CN106850200B - A kind of safety method, system and the terminal of digital cash of the use based on block chain - Google Patents
A kind of safety method, system and the terminal of digital cash of the use based on block chain Download PDFInfo
- Publication number
- CN106850200B CN106850200B CN201710056081.0A CN201710056081A CN106850200B CN 106850200 B CN106850200 B CN 106850200B CN 201710056081 A CN201710056081 A CN 201710056081A CN 106850200 B CN106850200 B CN 106850200B
- Authority
- CN
- China
- Prior art keywords
- digital cash
- digital
- block chain
- credible
- environment
- Prior art date
Links
- 230000000875 corresponding Effects 0.000 claims abstract description 17
- 238000009434 installation Methods 0.000 claims description 9
- 230000005540 biological transmission Effects 0.000 claims description 8
- 238000004364 calculation methods Methods 0.000 claims description 4
- 230000001360 synchronised Effects 0.000 claims description 4
- 238000000034 methods Methods 0.000 description 26
- 239000010410 layers Substances 0.000 description 9
- 238000010586 diagrams Methods 0.000 description 5
- 280000055273 Business Bank companies 0.000 description 4
- 238000005516 engineering processes Methods 0.000 description 4
- 239000000203 mixtures Substances 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000006011 modification reactions Methods 0.000 description 2
- 280000342017 Or Technology companies 0.000 description 1
- 230000023298 conjugation with cellular fusion Effects 0.000 description 1
- 230000001419 dependent Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000013011 mating Effects 0.000 description 1
- 230000000750 progressive Effects 0.000 description 1
- 238000001629 sign test Methods 0.000 description 1
- 229910052709 silver Inorganic materials 0.000 description 1
- 239000004332 silver Substances 0.000 description 1
- 230000021037 unidirectional conjugation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0877—Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
Abstract
Description
Technical field
The present invention relates to communication technique field, in particular to the secure side of a kind of digital cash of the use based on block chain Method, system and terminal.
Background technique
In current bit coin system, bit coin address is the public key in a set of unsymmetrical key, this passes through key Oval algorithm generates.The address of user account and private key are all stored in bit coin wallet (i.e. digital cash wallet) file, private Key carries out encryption and decryption operation by bit coin client software.It is all base currently based on the digital cash wallet technology of block chain technology In bit coin, it can sort out are as follows: webpage wallet, multi-signature wallet, desktop wallet, mobile terminal wallet.
Decentralization and anonymity due to entire bit coin system, digital cash wallet are once lost, digital cash money The bit coin that all addresses save in packet is possible to be stolen.Bit coin is once stolen, and cannot be retrieved.Therefore, it needs Guarantee the safety of digital cash wallet.And existing digital cash wallet solution is all that online backup private key forms backup Digital cash wallet, although take many safety measures ensure using and data safety, numerous attack cases and System vulnerability shows the safety that still cannot be guaranteed digital cash in digital cash wallet in this way.Therefore, how to guarantee based on block The safety of the digital cash of chain is those skilled in the art's technical issues that need to address.
Summary of the invention
Safety method, system and the terminal of a kind of digital cash the object of the present invention is to provide use based on block chain, The safety of block chain digital cash wallet is improved by safety chip, credible performing environment.
In order to solve the above technical problems, the present invention provides a kind of safety method of digital cash of the use based on block chain, The safety method includes:
Digital cash client sends the request of application digital certificate to block chain, makes the block chain according to the request It carries out user identity and requests verification and returns to corresponding customer information to the digital cash client after being verified;
The digital cash client sends number to safety chip according to the customer information, by credible performing environment Certificate request;
The safety chip generates key pair and digital cash wallet address according to the customer information, and by described Credible performing environment exports digital cash wallet address to the digital cash client;
The digital cash client sends digital cash wallet address to the block chain, makes the block chain root Digital certificate is obtained from authentication center according to digital cash wallet address;
After the digital cash client receives the digital certificate that the block chain is sent, pass through the credible execution Environment sends digital certificate mount request to the safety chip;
The safety chip installs digital certificate according to the digital certificate mount request.
Optionally, the safety chip generates key pair and digital cash wallet address, packet according to the customer information It includes:
The safety chip generates private key according to the customer information, and generates public key using the private key;
The public key is handled using hash algorithm to obtain public key Hash, and number is generated according to the public key Hash Currency wallet address.
Optionally, after installation digital certificate, further includes:
Sender's digital cash client is calculated transaction data original text using predetermined Hash under the credible performing environment Summary info is calculated in method, and sender's private key is obtained from the safety chip;
Described sender digital cash client is under the credible performing environment by the summary info and the hair The side's of sending private key generates digital signature using Encryption Algorithm, and sends the digital signature and the transaction data original text to In the block chain.
