if the block chain network script to be authenticated to obtain the hash value does not script information corresponding to the hash value identical to the first transaction, then the second block chain network authentication result obtained.
7.根据权利要求1-6任一项所述的基于区块链的身份认证方法,其特征在于,在所述区块链网络根据所述第一交易信息和所述第二交易信息,对所述终端设备进行身份认证,得到认证结果之后,所述方法还包括:所述区块链网络将所述认证结果发送至所述应用服务器。 According to any one of claims 1-6 authentication method based on block chain, wherein said one of said first block chain network according to the second transaction information and the transaction information, for after the authentication terminal device, authentication result, the method further comprising: said block chain network transmits the authentication result to the application server.
8.—种基于区块链的身份认证系统,其特征在于,包括:终端设备、应用服务器和区块链网络;其中,所述终端设备用于:向所述应用服务器发送身份认证请求;其中,所述身份认证请求包括认证因子;所述应用服务器用于:接收所述身份认证请求,根据所述身份认证请求中的认证因子, 生成第一交易信息;将所述第一交易信息广播至区块链网络,并将第一交易信息的第一交易编号信息发送至所述终端设备;所述终端设备进一步用于:接收所述第一交易编号信息,根据所述第一交易编号信息和所述认证因子,生成第二交易信息,并将所述第二交易信息广播至所述区块链网络;所述区块链网络用于:根据所述第一交易信息和所述第二交易信息,对所述终端设备进行身份认证,得到认证结果。 8.- species identity authentication system based block chain, characterized by comprising: a terminal device, an application server and a network block chains; wherein said terminal device configured to: send identity authentication request to the application server; wherein , the authentication request including authentication factor; the application server is configured to: receive the authentication request, the authentication request according to the identity authentication factor to generate a first transaction information; the broadcast information to the first transaction block chain network, the first transaction number information and transmits transaction information to said first terminal device; the terminal device is further configured to: receive the first transaction number information, according to the first transaction number information and the factor authentication, generates a second transaction information, transaction information and a second block chain to the broadcast network; for the block chain network: according to the first transaction and the second transaction information information, the authentication terminal device, authentication result.
9.根据权利要求8所述的基于区块链的身份认证系统,其特征在于,所述认证因子包括以下一项或多项:用户名信息、用户密码信息、设备指纹信息、动态码和行为习惯信息。 9. The authentication system based on said block chain of claim 8, wherein said authentication factor comprises one or more of the following: the user name information, user password information, fingerprint information device, and the dynamic behavior of the code habit information.
10.根据权利要求8所述的基于区块链的身份认证系统,其特征在于,所述应用服务器包括:第一接收模块、第一处理模块、第一生成模块、第一广播模块和第一发送模块;所述第一接收模块用于:接收所述身份认证请求;所述第一处理模块用于:根据所述身份认证请求,生成脚本信息;利用所述身份认证请求中的认证因子和所述脚本信息,得到数学变换结果;利用哈希算法计算得到所述脚本信息对应的脚本哈希值;所述第一生成模块用于:根据脚本信息的区块链地址信息、所述脚本哈希值和所述数学变换结果,生成第一交易信息;所述第一广播模块用于:将所述第一交易信息广播至区块链网络;所述第一发送模块用于:将第一交易信息的第一交易编号信息发送至所述终端设备。 10. The authentication system based on the chain block according to claim 8, characterized in that said application server comprises: a first receiving module, a first processing module, a first generating module, a first broadcast module and the first transmitting module; the first receiving module configured to: receive the identity authentication request; the first processing module configured to: according to the identity authentication request, generate script information; using the authentication request and the authentication factor the script information, the mathematical transformation results; hashing algorithm using a hash value obtained script corresponding to the script information; the first generating module is configured to: according to the address information of block chain of script information, the script ha Greek value and the result of the mathematical transformation to generate a first transaction information; for the first broadcast module: said first block chain to the transaction information broadcast network; the first sending module configured to: a first a first transaction number information of the transaction information is transmitted to the terminal device.
CN201611094966.1A 2016-12-02 2016-12-02 Identity authentication method and system based on block chain CN106534160A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611094966.1A CN106534160A (en) 2016-12-02 2016-12-02 Identity authentication method and system based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611094966.1A CN106534160A (en) 2016-12-02 2016-12-02 Identity authentication method and system based on block chain

Publications (1)

Publication Number Publication Date
CN106534160A true CN106534160A (en) 2017-03-22

Family

ID=58354688

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611094966.1A CN106534160A (en) 2016-12-02 2016-12-02 Identity authentication method and system based on block chain

Country Status (1)

