CN106850200B - A kind of safety method, system and the terminal of digital cash of the use based on block chain - Google Patents

A kind of safety method, system and the terminal of digital cash of the use based on block chain Download PDF

Info

Publication number
CN106850200B
CN106850200B CN201710056081.0A CN201710056081A CN106850200B CN 106850200 B CN106850200 B CN 106850200B CN 201710056081 A CN201710056081 A CN 201710056081A CN 106850200 B CN106850200 B CN 106850200B
Authority
CN
China
Prior art keywords
digital cash
digital
block chain
credible
environment
Prior art date
Application number
CN201710056081.0A
Other languages
Chinese (zh)
Other versions
CN106850200A (en
Inventor
姚前
徐忠
张一锋
Original Assignee
中钞信用卡产业发展有限公司杭州区块链技术研究院
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中钞信用卡产业发展有限公司杭州区块链技术研究院 filed Critical 中钞信用卡产业发展有限公司杭州区块链技术研究院
Priority to CN201710056081.0A priority Critical patent/CN106850200B/en
Publication of CN106850200A publication Critical patent/CN106850200A/en
Application granted granted Critical
Publication of CN106850200B publication Critical patent/CN106850200B/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • G06Q20/065Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Abstract

The invention discloses the safety method, system and the terminals that use the digital cash based on block chain, method includes: the request that digital cash client sends application digital certificate to block chain, receives block chain and returns to corresponding customer information after identity and requests verification pass through;According to customer information, applying digital certificate is sent to safety chip by credible performing environment;Safety chip generates key pair and digital cash wallet address according to customer information, exports digital cash wallet address to digital cash client by credible performing environment;Digital cash client sends digital cash wallet address to block chain, and block chain is made to obtain digital certificate from authentication center according to digital cash wallet address;After digital cash client receives the digital certificate that block chain is sent, sending digital certificate mount request to safety chip by credible performing environment makes safety chip install digital certificate;The safety of block chain digital cash wallet is improved by safety chip, credible performing environment.

Description

A kind of safety method, system and the terminal of digital cash of the use based on block chain

Technical field

The present invention relates to communication technique field, in particular to the secure side of a kind of digital cash of the use based on block chain Method, system and terminal.

Background technique

In current bit coin system, bit coin address is the public key in a set of unsymmetrical key, this passes through key Oval algorithm generates.The address of user account and private key are all stored in bit coin wallet (i.e. digital cash wallet) file, private Key carries out encryption and decryption operation by bit coin client software.It is all base currently based on the digital cash wallet technology of block chain technology In bit coin, it can sort out are as follows: webpage wallet, multi-signature wallet, desktop wallet, mobile terminal wallet.

Decentralization and anonymity due to entire bit coin system, digital cash wallet are once lost, digital cash money The bit coin that all addresses save in packet is possible to be stolen.Bit coin is once stolen, and cannot be retrieved.Therefore, it needs Guarantee the safety of digital cash wallet.And existing digital cash wallet solution is all that online backup private key forms backup Digital cash wallet, although take many safety measures ensure using and data safety, numerous attack cases and System vulnerability shows the safety that still cannot be guaranteed digital cash in digital cash wallet in this way.Therefore, how to guarantee based on block The safety of the digital cash of chain is those skilled in the art's technical issues that need to address.

Summary of the invention

Safety method, system and the terminal of a kind of digital cash the object of the present invention is to provide use based on block chain, The safety of block chain digital cash wallet is improved by safety chip, credible performing environment.

In order to solve the above technical problems, the present invention provides a kind of safety method of digital cash of the use based on block chain, The safety method includes:

Digital cash client sends the request of application digital certificate to block chain, makes the block chain according to the request It carries out user identity and requests verification and returns to corresponding customer information to the digital cash client after being verified;

The digital cash client sends number to safety chip according to the customer information, by credible performing environment Certificate request;

The safety chip generates key pair and digital cash wallet address according to the customer information, and by described Credible performing environment exports digital cash wallet address to the digital cash client;

The digital cash client sends digital cash wallet address to the block chain, makes the block chain root Digital certificate is obtained from authentication center according to digital cash wallet address;

After the digital cash client receives the digital certificate that the block chain is sent, pass through the credible execution Environment sends digital certificate mount request to the safety chip;

The safety chip installs digital certificate according to the digital certificate mount request.

Optionally, the safety chip generates key pair and digital cash wallet address, packet according to the customer information It includes:

The safety chip generates private key according to the customer information, and generates public key using the private key;

The public key is handled using hash algorithm to obtain public key Hash, and number is generated according to the public key Hash Currency wallet address.

Optionally, after installation digital certificate, further includes:

Sender's digital cash client is calculated transaction data original text using predetermined Hash under the credible performing environment Summary info is calculated in method, and sender's private key is obtained from the safety chip;

Described sender digital cash client is under the credible performing environment by the summary info and the hair The side's of sending private key generates digital signature using Encryption Algorithm, and sends the digital signature and the transaction data original text to In the block chain.

Optionally, when recipient's digital cash client obtains the digital signature and the friendship from the block chain After easy data original text, further includes:

Recipient's digital cash client utilizes the transaction data original text under the credible performing environment described pre- Determine hash algorithm and the first summary info is calculated;

Recipient's digital cash client, according to sender's public key, is calculated under the credible performing environment using decryption Method is decrypted the digital signature to obtain the second summary info;

It trades when first summary info is consistent with second summary info.

