CN107453870A

CN107453870A - Mobile terminal authentication management method, device and corresponding mobile terminal based on block chain

Info

Publication number: CN107453870A
Application number: CN201710817828.XA
Authority: CN
Inventors: 余筱
Original assignee: Comba Telecom Technology Guangzhou Ltd; Comba Telecom Systems China Ltd; Comba Telecom Systems Guangzhou Co Ltd; Tianjin Comba Telecom Systems Co Ltd
Current assignee: Comba Network Systems Co Ltd
Priority date: 2017-09-12
Filing date: 2017-09-12
Publication date: 2017-12-08
Also published as: WO2019052281A1

Abstract

The present invention provides a kind of mobile terminal authentication management method and device based on block chain, and methods described comprises the following steps：Present node receives the account distribution request packet in block chain network；It is that the mobile terminal to be certified specified distributes accounts information according to the account distribution request packet, and uniqueness Multi Digital Signature is generated to sign the accounts information with the private key of the present node；The uniqueness Multi Digital Signature, the public key and accounts information of present node are broadcasted in block chain network；The result fed back after the public key decryptions uniqueness Multi Digital Signature that the mobile terminal to be certified passes through present node is received, to confirm that the mobile terminal to be certified obtains the accounts information.This method can ensure the validity of accounts information during the authentication management of mobile terminal, lift the accuracy of whole verification process.

Description

Mobile terminal authentication management method, device and corresponding movement based on block chain Terminal

Technical field

The present invention relates to network communication technology field, and in particular to a kind of mobile terminal authentication manager based on block chain Method, device and corresponding mobile terminal.

Background technology

With life, the working and learning of the frivolous portable mobile intelligent terminal such as smart mobile phone, tablet personal computer and people More and more closer with reference to obtaining, traditional IT operation management is also constantly challenged in thing followed equipment control.It is mobile whole under traditional approach End is universal all to be unified by the agency qualification management such as operator by user identification modules such as usim cards.Usim card is Universal Subscriber Identity Module abbreviation, also referred to as Global Subscriber identification card.USIM also referred to as rises Level SIM, is a component in UMTS (Universal Mobile Telecommunication System) network, except energy Enough to support outside apply, usim card is also upgraded in terms of security to algorithm, and adds certification of the card to network more Function.

Because usim card is a chip card that microprocessor is housed, also just saying that this physical equipment can be forged can also Obtained by informal channel so as to obtain personal private information, bring great potential safety hazard；And usim card brings many Production and transportation cost, increase service operation, production cost and administration fee.

As can be seen here, not only cost is high for existing mobile terminal authentication management, and the certification degree of accuracy is not high, safety be present Hidden danger.In addition, existing mobile terminal authentication needs that mobile terminal account is being locally stored, trivial operations, it is unfavorable for saving sky Between and flexibility it is not high.

The content of the invention

The present invention provides a kind of mobile terminal authentication management method and device based on block chain, realizes mobile terminal account The distribution and authentication management of information.

In a first aspect, the present invention provides a kind of authentication management method of the mobile terminal based on block chain, methods described bag Include:

Present node receives the account distribution request packet in block chain network；

It is that the mobile terminal to be certified specified distributes accounts information according to the account distribution request packet, and described in use The private key of present node generates uniqueness Multi Digital Signature to sign the accounts information；

The uniqueness Multi Digital Signature, the public key and accounts information of present node are broadcasted in block chain network；

Fed back after receiving the public key decryptions uniqueness Multi Digital Signature that the mobile terminal to be certified passes through present node Result, to confirm that the mobile terminal to be certified obtains the accounts information.

Specifically, the account distribution request packet includes the identity information of the mobile terminal to be certified, for root Identity information according to the mobile terminal to be certified is the mobile terminal to be certified distribution accounts information specified.

Preferably, the block chain includes being used to store the first block of the private key of each node and for storing in other The second block held；It is described according to the account distribution request packet be specify mobile terminal to be certified distribution account letter Breath, and after generating the step of uniqueness Multi Digital Signature is to sign the accounts information with the private key of the present node, Also include：

Include the accounts information, mobile terminal to be certified by handle the corresponding generation of the account distribution request packet Identity information, the uniqueness Multi Digital Signature and certification node public key the first intersection record write-in described second In block, and first intersection record is broadcasted in block chain network.

Believed specifically, the private key with the present node generates uniqueness Multi Digital Signature with signing the account The step of breath, specifically includes：

Public key, the uniqueness Multi Digital Signature of upper node generation to present node carry out random hash computing with life Into a random hash value；

The random hash value is encrypted with the unique of one present node of generation with the private key of the certification node Property Multi Digital Signature.

Specifically, the uniqueness Multi Digital Signature that public key, the upper node to present node generates is carried out at random Hash operations are also included before with generating a random hash value：

The validity of the uniqueness Multi Digital Signature of a upper node is verified, after being verified, performed follow-up Step.

It is specifically, specific in the step of validity of the uniqueness Multi Digital Signature of a described pair of upper node is verified Including：

The uniqueness Multi Digital Signature of a upper node is decrypted the public key for using a node, if random after decryption Hashed value is consistent with the random hash value of present node, and the result according to decryption judges whether the Multi Digital Signature is effective.

Specifically, the identity information includes checking information, the checking information be the mobile terminal to be certified only One property EIC equipment identification code, the private key with the present node generates uniqueness Multi Digital Signature to be believed with signing the account Also include before the step of breath：

The mobile terminal to be certified is verified according to the checking information.

Preferably, in addition to：

Present node obtains the account authentication request data package of the mobile terminal transmission to be certified in block chain, and obtains The public key of the mobile terminal to be certified.

Specifically, the present node obtains the account authentication number of request of the mobile terminal transmission to be certified in block chain Also include afterwards according to bag：

The cipher-text information that the mobile terminal to be certified included in the account authentication request data package is sent is obtained, and The cipher-text information is decrypted with the public key of the mobile terminal to be certified, the cipher-text information is the movement to be certified Generation is encrypted to the uniqueness Multi Digital Signature with its private key in terminal.

Specifically, described obtain what the mobile terminal to be certified included in the account authentication request data package was sent Cipher-text information, and also include after the cipher-text information is decrypted with the public key of the mobile terminal to be certified：

If the uniqueness Multi Digital Signature after contrast decryption distributes account with present node for the mobile terminal to be certified The uniqueness Multi Digital Signature signed during family is consistent, then the mobile terminal to be certified passes through this certification.

Specifically, after the mobile terminal sends the account authentication request data package, the mobile terminal will be included The second intersection record write-in institute of public key and the cipher-text information of the corresponding generation of the processing account authentication request data package In the second block for stating block chain, and second intersection record is broadcasted in block chain network.