Optionally, when recipient's digital cash client obtains the digital signature and the friendship from the block chain After easy data original text, further includes:
Recipient's digital cash client utilizes the transaction data original text under the credible performing environment described pre- Determine hash algorithm and the first summary info is calculated;
Recipient's digital cash client, according to sender's public key, is calculated under the credible performing environment using decryption Method is decrypted the digital signature to obtain the second summary info;
It trades when first summary info is consistent with second summary info.
Optionally, when sender's digital cash client or recipient's digital cash client are under off-line state, Further include:
Described sender digital cash client carried out under the credible performing environment transaction data certification and Transaction application is sent to recipient's digital cash client after data check;
After recipient's digital cash client receives under the credible performing environment and verifies the transaction application Confirmation message is returned to described sender digital cash client, and updates transaction record;
Described sender digital cash client updates transaction record under the credible performing environment;
Described sender digital cash client and recipient's digital cash client meet condition in network state When to the block chain synchronize the transaction record, so that the block chain is synchronized the transaction with corresponding third-party server and remember Record.
Optionally, the acquisition modes of the digital cash client include:
It obtains the preset digital cash client executable in the safety chip and is installed, or pass through Download online digital cash client executable is simultaneously installed.
A kind of security system of digital cash the present invention also provides use based on block chain, comprising:
Digital cash client makes the block chain according to institute for sending the request of application digital certificate to block chain Request is stated to carry out user identity and requests verification and return to corresponding client to the digital cash client after being verified Information;According to the customer information, applying digital certificate is sent to safety chip by credible performing environment;To the block chain Digital cash wallet address is sent, the block chain is made to obtain number from authentication center according to digital cash wallet address Word certificate;After receiving the digital certificate that the block chain is sent, by the credible performing environment to the safety chip Send digital certificate mount request;
The safety chip module, for generating key pair and digital cash wallet address according to the customer information, And digital cash wallet address is exported to the digital cash client by the credible performing environment;According to the number Word certificate mount request installs digital certificate;
The credible performing environment module, for providing credible performing environment.
Optionally, the digital cash client further include:
Transaction transmission unit, based on by transaction data original text using predetermined Hash algorithm under the credible performing environment Calculation obtains summary info, and sender's private key is obtained from the safety chip;By the summary info and described sender Private key generates digital signature using Encryption Algorithm, and sends the digital signature and the transaction data original text to described In block chain;
Transaction acceptance unit, for the transaction data original text to be utilized the predetermined Kazakhstan under the credible performing environment The first summary info is calculated in uncommon algorithm;According to sender's public key, the digital signature is decrypted using decipherment algorithm Obtain the second summary info;It trades when first summary info is consistent with second summary info.
Optionally, the digital cash client further include:
Off-line trading transmission unit, for carrying out transaction data certification and data under the credible performing environment Transaction application is sent to recipient's digital cash client after verification;And recipient's digital cash client it is described can After being received under letter performing environment and verifying the transaction application, receives recipient's digital cash client and return to confirmation letter Breath, and update transaction record;
Off-line trading synchronization unit, for when digital cash client when network state meets condition to the block chain The transaction record is synchronized, the block chain is made to synchronize the transaction record with corresponding third-party server.
The present invention also provides a kind of terminals, comprising:
Digital cash client end processor makes the block chain for sending the request of application digital certificate to block chain It carries out user identity and requests verification and returns after being verified to the digital cash client to correspond to according to the request Customer information;According to the customer information, applying digital certificate is sent to safety chip by credible performing environment;To described Block chain sends digital cash wallet address, makes the block chain according to digital cash wallet address from authentication center Obtain digital certificate;After receiving the digital certificate that the block chain is sent, by the credible performing environment to the peace Full chip sends digital certificate mount request;
The safety chip for generating key pair and digital cash wallet address according to the customer information, and leads to It crosses the credible performing environment and exports digital cash wallet address to the digital cash client;According to the number card Book mount request installs digital certificate;
Credible performing environment processor, is used to provide the described credible performing environment.