Optionally, when sender's digital cash client or recipient's digital cash client are under off-line state, Further include:

Described sender digital cash client carried out under the credible performing environment transaction data certification and Transaction application is sent to recipient's digital cash client after data check;

After recipient's digital cash client receives under the credible performing environment and verifies the transaction application Confirmation message is returned to described sender digital cash client, and updates transaction record;

Described sender digital cash client updates transaction record under the credible performing environment;

Described sender digital cash client and recipient's digital cash client meet condition in network state When to the block chain synchronize the transaction record, so that the block chain is synchronized the transaction with corresponding third-party server and remember Record.

Optionally, the acquisition modes of the digital cash client include:

It obtains the preset digital cash client executable in the safety chip and is installed, or pass through Download online digital cash client executable is simultaneously installed.

A kind of security system of digital cash the present invention also provides use based on block chain, comprising:

Digital cash client makes the block chain according to institute for sending the request of application digital certificate to block chain Request is stated to carry out user identity and requests verification and return to corresponding client to the digital cash client after being verified Information;According to the customer information, applying digital certificate is sent to safety chip by credible performing environment;To the block chain Digital cash wallet address is sent, the block chain is made to obtain number from authentication center according to digital cash wallet address Word certificate;After receiving the digital certificate that the block chain is sent, by the credible performing environment to the safety chip Send digital certificate mount request;

The safety chip module, for generating key pair and digital cash wallet address according to the customer information, And digital cash wallet address is exported to the digital cash client by the credible performing environment;According to the number Word certificate mount request installs digital certificate;

The credible performing environment module, for providing credible performing environment.

Optionally, the digital cash client further include:

Transaction transmission unit, based on by transaction data original text using predetermined Hash algorithm under the credible performing environment Calculation obtains summary info, and sender's private key is obtained from the safety chip;By the summary info and described sender Private key generates digital signature using Encryption Algorithm, and sends the digital signature and the transaction data original text to described In block chain;

Transaction acceptance unit, for the transaction data original text to be utilized the predetermined Kazakhstan under the credible performing environment The first summary info is calculated in uncommon algorithm;According to sender's public key, the digital signature is decrypted using decipherment algorithm Obtain the second summary info;It trades when first summary info is consistent with second summary info.

Optionally, the digital cash client further include:

Off-line trading transmission unit, for carrying out transaction data certification and data under the credible performing environment Transaction application is sent to recipient's digital cash client after verification;And recipient's digital cash client it is described can After being received under letter performing environment and verifying the transaction application, receives recipient's digital cash client and return to confirmation letter Breath, and update transaction record;

Off-line trading synchronization unit, for when digital cash client when network state meets condition to the block chain The transaction record is synchronized, the block chain is made to synchronize the transaction record with corresponding third-party server.

The present invention also provides a kind of terminals, comprising:

Digital cash client end processor makes the block chain for sending the request of application digital certificate to block chain It carries out user identity and requests verification and returns after being verified to the digital cash client to correspond to according to the request Customer information;According to the customer information, applying digital certificate is sent to safety chip by credible performing environment;To described Block chain sends digital cash wallet address, makes the block chain according to digital cash wallet address from authentication center Obtain digital certificate;After receiving the digital certificate that the block chain is sent, by the credible performing environment to the peace Full chip sends digital certificate mount request;

The safety chip for generating key pair and digital cash wallet address according to the customer information, and leads to It crosses the credible performing environment and exports digital cash wallet address to the digital cash client;According to the number card Book mount request installs digital certificate;

Credible performing environment processor, is used to provide the described credible performing environment.

The safety method of digital cash of the use provided by the present invention based on block chain, the safety method include: number Word currency client sends the request of application digital certificate to block chain, and the block chain is made to carry out user's body according to the request Part and requests verification simultaneously return to corresponding customer information to the digital cash client after being verified;The digital cash Client sends applying digital certificate to safety chip according to the customer information, by credible performing environment;The safe core Piece generates key pair and digital cash wallet address according to the customer information, and by the credible performing environment to described Digital cash client exports digital cash wallet address;The digital cash client is to described in block chain transmission Digital cash wallet address makes the block chain obtain digital certificate from authentication center according to digital cash wallet address; After the digital cash client receives the digital certificate that the block chain is sent, by the credible performing environment to institute It states safety chip and sends digital certificate mount request;The safety chip installs number card according to the digital certificate mount request Book;

As it can be seen that it is provided simultaneously with the safe encryption function of software since safety chip had both had hardware tamper-resistance properties, it is credible to hold Row environment has certain hardware protection ability;Therefore the safety method improves block by safety chip, credible performing environment The safety of chain digital cash wallet.Software and reliable hardware platform are combined, provide complete peace for digital cash wallet All risk insurance barrier.The security system and terminal of a kind of digital cash the present invention also provides use based on block chain have above-mentioned beneficial Effect, details are not described herein.

Detailed description of the invention

In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis The attached drawing of offer obtains other attached drawings.

Fig. 1 is provided by the embodiment of the present invention using the flow chart of the safety method of the digital cash based on block chain;

Fig. 2 is the process schematic of digital cash client initialization provided by the embodiment of the present invention;

Fig. 3 is the mapping relations schematic diagram of private key and digital cash wallet address provided by the embodiment of the present invention;

Fig. 4 is the process schematic that the transaction of digital cash client provided by the embodiment of the present invention uses;

Fig. 5 is the process schematic that digital cash client off-line provided by the embodiment of the present invention uses;

Fig. 6 is that digital cash client provided by the embodiment of the present invention integrally uses schematic diagram;

Fig. 7 is provided by the embodiment of the present invention using the structural frames of the security system of the digital cash based on block chain Figure;

Fig. 8 is a kind of structural block diagram of terminal provided by the embodiment of the present invention.

Specific embodiment

Core of the invention is to provide safety method, system and the terminal of a kind of digital cash of the use based on block chain, The safety of block chain digital cash wallet is improved by safety chip, credible performing environment.

In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.

The specific implementation of the present embodiment includes three layers: the bottom is one and had both had hardware tamper-resistance properties, is provided simultaneously with soft The safety chip of part encrypted safely, (such as SE);Middle layer, credible performing environment (such as TEE) have certain hardware package Shield ability, while in comparison this rank of bottom safe unit, do not have hardware it is anti-can tamper, be one more inexpensive Security architecture.Top layer is open operating system layer, only software protection ability, the rank of safeguard protection be it is minimum, It is also the digital cash client place layer after downloading installation.The present embodiment may be implemented to improve block chain number in this structure The safety of currency wallet.Specifically referring to FIG. 1, Fig. 1 is to use the number based on block chain provided by the embodiment of the present invention The flow chart of the safety method of currency;The safety method may include:

S100, digital cash client to block chain send application digital certificate request, make block chain according to request into Row user identity and requests verification simultaneously return to corresponding customer information to digital cash client after being verified;

S110, digital cash client send number card to safety chip by credible performing environment according to customer information Book application;

S120, safety chip generate key pair and digital cash wallet address according to customer information, and are held by credible Row environment exports digital cash wallet address to digital cash client;

S130, digital cash client send digital cash wallet address to block chain, make block chain according to digital cash Wallet address obtains digital certificate from authentication center;

After S140, digital cash client receive the digital certificate that block chain is sent, by credible performing environment to safety Chip sends digital certificate mount request;

S150, safety chip install digital certificate according to digital certificate mount request.

Wherein, digital cash wallet here can be understood as digital cash client, when user carries out the transaction of bit coin It is be unable to do without digital cash client, therefore first has to download and install digital cash client when using digital cash.This reality The concrete mode that example does not limit downloading installation digital cash client is applied, adaptability choosing can be carried out according to different terminals It selects, to improve the adaptability of digital cash client.Preferably, the acquisition modes of digital cash client may include: to obtain It preset digital cash client executable and is installed in safety chip, or passes through download online digital cash client End executable program is simultaneously installed.I.e. digital wallet application can it is preset in safety chip (such as SE) and also by The installation of line downloading mode.

Specifically, the purse initialised process of digital cash may be implemented in the present embodiment S100 to S150, the digital cash money Its digital cash client is initialized only in top layer's open operating system layer compared to the prior art for the initialization of packet It completes compared to safer.Data exchange process is complete under credible performing environment in the terminal for initialization procedure in the present embodiment At.And the digital certificate installation and the generation of key pair used about digital cash is in the very high safety chip of safety It completes.Its most important function is respectively played for three layers i.e. in the initialization procedure of entire digital cash wallet, jointly to number Currency client is protected.So as to fundamentally prevent outside world, and then improve block chain digital cash wallet Safety.

The above process can be illustrated by Fig. 2 below: safety chip is SE in Fig. 2, and control process is pacified by SE It is served by realization entirely, the digital cash client in Fig. 2 is located in mobile terminal.

When initialization, the request of application digital certificate is submitted to block chain by digital cash client from user first, Block chain business bank's node carries out the authentication and requests verification of client, is generating key pair simultaneously by SE security service application Export digital cash wallet address (wallet address can also be referred to as) out;Digital cash client is passed through to commercial silver from user The digital wallet address is transmitted on row node, business bank issues digital certificate, in this process, SE according to wallet address The generation of the responsible key of safety and the installation of certificate.

Further for the safety for improving digital cash wallet address.Digital cash wallet address is public in the present embodiment Key can not inverse mapping.I.e. optional, safety chip generates key pair according to customer information and digital cash wallet address can To include:

Safety chip generates private key according to customer information, and generates public key using private key;

Public key is handled using hash algorithm to obtain public key Hash, and digital cash wallet is generated according to public key Hash Address.

Specifically, referring to FIG. 3, may map to public key Hash by digital cash money address, that is, wallet address, but by Public key Hash can not map acquisition public key, and can not be mapped to obtain private key by public key.Such setting can be protected further It protects smuggling the safety of key.To improve the safety of digital cash.

Based on the above-mentioned technical proposal, the secure side of digital cash of the use provided in an embodiment of the present invention based on block chain Method was provided simultaneously with the safe encryption function of software since safety chip has both had hardware tamper-resistance properties, and credible performing environment has Certain hardware protection ability;Therefore the safety method improves block chain digital cash by safety chip, credible performing environment The safety of wallet.Software and reliable hardware platform are combined, provide complete safety guarantee for digital cash wallet.

Based on the above embodiment, after digital certificate successfully is installed, that is, the initialization of digital cash client is completed Later, digital cash wallet use process, that is, process of exchange (such as may include how generate digital signature and sign test etc. Process), which can also include:

Transaction data original text is utilized predetermined Hash algorithm meter under credible performing environment by sender's digital cash client Calculation obtains summary info, and sender's private key is obtained from safety chip;

Sender's digital cash client, by summary info and sender's private key, utilizes encryption under credible performing environment Algorithm generates digital signature, and sends digital signature and transaction data original text in block chain.

After recipient's digital cash client obtains digital signature and transaction data original text from block chain, also wrap It includes:

Transaction data original text is utilized predetermined Hash algorithm meter under credible performing environment by recipient's digital cash client Calculation obtains the first summary info;

Recipient's digital cash client under credible performing environment according to sender's public key, using decipherment algorithm to number Signature is decrypted to obtain the second summary info;

It trades when the first summary info is consistent with the second summary info.

Specifically, can be seen that data interaction is carried out under credible performing environment in the process of exchange by above-mentioned , to not only be protected in the initialization procedure of digital cash client to digital cash wallet, also in process of exchange Persistently digital cash wallet is protected, so as to improve the safety of digital cash, guarantees the property safety of user.And It requires to interact acquisition with safety chip about the information of key pair, and then fundamentally protects the peace of digital cash Quan Xing.The present embodiment is not defined specific predetermined Hash algorithm, if sender and recipient use it is same Hash algorithm.The present embodiment also compares Encryption Algorithm and the particular content of decipherment algorithm is defined, as long as Encryption Algorithm It is a pair of mating algorithm with decipherment algorithm.

The above process: original text, that is, transaction data original text in Fig. 4 can be illustrated by Fig. 4 below, abstract is made a summary Information, hash algorithm, that is, hash algorithm.Digital cash client in Fig. 4 is located in mobile terminal

Before transmission of transaction data, abstract is calculated according to the hash algorithm of agreement in original text by sender, and using certainly Oneself private key (obtaining from safety chip) encrypts abstract to obtain digital signature, sends jointly to recipient with original text, connects Debit calculates original text using identical hash algorithm and makes a summary, and then is decrypted to obtain to number with the public key of sender is used Abstract compare.

Based on the above-mentioned technical proposal, the secure side of digital cash of the use provided in an embodiment of the present invention based on block chain Method improves the safety of block chain digital cash wallet by safety chip, credible performing environment, and necessary when being traded The acquisition of data all relies on credible performing environment and safety chip, so that process of exchange is also by the real-time guarantor of three-decker Shield, to improve the safety of digital cash.

Based on above-mentioned any embodiment, since existing digital cash wallet can only trade online, this mode exists When bottleneck occurs in communication, trading efficiency is influenced.The present embodiment can be realized the offline friendship that existing digital cash wallet does not have Easy function meets digital cash data and transaction security, convenient and fast demand.In the present embodiment, as sender digital cash visitor When family end or recipient's digital cash client are under off-line state, this method may include:

Sender's digital cash client carries out transaction data certification and data check under credible performing environment Transaction application is sent to recipient's digital cash client afterwards;

Recipient's digital cash client is received under credible performing environment and is verified after transaction is applied to sender's number Currency client returns to confirmation message, and updates transaction record;

Sender's digital cash client updates transaction record under credible performing environment;

Sender's digital cash client and recipient's digital cash client are when network state meets condition to block Chain isochronous transaction record, records block chain with corresponding third-party server isochronous transaction.

Wherein, it can be that network state is good when network state meets condition, or there are safety and the strong nets of signal Network.The present embodiment is defined not to this.Here the detection of network state can be real-time perfoming, can also periodically into Row.The present embodiment is defined not to this.User can set according to self-demand, can also carry out manually network-like The detection of state.Here transaction application can refer to the unique number monetary data string comprising Transaction Information.

Specifically, sender and recipient can trade between the two under off-line state, and when trading completion Transaction record is updated in the corresponding digital cash client of the two, that is, records the details of the secondary transaction.So as to it is subsequent In the case that network state allows, make the available transaction record of related third party.Believed with meeting related third party to transaction The management of breath.Such as supervision of the monitoring party to Transaction Information, the verification and execution etc. in time to Transaction Information such as bank.I.e. originally Embodiment realizes the off-line trading of digital cash, so that digital cash transaction is no longer dependent on network, improves what user used Convenience.

It turns next to Fig. 5 and illustrates above-mentioned digital cash wallet off-line trading process: the digital cash client in Fig. 5 End is located in mobile terminal.

In process of exchange, both parties' terminal is in off-line state, i.e., only sender and recipient participate in.Transaction hair Initiate the behaviour such as trade and carry out authentication (can be understood as containing the verification process of Transaction Information), data check in the side of sending Make, recipient receives and returns to confirmation message after verifying transaction request, and both sides update transaction record file.Network state is detected, When network state is good, transaction record file is irregularly read, and carry out by block chain and business bank's server Transaction synchronizes, and updating maintenance domestic transaction records.

Further, the present embodiment can also carry out the operation such as Transaction Inquiries.Specifically referring to FIG. 6, its whole use process It may include: the installation downloading of application, using initialization, use of application etc..Digital cash client is carrying out key pair life At, ciphering process, decrypting process, signature verification etc. is all carried out under credible performing environment.Block chain and terminal and third party Between (such as the business bank in Fig. 6) it can be carried out certificate request, it trades, the digital cash operation such as inquiry.

Based on the above-mentioned technical proposal, the safety method for digital cash of the use based on block chain that the embodiment of the present invention mentions, By constructing application software-TEE-SE three-layer technology framework, hardware and software platform is combined, is provided for digital cash client At safety guarantee.And realize digital cash off-line trading.So that user can be more convenient, safe carry out digital cash friendship Easily.

The security system and terminal of the digital cash to use provided in an embodiment of the present invention based on block chain carry out below It introduces, the security system and terminal of digital cash of the use described below based on block chain and above-described use are based on area The safety method of the digital cash of block chain can correspond to each other reference.

Referring to FIG. 7, Fig. 7 is the security system provided by the embodiment of the present invention using the digital cash based on block chain Structural block diagram;The security system may include:

Digital cash client 100 makes block chain according to request for sending the request of application digital certificate to block chain It carries out user identity and requests verification and returns to corresponding customer information to digital cash client after being verified;According to visitor Family information sends applying digital certificate to safety chip by credible performing environment;With sending digital cash wallet to block chain Location makes block chain obtain digital certificate from authentication center according to digital cash wallet address;Receive the number card that block chain is sent After book, digital certificate mount request is sent to safety chip by credible performing environment;

Safety chip module 200 for generating key pair and digital cash wallet address according to customer information, and passes through Credible performing environment exports digital cash wallet address to digital cash client;Number is installed according to digital certificate mount request Certificate;

Credible performing environment module 300, for providing credible performing environment.

Based on the above embodiment, digital cash client 100 can also include:

Transaction transmission unit, for calculating transaction data original text using predetermined Hash algorithm under credible performing environment To summary info, and sender's private key is obtained from safety chip;By summary info and sender's private key, Encryption Algorithm is utilized Digital signature is generated, and sends digital signature and transaction data original text in block chain;

Transaction acceptance unit, for calculating transaction data original text using predetermined Hash algorithm under credible performing environment To the first summary info;According to sender's public key, digital signature is decrypted using decipherment algorithm to obtain the second summary info; It trades when the first summary info is consistent with the second summary info.

Based on the above embodiment, digital cash client 100 can also include:

Off-line trading transmission unit, for carrying out transaction data certification and data check under credible performing environment Transaction application is sent to recipient's digital cash client afterwards;And in recipient's digital cash client under credible performing environment After receiving and verifying transaction application, receives recipient's digital cash client and return to confirmation message, and update transaction record;

Off-line trading synchronization unit, for when digital cash client it is synchronous to block chain when network state meets condition Transaction record records block chain with corresponding third-party server isochronous transaction.

Referring to FIG. 8, Fig. 8 is a kind of structural block diagram of terminal provided by the embodiment of the present invention;The terminal may include:

Digital cash client end processor 10 makes block chain root for sending the request of application digital certificate to block chain User identity and requests verification are carried out according to request and return to corresponding customer information to digital cash client after being verified; According to customer information, applying digital certificate is sent to safety chip by credible performing environment;Digital cash is sent to block chain Wallet address makes block chain obtain digital certificate from authentication center according to digital cash wallet address;Receive what block chain was sent After digital certificate, digital certificate mount request is sent to safety chip by credible performing environment;

Safety chip 20, for generating key pair and digital cash wallet address according to customer information, and by credible Performing environment exports digital cash wallet address to digital cash client;Number card is installed according to digital certificate mount request Book;

Credible performing environment processor 30, for providing credible performing environment.

Specifically, the present embodiment is not defined terminal.Here terminal can be mobile terminal.

Each embodiment is described in a progressive manner in specification, the highlights of each of the examples are with other realities The difference of example is applied, the same or similar parts in each embodiment may refer to each other.For device disclosed in embodiment Speech, since it is corresponded to the methods disclosed in the examples, so being described relatively simple, related place is referring to method part illustration ?.

Professional further appreciates that, unit described in conjunction with the examples disclosed in the embodiments of the present disclosure And algorithm steps, can be realized with electronic hardware, computer software, or a combination of the two, in order to clearly demonstrate hardware and The interchangeability of software generally describes each exemplary composition and step according to function in the above description.These Function is implemented in hardware or software actually, the specific application and design constraint depending on technical solution.Profession Technical staff can use different methods to achieve the described function each specific application, but this realization is not answered Think beyond the scope of this invention.

The step of method described in conjunction with the examples disclosed in this document or algorithm, can directly be held with hardware, processor The combination of capable software module or the two is implemented.Software module can be placed in random access memory (RAM), memory, read-only deposit Reservoir (ROM), electrically programmable ROM, electrically erasable ROM, register, hard disk, moveable magnetic disc, CD-ROM or technology In any other form of storage medium well known in field.

The safety method of the digital cash to use provided by the present invention based on block chain, system and terminal carry out above It is discussed in detail.Used herein a specific example illustrates the principle and implementation of the invention, above embodiments Explanation be merely used to help understand method and its core concept of the invention.It should be pointed out that for the common of the art , without departing from the principle of the present invention, can be with several improvements and modifications are made to the present invention for technical staff, these Improvement and modification are also fallen within the protection scope of the claims of the present invention.

Claims (10)

1. a kind of safety method of digital cash of use based on block chain, which is characterized in that the described method includes:
Digital cash client sends the request of application digital certificate to block chain, carries out the block chain according to the request User identity and requests verification simultaneously return to corresponding customer information to the digital cash client after being verified;
The digital cash client sends digital certificate to safety chip according to the customer information, by credible performing environment Application;
The safety chip generates key pair and digital cash wallet address according to the customer information, and by described credible Performing environment exports digital cash wallet address to the digital cash client;
The digital cash client sends digital cash wallet address to the block chain, makes the block chain according to institute It states digital cash wallet address and obtains digital certificate from authentication center;
After the digital cash client receives the digital certificate that the block chain is sent, pass through the credible performing environment Digital certificate mount request is sent to the safety chip;
The safety chip installs digital certificate according to the digital certificate mount request.
2. safety method according to claim 1, which is characterized in that the safety chip is generated according to the customer information Key pair and digital cash wallet address, comprising:
The safety chip generates private key according to the customer information, and generates public key using the private key;
The public key is handled using hash algorithm to obtain public key Hash, and digital cash is generated according to the public key Hash Wallet address.
3. safety method according to claim 2, which is characterized in that after installation digital certificate, further includes:
Transaction data original text is utilized predetermined Hash algorithm meter under the credible performing environment by sender's digital cash client Calculation obtains summary info, and sender's private key is obtained from the safety chip;
Described sender digital cash client is under the credible performing environment by the summary info and described sender Private key generates digital signature using Encryption Algorithm, and sends the digital signature and the transaction data original text to described In block chain.
4. safety method according to claim 3, which is characterized in that when recipient's digital cash client is from the block After obtaining the digital signature and the transaction data original text in chain, further includes:
The transaction data original text is utilized the predetermined Kazakhstan under the credible performing environment by recipient's digital cash client The first summary info is calculated in uncommon algorithm;
Recipient's digital cash client, according to sender's public key, utilizes decipherment algorithm pair under the credible performing environment The digital signature is decrypted to obtain the second summary info;
It trades when first summary info is consistent with second summary info.
5. safety method according to claim 1-4, which is characterized in that when sender's digital cash client or When recipient's digital cash client is under off-line state, further includes:
Described sender digital cash client carries out transaction data certification and data under the credible performing environment Transaction application is sent to recipient's digital cash client after verification;
Recipient's digital cash client is received under the credible performing environment and is verified after the transaction is applied to institute It states sender's digital cash client and returns to confirmation message, and update transaction record;
Described sender digital cash client updates transaction record under the credible performing environment;
Described sender digital cash client and recipient's digital cash client when network state meets condition to The block chain synchronizes the transaction record, and the block chain is made to synchronize the transaction record with corresponding third-party server.
6. safety method according to claim 5, which is characterized in that the acquisition modes packet of the digital cash client It includes:
It obtains the preset digital cash client executable in the safety chip and is installed, or by online Downloading digital cash client executable is simultaneously installed.
7. a kind of security system of digital cash of use based on block chain characterized by comprising
Digital cash client asks that the block chain according to for sending the request of application digital certificate to block chain It asks and carries out user identity and requests verification and return to corresponding customer information to the digital cash client after being verified; According to the customer information, applying digital certificate is sent to safety chip by credible performing environment;It is sent to the block chain Digital cash wallet address makes the block chain obtain number card from authentication center according to digital cash wallet address Book;After receiving the digital certificate that the block chain is sent, sent by the credible performing environment to the safety chip Digital certificate mount request;
The safety chip module for generating key pair and digital cash wallet address according to the customer information, and is led to It crosses the credible performing environment and exports digital cash wallet address to the digital cash client;According to the number card Book mount request installs digital certificate;
The credible performing environment module, for providing credible performing environment.
8. security system according to claim 7, which is characterized in that the digital cash client further include:
Transaction transmission unit, for calculating transaction data original text using predetermined Hash algorithm under the credible performing environment To summary info, and sender's private key is obtained from the safety chip;By the summary info and described sender private key, Digital signature is generated using Encryption Algorithm, and sends the block chain for the digital signature and the transaction data original text In;
Transaction acceptance unit, for calculating the transaction data original text using the predetermined Hash under the credible performing environment The first summary info is calculated in method;According to sender's public key, the digital signature is decrypted to obtain using decipherment algorithm Second summary info;It trades when first summary info is consistent with second summary info.
9. security system according to claim 7 or 8, which is characterized in that the digital cash client further include:
Off-line trading transmission unit, for carrying out transaction data certification and data check under the credible performing environment Transaction application is sent to recipient's digital cash client afterwards;And it credible is held in recipient's digital cash client described After being received under row environment and verifying the transaction application, receives recipient's digital cash client and return to confirmation message, and Update transaction record;
Off-line trading synchronization unit, for when digital cash client it is synchronous to the block chain when network state meets condition The transaction record makes the block chain synchronize the transaction record with corresponding third-party server.
10. a kind of terminal characterized by comprising
Digital cash client end processor, for block chain send application digital certificate request, make the block chain according to The request carries out user identity and requests verification and returns to corresponding visitor to the digital cash client after being verified Family information;According to the customer information, applying digital certificate is sent to safety chip by credible performing environment;To the block Chain sends digital cash wallet address, obtains the block chain from authentication center according to digital cash wallet address Digital certificate;After receiving the digital certificate that the block chain is sent, by the credible performing environment to the safe core Piece sends digital certificate mount request;
The safety chip for generating key pair and digital cash wallet address according to the customer information, and passes through institute It states credible performing environment and exports digital cash wallet address to the digital cash client;Pacified according to the digital certificate Dress request installation digital certificate;
Credible performing environment processor, is used to provide the described credible performing environment.
CN201710056081.0A 2017-01-25 2017-01-25 A kind of safety method, system and the terminal of digital cash of the use based on block chain CN106850200B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710056081.0A CN106850200B (en) 2017-01-25 2017-01-25 A kind of safety method, system and the terminal of digital cash of the use based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710056081.0A CN106850200B (en) 2017-01-25 2017-01-25 A kind of safety method, system and the terminal of digital cash of the use based on block chain

Publications (2)

Publication Number Publication Date
CN106850200A CN106850200A (en) 2017-06-13
CN106850200B true CN106850200B (en) 2019-10-22

Family

ID=59121170

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710056081.0A CN106850200B (en) 2017-01-25 2017-01-25 A kind of safety method, system and the terminal of digital cash of the use based on block chain

Country Status (1)

Country Link
CN (1) CN106850200B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10880077B2 (en) 2019-10-31 2020-12-29 Advanced New Technologies Co., Ltd. Processing blockchain data based on smart contract operations executed in a trusted execution environment

Families Citing this family (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107301521A (en) * 2017-06-26 2017-10-27 深圳前海华深安信物联技术有限公司 Strengthen the method for warehouse receipt transaction security in a kind of warehouse receipt system based on block chain
CN107392601B (en) * 2017-06-26 2020-11-03 中国人民银行数字货币研究所 Application method and system for digital currency wallet
CN107330691B (en) * 2017-06-26 2020-12-15 中国人民银行数字货币研究所 Method and system for paying by digital currency wallet
CN107332900A (en) * 2017-06-27 2017-11-07 山东浪潮商用系统有限公司 A kind of privately owned block chain management platform of support Internet of Things fused business
CN107464111A (en) * 2017-07-10 2017-12-12 北京云知科技有限公司 Block chain wallet address generating method, method of payment, device and electronic equipment based on audio
CN107464110A (en) * 2017-07-10 2017-12-12 北京云知科技有限公司 Block chain wallet address generating method, method of payment, device and electronic equipment based on image
CN107566117B (en) * 2017-07-14 2019-10-29 浙商银行股份有限公司 A kind of block chain key management system and method
CN107240017A (en) * 2017-07-20 2017-10-10 捷德(中国)信息科技有限公司 Block chain trade managing system and method
CN107659402A (en) * 2017-10-18 2018-02-02 浪潮(北京)电子信息产业有限公司 A kind of transaction data endorsement method, device and the medium of digital encryption currency
CN107862782B (en) * 2017-10-27 2020-11-13 贝壳找房(北京)科技有限公司 Lottery drawing method and device based on Ether house block chain
CN108055133B (en) * 2017-12-12 2020-02-14 江苏安凰领御科技有限公司 Key security signature method based on block chain technology
CN108229938A (en) * 2017-12-28 2018-06-29 中国人民银行数字货币研究所 The method and system that a kind of digital cash wallet is opened
CN108430061A (en) * 2018-02-11 2018-08-21 深圳市图灵奇点智能科技有限公司 The method and apparatus that block chain contract is signed by the auxiliary that intelligent mobile phone is realized
CN108768657A (en) * 2018-04-17 2018-11-06 深圳技术大学(筹) A kind of digital certificate based on block platform chain issues system and method
CN108566395A (en) * 2018-04-20 2018-09-21 济南浪潮高新科技投资发展有限公司 A kind of document transmission method, apparatus and system based on block chain
CN110492990A (en) * 2018-05-15 2019-11-22 华为技术有限公司 Private key management method, apparatus and system under block chain scene
CN108764920A (en) * 2018-05-17 2018-11-06 立旃(上海)科技有限公司 Off-line trading method and device based on block chain
CN109126098A (en) * 2018-07-26 2019-01-04 深圳市梵高夫科技有限公司 Contest referee method, system, core node and storage medium based on block chain
CN109409874A (en) * 2018-09-17 2019-03-01 烨链(上海)科技有限公司 Method of payment, offline terminal and online terminal based on block chain
CN109389503A (en) * 2018-09-30 2019-02-26 真相网络科技(北京)有限公司 Block chain account model and implementation method
CN109308410A (en) * 2018-10-16 2019-02-05 翟红鹰 Obtain method, system and the computer readable storage medium of block chain data
CN110008686B (en) * 2018-11-16 2020-12-04 创新先进技术有限公司 Cross-block-chain data processing method and device, client and block chain system
CN109741039A (en) * 2019-01-07 2019-05-10 深圳市红砖坊技术有限公司 Bookkeeping methods, terminal device, digs mine node and mine pond at mine pool server
WO2020168564A1 (en) * 2019-02-22 2020-08-27 王健 Method and device for digital currency transaction and account authentication, and storage medium
CN110945550A (en) 2019-04-03 2020-03-31 阿里巴巴集团控股有限公司 Processing and storing blockchain data in a trusted execution environment
JP2020525875A (en) * 2019-04-03 2020-08-27 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited Processing blockchain data based on smart contract behavior executed in a trusted execution environment
CN110188138A (en) * 2019-04-25 2019-08-30 阿里巴巴集团控股有限公司 Data synchronous system, method, apparatus and electronic equipment based on alliance's chain
CN110135992A (en) * 2019-05-14 2019-08-16 北京智签科技有限公司 The acquisition methods and acquisition device of block chain network Fabric-CA digital certificate
CN110290108B (en) * 2019-05-17 2020-10-13 深圳市网心科技有限公司 Data processing method, system and related equipment in block chain network
WO2020233423A1 (en) * 2019-05-20 2020-11-26 创新先进技术有限公司 Receipt storage method and node based on transaction type
CN110266659B (en) * 2019-05-31 2020-09-25 联想(北京)有限公司 Data processing method and equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801029A (en) * 2004-12-31 2006-07-12 联想(北京)有限公司 Method for generating digital certificate and applying the generated digital certificate
CN101841525A (en) * 2010-03-02 2010-09-22 中国联合网络通信集团有限公司 Secure access method, system and client
CN102594558A (en) * 2012-01-19 2012-07-18 东北大学 Anonymous digital certificate system and verification method of trustable computing environment
CN105556551A (en) * 2013-09-30 2016-05-04 苹果公司 Online payments using a secure element of an electronic device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2984888A1 (en) * 2015-05-05 2016-11-10 ShoCard, Inc. Identity management service using a block chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1801029A (en) * 2004-12-31 2006-07-12 联想(北京)有限公司 Method for generating digital certificate and applying the generated digital certificate
CN101841525A (en) * 2010-03-02 2010-09-22 中国联合网络通信集团有限公司 Secure access method, system and client
CN102594558A (en) * 2012-01-19 2012-07-18 东北大学 Anonymous digital certificate system and verification method of trustable computing environment
CN105556551A (en) * 2013-09-30 2016-05-04 苹果公司 Online payments using a secure element of an electronic device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Blockchain for the Internet of Things: A systematic literature review;Marco Conoscenti;《2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA)》;20161202;全文 *
Generating Correlated Digital Certificates: Framework and Applications;Wentao Zhu;《IEEE Transactions on Information Forensics and Security》;20160112;全文 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10880077B2 (en) 2019-10-31 2020-12-29 Advanced New Technologies Co., Ltd. Processing blockchain data based on smart contract operations executed in a trusted execution environment

Also Published As

Publication number Publication date
CN106850200A (en) 2017-06-13

Similar Documents

Publication Publication Date Title
US10630667B2 (en) Client, server, method and identity verification system
US10313110B2 (en) Efficient methods for protecting identity in authenticated transmissions
JP2019180097A (en) Method and system of cloud base transaction
AU2015264124B2 (en) Offline authentication
US9231944B2 (en) Method and apparatus for the secure authentication of a web site
CN105103488B (en) By the policy Enforcement of associated data
US20180359092A1 (en) Method for managing a trusted identity
US20160140545A1 (en) Cloud-based transactions with magnetic secure transmission
CN104753917B (en) Key management system and method based on ID
US8833648B1 (en) Dynamic credit card security code via mobile device
AU2010315111B2 (en) Verification of portable consumer devices for 3-D secure services
US9083533B2 (en) System and methods for online authentication
RU2710897C2 (en) Methods for safe generation of cryptograms
CA2937850C (en) Verification of portable consumer devices
CN108352015A (en) The anti-loss storage of Secure for the system combination wallet management system based on block chain and encryption key transfer
JP6514218B2 (en) Client authentication using social data
US6073237A (en) Tamper resistant method and apparatus
US20170124535A1 (en) Systems and methods for securing cryptocurrency purchases
CN105453483B (en) For method and apparatus derived from the key based on image
AU2009322102B2 (en) System and methods for online authentication
CN102006271B (en) IP address secure multi-channel authentication for online transactions
US9112842B1 (en) Secure authentication and transaction system and method
CN102339370B (en) The security method of electronic document, safety system and verification system
US8302173B2 (en) Providing a user device with a set of access codes
US7362869B2 (en) Method of distributing a public key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information

Inventor after: Yao Qian

Inventor after: Xu Zhong

Inventor after: Zhang Yifeng

Inventor before: Zhang Yifeng

Inventor after: Yao Qian

Inventor after: Xu Zhong

Inventor after: Zhang Yifeng

Inventor before: Zhang Yifeng

TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20171110

Address after: Hangzhou City, Zhejiang province 310007 Xihu District Lingyin ad tower Room 903

Applicant after: Zhongchao Credit Card Industry Development Co., Ltd. Hangzhou blockchain Technology Research Institute

Address before: 100176 Beijing Daxing District Economic Development Zone, 28 Fang Fang Road 2, one floor, room 101

Applicant before: Zhongchao Credit Card Industry Development Co., Ltd. Beijing smart card technology research institute

Effective date of registration: 20171110

Address after: Hangzhou City, Zhejiang province 310007 Xihu District Lingyin ad tower Room 903

Applicant after: Zhongchao Credit Card Industry Development Co., Ltd. Hangzhou blockchain Technology Research Institute

Address before: 100176 Beijing Daxing District Economic Development Zone, 28 Fang Fang Road 2, one floor, room 101

Applicant before: Zhongchao Credit Card Industry Development Co., Ltd. Beijing smart card technology research institute

CB03 Change of inventor or designer information
GR01 Patent grant
GR01 Patent grant