Preferably, in addition to：

Present node obtains the revocation for including certification accounts information of the mobile terminal initiation to be certified in block chain Account request packet；

According to the revocation account request packet corresponding accounts information is found from second intersection record；

Account information is write into revocation list, the revocation list is stored in second block of block chain.

Specifically, after the step of accounts information by the certification is put into revocation list, in addition to：

3rd intersection record of the revocation list including handling the corresponding generation of revocation account request packet is write In second block of the block chain, and the 3rd intersection record is broadcasted in block chain network.

Specifically, also include：

The the second interaction note authentication result information of mobile terminal to be certified write in the second block of the block chain In record and broadcast, the authentication result information include the mobile terminal authentication to be certified by and authentification failure.

Preferably, in addition to：

The account inquiries request that user terminal is sent is received, obtains the accounts information included in the account inquiries request；

Intersection record corresponding to from second block searching the accounts information according to the accounts information is to determine The interaction results information of accounts information to be checked；

Interaction results information corresponding to the accounts information is sent so as to the user terminal foundation to the user terminal The interaction results information determines the validity of the account to be checked.

Specifically, described send interaction results information corresponding to the accounts information so as to the use to the user terminal Family terminal determines the validity of the account to be checked according to the interaction results information, specifically includes：

Judge whether account is effective corresponding to accounts information to be checked according to the 3rd intersection record.

Second aspect, the present invention provide a kind of acquisition methods of the accounts information based on block chain, including：

Account distribution request packet is sent to block chain network；

Receive the accounts information sent in response to the present node of the account distribution request packet, the accounts information It endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key；

The uniqueness Multi Digital Signature is decrypted to obtain the accounts information with the public key of present node.

Specifically, the block chain includes being used to store the first block of the private key of each node and for storing in other The second block held.

Specifically, present node believes the account that includes for handling the corresponding generation of the account distribution request packet The first of the public key of breath, the identity information of mobile terminal to be certified, the uniqueness Multi Digital Signature and certification node is handed over Mutually record is write in second block, and first intersection record is broadcasted in block chain network.

Preferably, in addition to：

The identity for obtaining the mobile terminal to be certified being stored in the accounts information relevance in second block is believed Breath；

The identity information and the identity information of itself are contrasted, if unanimously, verifying that the accounts information is effective.

Specifically, also include：

Account authentication request data package is initiated to block chain, and the mobile terminal to be certified is sent with its private to block chain Key encrypts the cipher-text information of the uniqueness Multi Digital Signature generation so that present node is according to account certification request data Bag and the cipher-text information are authenticated to the mobile terminal to be certified.

Specifically, described sent to block chain also includes after account authentication request data package：

By described in the public key comprising the mobile terminal and the corresponding generation of the processing account authentication request data package Second intersection record of cipher-text information is write in the second block of the block chain, and described second is broadcasted in block chain network Intersection record.

Preferably, in addition to：

Result after checking is fed back into the block chain.

The third aspect, the present invention provide a kind of authentication management device of the mobile terminal based on block chain, including：

First receiving module：Present node receives the account distribution request packet in block chain network；

Distribute module：It is the mobile terminal to be certified distribution account letter specified according to the account distribution request packet Breath, and uniqueness Multi Digital Signature is generated to sign the accounts information with the private key of the present node；

Broadcast module：The uniqueness Multi Digital Signature, the public key and account of present node are broadcasted in block chain network Family information；

Second receiving module：Receive the mobile terminal to be certified and pass through the public key decryptions uniqueness Multi Digital Signature Feedack afterwards, to confirm that the mobile terminal to be certified obtains the accounts information.

Specifically, also include：

Authentication module：Present node obtains the account authentication request data of the mobile terminal transmission to be certified in block chain Bag, and obtain the public key of the mobile terminal to be certified.

Specifically, also include：

Cancel module：Present node obtains believing comprising certification account for the mobile terminal initiation to be certified in block chain The revocation account request packet of breath；Found according to the revocation account request packet from second intersection record correspondingly Accounts information；Account information is write into revocation list, the revocation list is stored in second block of block chain.

Fourth aspect, the present invention provide a kind of acquisition device of the accounts information based on block chain, including：

Sending module：Account distribution request packet is sent to block chain network；

Receiving module：Receive the accounts information sent in response to the present node of the account distribution request packet, institute State accounts information and endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key；

Deciphering module：The uniqueness Multi Digital Signature is decrypted to obtain the account with the public key of present node Family information.

5th aspect, the present invention provide a kind of authentication management device, including processor and memory, deposited in the memory Contain computer program, it is characterised in that the computer program realizes following steps when being executed by processor：

6th aspect, the present invention provide a kind of mobile terminal, including processor and memory, are stored with the memory Computer program, it is characterised in that the computer program realizes following steps when being executed by processor：

Account distribution request packet is sent to block chain network；

Compared with prior art, scheme provided by the invention has the advantage that：

1st, the present invention provides a kind of authentication management method of the mobile terminal based on block chain, and rank is distributed in accounts information Section, shows certification node one end, and present node receives the accounts information that mobile terminal to be certified is sent by block chain and distributed Request data package, accounts information is distributed for mobile terminal, and generate Multi Digital Signature signature account information.Accordingly, table Present mobile terminal, mobile terminal receive the accounts information, and with the public key decryptions Multi Digital Signature of present node to obtain Take accounts information and verify the validity of accounts information.In accounts information authentication phase, certification node one end is shown, works as prosthomere Point receives the accounts information certification request packet that mobile terminal is sent by block chain, passes through decryption with the public key of mobile terminal Convert to verify the identity of mobile terminal.Accordingly, mobile terminal is shown, mobile terminal is sent out by block chain to present node The accounts information certification request for including the Multi Digital Signature with its private key encryption is sent, so that present node passes through corresponding decryption The certification of accounts information is completed in computing.The present invention ensure that the accurate of whole verification process using the mechanism of above-mentioned double authentication Property.In addition, the present invention will distribute the intersection record of account and the intersection record of certification account is write on block chain, with reference to block chain Distributed feature, all nodes all save interactive record, therefore ensure that the validity and reliability of each intersection record.

2nd, specifically, present invention incorporates the opening of block chain with can not tamper, each node can participate in In block chain network, each node allows the copy for obtaining a complete intersection record, it is single even more than node to area The modification of data can not all influence the data of other nodes on block chain, any node failure, remaining node still can normal work, So that verification process reduces the risk that intersection record is maliciously tampered independent of single source.

3rd, center is gone to present invention incorporates block chain, goes to trust, in the absence of the facilities and administration mechanism of centralization, node Between data interaction verified by uniqueness Multi Digital Signature technology, specifically, present node with its private key give birth to Into uniqueness Multi Digital Signature signature distribution accounts information, on the one hand can determine that account information be strictly by working as prosthomere What point was signed and sent, on the other hand, the integrality of the accounts information sent is ensure that, improves the accuracy of verification process.