The safety method of digital cash of the use provided by the present invention based on block chain, the safety method include: number Word currency client sends the request of application digital certificate to block chain, and the block chain is made to carry out user's body according to the request Part and requests verification simultaneously return to corresponding customer information to the digital cash client after being verified;The digital cash Client sends applying digital certificate to safety chip according to the customer information, by credible performing environment;The safe core Piece generates key pair and digital cash wallet address according to the customer information, and by the credible performing environment to described Digital cash client exports digital cash wallet address;The digital cash client is to described in block chain transmission Digital cash wallet address makes the block chain obtain digital certificate from authentication center according to digital cash wallet address; After the digital cash client receives the digital certificate that the block chain is sent, by the credible performing environment to institute It states safety chip and sends digital certificate mount request;The safety chip installs number card according to the digital certificate mount request Book;
As it can be seen that it is provided simultaneously with the safe encryption function of software since safety chip had both had hardware tamper-resistance properties, it is credible to hold Row environment has certain hardware protection ability;Therefore the safety method improves block by safety chip, credible performing environment The safety of chain digital cash wallet.Software and reliable hardware platform are combined, provide complete peace for digital cash wallet All risk insurance barrier.The security system and terminal of a kind of digital cash the present invention also provides use based on block chain have above-mentioned beneficial Effect, details are not described herein.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis The attached drawing of offer obtains other attached drawings.
Fig. 1 is provided by the embodiment of the present invention using the flow chart of the safety method of the digital cash based on block chain;
Fig. 2 is the process schematic of digital cash client initialization provided by the embodiment of the present invention;
Fig. 3 is the mapping relations schematic diagram of private key and digital cash wallet address provided by the embodiment of the present invention;
Fig. 4 is the process schematic that the transaction of digital cash client provided by the embodiment of the present invention uses;
Fig. 5 is the process schematic that digital cash client off-line provided by the embodiment of the present invention uses;
Fig. 6 is that digital cash client provided by the embodiment of the present invention integrally uses schematic diagram;
Fig. 7 is provided by the embodiment of the present invention using the structural frames of the security system of the digital cash based on block chain Figure;
Fig. 8 is a kind of structural block diagram of terminal provided by the embodiment of the present invention.
Specific embodiment
Core of the invention is to provide safety method, system and the terminal of a kind of digital cash of the use based on block chain, The safety of block chain digital cash wallet is improved by safety chip, credible performing environment.
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
The specific implementation of the present embodiment includes three layers: the bottom is one and had both had hardware tamper-resistance properties, is provided simultaneously with soft The safety chip of part encrypted safely, (such as SE);Middle layer, credible performing environment (such as TEE) have certain hardware package Shield ability, while in comparison this rank of bottom safe unit, do not have hardware it is anti-can tamper, be one more inexpensive Security architecture.Top layer is open operating system layer, only software protection ability, the rank of safeguard protection be it is minimum, It is also the digital cash client place layer after downloading installation.The present embodiment may be implemented to improve block chain number in this structure The safety of currency wallet.Specifically referring to FIG. 1, Fig. 1 is to use the number based on block chain provided by the embodiment of the present invention The flow chart of the safety method of currency;The safety method may include:
S100, digital cash client to block chain send application digital certificate request, make block chain according to request into Row user identity and requests verification simultaneously return to corresponding customer information to digital cash client after being verified;
S110, digital cash client send number card to safety chip by credible performing environment according to customer information Book application;
S120, safety chip generate key pair and digital cash wallet address according to customer information, and are held by credible Row environment exports digital cash wallet address to digital cash client;
S130, digital cash client send digital cash wallet address to block chain, make block chain according to digital cash Wallet address obtains digital certificate from authentication center;
After S140, digital cash client receive the digital certificate that block chain is sent, by credible performing environment to safety Chip sends digital certificate mount request;
S150, safety chip install digital certificate according to digital certificate mount request.
Wherein, digital cash wallet here can be understood as digital cash client, when user carries out the transaction of bit coin It is be unable to do without digital cash client, therefore first has to download and install digital cash client when using digital cash.This reality The concrete mode that example does not limit downloading installation digital cash client is applied, adaptability choosing can be carried out according to different terminals It selects, to improve the adaptability of digital cash client.Preferably, the acquisition modes of digital cash client may include: to obtain It preset digital cash client executable and is installed in safety chip, or passes through download online digital cash client End executable program is simultaneously installed.I.e. digital wallet application can it is preset in safety chip (such as SE) and also by The installation of line downloading mode.
Specifically, the purse initialised process of digital cash may be implemented in the present embodiment S100 to S150, the digital cash money Its digital cash client is initialized only in top layer's open operating system layer compared to the prior art for the initialization of packet It completes compared to safer.Data exchange process is complete under credible performing environment in the terminal for initialization procedure in the present embodiment At.And the digital certificate installation and the generation of key pair used about digital cash is in the very high safety chip of safety It completes.Its most important function is respectively played for three layers i.e. in the initialization procedure of entire digital cash wallet, jointly to number Currency client is protected.So as to fundamentally prevent outside world, and then improve block chain digital cash wallet Safety.