Country Link
CN (1) CN106534160A (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107147652A (en) * 2017-05-18 2017-09-08 电子科技大学 Security fusion authentication method based on block chain of polymorphic user identity
CN107181765A (en) * 2017-07-25 2017-09-19 光载无限(北京)科技有限公司 Block chain technology-based network digital identity authentication method
CN107332826A (en) * 2017-06-09 2017-11-07 中国联合网络通信集团有限公司 Communication method and device for blockchain agent node
CN107454110A (en) * 2017-09-26 2017-12-08 武汉斗鱼网络科技有限公司 Data verification method and server
CN107465698A (en) * 2017-09-26 2017-12-12 武汉斗鱼网络科技有限公司 Data verification method and server
CN107493162A (en) * 2017-07-25 2017-12-19 中国联合网络通信集团有限公司 Method and apparatus for realizing block chain node
CN107528855A (en) * 2017-09-26 2017-12-29 武汉斗鱼网络科技有限公司 Data checking method and server
CN107623865A (en) * 2017-09-26 2018-01-23 武汉斗鱼网络科技有限公司 Data check method and server
CN107679149A (en) * 2017-09-26 2018-02-09 武汉斗鱼网络科技有限公司 Data processing method and server
CN107682328A (en) * 2017-09-26 2018-02-09 武汉斗鱼网络科技有限公司 Data verification method and client
CN108540553A (en) * 2018-04-08 2018-09-14 中国联合网络通信集团有限公司 Internet of things data management method, platform and device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150244690A1 (en) * 2012-11-09 2015-08-27 Ent Technologies, Inc. Generalized entity network translation (gent)
CN105701372A (en) * 2015-12-18 2016-06-22 布比(北京)网络技术有限公司 Block chain identity construction and verification method
CN105959307A (en) * 2016-06-30 2016-09-21 中国科学院计算技术研究所 Existence certification and authentication service method and system based on block chain technology
CN105975868A (en) * 2016-04-29 2016-09-28 杭州云象网络技术有限公司 Block chain-based evidence preservation method and apparatus
CN105976232A (en) * 2016-06-24 2016-09-28 深圳前海微众银行股份有限公司 Asset transaction method and device
CN106100847A (en) * 2016-06-14 2016-11-09 惠众商务顾问(北京)有限公司 Asymmetric encryption block chain identity information authentication method and device
CN106096444A (en) * 2016-06-12 2016-11-09 杨鹏 Identity recognizing and social information recording method and system based on biological information
WO2016179334A1 (en) * 2015-05-05 2016-11-10 ShoCard, Inc. Identity management service using a block chain

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150244690A1 (en) * 2012-11-09 2015-08-27 Ent Technologies, Inc. Generalized entity network translation (gent)
WO2016179334A1 (en) * 2015-05-05 2016-11-10 ShoCard, Inc. Identity management service using a block chain
CN105701372A (en) * 2015-12-18 2016-06-22 布比(北京)网络技术有限公司 Block chain identity construction and verification method
CN105975868A (en) * 2016-04-29 2016-09-28 杭州云象网络技术有限公司 Block chain-based evidence preservation method and apparatus
CN106096444A (en) * 2016-06-12 2016-11-09 杨鹏 Identity recognizing and social information recording method and system based on biological information
CN106100847A (en) * 2016-06-14 2016-11-09 惠众商务顾问(北京)有限公司 Asymmetric encryption block chain identity information authentication method and device
CN105976232A (en) * 2016-06-24 2016-09-28 深圳前海微众银行股份有限公司 Asset transaction method and device
CN105959307A (en) * 2016-06-30 2016-09-21 中国科学院计算技术研究所 Existence certification and authentication service method and system based on block chain technology

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107147652A (en) * 2017-05-18 2017-09-08 电子科技大学 Security fusion authentication method based on block chain of polymorphic user identity
CN107332826A (en) * 2017-06-09 2017-11-07 中国联合网络通信集团有限公司 Communication method and device for blockchain agent node
CN107181765A (en) * 2017-07-25 2017-09-19 光载无限(北京)科技有限公司 Block chain technology-based network digital identity authentication method
CN107493162A (en) * 2017-07-25 2017-12-19 中国联合网络通信集团有限公司 Method and apparatus for realizing block chain node
CN107454110A (en) * 2017-09-26 2017-12-08 武汉斗鱼网络科技有限公司 Data verification method and server
CN107465698A (en) * 2017-09-26 2017-12-12 武汉斗鱼网络科技有限公司 Data verification method and server
CN107528855A (en) * 2017-09-26 2017-12-29 武汉斗鱼网络科技有限公司 Data checking method and server
CN107623865A (en) * 2017-09-26 2018-01-23 武汉斗鱼网络科技有限公司 Data check method and server
CN107679149A (en) * 2017-09-26 2018-02-09 武汉斗鱼网络科技有限公司 Data processing method and server
CN107682328A (en) * 2017-09-26 2018-02-09 武汉斗鱼网络科技有限公司 Data verification method and client
CN108540553A (en) * 2018-04-08 2018-09-14 中国联合网络通信集团有限公司 Internet of things data management method, platform and device

Similar Documents

Publication Publication Date Title
US8532620B2 (en) Trusted mobile device based security
CN104662864B (en) Using a convenient user authentication method and apparatus of a mobile authentication application
CN103460195B (en) System and method for security software updates
US20070083750A1 (en) Device authentication system
US8689290B2 (en) System and method for securing a credential via user and server verification
EP1701283B1 (en) Method and System for Asymmetric Key Security
US9106426B2 (en) Username based authentication and key generation
US8613067B2 (en) Single sign on with multiple authentication factors
KR100843081B1 (en) System and method for providing security
US9565180B2 (en) Exchange of digital certificates in a client-proxy-server network configuration
CN101421968A (en) Authentication system for networked computer applications
US20100217975A1 (en) Method and system for secure online transactions with message-level validation
US10083291B2 (en) Automating internet of things security provisioning
CN104065653B (en) An interactive authentication method, apparatus, systems, and associated equipment
US8156333B2 (en) Username based authentication security
JP2014523192A (en) Security by encryption using a fuzzy authentication information in a communication device and a server
CN101465735A (en) Network user identification verification method, server and client terminal
CN101048720A (en) Proof of execution using random function
CN100383694C (en) Maintaining privacy for transactions performable by a user device having a security module
CN101043338A (en) Safety requirement based remote proving method and system thereof
JP2012516643A (en) Verification of software applications
CN102624740B (en) A data interaction method and the client, server
CN101170407B (en) A method for securely generating secret key pair and transmitting public key or certificate application file
US9887983B2 (en) Apparatus and method for implementing composite authenticators
CN103763631B (en) Authentication method, a server and a TV

Legal Events

Date Code Title Description
C06 Publication
SE01