4th, the present invention knows whether accounts information is revoked by the 3rd intersection record of real-time query current block chain, Solve the problems, such as that user can not know whether accounts information is revoked in time.

To sum up, the method for the invention improves the accuracy of verification process, reduces what intersection record was maliciously tampered Risk, in addition, the present invention without being managed by physical equipments such as usim cards to mobile terminal, save production and transportation into This, finally, mobile terminal and certification node can take any-mode to be connected in block chain network, increase the flexible of networking Property.

The additional aspect of the present invention and advantage will be set forth in part in the description, and these will become from the following description Obtain substantially, or recognized by the practice of the present invention.

Brief description of the drawings

Of the invention above-mentioned and/or additional aspect and advantage will become from the following description of the accompanying drawings of embodiments Substantially and it is readily appreciated that, wherein：

Fig. 1 is a kind of FB(flow block) of mobile terminal authentication management method embodiment one based on block chain of the present invention；

Fig. 2 is signature and signature verification method flow diagram of the certification node to accounts information of the present invention；

Fig. 3 is a kind of FB(flow block) of mobile terminal authentication management method embodiment two based on block chain of the present invention；

Fig. 4 is a kind of FB(flow block) of mobile terminal authentication managing device embodiment one based on block chain of the present invention；

Fig. 5 is a kind of FB(flow block) of mobile terminal authentication managing device embodiment two based on block chain of the present invention；

Fig. 6 is a kind of FB(flow block) of accounts information acquisition methods embodiment one based on block chain of the present invention；

Fig. 7 is a kind of FB(flow block) of accounts information acquisition device embodiment one based on block chain of the present invention；

Fig. 8 is a kind of mobile terminal part-structure block diagram.

Embodiment

Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not construed as limiting the claims.

Referring to Fig. 1, a kind of authentication management method of mobile terminal based on block chain provided by the present invention, specifically In a kind of embodiment, specifically comprise the following steps：

S11, present node receive the account distribution request packet in block chain network.

In the embodiment of the present invention, the mobile terminal to be certified sends account distribution request packet in block chain network To ask present node to distribute accounts information, the account distribution request packet includes the identity of the mobile terminal to be certified Information, it is described for being that the mobile terminal to be certified specified distributes accounts information according to the identity information of mobile terminal to be certified Identity information can be described in EIC equipment identification code or equipment Serial Number of the mobile terminal to be certified etc. can be characterized with uniqueness The information of the identity of mobile terminal to be certified.

After the mobile terminal to be certified sends account distribution request packet, by account distribution request packet pair For other querying nodes or acquisition data in the intersection record write-in block chain that should be generated.

S12, according to the account distribution request packet it is that the mobile terminal to be certified specified distributes accounts information, is used in combination The private key of present node generates uniqueness Multi Digital Signature to sign the accounts information.

In the embodiment of the present invention, included after the present node reception account distribution request packet according to it to be certified The identity information of mobile terminal distributes accounts information for the mobile terminal to be certified, and is generated only with the private key of present node One property Multi Digital Signature signs the accounts information so that mobile terminal to be certified is by verifying that the multiple numeral of the uniqueness is signed Name ensures that the accuracy of account information and account information are strictly as transmitted by present node.

Communicated in the distributed network of block chain, between node and reach trust, it is necessary to rely on multiple numeral label Name technology, it mainly realizes identity validation and information authenticity, integrity verification.Multi Digital Signature is that solve network to lead to A kind of effective ways of data safety in letter, the dialectical and certification to transmitting data in network can be realized, is to traditional handwriting A kind of simulation of signature.

Fig. 2 is refer to, Fig. 2 shows that a kind of possible present node generates uniqueness Multi Digital Signature with its private key Flow chart, wherein, comprise the following steps that：

Be to present node the node 1 in figure public key and a upper node i.e. figure in node 0 generate uniqueness it is more Weight digital signature carries out random hash computing to generate a random hash value；

To the random hash value with the private key of present node be encrypted with generate a present node uniqueness it is more Weight digital signature.

If the public key of present node and the uniqueness Multi Digital Signature of upper node generation form message plaintext M, right Message M carries out hash operations and obtains its hashed value i.e. eap-message digest z=H (M), to the private key encryption of the hashed value present node Generate uniqueness Multi Digital Signature s=sig (k, H (M)), wherein k be present node private key, the present node uniqueness Multi Digital Signature is signed the accounts information and sent by block chain network to mobile terminal to be certified.

In the embodiment of the present invention, present node is signed with generation uniqueness Multi Digital Signature and with the multiple numeral of the uniqueness The process that name signs the accounts information is always specifically related to that message hash with hash function the algorithm of conversion and with disappearing Breath signature algorithm is signed to message.

Specifically, hash function is a kind of plucking for message that the input message of different length can be converted into regular length The function wanted.The length that hash function is applied in Multi Digital Signature not only shorten to message also greatly enhances The speed of signature.At present, conventional hash function has the MD series of Rivest inventions, NIST (American National Standard technical research Institute) propose SHA series.

Multi Digital Signature is attached to some data in data cell, or the password done to data cell becomes Change.This data or conversion allow the recipient of data cell to be used for the integrality for confirming data cell source and data cell, And data are protected to prevent from being forged by people.Applied in the present invention, the present invention is using Multi Digital Signature algorithm to working as prosthomere The public key of point, the uniqueness Multi Digital Signature of upper node generation carry out the summary present node generated after hash operations Private key carries out cryptographic transformation generation uniqueness Multi Digital Signature, for signing the accounts information, and by the account and The uniqueness Multi Digital Signature is sent to mobile terminal to be certified, the mobile terminal to be certified by block chain network to be passed through Block chain obtains endorsed and carries out corresponding inverse transformation after the accounts information of uniqueness Multi Digital Signature and obtain accounts information.

Please continue to refer to Fig. 2, the public key of present node and the uniqueness Multi Digital Signature of upper node generation in Fig. 2 Random hash computing is carried out also to include before generating a random hash value：

The validity of the uniqueness Multi Digital Signature of a upper node is verified, after being verified, performed follow-up Step.In right side square frame i.e. in figure, with the Multi Digital Signature of the generation of public key check-node 1 of node 1.

During multi-signature, each node first verifies a uniqueness Multi Digital Signature signature before signing Whether effectively (do not have to judge during first node signature).If uniqueness Multi Digital Signature is effective, with the private key of oneself Signed, obtained uniqueness Multi Digital Signature is then sent to next node.