The above process can be illustrated by Fig. 2 below: safety chip is SE in Fig. 2, and control process is pacified by SE It is served by realization entirely, the digital cash client in Fig. 2 is located in mobile terminal.
When initialization, the request of application digital certificate is submitted to block chain by digital cash client from user first, Block chain business bank's node carries out the authentication and requests verification of client, is generating key pair simultaneously by SE security service application Export digital cash wallet address (wallet address can also be referred to as) out;Digital cash client is passed through to commercial silver from user The digital wallet address is transmitted on row node, business bank issues digital certificate, in this process, SE according to wallet address The generation of the responsible key of safety and the installation of certificate.
Further for the safety for improving digital cash wallet address.Digital cash wallet address is public in the present embodiment Key can not inverse mapping.I.e. optional, safety chip generates key pair according to customer information and digital cash wallet address can To include:
Safety chip generates private key according to customer information, and generates public key using private key;
Public key is handled using hash algorithm to obtain public key Hash, and digital cash wallet is generated according to public key Hash Address.
Specifically, referring to FIG. 3, may map to public key Hash by digital cash money address, that is, wallet address, but by Public key Hash can not map acquisition public key, and can not be mapped to obtain private key by public key.Such setting can be protected further It protects smuggling the safety of key.To improve the safety of digital cash.
Based on the above-mentioned technical proposal, the secure side of digital cash of the use provided in an embodiment of the present invention based on block chain Method was provided simultaneously with the safe encryption function of software since safety chip has both had hardware tamper-resistance properties, and credible performing environment has Certain hardware protection ability;Therefore the safety method improves block chain digital cash by safety chip, credible performing environment The safety of wallet.Software and reliable hardware platform are combined, provide complete safety guarantee for digital cash wallet.
Based on the above embodiment, after digital certificate successfully is installed, that is, the initialization of digital cash client is completed Later, digital cash wallet use process, that is, process of exchange (such as may include how generate digital signature and sign test etc. Process), which can also include:
Transaction data original text is utilized predetermined Hash algorithm meter under credible performing environment by sender's digital cash client Calculation obtains summary info, and sender's private key is obtained from safety chip;
Sender's digital cash client, by summary info and sender's private key, utilizes encryption under credible performing environment Algorithm generates digital signature, and sends digital signature and transaction data original text in block chain.
After recipient's digital cash client obtains digital signature and transaction data original text from block chain, also wrap It includes:
Transaction data original text is utilized predetermined Hash algorithm meter under credible performing environment by recipient's digital cash client Calculation obtains the first summary info;
Recipient's digital cash client under credible performing environment according to sender's public key, using decipherment algorithm to number Signature is decrypted to obtain the second summary info;
It trades when the first summary info is consistent with the second summary info.
Specifically, can be seen that data interaction is carried out under credible performing environment in the process of exchange by above-mentioned , to not only be protected in the initialization procedure of digital cash client to digital cash wallet, also in process of exchange Persistently digital cash wallet is protected, so as to improve the safety of digital cash, guarantees the property safety of user.And It requires to interact acquisition with safety chip about the information of key pair, and then fundamentally protects the peace of digital cash Quan Xing.The present embodiment is not defined specific predetermined Hash algorithm, if sender and recipient use it is same Hash algorithm.The present embodiment also compares Encryption Algorithm and the particular content of decipherment algorithm is defined, as long as Encryption Algorithm It is a pair of mating algorithm with decipherment algorithm.
The above process: original text, that is, transaction data original text in Fig. 4 can be illustrated by Fig. 4 below, abstract is made a summary Information, hash algorithm, that is, hash algorithm.Digital cash client in Fig. 4 is located in mobile terminal
Before transmission of transaction data, abstract is calculated according to the hash algorithm of agreement in original text by sender, and using certainly Oneself private key (obtaining from safety chip) encrypts abstract to obtain digital signature, sends jointly to recipient with original text, connects Debit calculates original text using identical hash algorithm and makes a summary, and then is decrypted to obtain to number with the public key of sender is used Abstract compare.
Based on the above-mentioned technical proposal, the secure side of digital cash of the use provided in an embodiment of the present invention based on block chain Method improves the safety of block chain digital cash wallet by safety chip, credible performing environment, and necessary when being traded The acquisition of data all relies on credible performing environment and safety chip, so that process of exchange is also by the real-time guarantor of three-decker Shield, to improve the safety of digital cash.
