CN107273514A - A kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system - Google Patents

A kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system Download PDF

Info

Publication number
CN107273514A
CN107273514A CN201710475499.5A CN201710475499A CN107273514A CN 107273514 A CN107273514 A CN 107273514A CN 201710475499 A CN201710475499 A CN 201710475499A CN 107273514 A CN107273514 A CN 107273514A
Authority
CN
China
Prior art keywords
data
card
hash
inspecting
deposit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710475499.5A
Other languages
Chinese (zh)
Inventor
陈华冠
张德辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cloud Card Network Hangzhou Science And Technology Co Ltd
Original Assignee
Cloud Card Network Hangzhou Science And Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cloud Card Network Hangzhou Science And Technology Co Ltd filed Critical Cloud Card Network Hangzhou Science And Technology Co Ltd
Priority to CN201710475499.5A priority Critical patent/CN107273514A/en
Publication of CN107273514A publication Critical patent/CN107273514A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/30Information retrieval; Database structures therefor; File system structures therefor of unstructured textual data
    • G06F16/31Indexing; Data structures therefor; Storage structures
    • G06F16/316Indexing structures
    • G06F16/325Hash tables
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data

Abstract

The present invention provide a kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system, wherein, a kind of inspection method, including log in and deposit card side;Confirm to need that is inspected to deposit card data;The card data of depositing are encoded to readable data block by predetermined format;According to the program of inspecting, hash algorithm combination is confirmed, and the cryptographic Hash for calculating the readable data block is combined according to the hash algorithm, and generate corresponding Hash value list;The Assembly Listing of identifier, the size of the readable data block, the Hash value list and the hash algorithm combination of card data is deposited described in obtaining;Using the identifier as index, the Assembly Listing of size, the Hash value list and the hash algorithm combination of the readable data block is preserved;In the present invention, inspect party subsystem and the card data of depositing for depositing card party subsystem are monitored using hash algorithm, to improve the public credibility for depositing card side.