In a kind of possible design, what the validity of the uniqueness Multi Digital Signature of a described pair of upper node was verified Specifically included in step：

The uniqueness Multi Digital Signature of a upper node is decrypted the public key for using a node, if random after decryption Hashed value is consistent with the random hash value of present node, then judges that the Multi Digital Signature is effective.

Two big main functions of combination of the embodiment of the present invention Multi Digital Signature in the transmitting procedure of message：Ensure message The authentication of the integrality of message and offer to sender of the message in transmitting procedure.I.e. sender encloses when sending message Uniqueness Multi Digital Signature corresponding to the message, recipient receive the message and uniqueness Multi Digital Signature, pass through solution The summary of message after the close uniqueness Multi Digital Signature with receiving is contrasted to complete sign test.

In the embodiment of the present invention, the identity information includes checking information, and the checking information is the movement to be certified The unique device identification code of terminal, the private key with the present node generate uniqueness Multi Digital Signature to sign Also include before the step of stating accounts information：

S13, the uniqueness Multi Digital Signature, the public key of present node and account letter are broadcasted in block chain network Breath.

In the embodiment of the present invention, the block chain includes being used to store the first block of the private key of each node and for depositing Store up the second block of other guide.Preferably, also include before this step：It is corresponding that the account distribution request packet will be handled Generation includes the accounts information, the identity information of mobile terminal to be certified, the uniqueness Multi Digital Signature and recognized The first intersection record for demonstrate,proving the public key of node is write in the second block, and the first interaction note is broadcasted in block chain network Record.

Specifically, after present node distributes accounts information for the mobile terminal to be certified, will endorsed described unique Property Multi Digital Signature accounts information, the identity information of mobile terminal to be certified and the public key of present node as first hand over Mutually in the second block of record write-in, each block on block chain has a database to be used to store the interaction on the block Record, its equivalent to one " account book ", present node by the accounts information that endorsed the uniqueness Multi Digital Signature, wait to recognize The concrete form that the public key of the identity information and present node of demonstrate,proving mobile terminal writes and is stored in second block can To be to be stored in a kind of corresponding relation mapped one by one in the database of second block so as to subsequent query.

The transaction that mobile terminal authentication management method of the present invention based on block chain combines block chain network is transparent Property and can not tamper the characteristics of, the part write-in block chain using the distribution of accounts information and certification as interaction will be each The record of individual interaction is all recorded in real time in corresponding block, forms a kind of hardly possible distributed data base being modified, Improve the validity of accounts information.

Specifically, just because of in the method for the invention, present node is broadcasted described unique in block chain network Property Multi Digital Signature, the public key and accounts information of present node so that each node can receive broadcast, each section Point all allows the copy for obtaining database corresponding to the intersection record of complete present node, and intersection record each time is to all Node be all visible, therefore, user may be coupled to arbitrary node and go to be authenticated so that verification process is independent of list Individual source, reduce the risk that record is maliciously tampered.Here " distribution " is not only presented as the distributed storage of data, It is also embodied in the distributed recording (being safeguarded jointly by system participant) of data.In addition, the data between node and node are handed over Intercommunication is crossed Multi Digital Signature and verified, without mutual trust, a set of common recognition mechanism is based between node, common to safeguard entirely The data of block chain, any one node failure, other nodes remain to normal work, lift the efficiency and reliability of data interaction.

After the public key decryptions uniqueness Multi Digital Signature that S14, the reception mobile terminal to be certified pass through present node The result of feedback, to confirm that the mobile terminal to be certified obtains the accounts information.

In the embodiment of the present invention, after present node distributes accounts information for the mobile terminal to be certified, by endorsed State the public key conduct of the accounts information of uniqueness Multi Digital Signature, the identity information of mobile terminal to be certified and present node First intersection record is write in the second block, and it can be stored in second block with a kind of corresponding relation mapped one by one Database in and broadcast the intersection record of this time, obtain this interaction when mobile terminal to be certified receives the backward block chain of broadcast The related data of record.

Specifically, mobile terminal to be certified obtains the accounts information that endorsed the uniqueness Multi Digital Signature first And go out the accounts information with the public key decryptions of present node.Mobile terminal to be certified obtains again to be stored up with account information relevance The identity information for the mobile terminal to be certified being stored in database, by the identity information for contrasting the mobile terminal to be certified obtained With the identity information of itself, if matching, it is the account to match with self-identity information to demonstrate the accounts information decrypted Information, and the result fed back into present node by block chain network, present node are received after the result of feedback with this To confirm accounts information that the acquisition for mobile terminal to be certified distributes to it.

Fig. 3 is refer to, also includes a step S15 in an alternative embodiment of the invention, for present node in block Chain obtains the account authentication request data package that the mobile terminal to be certified is sent, and obtains the public affairs of the mobile terminal to be certified Key.

In the embodiment of the present invention, acquisition for mobile terminal present node distribution to be certified endorsed the multiple numeral label of uniqueness Account authentication request data package is sent to block chain after the accounts information of name, and sends the uniqueness with the private key of oneself to acquisition Cipher-text information after Multi Digital Signature encryption.The mobile terminal to be certified is sent the account after account authentication request data package Family certification request packet and the cipher-text information are write in second block and described in broadcast as the second intersection record Second intersection record forms one permanent, reliable " account book " to record newest intersection record in real time.

After the mobile terminal to be certified broadcasts second intersection record, treated described in present node to block chain acquisition The account authentication request data package that certification mobile terminal is sent, and obtain the public key of the mobile terminal to be certified.Specifically, Present node obtains the cipher-text information that the mobile terminal to be certified included in the account authentication request data package is sent, and The cipher-text information is decrypted with the public key of the mobile terminal to be certified, the multiple numeral label of the uniqueness after contrast decryption Whether the uniqueness Multi Digital Signature that name is signed when distributing account with present node for the mobile terminal to be certified is consistent, if Unanimously, then the mobile terminal to be certified passes through this certification.

Preferably, the authentication result of mobile terminal to be certified is believed after the complete mobile terminal to be certified of present node certification In the second intersection record that breath is write in the second block of the block chain and broadcast, the authentication result information includes described treat Certification mobile terminal authentication by and authentification failure.

Also include a step S16 please continue to refer to Fig. 3, in an alternative embodiment of the invention and be used for present node in area Block chain obtains the revocation account request packet for including certification accounts information that the mobile terminal to be certified is initiated；According to institute State revocation account request packet and find corresponding accounts information from second intersection record；The write-in of account information is removed List is sold, the revocation list is stored in second block of block chain.

In the embodiment of the present invention, it will can be distributed after the accounts information of the complete mobile terminal to be certified of present node certification Accounts information cancelled.The operation of the wherein revocation can be that the revocation initiated by mobile terminal to be certified is asked and triggered Revocation.

The mobile terminal to be certified sends the revocation account request for including certification accounts information into block chain network Packet, present node to block chain network obtain the revocation account request packet and according to the accounts information that wherein carries from Second intersection record corresponding to being found in second intersection record, the write-in of account information is removed according to second intersection record List is sold, specifically, checks whether account information has completed certification in the second intersection record, if so, then performing revocation Operation, is not otherwise performed.

In a kind of possible design, present node can also be judged whether by the second intersection record described in real-time query There is account to wait to cancel, if so, then triggering destruction operation automatically.

Specifically, present node searches the transaction record that mobile terminal to be certified initiates transaction from block chain, finds What newest transaction and taking out wherein included distributed or the accounts information of certification.Wherein, if can be from newest transaction The accounts information of certification is taken out, then explanation has voidable accounts information, does not otherwise have, and directly returns.If revocable Account, then present node by corresponding accounts information write revocation list, and will include handle it is described revocation account request number Write according to the 3rd intersection record of the revocation list of the corresponding generation of bag in the second block of the block chain, and in block chain network Middle broadcast the 3rd intersection record.

In a kind of possible design, destruction operation when present node cancels to the accounts information can treated Certification mobile terminal is initiated the lower triggering of revocation request or triggered under the revocation request that present node is initiated, and its is specific Trigger mechanism do not limit herein.

Preferably, the embodiment of the present invention also includes receiving the account inquiries request that user terminal is sent, and obtains the account The accounts information included in inquiry request；The accounts information is searched according to the accounts information from second block to correspond to Intersection record to determine the interaction results information of accounts information to be checked；The accounts information pair is sent to the user terminal The interaction results information answered determines according to the interaction results information validity of the account to be checked so as to the user terminal.

Preferably, accounts information pair to be checked can also be judged according to the 3rd intersection record by inquiring about the validity of accounts information Whether the account answered is effective, specifically, it is only necessary to is known by inquiring about the 3rd intersection record on block chain.

With reference to shown in figure 4, the present invention also provides a kind of mobile terminal authentication managing device based on block chain, and one kind is implemented In example, including the first receiving module 11, distribute module 12, the receiving module 14 of broadcast module 13 and second.Fig. 5 is refer to, separately Also include authentication module 15 and revocation module 16 in one embodiment wherein,

First receiving module 11：Present node receives the account distribution request packet in block chain network；

Distribute module 12：It is the mobile terminal to be certified distribution account letter specified according to the account distribution request packet Breath, and uniqueness Multi Digital Signature is generated to sign the accounts information with the private key of the present node；

In a kind of possible design, the uniqueness Multi Digital Signature of the private key of present invention present node generation it is specific Step is as follows：

The uniqueness Multi Digital Signature of public key and the generation of a upper node to present node carries out random hash computing To generate a random hash value；

In the embodiment of the present invention, the uniqueness Multi Digital Signature of the public key of present node and the generation of a upper node is carried out Random hash computing is also included before with generating a random hash value：

Broadcast module 13：Broadcasted in block chain network the uniqueness Multi Digital Signature, present node public key and Accounts information；

Second receiving module 14：The mobile terminal to be certified is received to sign by the multiple numeral of the public key decryptions uniqueness Feedack after name, to confirm that the mobile terminal to be certified obtains the accounts information.

Fig. 5 is refer to, also including authentication module 15 in an alternative embodiment of the invention is used for present node in block chain The account authentication request data package that the mobile terminal to be certified is sent is obtained, and obtains the public affairs of the mobile terminal to be certified Key.

Also include revocation module 16 please continue to refer to Fig. 5, in an alternative embodiment of the invention and be used for present node in area Block chain obtains the revocation account request packet for including certification accounts information that the mobile terminal to be certified is initiated；According to institute State revocation account request packet and find corresponding accounts information from second intersection record；The write-in of account information is removed List is sold, the revocation list is stored in second block of block chain.

The mobile terminal to be certified sends the revocation account request for including certification accounts information into block chain network Packet, it is current to remember that node obtains the revocation account request packet and according to the accounts information wherein carried to block chain network Second intersection record corresponding to being found from second intersection record, writes account information according to second intersection record Revocation list, specifically, check whether account information has completed certification in the second intersection record, removed if so, then performing Pin operation, is not otherwise performed.

Summary embodiment understands that the maximum beneficial effect of the present invention is that the present invention distributes the account of mobile terminal And account authentication writes block chain as a kind of transaction, with block chain by going to center, going to trust, merchandise transparent side Formula collective safeguards the technical scheme of a reliable database so that the account distribution of mobile terminal and the data of account authentication Interaction is reliably ensured.

Specifically, in terms of showing account distribution, the present invention receives what mobile terminal to be certified was initiated by present node The request data package of account distribution, accounts information is distributed for mobile terminal to be certified, and it is more with the generation of the private key of present node It is sent to mobile terminal to be certified by block chain network after weight digital signature signature account information.It is to be certified mobile whole End obtains the validity of checking account information after account information and Multi Digital Signature.

In terms of showing account authentication, the present invention receives mobile terminal to be certified by present node and sent by block chain Accounts information certification request packet, the encryption information included in account authentification of message request data package is obtained, with treating Multi Digital Signature is obtained after the public key decryptions of the certification mobile terminal encryption information, the Multi Digital Signature after contrast decryption is The Multi Digital Signature signed during the no distribution accounts information with present node is consistent, if unanimously, then it represents that the mobile terminal is recognized Card passes through, and the result that certification passes through is write in the corresponding intersection record of block chain and broadcasted, and completes certification.

Therefore, the present invention is authenticated managing without using physical equipments such as usim cards to mobile terminal, saves life Production and cost of transportation.Multi Digital Signature technology is used in the assigning process of accounts information to complete to test sender's identity The validation verification of card and the accounts information sent；Private key encryption and decryption technology is used in the verification process of accounts information with complete The checking of paired mobile terminal identity, both combine, and form dual authentication mechanism, lift the security of interaction, interaction number According to validity and integrality.In addition, with reference to the distributed feature of block chain, all nodes all save interactive record, because This user may be coupled to arbitrary node and go to be authenticated.So that verification process reduces record quilt independent of single source The risk that malice is distorted.

Fig. 6 is refer to, the present invention also provides a kind of accounts information acquisition methods based on block chain, a kind of specific implementation In mode, specifically comprise the following steps：

S100, to block chain network send account distribution request packet.

After the mobile terminal to be certified sends account distribution request packet, by account distribution request packet pair The second block in the intersection record write-in block chain that should be generated for other querying nodes or obtains data.

S101, receive the accounts information sent in response to the present node of the account distribution request packet, the account Family information endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key；

After present node obtains the account distribution request packet to block chain, in response to account distribution request data Wrap and distribute accounts information for the mobile terminal to be certified.

In a kind of possible design, the following scheme of present node concrete foundation is that mobile terminal to be certified distributes account letter Breath：

First, present node obtains the identity letter of the mobile terminal to be certified in the account distribution request packet Breath, and distribute accounts information according to the identity information for the mobile terminal to be certified.

2nd, the checking information that present node includes according to the identity information, the mobile terminal to be certified is carried out Checking, after being verified, Multi Digital Signature and public affairs itself of the present node with its private key to last generation of merchandising Key carries out the uniqueness Multi Digital Signature of the summary encryption generation present node of hash operations family generation, and more with the uniqueness Weight digital signature signs the accounts information.

3rd, the accounts information that endorsed the uniqueness Multi Digital Signature is sent to be certified by block chain network Mobile terminal.Mobile terminal to be certified receives account information and signed with the multiple numeral of the public key verifications of the present node uniqueness Name is matched with to verify account information and the identity information of itself and account information is strictly as transmitted by present node 's.

S102, the uniqueness Multi Digital Signature is decrypted with the public key of present node and believed with obtaining the account Breath.

After present node distributes accounts information for the mobile terminal to be certified, the multiple numeral of the uniqueness will be endorsed The public key of the accounts information of signature, the identity information of mobile terminal to be certified and present node writes as the first intersection record In second block, it can be stored in the database of second block and broadcasted with a kind of corresponding relation mapped one by one The intersection record of this time, when mobile terminal to be certified receives the related data broadcasted backward block chain and obtain this intersection record.

Specifically, mobile terminal to be certified obtains the accounts information that endorsed the uniqueness Multi Digital Signature first And go out the accounts information with the public key decryptions of present node.Mobile terminal to be certified obtains again to be stored up with account information relevance The identity information for the mobile terminal to be certified being stored in database, by the identity information for contrasting the mobile terminal to be certified obtained With the identity information of itself, if matching, it is the account to match with self-identity information to demonstrate the accounts information decrypted Information.

Preferably, in the embodiment of the present invention, the mobile terminal to be certified decrypts what body identity information therewith matched After accounts information, account authentication request data package is initiated to block chain.At the same time, the mobile terminal to be certified uses itself Private key the uniqueness Multi Digital Signature of acquisition is encrypted cipher-text information corresponding to generation, and it is close to block chain to send this Literary information simultaneously writes the account authentication request data package and the cipher-text information in the second block as the second intersection record And broadcast.Present node obtains the account authentication request data package and the cipher-text information after receiving broadcast and the certification moves The public key of dynamic terminal, and the cipher-text information described in the public key decryptions of mobile terminal to be certified obtains uniqueness Multi Digital Signature, When the uniqueness Multi Digital Signature that present node contrast decrypts signs accounts information with it for the mobile terminal to be certified The uniqueness Multi Digital Signature of signature, if the two is consistent, demonstrate the identity of mobile terminal to be certified.Preferably, currently Using the result as the second intersection record write-in described second after the identity information of the complete mobile terminal to be certified of node verification In case inquiry in block.This checking and the identity of mobile terminal to be certified checking present node are enough into dual authentication mechanism, carry Rise the reliability of this programme.

With reference to shown in figure 7, the present invention also provides a kind of accounts information acquisition device based on block chain, a kind of embodiment In, including sending module 100, receiving module 101 and deciphering module 102.Wherein,

Sending module 100：Account distribution request packet is sent to block chain network.

Receiving module 101：The accounts information sent in response to the present node of the account distribution request packet is received, The accounts information endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key；

Deciphering module 102：The uniqueness Multi Digital Signature is decrypted to obtain with the public key of present node State accounts information.

Understood with reference to the above embodiments, the maximum beneficial effect of the present invention is that the present invention is coordinated by mobile terminal Certification node completes distribution and the verification process of accounts information.

Specifically, mobile terminal to be certified initiates the distribution request packet of accounts information by block chain to present node And write corresponding intersection record in block chain, present node is mobile terminal to be certified according to account information distribution request Distribute accounts information and corresponding intersection record is write in block chain to the distribution for completing accounts information.

Mobile terminal to be certified sends accounts information certification request packet by block chain to present node, and will be corresponding Intersection record write-in block chain in, present node according to accounts information certification request packet be mobile terminal authentication to be certified Accounts information simultaneously writes corresponding intersection record in block chain, completes the certification of accounts information.

Therefore, mobile terminal is shown, it coordinates certification node to complete distribution, certification and the revocation of accounts information, look into Each interaction is ask, ensures the accuracy and reliability of the data transfer of each interaction, coordinates certification node to complete dual Authentication mechanism.

The embodiment of the present invention also provides one kind a kind of mobile terminal, as shown in figure 8, for convenience of description, illustrate only The part related to the embodiment of the present invention, particular technique details do not disclose, refer to present invention method part.The end End can be to include mobile phone, tablet personal computer, PDA (Personal Digital Assistant, personal digital assistant), POS Any terminal device such as (Point of Sales, point-of-sale terminal), vehicle-mounted computer, so that terminal is mobile phone as an example：

Fig. 8 is illustrated that the block diagram of the part-structure of the mobile phone related to terminal provided in an embodiment of the present invention.Reference chart 8, mobile phone includes：The parts such as touch-sensitive display 0813, processor 0811, memory 0814.It will be understood by those skilled in the art that The handset structure shown in Fig. 8 does not form the restriction to mobile phone, can include than illustrating more or less parts, or group Close some parts, or different parts arrangement.

Each component parts of mobile phone is specifically introduced with reference to Fig. 8：

Memory 0814 can be used for storage software program and module, and processor 0811 is stored in memory by operation 0814 software program and module, so as to perform the various function application of mobile phone and data processing.Memory 0814 can be led To include storing program area and storage data field, wherein, storing program area can storage program area, needed at least one function Application program (such as sound-playing function, image player function etc.) etc.；Storage data field can store uses institute according to mobile phone Data (such as voice data, phone directory etc.) of establishment etc..Stored in addition, memory 0814 can include high random access Device, nonvolatile memory can also be included, a for example, at least disk memory, flush memory device or other volatibility are consolidated State memory device.

Touch-sensitive display 0813 may include both touch detecting apparatus and touch controller.Wherein, touch detection fills The touch orientation of detection user is put, and detects the signal that touch operation is brought, transmits a signal to touch controller；Touch control Device receives touch information from touch detecting apparatus, and is converted into contact coordinate, then gives processor, and can reception processing Order that device is sent simultaneously is performed.Furthermore, it is possible to using multiple types such as resistance-type, condenser type, infrared ray and surface acoustic waves Type realizes touch-sensitive display.

Touch-sensitive display 0813 can be used for display by the information of user's input or be supplied to the information and mobile phone of user Various menus, such as information editing interface.Touch-sensitive display 0813 may include display panel, optionally, can use liquid crystal Show device (Liquid Crystal Display, LCD), Organic Light Emitting Diode (Organic Light-Emitting Diode, ) etc. OLED form configures touch-sensitive display.Further, when touch-sensitive display 0813 detects the touch on or near it After operation, processor is sent to determine the type of touch event, is followed by subsequent processing device according to the type of touch event touch-sensitive aobvious Show and corresponding visual output is provided on device.

Mobile phone may also include at least one sensor 0812, such as optical sensor, motion sensor and other sensors. Specifically, optical sensor may include ambient light sensor and proximity transducer, wherein, ambient light sensor can be according to ambient light Light and shade adjust the brightness of display panel, proximity transducer can close display panel and/or the back of the body when mobile phone is moved in one's ear Light.As one kind of motion sensor, accelerometer sensor can detect in all directions the size of (generally three axles) acceleration, Size and the direction of gravity are can detect that when static, application (such as horizontal/vertical screen switching, related trip available for identification mobile phone posture Play, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap) etc.；The gyro that can also configure as mobile phone The other sensors such as instrument, barometer, hygrometer, thermometer, infrared ray sensor, will not be repeated here.

Processor 0811 is the control centre of mobile phone, using various interfaces and the various pieces of connection whole mobile phone, By running or performing the software program and/or module that are stored in memory 0814, and call and be stored in memory 0814 Interior data, the various functions and processing data of mobile phone are performed, so as to carry out integral monitoring to mobile phone.Optionally, processor 0811 may include one or more processing units；Preferably, processor 0811 can integrate application processor and modulation /demodulation processing Device, wherein, application processor mainly handles operating system, user interface and application program etc., and modem processor is mainly located Manage radio communication.It is understood that above-mentioned modem processor can not also be integrated into processor 0811.

Mobile phone also includes the power supply (such as battery) to all parts power supply, it is preferred that power supply can pass through power management System and processor 0811 are logically contiguous, so as to realize management charging, electric discharge and power managed etc. by power-supply management system Function.

Although being not shown, mobile phone can also include camera, bluetooth module etc., will not be repeated here.

In embodiments of the present invention, the processor 0811 included by the terminal also has following functions：

Account distribution request packet is sent to block chain network；

The block chain includes the first block for being used to store the private key of each node and for storing other guide Two blocks, present node include the accounts information, to be certified by handle the corresponding generation of the account distribution request packet The first intersection record write-in of the public key of the identity information of mobile terminal, the uniqueness Multi Digital Signature and certification node In second block, and first intersection record is broadcasted in block chain network.

Result after checking is fed back into the block chain.

One of ordinary skill in the art will appreciate that all or part of step of above-described embodiment be can by program come Related hardware is instructed to complete, the program can be stored in a computer-readable recording medium, and storage medium can include： Read-only storage (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), magnetic Disk or CD etc..

One of ordinary skill in the art will appreciate that all or part of step for realizing above-described embodiment is can to pass through journey Sequence come instruct correlation hardware complete, described program can be stored in a kind of computer-readable recording medium, mentioned above Storage medium can be read-only storage, disk or CD etc..

A kind of mobile terminal provided by the present invention is described in detail above, for the general technology people of this area Member, according to the thought of the embodiment of the present invention, there will be changes in specific embodiments and applications, in summary, This specification content should not be construed as limiting the invention.

Claims

A kind of 1. authentication management method of the mobile terminal based on block chain, it is characterised in that methods described includes:

Present node receives the account distribution request packet in block chain network；

Be that the mobile terminal to be certified specified distributes accounts information according to the account distribution request packet, and with it is described currently The private key of node generates uniqueness Multi Digital Signature to sign the accounts information；

The uniqueness Multi Digital Signature, the public key and accounts information of present node are broadcasted in block chain network；

Receive the knot fed back after the public key decryptions uniqueness Multi Digital Signature that the mobile terminal to be certified passes through present node Fruit, to confirm that the mobile terminal to be certified obtains the accounts information.
2. according to the method for claim 1, it is characterised in that the account distribution request packet includes described to be certified The identity information of mobile terminal, for being the mobile terminal to be certified specified according to the identity information of the mobile terminal to be certified Distribute accounts information.
3. according to the method for claim 2, it is characterised in that the block chain includes the private key for storing each node First block and the second block for storing other guide；It is described to be specified according to the account distribution request packet Mobile terminal to be certified distributes accounts information, and generates uniqueness Multi Digital Signature with the private key of the present node to sign After the step of accounts information, in addition to：

The body for including the accounts information, mobile terminal to be certified of the corresponding generation of the account distribution request packet will be handled First intersection record of the public key of part information, the uniqueness Multi Digital Signature and certification node writes second block In, and first intersection record is broadcasted in block chain network.
4. according to the method for claim 1, it is characterised in that it is more that the private key with the present node generates uniqueness The step of weight digital signature is to sign the accounts information specifically includes：

Public key, the uniqueness Multi Digital Signature of upper node generation to present node carry out random hash computing to generate one Individual random hash value；

The random hash value is encrypted to generate one currently with the private key of the certification node

The uniqueness Multi Digital Signature of node.
5. according to the method for claim 4, it is characterised in that public key, the upper node to present node generates Uniqueness Multi Digital Signature carries out random hash computing also to include before generating a random hash value：

The validity of the uniqueness Multi Digital Signature of a upper node is verified, after being verified, performs subsequent step.
6. according to the method for claim 5, it is characterised in that the uniqueness Multi Digital Signature of a described pair of upper node Specifically included in the step of validity is verified：

The uniqueness Multi Digital Signature of a upper node is decrypted the public key for using a node, if the random hash after decryption Value is consistent with the random hash value of present node, and the result according to decryption judges whether the Multi Digital Signature is effective.
7. according to the method for claim 1, it is characterised in that the identity information includes checking information, the checking letter Cease for the unique device identification code of the mobile terminal to be certified, it is more that the private key with the present node generates uniqueness Also include before the step of weight digital signature is to sign the accounts information：

The mobile terminal to be certified is verified according to the checking information.
8. according to the method for claim 3, it is characterised in that also include：

Present node obtains the account authentication request data package of the mobile terminal transmission to be certified in block chain, and described in acquisition The public key of mobile terminal to be certified.
9. according to the method for claim 8, it is characterised in that the present node obtains the shifting to be certified in block chain Also include after the account authentication request data package that dynamic terminal is sent：

The cipher-text information that the mobile terminal to be certified included in the account authentication request data package is sent is obtained, and uses institute The cipher-text information is decrypted the public key for stating mobile terminal to be certified, and the cipher-text information is the mobile terminal to be certified Generation is encrypted to the uniqueness Multi Digital Signature with its private key.
10. according to the method for claim 9, it is characterised in that described obtain is wrapped in the account authentication request data package The cipher-text information that the mobile terminal to be certified contained is sent, and the ciphertext is believed with the public key of the mobile terminal to be certified Breath also includes after being decrypted：

If the uniqueness Multi Digital Signature after contrast decryption distributes account with present node for the mobile terminal to be certified The uniqueness Multi Digital Signature of signature is consistent, then the mobile terminal to be certified passes through this certification.
11. according to the method for claim 8, it is characterised in that the mobile terminal sends the account authentication number of request After bag, the public key comprising the mobile terminal and the processing account authentication request data package are corresponded into the described close of generation Second intersection record of literary information is write in the second block of the block chain, and is broadcasted described second in block chain network and handed over Mutually record.
12. according to the method for claim 11, it is characterised in that also include：

Present node obtains the revocation account for including certification accounts information of the mobile terminal initiation to be certified in block chain Request data package；

According to the revocation account request packet corresponding accounts information is found from second intersection record；

Account information is write into revocation list, the revocation list is stored in second block of block chain.
13. according to the method for claim 12, it is characterised in that the accounts information by the certification is put into revocation After the step of list, in addition to：

By described in the 3rd intersection record write-in of the revocation list including handling the corresponding generation of revocation account request packet In second block of block chain, and the 3rd intersection record is broadcasted in block chain network.
14. according to the method for claim 11, it is characterised in that also include：

The authentication result information of mobile terminal to be certified is write in the second intersection record in the second block of the block chain And broadcast, the authentication result information include the mobile terminal authentication to be certified by and authentification failure.
15. according to the method for claim 3, it is characterised in that also include：

The account inquiries request that user terminal is sent is received, obtains the accounts information included in the account inquiries request；

Intersection record corresponding to from second block searching the accounts information according to the accounts information is to be checked to determine Ask the interaction results information of accounts information；

Interaction results information corresponding to the accounts information is sent so that the user terminal is according to the friendship to the user terminal Mutual object information determines the validity of the account to be checked.
16. according to the method for claim 15, it is characterised in that described to send the accounts information to the user terminal Corresponding interaction results information determines the effective of the account to be checked so as to the user terminal according to the interaction results information Property, specifically include：

Judge whether account is effective corresponding to accounts information to be checked according to the 3rd intersection record.
A kind of 17. acquisition methods of the accounts information based on block chain, it is characterised in that including：

Account distribution request packet is sent to block chain network；

Receive the accounts information sent in response to the present node of the account distribution request packet, the accounts information signature The uniqueness Multi Digital Signature that the certification node is generated with its private key；

The uniqueness Multi Digital Signature is decrypted to obtain the accounts information with the public key of present node.
18. according to the method for claim 17, it is characterised in that the block chain includes being used for the private key for storing each node The first block and the second block for storing other guide.
19. according to the method for claim 18, it is characterised in that present node will handle the account distribution request data The corresponding generation of bag includes the accounts information, the identity information of mobile terminal to be certified, the uniqueness Multi Digital Signature And the first intersection record of the public key of certification node is write in second block, and broadcast in block chain network described the One intersection record.
20. according to the method for claim 19, it is characterised in that also include：

Obtain the identity information that the mobile terminal to be certified in second block is stored in the accounts information relevance；

The identity information and the identity information of itself are contrasted, if unanimously, verifying that the accounts information is effective.
21. according to the method for claim 17, it is characterised in that also include：

Account authentication request data package is initiated to block chain, and sends the mobile terminal to be certified to block chain and is added with its private key The cipher-text information of close uniqueness Multi Digital Signature generation for present node according to account certification request packet with And the cipher-text information is authenticated to the mobile terminal to be certified.
22. according to the method for claim 18, it is characterised in that described to send account authentication request data package to block chain Also include afterwards：

By the public key comprising the mobile terminal and the ciphertext of the corresponding generation of the processing account authentication request data package Second intersection record of information is write in the second block of the block chain, and second interaction is broadcasted in block chain network Record.
23. according to the method for claim 20, it is characterised in that also include：

Result after checking is fed back into the block chain.
A kind of 24. authentication management device of the mobile terminal based on block chain, it is characterised in that including：

First receiving module：Present node receives the account distribution request packet in block chain network；

Distribute module：It is that the mobile terminal to be certified specified distributes accounts information according to the account distribution request packet, and Uniqueness Multi Digital Signature is generated to sign the accounts information with the private key of the present node；

Broadcast module：The uniqueness Multi Digital Signature, the public key of present node and account letter are broadcasted in block chain network Breath；

Second receiving module：The mobile terminal to be certified is received to pass through after the public key decryptions uniqueness Multi Digital Signature instead The information of feedback, to confirm that the mobile terminal to be certified obtains the accounts information.
25. device according to claim 24, it is characterised in that also include：

Authentication module：Present node obtains the account authentication request data package of the mobile terminal transmission to be certified in block chain, And obtain the public key of the mobile terminal to be certified.
26. device according to claim 24, it is characterised in that also include：

Cancel module：Present node block chain obtain that the mobile terminal to be certified initiates comprising certification accounts information Cancel account request packet；According to the revocation account request packet corresponding account is found from second intersection record Family information；Account information is write into revocation list, the revocation list is stored in second block of block chain.
27. the acquisition device of the accounts information based on block chain, it is characterised in that including：

Sending module：Account distribution request packet is sent to block chain network；

Receiving module：Receive the accounts information sent in response to the present node of the account distribution request packet, the account Family information endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key；

Deciphering module：The uniqueness Multi Digital Signature is decrypted with the public key of present node to obtain the account letter Breath.
28. a kind of authentication management device, it is characterised in that including processor and memory, calculating is stored with the memory Machine program, it is characterised in that the computer program realizes following steps when being executed by processor：

Present node receives the account distribution request packet in block chain network；

Be that the mobile terminal to be certified specified distributes accounts information according to the account distribution request packet, and with it is described currently The private key of node generates uniqueness Multi Digital Signature to sign the accounts information；

The uniqueness Multi Digital Signature, the public key and accounts information of present node are broadcasted in block chain network；

Receive the knot fed back after the public key decryptions uniqueness Multi Digital Signature that the mobile terminal to be certified passes through present node Fruit, to confirm that the mobile terminal to be certified obtains the accounts information.
29. a kind of mobile terminal, it is characterised in that including processor and memory, computer journey is stored with the memory Sequence, it is characterised in that the computer program realizes following steps when being executed by processor：

Account distribution request packet is sent to block chain network；

Receive the accounts information sent in response to the present node of the account distribution request packet, the accounts information signature The uniqueness Multi Digital Signature that the certification node is generated with its private key；

The uniqueness Multi Digital Signature is decrypted to obtain the accounts information with the public key of present node.