Based on above-mentioned any embodiment, since existing digital cash wallet can only trade online, this mode exists When bottleneck occurs in communication, trading efficiency is influenced.The present embodiment can be realized the offline friendship that existing digital cash wallet does not have Easy function meets digital cash data and transaction security, convenient and fast demand.In the present embodiment, as sender digital cash visitor When family end or recipient's digital cash client are under off-line state, this method may include:
Sender's digital cash client carries out transaction data certification and data check under credible performing environment Transaction application is sent to recipient's digital cash client afterwards;
Recipient's digital cash client is received under credible performing environment and is verified after transaction is applied to sender's number Currency client returns to confirmation message, and updates transaction record;
Sender's digital cash client updates transaction record under credible performing environment;
Sender's digital cash client and recipient's digital cash client are when network state meets condition to block Chain isochronous transaction record, records block chain with corresponding third-party server isochronous transaction.
Wherein, it can be that network state is good when network state meets condition, or there are safety and the strong nets of signal Network.The present embodiment is defined not to this.Here the detection of network state can be real-time perfoming, can also periodically into Row.The present embodiment is defined not to this.User can set according to self-demand, can also carry out manually network-like The detection of state.Here transaction application can refer to the unique number monetary data string comprising Transaction Information.
Specifically, sender and recipient can trade between the two under off-line state, and when trading completion Transaction record is updated in the corresponding digital cash client of the two, that is, records the details of the secondary transaction.So as to it is subsequent In the case that network state allows, make the available transaction record of related third party.Believed with meeting related third party to transaction The management of breath.Such as supervision of the monitoring party to Transaction Information, the verification and execution etc. in time to Transaction Information such as bank.I.e. originally Embodiment realizes the off-line trading of digital cash, so that digital cash transaction is no longer dependent on network, improves what user used Convenience.
It turns next to Fig. 5 and illustrates above-mentioned digital cash wallet off-line trading process: the digital cash client in Fig. 5 End is located in mobile terminal.
In process of exchange, both parties' terminal is in off-line state, i.e., only sender and recipient participate in.Transaction hair Initiate the behaviour such as trade and carry out authentication (can be understood as containing the verification process of Transaction Information), data check in the side of sending Make, recipient receives and returns to confirmation message after verifying transaction request, and both sides update transaction record file.Network state is detected, When network state is good, transaction record file is irregularly read, and carry out by block chain and business bank's server Transaction synchronizes, and updating maintenance domestic transaction records.
Further, the present embodiment can also carry out the operation such as Transaction Inquiries.Specifically referring to FIG. 6, its whole use process It may include: the installation downloading of application, using initialization, use of application etc..Digital cash client is carrying out key pair life At, ciphering process, decrypting process, signature verification etc. is all carried out under credible performing environment.Block chain and terminal and third party Between (such as the business bank in Fig. 6) it can be carried out certificate request, it trades, the digital cash operation such as inquiry.
Based on the above-mentioned technical proposal, the safety method for digital cash of the use based on block chain that the embodiment of the present invention mentions, By constructing application software-TEE-SE three-layer technology framework, hardware and software platform is combined, is provided for digital cash client At safety guarantee.And realize digital cash off-line trading.So that user can be more convenient, safe carry out digital cash friendship Easily.
The security system and terminal of the digital cash to use provided in an embodiment of the present invention based on block chain carry out below It introduces, the security system and terminal of digital cash of the use described below based on block chain and above-described use are based on area The safety method of the digital cash of block chain can correspond to each other reference.
Referring to FIG. 7, Fig. 7 is the security system provided by the embodiment of the present invention using the digital cash based on block chain Structural block diagram;The security system may include:
Digital cash client 100 makes block chain according to request for sending the request of application digital certificate to block chain It carries out user identity and requests verification and returns to corresponding customer information to digital cash client after being verified;According to visitor Family information sends applying digital certificate to safety chip by credible performing environment;With sending digital cash wallet to block chain Location makes block chain obtain digital certificate from authentication center according to digital cash wallet address;Receive the number card that block chain is sent After book, digital certificate mount request is sent to safety chip by credible performing environment;
Safety chip module 200 for generating key pair and digital cash wallet address according to customer information, and passes through Credible performing environment exports digital cash wallet address to digital cash client;Number is installed according to digital certificate mount request Certificate;
Credible performing environment module 300, for providing credible performing environment.
Based on the above embodiment, digital cash client 100 can also include:
Transaction transmission unit, for calculating transaction data original text using predetermined Hash algorithm under credible performing environment To summary info, and sender's private key is obtained from safety chip;By summary info and sender's private key, Encryption Algorithm is utilized Digital signature is generated, and sends digital signature and transaction data original text in block chain;
Transaction acceptance unit, for calculating transaction data original text using predetermined Hash algorithm under credible performing environment To the first summary info;According to sender's public key, digital signature is decrypted using decipherment algorithm to obtain the second summary info; It trades when the first summary info is consistent with the second summary info.