Description

A kind of inspection method and application its inspect subsystem and data deposit signed certificate administration link System
Technical field
The present invention relates to a kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system, especially Be related to a kind of inspection method based on multiple hash algorithm and application its inspect subsystem and data deposit signed certificate administration chain-circuit system.
Background technology
Internet industry is developed rapidly, and the main carriers that each traditional industries obtains new development, electronics are had become at present Data instead of paper material, and the advantage such as its high efficiency and easy storage is fairly obvious, however, in judicial process, electron number According to easy seamlessization modification, easily loss the features such as again turn into influence its as evidence greatest problem.
It is not enough in order to make up these, mainly generate following two methods on technical market and these electronic data are deposited Card:
1st, copy method:While electronic data is generated, data trnascription is consigned into the independent card side that deposits and preserved, will be sent a telegram here When subdata needs to turn into evidence, the copy contrast for depositing card side is transferred, two number formularies are according to consistent, you can prove the original of data Property.
However, copy method is in addition to data volume is too big, this method is also not suitable for using under most of scenes, because Many data are directed to privacy of user or business secret, it is impossible to carrying out original text backup in advance.
2nd, epitome method:Data trnascription preserves many problems, is exactly copy data amount under some scenes the problem of maximum Very big, preserving copy, overburden, and epitome method just solves this problem, and data side, will while initial data is generated The summary of data, which is sent to, deposits the preservation of card side, greatly reduces size of data, due to the anti-collision of digest algorithm, data side is big Most modification data original text behaviors, all can be deposited card side and be discovered, so also be ensured because data summarization value can not be kept constant The anti-distorts of data.
However, single epitome method sixty-four dollar question is that its conflict space is not big enough, being collided by digest algorithm is influenceed, and is made There is leak in the administration of justice into this card mode of depositing.
In addition, if it is not the judicial authority for possessing notarial function to deposit card side, the public credibility of its data signing link is inadequate, It not can prove that data are changed jointly without both sides.
The content of the invention
In order to overcome the deficiencies in the prior art, the invention provides a kind of inspection method based on multiple hash algorithm and should With its inspect subsystem and data deposit signed certificate administration chain-circuit system, the side of inspecting demonstrate,proves data and encoded and Hash to depositing depositing for card side Computing, and cryptographic Hash is preserved, deposit whether card data are tampered for judgement during to collect evidence, the public letter for depositing card side is improved whereby Power, the technical scheme that it is specifically used is as follows:
A kind of inspection method, comprises the following steps:
Card side is deposited in login;
Confirm to need that is inspected to deposit card data;
The card data of depositing are encoded to readable data block by predetermined format;
According to the program of inspecting, hash algorithm combination is confirmed, and the readable number is calculated according to hash algorithm combination According to the cryptographic Hash of block, and generate corresponding Hash value list;
Obtain and described deposit the identifier for demonstrate,proving data, the size of the readable data block, the Hash value list and described The Assembly Listing of hash algorithm combination;
Using the identifier as index, size, the Hash value list and the Kazakhstan of the readable data block are preserved The Assembly Listing of uncommon algorithm combination.
It is preferred that, the card data of depositing include the cryptographic Hash after the initial data progress Hash operation of data side.
It is preferred that, in addition to step:
Salt figure encryption is carried out to the readable data block, and the salt figure is calculated according to hash algorithm combination encrypting The cryptographic Hash of readable data block afterwards;
Obtain the encryption salt figure;
Using the identifier as index, the encryption salt figure is preserved;
Record deposits the card time.
It is preferred that, in addition to step:
The card side that deposits arranges the identifier for depositing card data, the size of the readable data block, the cryptographic Hash Table, the Assembly Listing of hash algorithm combination and encryption salt figure encryption are back to the side of inspecting.
It is preferred that, it is described to confirm to need the card data of depositing inspected to be to deposit card data record according to what is inspected, Inquiring this needs that is inspected to deposit card data;
Or be periodically to confirm to need that is inspected to deposit card data;
Or be to confirm to promptness to need that is inspected to deposit card data;
Or be to confirm to redundancy to need that is inspected to deposit card data.
It is preferred that, in addition to step, judge the digest value for inspecting program that is present in card side whether with the side of inspecting The digest value for inspecting program is consistent;
If consistent, the program of inspecting deposited according in card side carries out salt figure encryption and Hash operation;
If inconsistent, by the program of inspecting of the side of inspecting be uploaded to it is described deposit card side, further according to the side of inspecting Inspect program and carry out salt figure encryption and Hash operation.
It is preferred that, it is that the side of inspecting deposits card side by safety shell protocol Telnet that card side is deposited in the login.
Inspection method described in a kind of application any of the above inspects subsystem, including:
Login module, card side is deposited for logging in;
Module is confirmed, for confirming to need that is inspected to deposit card data;
Coding module, for the card data of depositing to be encoded into readable data block by predetermined format;
Computing module, for according to program is inspected, the Hash for calculating the readable data block to be combined using hash algorithm Value, and generate corresponding Hash value list;
Acquisition module, for obtaining identifier, the size of the readable data block, the Hash for depositing card data Value list and the Assembly Listing of hash algorithm combination;
Memory module, for using the identifier as index, preserving size, the cryptographic Hash of the readable data block List and the Assembly Listing of hash algorithm combination.
A kind of data of inspection method described in application any of the above deposit signed certificate administration chain-circuit system, including:Deposit card side and The side of inspecting;
The card side that deposits includes:
Card side's data memory module is deposited, for using the identification information of initial data as index, preservation to include described original The cryptographic Hash of data deposits card data;
Order receiver module:Inspect order for receive that the side of inspecting sends and/or inspect program;
Program runs module:Described program is inspected for running;Described program operation module includes data validation unit, number According to coding unit, hash algorithm unit;
The data validation unit, for confirming that needs deposit card data described in being inspected;
The data encoding unit, for the card data of depositing to be encoded into readable data block by predetermined format;
The hash algorithm unit, for inspecting program according to, the Assembly Listing combined using hash algorithm is calculated The cryptographic Hash of the readable data block, and generate corresponding Hash value list;
Data back module, for depositing the identifier for demonstrate,proving data, the size of the readable data block, the Kazakhstan by described Uncommon value list, the Assembly Listing encryption of hash algorithm combination are back to the side of inspecting;
The side of inspecting includes:
Run command module, for deposit card method, system send inspect program operation order;
The side's of inspecting data reception module, for receive it is described deposit card side send described in deposit and demonstrate,prove the identifiers, described of data The size of readable data block, the Hash value list, the Assembly Listing of hash algorithm combination;
The side's of inspecting data memory module, for using the identifier for depositing card data as index, preservation is described accordingly can The size of the property read data block, the Hash value list, the Assembly Listing of hash algorithm combination.
It is preferred that, in addition to data side;
The data side by the initial data according to it is described deposit card side agreement hash algorithm will be described original Data carry out Hash operation and obtained after the cryptographic Hash of the initial data, and the cryptographic Hash of the initial data is sent to described and deposited Card side;
Or the data side by the position of the initial data or initial data be sent to it is described deposit behind card side, by institute State and deposit card side according to the Hash hash algorithm arranged with the data side to initial data progress cryptographic Hash computing, obtain institute State the cryptographic Hash of initial data.
Compared with prior art, the beneficial effect of the technical program is:The inspection method that the present invention is provided is to depositing card side Deposit card data and carry out Hash operation, the side of inspecting is stored to the cryptographic Hash after computing, further increases the anti-tamper of data Property, improve the public credibility for depositing card side.
Brief description of the drawings
Fig. 1 is a kind of FB(flow block) of the inspection method based on multiple hash algorithm;
Fig. 2 is a kind of structured flowchart for inspecting party subsystem based on multiple hash algorithm;
Fig. 3 is that a kind of data based on multiple hash algorithm deposit the structured flowchart that signed certificate affixes one's name to chain-circuit system;
Fig. 4 is the structured flowchart that a kind of program for depositing card side runs module.
Embodiment
Below in conjunction with the accompanying drawings, by specific embodiment, clear, complete description is carried out to technical scheme.
Fig. 1 is refer to, the invention provides a kind of inspection method based on multiple hash algorithm, is comprised the following steps:
S11), log in and deposit card side:The side of inspecting logs in and deposits card side;
S12), confirm to need that is inspected to deposit card data:The side of inspecting logs in and deposited behind card side, confirms to deposit the need of card side's storage That is inspected deposits card data;
S13), it is readable data block by the card data encoding of depositing:The card data of depositing are encoded to by predetermined format Readable data block;
S14), the cryptographic Hash of the readable data block is calculated:According to the program of inspecting, hash algorithm combination, and root are confirmed The cryptographic Hash for calculating the readable data block is combined according to the hash algorithm, and generates corresponding Hash value list;To improve Anti-collision, it is preferred that hash algorithm combination includes multiple hash algorithms, such as including md5, sha1, sha-224, 3 in sha384 or more than 3.
S15), the data such as the cryptographic Hash are obtained:Identifier, the readable number for demonstrate,proving data are deposited described in obtaining in the side of inspecting The Assembly Listing combined according to the size of block, the Hash value list and the hash algorithm;
S16), using identifier as index, the data such as the cryptographic Hash are preserved:The side of inspecting is protected using the identifier as index Deposit the Assembly Listing of size, the Hash value list and the hash algorithm combination of the readable data block.
Inspecting request can be sent by the side of inspecting, and can also be sent by depositing card side.Which side, no matter being sent by, it should all perform Step S11-S16.Deposit behind card side, run on the platform for deposit card side specifically, step S12, S13, S14 are logged in by the side of inspecting, Operation inspects program with above-mentioned functions such as on the platform for deposit card side.After step S12, S13, S14 are finished, inspection Implementing result is obtained depending on side;The implementing result includes depositing the identifier of card data, the size of readable data block, cryptographic Hash row Table and the Assembly Listing of hash algorithm combination.Specifically, implementing result can return to the side of inspecting by depositing card side, can also be by examining Depending on Fang Congcun card sides active obtaining, but whether which kind of mode, the side of inspecting will all obtain implementing result.The side of inspecting obtains and performs knot After fruit, step S16 is performed.
In one embodiment, the card data of depositing include the cryptographic Hash after initial data progress Hash operation.The original Beginning data renew data demonstrate,proving or inspect, being likely to occur disagreement after being carried out for needs;Such as loan information.Meanwhile, it is former Beginning data must be maintained in data side, and the effect of data side is record act of party information, such as loan information.So, The initial data that data side is preserved, based on this, is carried out after Hash operation it is necessary to have very high authenticity to initial data, will To cryptographic Hash be stored in card side, when disputing on, answer any party concerned requests, deposit authenticity of the card side to the initial data Verified;Specifically, calculating the cryptographic Hash of data to be demonstrate,proved according to same Hash operation, and enter with the cryptographic Hash of initial data Row compares, only when both are consistent, just can be shown that data to be demonstrate,proved are not tampered with for initial data, i.e. initial data;In order to carry High reliability, can simultaneously increase and deposit the card time, and the various parameters such as size of initial data carry out auxiliary checking.In the present embodiment, Deposit during card, employed a Hash operation, due to the irreversibility of Hash operation, largely can confirm that The authenticity of data.And in the present embodiment, the side of inspecting also carries out Hash operation again to depositing card data, advantageously in confirmation number According to authenticity.
Therefore, in the inspection method that the present embodiment is provided, data is further increased by multilevel hash algorithm computing and prevented Tamper, and the present invention, for possessing the side of inspecting of notarial function, only the cryptographic Hash to data is stored, data volume Very small, without concurrent pressure, operation cost is very low, and is inspected by possessing the side of inspecting of notarial function depositing card side, Improve the public credibility for depositing card side.
In order to further improve the authenticity of data tamper-resistance properties and evidence, in another embodiment, the inspection method Also include step:Salt figure is encrypted;Specifically, salt figure encryption is carried out to the readable data block, and according to the hash algorithm Combination calculates the cryptographic Hash of the readable data block after the salt figure encryption;
Obtain the encryption salt figure;
Using the identifier as index, the salt figure is preserved;
Record deposits the card time.
The present embodiment is encrypted by combining salt figure on the basis of hash algorithm, has carried out duplicate protection and checking, thoroughly Collision path has been cut off, the tamper-resistance properties of data are further increased, that is, has caused initial data to be tampered and be not found to turn into Impossibility, and increase deposits the card time, many certificate parameters, the authenticity that ensure that evidence of various dimensions, even if breathing out Uncommon value etc. is the same, deposits that the card time is different, and data to be demonstrate,proved are not just that initial data, i.e. initial data are tampered with, it is impossible to as having Imitate evidence.
In the present embodiment, confirmation, coding, salt figure encryption and Hash fortune have been carried out to depositing card data when inspecting Fang Cun card sides After calculation, it is preferred that by depositing card side by identifier, the size of the readable data block, the Hash for depositing card data Value list, the Assembly Listing of hash algorithm combination and encryption salt figure encryption are back to the side of inspecting, and right by the side of inspecting All data are preserved, during to collect evidence, and confirm whether data are tampered for contrasting.
JSON (JavaScript Object Notation, JS object tag) is a kind of data exchange lattice of lightweight Formula.Its a subset based on ECMAScript specifications, is stored and table using the text formatting of programming language is totally independent of Registration evidence is succinct to cause JSON to turn into preferable data interchange language with clearly hierarchical structure, it is easy to which that people reads and write, together When be also easy to machine parsing and generate, and effectively lift network transmission efficiency.It is preferred, therefore, that in the present invention, being encoded Predetermined format be JSON, the readable data block be JSON data blocks.
In one embodiment, it is described to confirm to need the card data of depositing inspected to be to deposit card according to what is inspected Data record, inquiring this needs that is inspected to deposit card data;Such as, when last time is inspected, card is deposited by first 10 Data are inspected, then what this execution was inspected deposits the then execution since Sub_clause 11 of card data;Again such as, last time is inspected Time be A, then this execution inspect deposit card data should be the later data of time A.
It is described to confirm to need that is inspected to deposit card data periodically to confirm to need to be examined in another embodiment Depending on deposit card data;Such as, deposited and once inspected in units of demonstrate,proving data by every 5, that is, the side of inspecting deposits card data by this 5 and made For an entirety, encoded, Hash operation (or simultaneously carry out salt figure encryption).Again such as, using the time as cycle, the side of inspecting Card data of depositing to every 3 days are once inspected.
It is described to confirm to need the card data of depositing inspected to confirm to need to be examined for promptness in another embodiment Depending on deposit card data;This method be particularly suited for from deposit card side actively to the side of inspecting propose inspect request, i.e., whenever deposit card side guarantor Deposit after card data, sent to the side of inspecting inspect request immediately, the side of inspecting deposits card data to every and performs coding, Hash operation Deng operation.
It should be noted that it is one-to-one relation to deposit card data and initial data, the confirmation needs to be inspected Deposit card data regardless of validation testing, all need to deposit card side deposit demonstrate,prove it is that data are traveled through, timely inspect, be Further improve confidence level, can also carry out inspecting for redundancy, i.e., to it is same deposit card data carry out it is multiple, repeating, many Inspecting for angle, such as deposit card data to first 5 and inspect, second is inspected first 10, third time for the first time The 6-15 articles is inspected.In the present invention, the side of inspecting is the proprietary information system of notarial office, and it may occur for future Data primitiveness notary service is asked, and the card data of depositing for depositing card side are carried out in real time in advance in the just service request of data primitiveness Inspect, and in the inspection method of the invention provided, the side of inspecting unidirectionally inspects and deposits card side, with strong buffer action, effectively ensures The authenticity of evidence.
In one embodiment, the inspection method also includes step:Judge to be present in the program of inspecting in card side Whether digest value is consistent with the digest value for inspecting program for the side of inspecting;
If consistent, the program of inspecting deposited according in card side carries out salt figure encryption and Hash operation to depositing card data;
If inconsistent, the side of inspecting by the program of inspecting of the side of inspecting be uploaded to it is described deposit card side, further according to the inspection Program of inspecting depending on side carries out salt figure encryption and Hash operation to depositing card data.
In one embodiment, it is that the side of inspecting is deposited by safety shell protocol (ssh) Telnet that card side is deposited in the login Card side.
Based on all kinds of inspection methods disclosed in the embodiments of the present invention, the embodiment of the present invention, which is also corresponded to, discloses corresponding Subsystem is inspected, as shown in Figure 2;Fig. 2 is that one kind disclosed in the embodiment of the present invention inspects subsystem, is mainly included:
Login module 11:Card side is deposited for logging in;
Confirm module 12:For confirming to need that is inspected to deposit card data;
Coding module 13:For the card data of depositing to be encoded into readable data block by predetermined format;
Computing module 14:For according to program is inspected, the Kazakhstan for calculating the readable data block to be combined using hash algorithm Uncommon value, and generate corresponding Hash value list;
Acquisition module 15:For obtaining the identifier for depositing card data, the size of the readable data block, the Kazakhstan Uncommon value list and the Assembly Listing of hash algorithm combination;
Memory module 16:For using the identifier as index, preserving the size of the readable data block, the Hash Value list and the Assembly Listing of hash algorithm combination.
Based on all kinds of inspection methods disclosed in the embodiments of the present invention, the embodiment of the present invention, which is also corresponded to, discloses corresponding Data deposit signed certificate administration chain-circuit system, as shown in Figure 3;Fig. 3 is that a kind of data disclosed in the embodiment of the present invention deposit link system of signed certificate administration System, mainly includes:Deposit card side 2 and the side of inspecting 3;
The card side 2 that deposits includes:
Card side's data memory module 21 is deposited, for using the identification information of initial data as index, preservation to include the original The cryptographic Hash of beginning data deposits card data;
Order receiver module 22:Inspect order for receive that the side of inspecting sends and/or inspect program;
Program runs module 23:Described program is inspected for running;Wherein, as shown in figure 4, program operation module 23 includes Data validation unit 231, data encoding unit 232, hash algorithm unit 233;
The data validation unit 231, for confirming that needs deposit card data described in being inspected;
The data encoding unit 232, for the card data of depositing to be encoded into readable data block by predetermined format;
The hash algorithm unit 233, for inspecting program according to, the composite column meter combined using hash algorithm The cryptographic Hash of the readable data block is calculated, and generates corresponding Hash value list;
Data back module 24, for by it is described deposit the card identifier of data, it is the size of the readable data block, described Hash value list, the Assembly Listing encryption of hash algorithm combination are back to the side of inspecting;
The side of inspecting 3 includes:
Run command module 31, for deposit card method, system send inspect program operation order;
The side's of inspecting data reception module 32, for receive it is described deposit card side send described in deposit the identifier for demonstrate,proving data, institute State the size of readable data block, the Hash value list, the Assembly Listing of hash algorithm combination;
The side's of inspecting data memory module 33, for using the identifier for depositing card data as index, preserving corresponding described The size of readable data block, the Hash value list, the Assembly Listing of hash algorithm combination.
It is preferred that, the data, which deposit signed certificate administration chain-circuit system, also includes data side;Data side, which is provided, to be needed to carry out depositing card Initial data.
In one embodiment, the initial data is deposited the Hash that card side arranges by the data side according to described Algorithm obtains initial data progress Hash operation after the cryptographic Hash of the initial data, by the Hash of the initial data Value sends and deposits card side to described;In the present embodiment, to the Hash operation of initial data, also completed in data side, without will be original Data, which are sent to, deposits card side, and the confidentiality of data has been effectively ensured.And deposit card side and need to preserve and include the Hash of the initial data The identifier of value and initial data deposits card information, without preserving initial data, greatly reduces the need for depositing card to memory space Ask.
In another embodiment, the position of the initial data or initial data is sent to described by the data side Deposit behind card side, card side is deposited according to the Hash hash algorithm arranged with the data side to initial data progress Hash by described It is worth computing, obtains the cryptographic Hash of the initial data.In the present embodiment, the Hash operation of initial data is to deposit the progress of card side, But deposit card side and complete after computing, initial data can be abandoned, therefore be also substantially reduced the need for reducing and depositing card to memory space Ask.
According to above-mentioned inspection method, it is preferred that described program operation module also includes salt figure encrypting module, specifically, root Salt figure is encrypted according to Program Generating is inspected;The encryption salt figure is used to carry out salt figure encryption to the readable data block;To described Readable data block is carried out after salt figure encryption, and the readable number calculated after the salt figure encryption is combined further according to the hash algorithm According to the cryptographic Hash of block.The present embodiment is encrypted by salt figure, further increases the security of system and the authenticity of evidence.
Below by taking a specifically used scene as an example, the present invention is further detailed.The present embodiment is flat with certain P2P Depositing for platform is illustrated exemplified by card business:
Data side:Certain P2P platform, carry it is individual-to-individual turn lending and borrowing business, initial data includes the use of real-name authentication The information such as family information, lending side's transaction record, lender transaction record;Because the requirement of business, the real-name authentication letter of its user Breath and the debt-credit business information such as bill, be cannot be leaked to it is third-party, unless in the case where there is dispute, Shuan Fangcai The third party of public credibility can be agreed to some initial data for being related to dispute being supplied to, examined as notarization evidence or judicial expertise Material, or further submit to judicial arbitration ruling.
Now, due to there is commission and relation of being commissioned between P2P platforms and client, and platform itself exists between client Debtor-creditor relationship, platform itself is related to the interests of data, i.e., platform has the motivation of modification data at a certain moment in the future.Platform In order to improve public credibility, the very first time generated in initial data (accounting data etc.) needs to deposit card to third party (depositing card side), During in case there is dispute in the future, it was demonstrated that the authenticity of initial data.
Deposit card side:It is the undertaking people for depositing card business for having cooperative relationship with data side to deposit card side, and it is business with data side Cooperative relationship, is entrusted by data side, the preservation of the paid cryptographic Hash that initial data is provided for data side;Data side is in generation every The very first time of business datum, all should according to both sides prior agreement, by initial data data carry out one or more Kazakhstan Uncommon algorithm process, obtained result, which is reached, deposits the preservation of card side.
The side of inspecting:The commission of card side is deposited in receiving, condition monitoring in advance is carried out to depositing card database, to prove its data afterwards To be not tampered.The side of inspecting and data side and card side is deposited all without direct interest relations, generally there is the department of notarial function Method mechanism.
The present embodiment deposit card flow it is as follows:
Data side in the running of system, user's real-name authentication data and accounting data (etc. may occur in the future The initial data of dispute) after generation is preserved, its system trigger one deposits card process for data Layer, is responsible for specially newly-generated Initial data (business datum) to deposit card side send.
Initial data deposit card flow be:
Determine that needs deposit the newly-generated initial data of card;
By data according to the good said shank of provisions for negotiations is that (id containing user etc. believes JSON data blocks in advance with depositing card side Breath);
Calculate multiple cryptographic Hash of the JSON data blocks, as md5, sha1, sha-224, sha384 (no less than 3 It is individual), the algorithm list for consulting to determine according to prior both sides calculates the Hash value list of the JSON data blocks;
The size of the JSON data blocks, Hash value list and customer identification number (id) are sent to the data for depositing card side and deposited Demonstrate,prove interface;
Card side is deposited using user id as index, the data are preserved as card data are deposited, and write down and deposit the card time;
It is preferred that, it is all deposit card data entering stock card when, be it is each deposit card data set one from increase deposit card id, So that the business sequential logic of card data is deposited in the side's of inspecting verification in the future.