Based on the above embodiment, digital cash client 100 can also include:
Off-line trading transmission unit, for carrying out transaction data certification and data check under credible performing environment Transaction application is sent to recipient's digital cash client afterwards;And in recipient's digital cash client under credible performing environment After receiving and verifying transaction application, receives recipient's digital cash client and return to confirmation message, and update transaction record;
Off-line trading synchronization unit, for when digital cash client it is synchronous to block chain when network state meets condition Transaction record records block chain with corresponding third-party server isochronous transaction.
Referring to FIG. 8, Fig. 8 is a kind of structural block diagram of terminal provided by the embodiment of the present invention;The terminal may include:
Digital cash client end processor 10 makes block chain root for sending the request of application digital certificate to block chain User identity and requests verification are carried out according to request and return to corresponding customer information to digital cash client after being verified; According to customer information, applying digital certificate is sent to safety chip by credible performing environment;Digital cash is sent to block chain Wallet address makes block chain obtain digital certificate from authentication center according to digital cash wallet address;Receive what block chain was sent After digital certificate, digital certificate mount request is sent to safety chip by credible performing environment;
Safety chip 20, for generating key pair and digital cash wallet address according to customer information, and by credible Performing environment exports digital cash wallet address to digital cash client;Number card is installed according to digital certificate mount request Book;
Credible performing environment processor 30, for providing credible performing environment.
Specifically, the present embodiment is not defined terminal.Here terminal can be mobile terminal.
Each embodiment is described in a progressive manner in specification, the highlights of each of the examples are with other realities The difference of example is applied, the same or similar parts in each embodiment may refer to each other.For device disclosed in embodiment Speech, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is referring to method part illustration ?.
Professional further appreciates that, unit described in conjunction with the examples disclosed in the embodiments of the present disclosure And algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware and The interchangeability of software generally describes each exemplary composition and step according to function in the above description.These Function is implemented in hardware or software actually, the specific application and design constraint depending on technical solution.Profession Technical staff can use different methods to achieve the described function each specific application, but this realization is not answered Think beyond the scope of this invention.
The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology In any other form of storage medium well known in field.
The safety method of the digital cash to use provided by the present invention based on block chain, system and terminal carry out above It is discussed in detail.Used herein a specific example illustrates the principle and implementation of the invention, above embodiments Explanation be merely used to help understand method and its core concept of the invention.It should be pointed out that for the common of the art , without departing from the principle of the present invention, can be with several improvements and modifications are made to the present invention for technical staff, these Improvement and modification are also fallen within the protection scope of the claims of the present invention.
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710056081.0A CN106850200B (en) | 2017-01-25 | 2017-01-25 | A kind of safety method, system and the terminal of digital cash of the use based on block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710056081.0A CN106850200B (en) | 2017-01-25 | 2017-01-25 | A kind of safety method, system and the terminal of digital cash of the use based on block chain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106850200A CN106850200A (en) | 2017-06-13 |
CN106850200B true CN106850200B (en) | 2019-10-22 |
Family
ID=59121170
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710056081.0A CN106850200B (en) | 2017-01-25 | 2017-01-25 | A kind of safety method, system and the terminal of digital cash of the use based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106850200B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10880077B2 (en) | 2019-10-31 | 2020-12-29 | Advanced New Technologies Co., Ltd. | Processing blockchain data based on smart contract operations executed in a trusted execution environment |
Families Citing this family (31)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107301521A (en) * | 2017-06-26 | 2017-10-27 | 深圳前海华深安信物联技术有限公司 | Strengthen the method for warehouse receipt transaction security in a kind of warehouse receipt system based on block chain |
CN107392601B (en) * | 2017-06-26 | 2020-11-03 | 中国人民银行数字货币研究所 | Application method and system for digital currency wallet |
CN107330691B (en) * | 2017-06-26 | 2020-12-15 | 中国人民银行数字货币研究所 | Method and system for paying by digital currency wallet |
CN107332900A (en) * | 2017-06-27 | 2017-11-07 | 山东浪潮商用系统有限公司 | A kind of privately owned block chain management platform of support Internet of Things fused business |
CN107464111A (en) * | 2017-07-10 | 2017-12-12 | 北京云知科技有限公司 | Block chain wallet address generating method, method of payment, device and electronic equipment based on audio |
CN107464110A (en) * | 2017-07-10 | 2017-12-12 | 北京云知科技有限公司 | Block chain wallet address generating method, method of payment, device and electronic equipment based on image |
CN107566117B (en) * | 2017-07-14 | 2019-10-29 | 浙商银行股份有限公司 | A kind of block chain key management system and method |
CN107240017A (en) * | 2017-07-20 | 2017-10-10 | 捷德(中国)信息科技有限公司 | Block chain trade managing system and method |
CN107659402A (en) * | 2017-10-18 | 2018-02-02 | 浪潮(北京)电子信息产业有限公司 | A kind of transaction data endorsement method, device and the medium of digital encryption currency |
CN107862782B (en) * | 2017-10-27 | 2020-11-13 | 贝壳找房(北京)科技有限公司 | Lottery drawing method and device based on Ether house block chain |
CN108055133B (en) * | 2017-12-12 | 2020-02-14 | 江苏安凰领御科技有限公司 | Key security signature method based on block chain technology |
CN108229938A (en) * | 2017-12-28 | 2018-06-29 | 中国人民银行数字货币研究所 | The method and system that a kind of digital cash wallet is opened |
CN108430061A (en) * | 2018-02-11 | 2018-08-21 | 深圳市图灵奇点智能科技有限公司 | The method and apparatus that block chain contract is signed by the auxiliary that intelligent mobile phone is realized |
CN108768657A (en) * | 2018-04-17 | 2018-11-06 | 深圳技术大学(筹) | A kind of digital certificate based on block platform chain issues system and method |
CN108566395A (en) * | 2018-04-20 | 2018-09-21 | 济南浪潮高新科技投资发展有限公司 | A kind of document transmission method, apparatus and system based on block chain |
CN110492990A (en) * | 2018-05-15 | 2019-11-22 | 华为技术有限公司 | Private key management method, apparatus and system under block chain scene |
CN108764920A (en) * | 2018-05-17 | 2018-11-06 | 立旃(上海)科技有限公司 | Off-line trading method and device based on block chain |
CN109126098A (en) * | 2018-07-26 | 2019-01-04 | 深圳市梵高夫科技有限公司 | Contest referee method, system, core node and storage medium based on block chain |
CN109409874A (en) * | 2018-09-17 | 2019-03-01 | 烨链(上海)科技有限公司 | Method of payment, offline terminal and online terminal based on block chain |
CN109389503A (en) * | 2018-09-30 | 2019-02-26 | 真相网络科技(北京)有限公司 | Block chain account model and implementation method |
CN109308410A (en) * | 2018-10-16 | 2019-02-05 | 翟红鹰 | Obtain method, system and the computer readable storage medium of block chain data |
CN110008686B (en) * | 2018-11-16 | 2020-12-04 | 创新先进技术有限公司 | Cross-block-chain data processing method and device, client and block chain system |
CN109741039A (en) * | 2019-01-07 | 2019-05-10 | 深圳市红砖坊技术有限公司 | Bookkeeping methods, terminal device, digs mine node and mine pond at mine pool server |
WO2020168564A1 (en) * | 2019-02-22 | 2020-08-27 | 王健 | Method and device for digital currency transaction and account authentication, and storage medium |
CN110945550A (en) | 2019-04-03 | 2020-03-31 | 阿里巴巴集团控股有限公司 | Processing and storing blockchain data in a trusted execution environment |
JP2020525875A (en) * | 2019-04-03 | 2020-08-27 | アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited | Processing blockchain data based on smart contract behavior executed in a trusted execution environment |
CN110188138A (en) * | 2019-04-25 | 2019-08-30 | 阿里巴巴集团控股有限公司 | Data synchronous system, method, apparatus and electronic equipment based on alliance's chain |
CN110135992A (en) * | 2019-05-14 | 2019-08-16 | 北京智签科技有限公司 | The acquisition methods and acquisition device of block chain network Fabric-CA digital certificate |
CN110290108B (en) * | 2019-05-17 | 2020-10-13 | 深圳市网心科技有限公司 | Data processing method, system and related equipment in block chain network |
WO2020233423A1 (en) * | 2019-05-20 | 2020-11-26 | 创新先进技术有限公司 | Receipt storage method and node based on transaction type |
CN110266659B (en) * | 2019-05-31 | 2020-09-25 | 联想(北京)有限公司 | Data processing method and equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1801029A (en) * | 2004-12-31 | 2006-07-12 | 联想(北京)有限公司 | Method for generating digital certificate and applying the generated digital certificate |
CN101841525A (en) * | 2010-03-02 | 2010-09-22 | 中国联合网络通信集团有限公司 | Secure access method, system and client |
CN102594558A (en) * | 2012-01-19 | 2012-07-18 | 东北大学 | Anonymous digital certificate system and verification method of trustable computing environment |