In the present embodiment, inspect flow and actively initiated by the side of inspecting.The side of inspecting is generally the proprietary information system of notarial office, It is carrying out viewed in real time to the data for depositing card side in advance for the data primitiveness notary service request that may occur future. The side of inspecting unidirectionally inspects and deposits card side in the present invention, with strong buffer action.The program of inspecting is periodically or randomness is run, To depositing, depositing for card side is that card data are traveled through, redundancy, timely inspect, and in the present embodiment, specifically inspecting flow is:
The side of inspecting card side is deposited by ssh Telnets;It is preferred that, logged in certificate mode, using Data Encryption Transmission;
Check whether the digest value for inspecting program deposited on card method, system is correct;Judge that depositing card side inspects program Digest value and whether completely the same for the digest value for inspecting program of the side of inspecting inspected;If consistent, directly utilize and deposit The program of inspecting of card side performs subsequent step;If inconsistent, the program of inspecting that will be stored in the side of inspecting is uploaded to and deposits card temporarily Side, subsequent step is performed using the program of inspecting uploaded temporarily;
Deposit the operation of card side and inspect program, determine that this inspects the hash algorithm combination (being no less than 3) used at random first, Hash algorithm Assembly Listing is generated, random generation participates in the salt figure of encryption;
The data record that program had been inspected according to system is inspected, inquiring this needs that is inspected to deposit card data Record list;
By data according to the said shank prespecified with depositing card side be JSON data blocks;
Salt figure encryption is carried out to the JSON data blocks, the JSON data blocks after salt figure encryption are obtained;
The random Harsh value for calculating the JSON data blocks after salt figure encryption is combined according to the hash algorithm of determination, is breathed out Uncommon value list;
Corresponding deposit of card data record of depositing inspected is demonstrate,proved into data id (combination), the size of JSON data blocks, Hash Value list, hash algorithm Assembly Listing, encryption salt figure are returned to by the encryption of ssh pipelines and inspect main frame;It should be noted that working as Inspected deposit card data for it is a plurality of when, then it is to deposit card data id combination to deposit and demonstrate,prove data record corresponding;When what is inspected When depositing card data for wall scroll, then deposit single deposit of card data record correspondence and demonstrate,prove data id.In addition, the effect for depositing card data id is to discriminate between Card data are deposited, corresponding card data, same initial data identifier are deposited to be quickly found out during collecting evidence, coming to testify in the future It is that their concrete form is not limited, and can be identifier (id) in order to which future can be quickly found out corresponding initial data, It can be user name etc..
Fang Yicun card data id (combination) are inspected to index, above-mentioned data are preserved, and write down and deposit the card time.
Corresponding, flow is saved in the evidence obtaining of the present embodiment from damage:
It is, according to customer requirement actively initiation, data to be demonstrate,proved to be submitted to card side is deposited by data root that flow is saved in evidence obtaining, which from damage,.Need Illustrate, data to be demonstrate,proved are the data for being likely to become evidence, if data to be demonstrate,proved are not tampered with, it is exactly initial data, Evidence can be turned into.Idiographic flow is:
Data side receives customer requirement, it is necessary to by certain section or a few sections of operation data (data to be demonstrate,proved) makes evidence obtaining Processing, to consult, reconcile or submit the administration of justice in the future.The most important condition that the data turn into evidence is exactly that data must be original Unmodified.
In the present embodiment, in order to obtain the identification of data primitiveness to be demonstrate,proved, real name data is submitted to card side is deposited by user elder generation, Mandate deposits card side and transfers data to be demonstrate,proved.
The data block location of collect evidence security requirements and data to be demonstrate,proved is sent to and deposits card side by data side, deposits card bearing data side Called data block original text.
Deposit card side to calculate the data block size and consult to determine that hash algorithm calculates corresponding cryptographic Hash by advance, respectively Card data (size and cryptographic Hash that include the corresponding readable data block of initial data) contrast is deposited with depositing in card database;Enter One step, what participation was contrasted also includes depositing the card time;If contrast has a failure, prove data to be demonstrate,proved with initial data not Together, the data block of data to be demonstrate,proved is abandoned, evidence obtaining is saved from damage unsuccessfully.All contrasts are consistent, and data to be demonstrate,proved as initial data completes to take Card saves flow from damage, and the data flow is stored to preservation of evidence database.
The flow of coming to testify of this example is as follows:
Save from damage in evidence obtaining in the case that flow successfully completes, user for administration of justice needs, can such as carry depositing card side's platform Go out notarization application, after online agency by agreement formality and payment expense is completed, deposit the alternative family in card side and initiate Shen to the side of inspecting Please data primitiveness notarization application.Flow is as follows:
User submits the request of application notarization.
User's on-line payment notarization fee is used and signature agency by agreement book, and mandate deposits card side staff on behalf of notarizing Affairs.
Deposit card side and send notarization application online to the side of inspecting, obtain after the latter agrees to, deposit card number by data to be demonstrate,proved are corresponding According to deposit card position and deposit and demonstrate,prove the corresponding readable data block original text of data and issue the side of inspecting, while need by it is pre-determined, Sent in the lump when inspecting to carry out the hash algorithm Assembly Listing of Hash operation to depositing card data.
The side of inspecting is received after above-mentioned data, calculates the size and Hash of the corresponding readable data block of data to be demonstrate,proved Value list is simultaneously compared one by one, check deposit card side deposit demonstrate,prove Data Position record whether be consistent with this.
Such as it is consistent, judges to inspect in database and to deposit the related all records of card data, and checking data sequential logic to this, With the primitiveness examined data to be demonstrate,proved, deposit card data;Start automatic program of coming to testify, complete electronic notarization book, return to download address To depositing card side.
It is not inconsistent if any any one, failure terminating of coming to testify, writing task abnormality, notice deposits card side and retracts formality.
In summary, the present invention ensures the isolation of data by the one-way of hash algorithm, it is ensured that enterprise, which carries out, deposits card The security of operation data is not influenceed while business.By multiple hash algorithm, the anti-collision of single hash algorithm is improved Property, it is ensured that the not alterability of data.Data side deposits card in the method for multiple cryptographic Hash in the present embodiment, it is to avoid single Kazakhstan The risk of collision of uncommon algorithm, it is entirely avoided each cryptographic Hash keeps constant possibility to initial data by modification from now on, is protected Data are demonstrate,proved and have initially entered and can not distort the stage from the card time is deposited.The side of inspecting is with random multiple hash algorithms to depositing card side Deposit card data to be solidified, while can select by adding random salt figure progress salt figure encrypting storing, with data side and depositing card side The isolation of complete physical isolation and AES is accomplished, so depositing card number formulary evidence can not accomplish in the unwitting situation in the side of inspecting Lower modification.
It is present in card flow and multistage, the multiple hash algorithm inspected in flow, the anti-modification to initial data is Strengthen step by step, this intensity possesses the redundancy of abundance, even if previous stage deposits card, Dependability Problem occurs in flow, as long as inspecting Side is the notary organization for possessing public credibility, can not also provide data primitiveness notarization, system has extremely strong sensitiveness.
And this patent employs the mode of multiple Hash, it is aided with the mode of former size of data checking, greatly improves single The security of hash algorithm, according to initial estimate, using sha-1+md5 combinations, 4,300,000,000 are improved than single md5 modes security Times, if along with sha-224, difficulty can lift 2.7x10^67 times, in principle in the absence of the possibility being cracked, and possess again Very strong one-way, make to deposit card business does not influence the business secret and privacy of user of data completely.
Although the present invention is disclosed as above with preferred embodiment, it is not for limiting the present invention, any this area Technical staff without departing from the spirit and scope of the present invention, may be by the methods and techniques content of the disclosure above to this hair Bright technical scheme makes possible variation and modification, therefore, every content without departing from technical solution of the present invention, according to the present invention Any simple modifications, equivalents, and modifications made to above example of technical spirit, belong to technical solution of the present invention Protection domain.

Claims (10)

1. a kind of inspection method, it is characterised in that comprise the following steps:
Card side is deposited in login;
Confirm to need that is inspected to deposit card data;
The card data of depositing are encoded to readable data block by predetermined format;
According to the program of inspecting, hash algorithm combination is confirmed, and the readable data block is calculated according to hash algorithm combination Cryptographic Hash, and generate corresponding Hash value list;
Identifier, the size of the readable data block, the Hash value list and the Hash of card data are deposited described in obtaining The Assembly Listing of algorithm combination;
Using the identifier as index, size, the Hash value list and the Hash for preserving the readable data block are calculated The Assembly Listing of method combination.
2. inspection method according to claim 1, it is characterised in that the card data of depositing include the initial data of data side Carry out the cryptographic Hash after Hash operation.
3. inspection method according to claim 2, it is characterised in that also including step:
Salt figure encryption is carried out to the readable data block, and is calculated according to hash algorithm combination after the salt figure encryption The cryptographic Hash of readable data block;
Obtain the encryption salt figure;
Using the identifier as index, the encryption salt figure is preserved;
Record deposits the card time.
4. inspection method according to claim 3, it is characterised in that also including step:
The card side that deposits is by the identifier for depositing card data, the size of the readable data block, the Hash value list, institute The Assembly Listing and encryption salt figure encryption for stating hash algorithm combination are back to the side of inspecting.
5. inspection method according to claim 4, it is characterised in that the confirmation needs that is inspected to deposit card data To deposit card data record according to what is inspected, inquiring this needs that is inspected to deposit card data;
Or be periodically to confirm to need that is inspected to deposit card data;
Or be to confirm to promptness to need that is inspected to deposit card data;
Or be to confirm to redundancy to need that is inspected to deposit card data.
6. inspection method according to claim 5, it is characterised in that also including step, judgement is present in card side Whether the digest value for inspecting program is consistent with the digest value for inspecting program for the side of inspecting;
If consistent, the program of inspecting deposited according in card side carries out salt figure encryption and Hash operation;
If inconsistent, by the program of inspecting of the side of inspecting be uploaded to it is described deposit card side, further according to inspecting for the side of inspecting Program carries out salt figure encryption and Hash operation.
7. the inspection method according to claim any one of 1-6, it is characterised in that the login deposits card side and is, the side of inspecting Card side is deposited by safety shell protocol Telnet.
8. it is a kind of apply inspection method as described in claim any one of 1-7 inspect subsystem, it is characterised in that including:
Login module, card side is deposited for logging in;
Module is confirmed, for confirming to need that is inspected to deposit card data;
Coding module, for the card data of depositing to be encoded into readable data block by predetermined format;
Computing module, for according to program is inspected, the cryptographic Hash for calculating the readable data block to be combined using hash algorithm, and Generate corresponding Hash value list;
Acquisition module, for obtaining the identifier for depositing card data, the size of the readable data block, cryptographic Hash row Table and the Assembly Listing of hash algorithm combination;
Memory module, for using the identifier as index, preserving the size of the readable data block, the Hash value list The Assembly Listing combined with the hash algorithm.
9. a kind of data for applying the inspection method as described in claim any one of 1-7 deposit signed certificate administration chain-circuit system, its feature It is, including:Deposit card side and the side of inspecting;
The card side that deposits includes:
Card side's data memory module is deposited, for using the identification information of initial data as index, preservation to include the initial data Cryptographic Hash deposit card data;
Order receiver module:Inspect order for receive that the side of inspecting sends and/or inspect program;
Program runs module:Described program is inspected for running;Described program operation module includes data validation unit, data and compiled Code unit, hash algorithm unit;
The data validation unit, for confirming that needs deposit card data described in being inspected;
The data encoding unit, for the card data of depositing to be encoded into readable data block by predetermined format;
The hash algorithm unit, for inspecting program according to, the Assembly Listing combined using hash algorithm calculates described The cryptographic Hash of readable data block, and generate corresponding Hash value list;
Data back module, for depositing the identifier for demonstrate,proving data, the size of the readable data block, the cryptographic Hash by described List, the Assembly Listing encryption of hash algorithm combination are back to the side of inspecting;
The side of inspecting includes:
Run command module, for deposit card method, system send inspect program operation order;
The side's of inspecting data reception module, for receive it is described deposit card side send described in deposit and demonstrate,prove the identifiers, described readable of data Property the size of data block, the Hash value list, the Assembly Listing of hash algorithm combination;
The side's of inspecting data memory module, for using the identifier for depositing card data as index, preserving the corresponding readability The size of data block, the Hash value list, the Assembly Listing of hash algorithm combination.
10. data according to claim 9 deposit signed certificate administration chain-circuit system, it is characterised in that also including data side;
The data side by the initial data according to the hash algorithm for depositing card side's agreement by the initial data Carry out Hash operation to obtain after the cryptographic Hash of the initial data, the cryptographic Hash of the initial data is sent to described and deposits card Side;
Or the data side by the position of the initial data or initial data be sent to it is described deposit behind card side, deposited by described Card side carries out cryptographic Hash computing according to the Hash hash algorithm arranged with the data side to the initial data, obtains the original The cryptographic Hash of beginning data.
CN201710475499.5A 2017-06-21 2017-06-21 A kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system Pending CN107273514A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710475499.5A CN107273514A (en) 2017-06-21 2017-06-21 A kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710475499.5A CN107273514A (en) 2017-06-21 2017-06-21 A kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system

Publications (1)

Publication Number Publication Date
CN107273514A true CN107273514A (en) 2017-10-20

Family

ID=60068657

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710475499.5A Pending CN107273514A (en) 2017-06-21 2017-06-21 A kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system

Country Status (1)

Country Link
CN (1) CN107273514A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107919953A (en) * 2017-11-24 2018-04-17 上海百事通信息技术股份有限公司 Data notarization method, apparatus, equipment, medium and server
CN108011710A (en) * 2017-11-24 2018-05-08 上海百事通信息技术股份有限公司 Data deposit card method, apparatus, equipment, medium and server
CN109067551A (en) * 2018-09-26 2018-12-21 深圳壹账通智能科技有限公司 A kind of real name identification method, computer readable storage medium and terminal device
CN109639436A (en) * 2019-01-04 2019-04-16 平安科技(深圳)有限公司 The data property held verification method and terminal device based on salt figure
CN109886048A (en) * 2019-02-12 2019-06-14 苏州超块链信息科技有限公司 A kind of data consistency protective method based on the accumulation of cryptography difficulty
CN111355570A (en) * 2020-02-24 2020-06-30 北京瑞友科技股份有限公司 Trusted application network data tracing method and auditing method for software complex network
CN113840012A (en) * 2018-12-13 2021-12-24 创新先进技术有限公司 Screen recording evidence obtaining method and system based on block chain and electronic equipment

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101833724A (en) * 2010-04-01 2010-09-15 复旦大学 System and method for saving e-commerce data telegraph text and forming judicial evidence by other party
CN102223374A (en) * 2011-06-22 2011-10-19 熊志海 Third-party authentication security protection system and third-party authentication security protection method based on online security protection of electronic evidence
CN102340399A (en) * 2010-07-14 2012-02-01 富士施乐株式会社 Information processing apparatus and information processing method
CN102419810A (en) * 2011-10-29 2012-04-18 重庆君盾科技有限公司 High-reliability electronic medical record proving method
CN103078841A (en) * 2012-12-03 2013-05-01 厦门市美亚柏科信息股份有限公司 Method and system for preventive electronic data security
CN105260677A (en) * 2015-10-28 2016-01-20 南京邮电大学 Multiple-attribute-based electronic data fixing system and method
CN105260640A (en) * 2015-10-28 2016-01-20 南京邮电大学 Evidence collecting system and method based on fingerprint authentication and GPS
CN106130987A (en) * 2016-07-01 2016-11-16 冯颖 The Internet evidence collecting method, device and the Internet safety system
CN106548092A (en) * 2016-10-31 2017-03-29 杭州嘉楠耘智信息科技有限公司 File processing method and device

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101833724A (en) * 2010-04-01 2010-09-15 复旦大学 System and method for saving e-commerce data telegraph text and forming judicial evidence by other party
CN102340399A (en) * 2010-07-14 2012-02-01 富士施乐株式会社 Information processing apparatus and information processing method
CN102223374A (en) * 2011-06-22 2011-10-19 熊志海 Third-party authentication security protection system and third-party authentication security protection method based on online security protection of electronic evidence
CN102419810A (en) * 2011-10-29 2012-04-18 重庆君盾科技有限公司 High-reliability electronic medical record proving method
CN103078841A (en) * 2012-12-03 2013-05-01 厦门市美亚柏科信息股份有限公司 Method and system for preventive electronic data security
CN105260677A (en) * 2015-10-28 2016-01-20 南京邮电大学 Multiple-attribute-based electronic data fixing system and method
CN105260640A (en) * 2015-10-28 2016-01-20 南京邮电大学 Evidence collecting system and method based on fingerprint authentication and GPS
CN106130987A (en) * 2016-07-01 2016-11-16 冯颖 The Internet evidence collecting method, device and the Internet safety system
CN106548092A (en) * 2016-10-31 2017-03-29 杭州嘉楠耘智信息科技有限公司 File processing method and device

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107919953A (en) * 2017-11-24 2018-04-17 上海百事通信息技术股份有限公司 Data notarization method, apparatus, equipment, medium and server
CN108011710A (en) * 2017-11-24 2018-05-08 上海百事通信息技术股份有限公司 Data deposit card method, apparatus, equipment, medium and server
CN109067551A (en) * 2018-09-26 2018-12-21 深圳壹账通智能科技有限公司 A kind of real name identification method, computer readable storage medium and terminal device
CN113840012A (en) * 2018-12-13 2021-12-24 创新先进技术有限公司 Screen recording evidence obtaining method and system based on block chain and electronic equipment
CN109639436A (en) * 2019-01-04 2019-04-16 平安科技(深圳)有限公司 The data property held verification method and terminal device based on salt figure
CN109886048A (en) * 2019-02-12 2019-06-14 苏州超块链信息科技有限公司 A kind of data consistency protective method based on the accumulation of cryptography difficulty
CN109886048B (en) * 2019-02-12 2023-01-13 苏州超块链信息科技有限公司 Data consistency protection method based on cryptology difficulty accumulation
CN111355570A (en) * 2020-02-24 2020-06-30 北京瑞友科技股份有限公司 Trusted application network data tracing method and auditing method for software complex network
CN111355570B (en) * 2020-02-24 2023-04-07 北京瑞友科技股份有限公司 Trusted application network data tracing method and auditing method for software complex network

Similar Documents

Publication Publication Date Title
CN107273514A (en) A kind of inspection method and application its inspect subsystem and data deposit signed certificate administration chain-circuit system
US20200043001A1 (en) Pet Food Traceability System and Method Therefor
CN111464518B (en) Method and device for sending and verifying cross-link communication data
CN108985772A (en) A kind of verification method, device, equipment and the storage medium of block chain
CN108009445B (en) Semi-centralized trusted data management system
CN111641631B (en) Bin bill verification method and system based on block chain bin bill platform
CN108494557A (en) Social security digital certificate management method, computer readable storage medium and terminal device
CN107171787A (en) A kind of blind label of data based on multiple hash algorithm deposit card method and system
CN110097365A (en) A kind of transaction supervisory systems and mechanism based on magnanimity block audit technique
CN110288481A (en) A kind of method and device of the assets circulation based on block catenary system
CN110493268A (en) A kind of data processing method and device based on block chain network
US20230139137A1 (en) Tokenized carbon credit trading platform
CN107256243A (en) A kind of data access card method and its device based on multiple hash algorithm
CN112801778A (en) Federated bad asset blockchain
CN114626102A (en) Block chain-based electronic certificate transfer method, device, equipment and storage medium
CN112700250A (en) Identity authentication method, device and system in financial scene
CN115829574A (en) Data asset transaction system and method based on block chain
Yadav et al. Blockchain-based secure privacy-preserving vehicle accident and insurance registration
CN117314424B (en) Block chain transaction system and method for big financial data
CN112751676A (en) Block chain-based signing and storing method for electronic fund reimbursement agreement, hash value generation method, storing equipment and storing medium
CN110519287A (en) A kind of approaches to IM and relevant device
CN115760151A (en) Management method and system of jewelry tracing information
CN114650289B (en) Method and device for block chain consensus
CN101727610A (en) Personal safety electronic signature method based on notarization stamp of notarization institution
CN114331460A (en) Method, device, equipment and storage medium for confirming fund transaction based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20171020

RJ01 Rejection of invention patent application after publication