CN105556551A (en) * | 2013-09-30 | 2016-05-04 | 苹果公司 | Online payments using a secure element of an electronic device |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA2984888A1 (en) * | 2015-05-05 | 2016-11-10 | ShoCard, Inc. | Identity management service using a block chain |
-
2017
- 2017-01-25 CN CN201710056081.0A patent/CN106850200B/en active IP Right Grant
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1801029A (en) * | 2004-12-31 | 2006-07-12 | 联想(北京)有限公司 | Method for generating digital certificate and applying the generated digital certificate |
CN101841525A (en) * | 2010-03-02 | 2010-09-22 | 中国联合网络通信集团有限公司 | Secure access method, system and client |
CN102594558A (en) * | 2012-01-19 | 2012-07-18 | 东北大学 | Anonymous digital certificate system and verification method of trustable computing environment |
CN105556551A (en) * | 2013-09-30 | 2016-05-04 | 苹果公司 | Online payments using a secure element of an electronic device |
Non-Patent Citations (2)
Title |
---|
Blockchain for the Internet of Things: A systematic literature review;Marco Conoscenti;《2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA)》;20161202;全文 * |
Generating Correlated Digital Certificates: Framework and Applications;Wentao Zhu;《IEEE Transactions on Information Forensics and Security》;20160112;全文 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10880077B2 (en) | 2019-10-31 | 2020-12-29 | Advanced New Technologies Co., Ltd. | Processing blockchain data based on smart contract operations executed in a trusted execution environment |
Also Published As
Publication number | Publication date |
---|---|
CN106850200A (en) | 2017-06-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10630667B2 (en) | Client, server, method and identity verification system | |
US10313110B2 (en) | Efficient methods for protecting identity in authenticated transmissions | |
JP2019180097A (en) | Method and system of cloud base transaction | |
AU2015264124B2 (en) | Offline authentication | |
US9231944B2 (en) | Method and apparatus for the secure authentication of a web site | |
CN105103488B (en) | By the policy Enforcement of associated data | |
US20180359092A1 (en) | Method for managing a trusted identity | |
US20160140545A1 (en) | Cloud-based transactions with magnetic secure transmission | |
CN104753917B (en) | Key management system and method based on ID | |
US8833648B1 (en) | Dynamic credit card security code via mobile device | |
AU2010315111B2 (en) | Verification of portable consumer devices for 3-D secure services | |
US9083533B2 (en) | System and methods for online authentication | |
RU2710897C2 (en) | Methods for safe generation of cryptograms | |
CA2937850C (en) | Verification of portable consumer devices | |
CN108352015A (en) | The anti-loss storage of Secure for the system combination wallet management system based on block chain and encryption key transfer | |
JP6514218B2 (en) | Client authentication using social data | |
US6073237A (en) | Tamper resistant method and apparatus | |
US20170124535A1 (en) | Systems and methods for securing cryptocurrency purchases | |
CN105453483B (en) | For method and apparatus derived from the key based on image | |
AU2009322102B2 (en) | System and methods for online authentication | |
CN102006271B (en) | IP address secure multi-channel authentication for online transactions | |
US9112842B1 (en) | Secure authentication and transaction system and method | |
CN102339370B (en) | The security method of electronic document, safety system and verification system | |
US8302173B2 (en) | Providing a user device with a set of access codes | |
US7362869B2 (en) | Method of distributing a public key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB03 | Change of inventor or designer information |
Inventor after: Yao Qian Inventor after: Xu Zhong Inventor after: Zhang Yifeng Inventor before: Zhang Yifeng Inventor after: Yao Qian Inventor after: Xu Zhong Inventor after: Zhang Yifeng Inventor before: Zhang Yifeng |
|
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20171110 Address after: Hangzhou City, Zhejiang province 310007 Xihu District Lingyin ad tower Room 903 Applicant after: Zhongchao Credit Card Industry Development Co., Ltd. Hangzhou blockchain Technology Research Institute Address before: 100176 Beijing Daxing District Economic Development Zone, 28 Fang Fang Road 2, one floor, room 101 Applicant before: Zhongchao Credit Card Industry Development Co., Ltd. Beijing smart card technology research institute Effective date of registration: 20171110 Address after: Hangzhou City, Zhejiang province 310007 Xihu District Lingyin ad tower Room 903 Applicant after: Zhongchao Credit Card Industry Development Co., Ltd. Hangzhou blockchain Technology Research Institute Address before: 100176 Beijing Daxing District Economic Development Zone, 28 Fang Fang Road 2, one floor, room 101 Applicant before: Zhongchao Credit Card Industry Development Co., Ltd. Beijing smart card technology research institute |
|
CB03 | Change of inventor or designer information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |