The content of the invention
The present invention provides a kind of mobile terminal authentication management method and device based on block chain, realizes mobile terminal account
The distribution and authentication management of information.
In a first aspect, the present invention provides a kind of authentication management method of the mobile terminal based on block chain, methods described bag
Include:
Present node receives the account distribution request packet in block chain network;
It is that the mobile terminal to be certified specified distributes accounts information according to the account distribution request packet, and described in use
The private key of present node generates uniqueness Multi Digital Signature to sign the accounts information;
The uniqueness Multi Digital Signature, the public key and accounts information of present node are broadcasted in block chain network;
Fed back after receiving the public key decryptions uniqueness Multi Digital Signature that the mobile terminal to be certified passes through present node
Result, to confirm that the mobile terminal to be certified obtains the accounts information.
Specifically, the account distribution request packet includes the identity information of the mobile terminal to be certified, for root
Identity information according to the mobile terminal to be certified is the mobile terminal to be certified distribution accounts information specified.
Preferably, the block chain includes being used to store the first block of the private key of each node and for storing in other
The second block held;It is described according to the account distribution request packet be specify mobile terminal to be certified distribution account letter
Breath, and after generating the step of uniqueness Multi Digital Signature is to sign the accounts information with the private key of the present node,
Also include:
Include the accounts information, mobile terminal to be certified by handle the corresponding generation of the account distribution request packet
Identity information, the uniqueness Multi Digital Signature and certification node public key the first intersection record write-in described second
In block, and first intersection record is broadcasted in block chain network.
Believed specifically, the private key with the present node generates uniqueness Multi Digital Signature with signing the account
The step of breath, specifically includes:
Public key, the uniqueness Multi Digital Signature of upper node generation to present node carry out random hash computing with life
Into a random hash value;
The random hash value is encrypted with the unique of one present node of generation with the private key of the certification node
Property Multi Digital Signature.
Specifically, the uniqueness Multi Digital Signature that public key, the upper node to present node generates is carried out at random
Hash operations are also included before with generating a random hash value:
The validity of the uniqueness Multi Digital Signature of a upper node is verified, after being verified, performed follow-up
Step.
It is specifically, specific in the step of validity of the uniqueness Multi Digital Signature of a described pair of upper node is verified
Including:
The uniqueness Multi Digital Signature of a upper node is decrypted the public key for using a node, if random after decryption
Hashed value is consistent with the random hash value of present node, and the result according to decryption judges whether the Multi Digital Signature is effective.
Specifically, the identity information includes checking information, the checking information be the mobile terminal to be certified only
One property EIC equipment identification code, the private key with the present node generates uniqueness Multi Digital Signature to be believed with signing the account
Also include before the step of breath:
The mobile terminal to be certified is verified according to the checking information.
Preferably, in addition to:
Present node obtains the account authentication request data package of the mobile terminal transmission to be certified in block chain, and obtains
The public key of the mobile terminal to be certified.
Specifically, the present node obtains the account authentication number of request of the mobile terminal transmission to be certified in block chain
Also include afterwards according to bag:
The cipher-text information that the mobile terminal to be certified included in the account authentication request data package is sent is obtained, and
The cipher-text information is decrypted with the public key of the mobile terminal to be certified, the cipher-text information is the movement to be certified
Generation is encrypted to the uniqueness Multi Digital Signature with its private key in terminal.
Specifically, described obtain what the mobile terminal to be certified included in the account authentication request data package was sent
Cipher-text information, and also include after the cipher-text information is decrypted with the public key of the mobile terminal to be certified:
If the uniqueness Multi Digital Signature after contrast decryption distributes account with present node for the mobile terminal to be certified
The uniqueness Multi Digital Signature signed during family is consistent, then the mobile terminal to be certified passes through this certification.
Specifically, after the mobile terminal sends the account authentication request data package, the mobile terminal will be included
The second intersection record write-in institute of public key and the cipher-text information of the corresponding generation of the processing account authentication request data package
In the second block for stating block chain, and second intersection record is broadcasted in block chain network.
Preferably, in addition to:
Present node obtains the revocation for including certification accounts information of the mobile terminal initiation to be certified in block chain
Account request packet;
According to the revocation account request packet corresponding accounts information is found from second intersection record;
Account information is write into revocation list, the revocation list is stored in second block of block chain.
Specifically, after the step of accounts information by the certification is put into revocation list, in addition to:
3rd intersection record of the revocation list including handling the corresponding generation of revocation account request packet is write
In second block of the block chain, and the 3rd intersection record is broadcasted in block chain network.
Specifically, also include:
The the second interaction note authentication result information of mobile terminal to be certified write in the second block of the block chain
In record and broadcast, the authentication result information include the mobile terminal authentication to be certified by and authentification failure.
Preferably, in addition to:
The account inquiries request that user terminal is sent is received, obtains the accounts information included in the account inquiries request;
Intersection record corresponding to from second block searching the accounts information according to the accounts information is to determine
The interaction results information of accounts information to be checked;
Interaction results information corresponding to the accounts information is sent so as to the user terminal foundation to the user terminal
The interaction results information determines the validity of the account to be checked.
Specifically, described send interaction results information corresponding to the accounts information so as to the use to the user terminal
Family terminal determines the validity of the account to be checked according to the interaction results information, specifically includes:
Judge whether account is effective corresponding to accounts information to be checked according to the 3rd intersection record.
Second aspect, the present invention provide a kind of acquisition methods of the accounts information based on block chain, including:
Account distribution request packet is sent to block chain network;
Receive the accounts information sent in response to the present node of the account distribution request packet, the accounts information
It endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key;
The uniqueness Multi Digital Signature is decrypted to obtain the accounts information with the public key of present node.
Specifically, the block chain includes being used to store the first block of the private key of each node and for storing in other
The second block held.
Specifically, present node believes the account that includes for handling the corresponding generation of the account distribution request packet
The first of the public key of breath, the identity information of mobile terminal to be certified, the uniqueness Multi Digital Signature and certification node is handed over
Mutually record is write in second block, and first intersection record is broadcasted in block chain network.
Preferably, in addition to:
The identity for obtaining the mobile terminal to be certified being stored in the accounts information relevance in second block is believed
Breath;
The identity information and the identity information of itself are contrasted, if unanimously, verifying that the accounts information is effective.
Specifically, also include:
Account authentication request data package is initiated to block chain, and the mobile terminal to be certified is sent with its private to block chain
Key encrypts the cipher-text information of the uniqueness Multi Digital Signature generation so that present node is according to account certification request data
Bag and the cipher-text information are authenticated to the mobile terminal to be certified.
Specifically, described sent to block chain also includes after account authentication request data package:
By described in the public key comprising the mobile terminal and the corresponding generation of the processing account authentication request data package
Second intersection record of cipher-text information is write in the second block of the block chain, and described second is broadcasted in block chain network
Intersection record.
Preferably, in addition to:
Result after checking is fed back into the block chain.
The third aspect, the present invention provide a kind of authentication management device of the mobile terminal based on block chain, including:
First receiving module:Present node receives the account distribution request packet in block chain network;
Distribute module:It is the mobile terminal to be certified distribution account letter specified according to the account distribution request packet
Breath, and uniqueness Multi Digital Signature is generated to sign the accounts information with the private key of the present node;
Broadcast module:The uniqueness Multi Digital Signature, the public key and account of present node are broadcasted in block chain network
Family information;
Second receiving module:Receive the mobile terminal to be certified and pass through the public key decryptions uniqueness Multi Digital Signature
Feedack afterwards, to confirm that the mobile terminal to be certified obtains the accounts information.
Specifically, also include:
Authentication module:Present node obtains the account authentication request data of the mobile terminal transmission to be certified in block chain
Bag, and obtain the public key of the mobile terminal to be certified.
Specifically, also include:
Cancel module:Present node obtains believing comprising certification account for the mobile terminal initiation to be certified in block chain
The revocation account request packet of breath;Found according to the revocation account request packet from second intersection record correspondingly
Accounts information;Account information is write into revocation list, the revocation list is stored in second block of block chain.
Fourth aspect, the present invention provide a kind of acquisition device of the accounts information based on block chain, including:
Sending module:Account distribution request packet is sent to block chain network;
Receiving module:Receive the accounts information sent in response to the present node of the account distribution request packet, institute
State accounts information and endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key;
Deciphering module:The uniqueness Multi Digital Signature is decrypted to obtain the account with the public key of present node
Family information.
5th aspect, the present invention provide a kind of authentication management device, including processor and memory, deposited in the memory
Contain computer program, it is characterised in that the computer program realizes following steps when being executed by processor:
Present node receives the account distribution request packet in block chain network;
It is that the mobile terminal to be certified specified distributes accounts information according to the account distribution request packet, and described in use
The private key of present node generates uniqueness Multi Digital Signature to sign the accounts information;
The uniqueness Multi Digital Signature, the public key and accounts information of present node are broadcasted in block chain network;
Fed back after receiving the public key decryptions uniqueness Multi Digital Signature that the mobile terminal to be certified passes through present node
Result, to confirm that the mobile terminal to be certified obtains the accounts information.
6th aspect, the present invention provide a kind of mobile terminal, including processor and memory, are stored with the memory
Computer program, it is characterised in that the computer program realizes following steps when being executed by processor:
Account distribution request packet is sent to block chain network;
Receive the accounts information sent in response to the present node of the account distribution request packet, the accounts information
It endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key;
The uniqueness Multi Digital Signature is decrypted to obtain the accounts information with the public key of present node.
Compared with prior art, scheme provided by the invention has the advantage that:
1st, the present invention provides a kind of authentication management method of the mobile terminal based on block chain, and rank is distributed in accounts information
Section, shows certification node one end, and present node receives the accounts information that mobile terminal to be certified is sent by block chain and distributed
Request data package, accounts information is distributed for mobile terminal, and generate Multi Digital Signature signature account information.Accordingly, table
Present mobile terminal, mobile terminal receive the accounts information, and with the public key decryptions Multi Digital Signature of present node to obtain
Take accounts information and verify the validity of accounts information.In accounts information authentication phase, certification node one end is shown, works as prosthomere
Point receives the accounts information certification request packet that mobile terminal is sent by block chain, passes through decryption with the public key of mobile terminal
Convert to verify the identity of mobile terminal.Accordingly, mobile terminal is shown, mobile terminal is sent out by block chain to present node
The accounts information certification request for including the Multi Digital Signature with its private key encryption is sent, so that present node passes through corresponding decryption
The certification of accounts information is completed in computing.The present invention ensure that the accurate of whole verification process using the mechanism of above-mentioned double authentication
Property.In addition, the present invention will distribute the intersection record of account and the intersection record of certification account is write on block chain, with reference to block chain
Distributed feature, all nodes all save interactive record, therefore ensure that the validity and reliability of each intersection record.
2nd, specifically, present invention incorporates the opening of block chain with can not tamper, each node can participate in
In block chain network, each node allows the copy for obtaining a complete intersection record, it is single even more than node to area
The modification of data can not all influence the data of other nodes on block chain, any node failure, remaining node still can normal work,
So that verification process reduces the risk that intersection record is maliciously tampered independent of single source.
3rd, center is gone to present invention incorporates block chain, goes to trust, in the absence of the facilities and administration mechanism of centralization, node
Between data interaction verified by uniqueness Multi Digital Signature technology, specifically, present node with its private key give birth to
Into uniqueness Multi Digital Signature signature distribution accounts information, on the one hand can determine that account information be strictly by working as prosthomere
What point was signed and sent, on the other hand, the integrality of the accounts information sent is ensure that, improves the accuracy of verification process.
4th, the present invention knows whether accounts information is revoked by the 3rd intersection record of real-time query current block chain,
Solve the problems, such as that user can not know whether accounts information is revoked in time.
To sum up, the method for the invention improves the accuracy of verification process, reduces what intersection record was maliciously tampered
Risk, in addition, the present invention without being managed by physical equipments such as usim cards to mobile terminal, save production and transportation into
This, finally, mobile terminal and certification node can take any-mode to be connected in block chain network, increase the flexible of networking
Property.
The additional aspect of the present invention and advantage will be set forth in part in the description, and these will become from the following description
Obtain substantially, or recognized by the practice of the present invention.
Embodiment
Embodiments of the invention are described below in detail, the example of the embodiment is shown in the drawings, wherein from beginning to end
Same or similar label represents same or similar element or the element with same or like function.Below with reference to attached
The embodiment of figure description is exemplary, is only used for explaining the present invention, and is not construed as limiting the claims.
Referring to Fig. 1, a kind of authentication management method of mobile terminal based on block chain provided by the present invention, specifically
In a kind of embodiment, specifically comprise the following steps:
S11, present node receive the account distribution request packet in block chain network.
In the embodiment of the present invention, the mobile terminal to be certified sends account distribution request packet in block chain network
To ask present node to distribute accounts information, the account distribution request packet includes the identity of the mobile terminal to be certified
Information, it is described for being that the mobile terminal to be certified specified distributes accounts information according to the identity information of mobile terminal to be certified
Identity information can be described in EIC equipment identification code or equipment Serial Number of the mobile terminal to be certified etc. can be characterized with uniqueness
The information of the identity of mobile terminal to be certified.
After the mobile terminal to be certified sends account distribution request packet, by account distribution request packet pair
For other querying nodes or acquisition data in the intersection record write-in block chain that should be generated.
S12, according to the account distribution request packet it is that the mobile terminal to be certified specified distributes accounts information, is used in combination
The private key of present node generates uniqueness Multi Digital Signature to sign the accounts information.
In the embodiment of the present invention, included after the present node reception account distribution request packet according to it to be certified
The identity information of mobile terminal distributes accounts information for the mobile terminal to be certified, and is generated only with the private key of present node
One property Multi Digital Signature signs the accounts information so that mobile terminal to be certified is by verifying that the multiple numeral of the uniqueness is signed
Name ensures that the accuracy of account information and account information are strictly as transmitted by present node.
Communicated in the distributed network of block chain, between node and reach trust, it is necessary to rely on multiple numeral label
Name technology, it mainly realizes identity validation and information authenticity, integrity verification.Multi Digital Signature is that solve network to lead to
A kind of effective ways of data safety in letter, the dialectical and certification to transmitting data in network can be realized, is to traditional handwriting
A kind of simulation of signature.
Fig. 2 is refer to, Fig. 2 shows that a kind of possible present node generates uniqueness Multi Digital Signature with its private key
Flow chart, wherein, comprise the following steps that:
Be to present node the node 1 in figure public key and a upper node i.e. figure in node 0 generate uniqueness it is more
Weight digital signature carries out random hash computing to generate a random hash value;
To the random hash value with the private key of present node be encrypted with generate a present node uniqueness it is more
Weight digital signature.
If the public key of present node and the uniqueness Multi Digital Signature of upper node generation form message plaintext M, right
Message M carries out hash operations and obtains its hashed value i.e. eap-message digest z=H (M), to the private key encryption of the hashed value present node
Generate uniqueness Multi Digital Signature s=sig (k, H (M)), wherein k be present node private key, the present node uniqueness
Multi Digital Signature is signed the accounts information and sent by block chain network to mobile terminal to be certified.
In the embodiment of the present invention, present node is signed with generation uniqueness Multi Digital Signature and with the multiple numeral of the uniqueness
The process that name signs the accounts information is always specifically related to that message hash with hash function the algorithm of conversion and with disappearing
Breath signature algorithm is signed to message.
Specifically, hash function is a kind of plucking for message that the input message of different length can be converted into regular length
The function wanted.The length that hash function is applied in Multi Digital Signature not only shorten to message also greatly enhances
The speed of signature.At present, conventional hash function has the MD series of Rivest inventions, NIST (American National Standard technical research
Institute) propose SHA series.
Multi Digital Signature is attached to some data in data cell, or the password done to data cell becomes
Change.This data or conversion allow the recipient of data cell to be used for the integrality for confirming data cell source and data cell,
And data are protected to prevent from being forged by people.Applied in the present invention, the present invention is using Multi Digital Signature algorithm to working as prosthomere
The public key of point, the uniqueness Multi Digital Signature of upper node generation carry out the summary present node generated after hash operations
Private key carries out cryptographic transformation generation uniqueness Multi Digital Signature, for signing the accounts information, and by the account and
The uniqueness Multi Digital Signature is sent to mobile terminal to be certified, the mobile terminal to be certified by block chain network to be passed through
Block chain obtains endorsed and carries out corresponding inverse transformation after the accounts information of uniqueness Multi Digital Signature and obtain accounts information.
Please continue to refer to Fig. 2, the public key of present node and the uniqueness Multi Digital Signature of upper node generation in Fig. 2
Random hash computing is carried out also to include before generating a random hash value:
The validity of the uniqueness Multi Digital Signature of a upper node is verified, after being verified, performed follow-up
Step.In right side square frame i.e. in figure, with the Multi Digital Signature of the generation of public key check-node 1 of node 1.
During multi-signature, each node first verifies a uniqueness Multi Digital Signature signature before signing
Whether effectively (do not have to judge during first node signature).If uniqueness Multi Digital Signature is effective, with the private key of oneself
Signed, obtained uniqueness Multi Digital Signature is then sent to next node.
In a kind of possible design, what the validity of the uniqueness Multi Digital Signature of a described pair of upper node was verified
Specifically included in step:
The uniqueness Multi Digital Signature of a upper node is decrypted the public key for using a node, if random after decryption
Hashed value is consistent with the random hash value of present node, then judges that the Multi Digital Signature is effective.
Two big main functions of combination of the embodiment of the present invention Multi Digital Signature in the transmitting procedure of message:Ensure message
The authentication of the integrality of message and offer to sender of the message in transmitting procedure.I.e. sender encloses when sending message
Uniqueness Multi Digital Signature corresponding to the message, recipient receive the message and uniqueness Multi Digital Signature, pass through solution
The summary of message after the close uniqueness Multi Digital Signature with receiving is contrasted to complete sign test.
In the embodiment of the present invention, the identity information includes checking information, and the checking information is the movement to be certified
The unique device identification code of terminal, the private key with the present node generate uniqueness Multi Digital Signature to sign
Also include before the step of stating accounts information:
The mobile terminal to be certified is verified according to the checking information.
S13, the uniqueness Multi Digital Signature, the public key of present node and account letter are broadcasted in block chain network
Breath.
In the embodiment of the present invention, the block chain includes being used to store the first block of the private key of each node and for depositing
Store up the second block of other guide.Preferably, also include before this step:It is corresponding that the account distribution request packet will be handled
Generation includes the accounts information, the identity information of mobile terminal to be certified, the uniqueness Multi Digital Signature and recognized
The first intersection record for demonstrate,proving the public key of node is write in the second block, and the first interaction note is broadcasted in block chain network
Record.
Specifically, after present node distributes accounts information for the mobile terminal to be certified, will endorsed described unique
Property Multi Digital Signature accounts information, the identity information of mobile terminal to be certified and the public key of present node as first hand over
Mutually in the second block of record write-in, each block on block chain has a database to be used to store the interaction on the block
Record, its equivalent to one " account book ", present node by the accounts information that endorsed the uniqueness Multi Digital Signature, wait to recognize
The concrete form that the public key of the identity information and present node of demonstrate,proving mobile terminal writes and is stored in second block can
To be to be stored in a kind of corresponding relation mapped one by one in the database of second block so as to subsequent query.
The transaction that mobile terminal authentication management method of the present invention based on block chain combines block chain network is transparent
Property and can not tamper the characteristics of, the part write-in block chain using the distribution of accounts information and certification as interaction will be each
The record of individual interaction is all recorded in real time in corresponding block, forms a kind of hardly possible distributed data base being modified,
Improve the validity of accounts information.
Specifically, just because of in the method for the invention, present node is broadcasted described unique in block chain network
Property Multi Digital Signature, the public key and accounts information of present node so that each node can receive broadcast, each section
Point all allows the copy for obtaining database corresponding to the intersection record of complete present node, and intersection record each time is to all
Node be all visible, therefore, user may be coupled to arbitrary node and go to be authenticated so that verification process is independent of list
Individual source, reduce the risk that record is maliciously tampered.Here " distribution " is not only presented as the distributed storage of data,
It is also embodied in the distributed recording (being safeguarded jointly by system participant) of data.In addition, the data between node and node are handed over
Intercommunication is crossed Multi Digital Signature and verified, without mutual trust, a set of common recognition mechanism is based between node, common to safeguard entirely
The data of block chain, any one node failure, other nodes remain to normal work, lift the efficiency and reliability of data interaction.
After the public key decryptions uniqueness Multi Digital Signature that S14, the reception mobile terminal to be certified pass through present node
The result of feedback, to confirm that the mobile terminal to be certified obtains the accounts information.
In the embodiment of the present invention, after present node distributes accounts information for the mobile terminal to be certified, by endorsed
State the public key conduct of the accounts information of uniqueness Multi Digital Signature, the identity information of mobile terminal to be certified and present node
First intersection record is write in the second block, and it can be stored in second block with a kind of corresponding relation mapped one by one
Database in and broadcast the intersection record of this time, obtain this interaction when mobile terminal to be certified receives the backward block chain of broadcast
The related data of record.
Specifically, mobile terminal to be certified obtains the accounts information that endorsed the uniqueness Multi Digital Signature first
And go out the accounts information with the public key decryptions of present node.Mobile terminal to be certified obtains again to be stored up with account information relevance
The identity information for the mobile terminal to be certified being stored in database, by the identity information for contrasting the mobile terminal to be certified obtained
With the identity information of itself, if matching, it is the account to match with self-identity information to demonstrate the accounts information decrypted
Information, and the result fed back into present node by block chain network, present node are received after the result of feedback with this
To confirm accounts information that the acquisition for mobile terminal to be certified distributes to it.
Fig. 3 is refer to, also includes a step S15 in an alternative embodiment of the invention, for present node in block
Chain obtains the account authentication request data package that the mobile terminal to be certified is sent, and obtains the public affairs of the mobile terminal to be certified
Key.
In the embodiment of the present invention, acquisition for mobile terminal present node distribution to be certified endorsed the multiple numeral label of uniqueness
Account authentication request data package is sent to block chain after the accounts information of name, and sends the uniqueness with the private key of oneself to acquisition
Cipher-text information after Multi Digital Signature encryption.The mobile terminal to be certified is sent the account after account authentication request data package
Family certification request packet and the cipher-text information are write in second block and described in broadcast as the second intersection record
Second intersection record forms one permanent, reliable " account book " to record newest intersection record in real time.
After the mobile terminal to be certified broadcasts second intersection record, treated described in present node to block chain acquisition
The account authentication request data package that certification mobile terminal is sent, and obtain the public key of the mobile terminal to be certified.Specifically,
Present node obtains the cipher-text information that the mobile terminal to be certified included in the account authentication request data package is sent, and
The cipher-text information is decrypted with the public key of the mobile terminal to be certified, the multiple numeral label of the uniqueness after contrast decryption
Whether the uniqueness Multi Digital Signature that name is signed when distributing account with present node for the mobile terminal to be certified is consistent, if
Unanimously, then the mobile terminal to be certified passes through this certification.
Preferably, the authentication result of mobile terminal to be certified is believed after the complete mobile terminal to be certified of present node certification
In the second intersection record that breath is write in the second block of the block chain and broadcast, the authentication result information includes described treat
Certification mobile terminal authentication by and authentification failure.
Also include a step S16 please continue to refer to Fig. 3, in an alternative embodiment of the invention and be used for present node in area
Block chain obtains the revocation account request packet for including certification accounts information that the mobile terminal to be certified is initiated;According to institute
State revocation account request packet and find corresponding accounts information from second intersection record;The write-in of account information is removed
List is sold, the revocation list is stored in second block of block chain.
In the embodiment of the present invention, it will can be distributed after the accounts information of the complete mobile terminal to be certified of present node certification
Accounts information cancelled.The operation of the wherein revocation can be that the revocation initiated by mobile terminal to be certified is asked and triggered
Revocation.
The mobile terminal to be certified sends the revocation account request for including certification accounts information into block chain network
Packet, present node to block chain network obtain the revocation account request packet and according to the accounts information that wherein carries from
Second intersection record corresponding to being found in second intersection record, the write-in of account information is removed according to second intersection record
List is sold, specifically, checks whether account information has completed certification in the second intersection record, if so, then performing revocation
Operation, is not otherwise performed.
In a kind of possible design, present node can also be judged whether by the second intersection record described in real-time query
There is account to wait to cancel, if so, then triggering destruction operation automatically.
Specifically, present node searches the transaction record that mobile terminal to be certified initiates transaction from block chain, finds
What newest transaction and taking out wherein included distributed or the accounts information of certification.Wherein, if can be from newest transaction
The accounts information of certification is taken out, then explanation has voidable accounts information, does not otherwise have, and directly returns.If revocable
Account, then present node by corresponding accounts information write revocation list, and will include handle it is described revocation account request number
Write according to the 3rd intersection record of the revocation list of the corresponding generation of bag in the second block of the block chain, and in block chain network
Middle broadcast the 3rd intersection record.
In a kind of possible design, destruction operation when present node cancels to the accounts information can treated
Certification mobile terminal is initiated the lower triggering of revocation request or triggered under the revocation request that present node is initiated, and its is specific
Trigger mechanism do not limit herein.
Preferably, the embodiment of the present invention also includes receiving the account inquiries request that user terminal is sent, and obtains the account
The accounts information included in inquiry request;The accounts information is searched according to the accounts information from second block to correspond to
Intersection record to determine the interaction results information of accounts information to be checked;The accounts information pair is sent to the user terminal
The interaction results information answered determines according to the interaction results information validity of the account to be checked so as to the user terminal.
Preferably, accounts information pair to be checked can also be judged according to the 3rd intersection record by inquiring about the validity of accounts information
Whether the account answered is effective, specifically, it is only necessary to is known by inquiring about the 3rd intersection record on block chain.
With reference to shown in figure 4, the present invention also provides a kind of mobile terminal authentication managing device based on block chain, and one kind is implemented
In example, including the first receiving module 11, distribute module 12, the receiving module 14 of broadcast module 13 and second.Fig. 5 is refer to, separately
Also include authentication module 15 and revocation module 16 in one embodiment wherein,
First receiving module 11:Present node receives the account distribution request packet in block chain network;
In the embodiment of the present invention, the mobile terminal to be certified sends account distribution request packet in block chain network
To ask present node to distribute accounts information, the account distribution request packet includes the identity of the mobile terminal to be certified
Information, it is described for being that the mobile terminal to be certified specified distributes accounts information according to the identity information of mobile terminal to be certified
Identity information can be described in EIC equipment identification code or equipment Serial Number of the mobile terminal to be certified etc. can be characterized with uniqueness
The information of the identity of mobile terminal to be certified.
After the mobile terminal to be certified sends account distribution request packet, by account distribution request packet pair
For other querying nodes or acquisition data in the intersection record write-in block chain that should be generated.
Distribute module 12:It is the mobile terminal to be certified distribution account letter specified according to the account distribution request packet
Breath, and uniqueness Multi Digital Signature is generated to sign the accounts information with the private key of the present node;
In the embodiment of the present invention, included after the present node reception account distribution request packet according to it to be certified
The identity information of mobile terminal distributes accounts information for the mobile terminal to be certified, and is generated only with the private key of present node
One property Multi Digital Signature signs the accounts information so that mobile terminal to be certified is by verifying that the multiple numeral of the uniqueness is signed
Name ensures that the accuracy of account information and account information are strictly as transmitted by present node.
Communicated in the distributed network of block chain, between node and reach trust, it is necessary to rely on multiple numeral label
Name technology, it mainly realizes identity validation and information authenticity, integrity verification.Multi Digital Signature is that solve network to lead to
A kind of effective ways of data safety in letter, the dialectical and certification to transmitting data in network can be realized, is to traditional handwriting
A kind of simulation of signature.
In a kind of possible design, the uniqueness Multi Digital Signature of the private key of present invention present node generation it is specific
Step is as follows:
The uniqueness Multi Digital Signature of public key and the generation of a upper node to present node carries out random hash computing
To generate a random hash value;
The random hash value is encrypted with the unique of one present node of generation with the private key of the certification node
Property Multi Digital Signature.
If the public key of present node and the uniqueness Multi Digital Signature of upper node generation form message plaintext M, right
Message M carries out hash operations and obtains its hashed value i.e. eap-message digest z=H (M), to the private key encryption of the hashed value present node
Generate uniqueness Multi Digital Signature s=sig (k, H (M)), wherein k be present node private key, the present node uniqueness
Multi Digital Signature is signed the accounts information and sent by block chain network to mobile terminal to be certified.
In the embodiment of the present invention, present node is signed with generation uniqueness Multi Digital Signature and with the multiple numeral of the uniqueness
The process that name signs the accounts information is always specifically related to that message hash with hash function the algorithm of conversion and with disappearing
Breath signature algorithm is signed to message.
Specifically, hash function is a kind of plucking for message that the input message of different length can be converted into regular length
The function wanted.The length that hash function is applied in Multi Digital Signature not only shorten to message also greatly enhances
The speed of signature.At present, conventional hash function has the MD series of Rivest inventions, NIST (American National Standard technical research
Institute) propose SHA series.
Multi Digital Signature is attached to some data in data cell, or the password done to data cell becomes
Change.This data or conversion allow the recipient of data cell to be used for the integrality for confirming data cell source and data cell,
And data are protected to prevent from being forged by people.Applied in the present invention, the present invention is using Multi Digital Signature algorithm to working as prosthomere
The public key of point, the uniqueness Multi Digital Signature of upper node generation carry out the summary present node generated after hash operations
Private key carries out cryptographic transformation generation uniqueness Multi Digital Signature, for signing the accounts information, and by the account and
The uniqueness Multi Digital Signature is sent to mobile terminal to be certified, the mobile terminal to be certified by block chain network to be passed through
Block chain obtains endorsed and carries out corresponding inverse transformation after the accounts information of uniqueness Multi Digital Signature and obtain accounts information.
In the embodiment of the present invention, the uniqueness Multi Digital Signature of the public key of present node and the generation of a upper node is carried out
Random hash computing is also included before with generating a random hash value:
The validity of the uniqueness Multi Digital Signature of a upper node is verified, after being verified, performed follow-up
Step.
During multi-signature, each node first verifies a uniqueness Multi Digital Signature signature before signing
Whether effectively (do not have to judge during first node signature).If uniqueness Multi Digital Signature is effective, with the private key of oneself
Signed, obtained uniqueness Multi Digital Signature is then sent to next node.
In a kind of possible design, what the validity of the uniqueness Multi Digital Signature of a described pair of upper node was verified
Specifically included in step:
The uniqueness Multi Digital Signature of a upper node is decrypted the public key for using a node, if random after decryption
Hashed value is consistent with the random hash value of present node, then judges that the Multi Digital Signature is effective.
Two big main functions of combination of the embodiment of the present invention Multi Digital Signature in the transmitting procedure of message:Ensure message
The authentication of the integrality of message and offer to sender of the message in transmitting procedure.I.e. sender encloses when sending message
Uniqueness Multi Digital Signature corresponding to the message, recipient receive the message and uniqueness Multi Digital Signature, pass through solution
The summary of message after the close uniqueness Multi Digital Signature with receiving is contrasted to complete sign test.
In the embodiment of the present invention, the identity information includes checking information, and the checking information is the movement to be certified
The unique device identification code of terminal, the private key with the present node generate uniqueness Multi Digital Signature to sign
Also include before the step of stating accounts information:
The mobile terminal to be certified is verified according to the checking information.
Broadcast module 13:Broadcasted in block chain network the uniqueness Multi Digital Signature, present node public key and
Accounts information;
In the embodiment of the present invention, the block chain includes being used to store the first block of the private key of each node and for depositing
Store up the second block of other guide.Preferably, also include before this step:It is corresponding that the account distribution request packet will be handled
Generation includes the accounts information, the identity information of mobile terminal to be certified, the uniqueness Multi Digital Signature and recognized
The first intersection record for demonstrate,proving the public key of node is write in the second block, and the first interaction note is broadcasted in block chain network
Record.
Specifically, after present node distributes accounts information for the mobile terminal to be certified, will endorsed described unique
Property Multi Digital Signature accounts information, the identity information of mobile terminal to be certified and the public key of present node as first hand over
Mutually in the second block of record write-in, each block on block chain has a database to be used to store the interaction on the block
Record, its equivalent to one " account book ", present node by the accounts information that endorsed the uniqueness Multi Digital Signature, wait to recognize
The concrete form that the public key of the identity information and present node of demonstrate,proving mobile terminal writes and is stored in second block can
To be to be stored in a kind of corresponding relation mapped one by one in the database of second block so as to subsequent query.
The transaction that mobile terminal authentication management method of the present invention based on block chain combines block chain network is transparent
Property and can not tamper the characteristics of, the part write-in block chain using the distribution of accounts information and certification as interaction will be each
The record of individual interaction is all recorded in real time in corresponding block, forms a kind of hardly possible distributed data base being modified,
Improve the validity of accounts information.
Specifically, just because of in the method for the invention, present node is broadcasted described unique in block chain network
Property Multi Digital Signature, the public key and accounts information of present node so that each node can receive broadcast, each section
Point all allows the copy for obtaining database corresponding to the intersection record of complete present node, and intersection record each time is to all
Node be all visible, therefore, user may be coupled to arbitrary node and go to be authenticated so that verification process is independent of list
Individual source, reduce the risk that record is maliciously tampered.Here " distribution " is not only presented as the distributed storage of data,
It is also embodied in the distributed recording (being safeguarded jointly by system participant) of data.In addition, the data between node and node are handed over
Intercommunication is crossed Multi Digital Signature and verified, without mutual trust, a set of common recognition mechanism is based between node, common to safeguard entirely
The data of block chain, any one node failure, other nodes remain to normal work, lift the efficiency and reliability of data interaction.
Second receiving module 14:The mobile terminal to be certified is received to sign by the multiple numeral of the public key decryptions uniqueness
Feedack after name, to confirm that the mobile terminal to be certified obtains the accounts information.
In the embodiment of the present invention, after present node distributes accounts information for the mobile terminal to be certified, by endorsed
State the public key conduct of the accounts information of uniqueness Multi Digital Signature, the identity information of mobile terminal to be certified and present node
First intersection record is write in the second block, and it can be stored in second block with a kind of corresponding relation mapped one by one
Database in and broadcast the intersection record of this time, obtain this interaction when mobile terminal to be certified receives the backward block chain of broadcast
The related data of record.
Specifically, mobile terminal to be certified obtains the accounts information that endorsed the uniqueness Multi Digital Signature first
And go out the accounts information with the public key decryptions of present node.Mobile terminal to be certified obtains again to be stored up with account information relevance
The identity information for the mobile terminal to be certified being stored in database, by the identity information for contrasting the mobile terminal to be certified obtained
With the identity information of itself, if matching, it is the account to match with self-identity information to demonstrate the accounts information decrypted
Information, and the result fed back into present node by block chain network, present node are received after the result of feedback with this
To confirm accounts information that the acquisition for mobile terminal to be certified distributes to it.
Fig. 5 is refer to, also including authentication module 15 in an alternative embodiment of the invention is used for present node in block chain
The account authentication request data package that the mobile terminal to be certified is sent is obtained, and obtains the public affairs of the mobile terminal to be certified
Key.
In the embodiment of the present invention, acquisition for mobile terminal present node distribution to be certified endorsed the multiple numeral label of uniqueness
Account authentication request data package is sent to block chain after the accounts information of name, and sends the uniqueness with the private key of oneself to acquisition
Cipher-text information after Multi Digital Signature encryption.The mobile terminal to be certified is sent the account after account authentication request data package
Family certification request packet and the cipher-text information are write in second block and described in broadcast as the second intersection record
Second intersection record forms one permanent, reliable " account book " to record newest intersection record in real time.
After the mobile terminal to be certified broadcasts second intersection record, treated described in present node to block chain acquisition
The account authentication request data package that certification mobile terminal is sent, and obtain the public key of the mobile terminal to be certified.Specifically,
Present node obtains the cipher-text information that the mobile terminal to be certified included in the account authentication request data package is sent, and
The cipher-text information is decrypted with the public key of the mobile terminal to be certified, the multiple numeral label of the uniqueness after contrast decryption
Whether the uniqueness Multi Digital Signature that name is signed when distributing account with present node for the mobile terminal to be certified is consistent, if
Unanimously, then the mobile terminal to be certified passes through this certification.
Preferably, the authentication result of mobile terminal to be certified is believed after the complete mobile terminal to be certified of present node certification
In the second intersection record that breath is write in the second block of the block chain and broadcast, the authentication result information includes described treat
Certification mobile terminal authentication by and authentification failure.
Also include revocation module 16 please continue to refer to Fig. 5, in an alternative embodiment of the invention and be used for present node in area
Block chain obtains the revocation account request packet for including certification accounts information that the mobile terminal to be certified is initiated;According to institute
State revocation account request packet and find corresponding accounts information from second intersection record;The write-in of account information is removed
List is sold, the revocation list is stored in second block of block chain.
In the embodiment of the present invention, it will can be distributed after the accounts information of the complete mobile terminal to be certified of present node certification
Accounts information cancelled.The operation of the wherein revocation can be that the revocation initiated by mobile terminal to be certified is asked and triggered
Revocation.
The mobile terminal to be certified sends the revocation account request for including certification accounts information into block chain network
Packet, it is current to remember that node obtains the revocation account request packet and according to the accounts information wherein carried to block chain network
Second intersection record corresponding to being found from second intersection record, writes account information according to second intersection record
Revocation list, specifically, check whether account information has completed certification in the second intersection record, removed if so, then performing
Pin operation, is not otherwise performed.
In a kind of possible design, present node can also be judged whether by the second intersection record described in real-time query
There is account to wait to cancel, if so, then triggering destruction operation automatically.
Specifically, present node searches the transaction record that mobile terminal to be certified initiates transaction from block chain, finds
What newest transaction and taking out wherein included distributed or the accounts information of certification.Wherein, if can be from newest transaction
The accounts information of certification is taken out, then explanation has voidable accounts information, does not otherwise have, and directly returns.If revocable
Account, then present node by corresponding accounts information write revocation list, and will include handle it is described revocation account request number
Write according to the 3rd intersection record of the revocation list of the corresponding generation of bag in the second block of the block chain, and in block chain network
Middle broadcast the 3rd intersection record.
In a kind of possible design, destruction operation when present node cancels to the accounts information can treated
Certification mobile terminal is initiated the lower triggering of revocation request or triggered under the revocation request that present node is initiated, and its is specific
Trigger mechanism do not limit herein.
Preferably, the embodiment of the present invention also includes receiving the account inquiries request that user terminal is sent, and obtains the account
The accounts information included in inquiry request;The accounts information is searched according to the accounts information from second block to correspond to
Intersection record to determine the interaction results information of accounts information to be checked;The accounts information pair is sent to the user terminal
The interaction results information answered determines according to the interaction results information validity of the account to be checked so as to the user terminal.
Preferably, accounts information pair to be checked can also be judged according to the 3rd intersection record by inquiring about the validity of accounts information
Whether the account answered is effective, specifically, it is only necessary to is known by inquiring about the 3rd intersection record on block chain.
Summary embodiment understands that the maximum beneficial effect of the present invention is that the present invention distributes the account of mobile terminal
And account authentication writes block chain as a kind of transaction, with block chain by going to center, going to trust, merchandise transparent side
Formula collective safeguards the technical scheme of a reliable database so that the account distribution of mobile terminal and the data of account authentication
Interaction is reliably ensured.
Specifically, in terms of showing account distribution, the present invention receives what mobile terminal to be certified was initiated by present node
The request data package of account distribution, accounts information is distributed for mobile terminal to be certified, and it is more with the generation of the private key of present node
It is sent to mobile terminal to be certified by block chain network after weight digital signature signature account information.It is to be certified mobile whole
End obtains the validity of checking account information after account information and Multi Digital Signature.
In terms of showing account authentication, the present invention receives mobile terminal to be certified by present node and sent by block chain
Accounts information certification request packet, the encryption information included in account authentification of message request data package is obtained, with treating
Multi Digital Signature is obtained after the public key decryptions of the certification mobile terminal encryption information, the Multi Digital Signature after contrast decryption is
The Multi Digital Signature signed during the no distribution accounts information with present node is consistent, if unanimously, then it represents that the mobile terminal is recognized
Card passes through, and the result that certification passes through is write in the corresponding intersection record of block chain and broadcasted, and completes certification.
Therefore, the present invention is authenticated managing without using physical equipments such as usim cards to mobile terminal, saves life
Production and cost of transportation.Multi Digital Signature technology is used in the assigning process of accounts information to complete to test sender's identity
The validation verification of card and the accounts information sent;Private key encryption and decryption technology is used in the verification process of accounts information with complete
The checking of paired mobile terminal identity, both combine, and form dual authentication mechanism, lift the security of interaction, interaction number
According to validity and integrality.In addition, with reference to the distributed feature of block chain, all nodes all save interactive record, because
This user may be coupled to arbitrary node and go to be authenticated.So that verification process reduces record quilt independent of single source
The risk that malice is distorted.
Fig. 6 is refer to, the present invention also provides a kind of accounts information acquisition methods based on block chain, a kind of specific implementation
In mode, specifically comprise the following steps:
S100, to block chain network send account distribution request packet.
In the embodiment of the present invention, the mobile terminal to be certified sends account distribution request packet in block chain network
To ask present node to distribute accounts information, the account distribution request packet includes the identity of the mobile terminal to be certified
Information, it is described for being that the mobile terminal to be certified specified distributes accounts information according to the identity information of mobile terminal to be certified
Identity information can be described in EIC equipment identification code or equipment Serial Number of the mobile terminal to be certified etc. can be characterized with uniqueness
The information of the identity of mobile terminal to be certified.
After the mobile terminal to be certified sends account distribution request packet, by account distribution request packet pair
The second block in the intersection record write-in block chain that should be generated for other querying nodes or obtains data.
S101, receive the accounts information sent in response to the present node of the account distribution request packet, the account
Family information endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key;
After present node obtains the account distribution request packet to block chain, in response to account distribution request data
Wrap and distribute accounts information for the mobile terminal to be certified.
In a kind of possible design, the following scheme of present node concrete foundation is that mobile terminal to be certified distributes account letter
Breath:
First, present node obtains the identity letter of the mobile terminal to be certified in the account distribution request packet
Breath, and distribute accounts information according to the identity information for the mobile terminal to be certified.
2nd, the checking information that present node includes according to the identity information, the mobile terminal to be certified is carried out
Checking, after being verified, Multi Digital Signature and public affairs itself of the present node with its private key to last generation of merchandising
Key carries out the uniqueness Multi Digital Signature of the summary encryption generation present node of hash operations family generation, and more with the uniqueness
Weight digital signature signs the accounts information.
3rd, the accounts information that endorsed the uniqueness Multi Digital Signature is sent to be certified by block chain network
Mobile terminal.Mobile terminal to be certified receives account information and signed with the multiple numeral of the public key verifications of the present node uniqueness
Name is matched with to verify account information and the identity information of itself and account information is strictly as transmitted by present node
's.
S102, the uniqueness Multi Digital Signature is decrypted with the public key of present node and believed with obtaining the account
Breath.
After present node distributes accounts information for the mobile terminal to be certified, the multiple numeral of the uniqueness will be endorsed
The public key of the accounts information of signature, the identity information of mobile terminal to be certified and present node writes as the first intersection record
In second block, it can be stored in the database of second block and broadcasted with a kind of corresponding relation mapped one by one
The intersection record of this time, when mobile terminal to be certified receives the related data broadcasted backward block chain and obtain this intersection record.
Specifically, mobile terminal to be certified obtains the accounts information that endorsed the uniqueness Multi Digital Signature first
And go out the accounts information with the public key decryptions of present node.Mobile terminal to be certified obtains again to be stored up with account information relevance
The identity information for the mobile terminal to be certified being stored in database, by the identity information for contrasting the mobile terminal to be certified obtained
With the identity information of itself, if matching, it is the account to match with self-identity information to demonstrate the accounts information decrypted
Information.
Preferably, in the embodiment of the present invention, the mobile terminal to be certified decrypts what body identity information therewith matched
After accounts information, account authentication request data package is initiated to block chain.At the same time, the mobile terminal to be certified uses itself
Private key the uniqueness Multi Digital Signature of acquisition is encrypted cipher-text information corresponding to generation, and it is close to block chain to send this
Literary information simultaneously writes the account authentication request data package and the cipher-text information in the second block as the second intersection record
And broadcast.Present node obtains the account authentication request data package and the cipher-text information after receiving broadcast and the certification moves
The public key of dynamic terminal, and the cipher-text information described in the public key decryptions of mobile terminal to be certified obtains uniqueness Multi Digital Signature,
When the uniqueness Multi Digital Signature that present node contrast decrypts signs accounts information with it for the mobile terminal to be certified
The uniqueness Multi Digital Signature of signature, if the two is consistent, demonstrate the identity of mobile terminal to be certified.Preferably, currently
Using the result as the second intersection record write-in described second after the identity information of the complete mobile terminal to be certified of node verification
In case inquiry in block.This checking and the identity of mobile terminal to be certified checking present node are enough into dual authentication mechanism, carry
Rise the reliability of this programme.
With reference to shown in figure 7, the present invention also provides a kind of accounts information acquisition device based on block chain, a kind of embodiment
In, including sending module 100, receiving module 101 and deciphering module 102.Wherein,
Sending module 100:Account distribution request packet is sent to block chain network.
In the embodiment of the present invention, the mobile terminal to be certified sends account distribution request packet in block chain network
To ask present node to distribute accounts information, the account distribution request packet includes the identity of the mobile terminal to be certified
Information, it is described for being that the mobile terminal to be certified specified distributes accounts information according to the identity information of mobile terminal to be certified
Identity information can be described in EIC equipment identification code or equipment Serial Number of the mobile terminal to be certified etc. can be characterized with uniqueness
The information of the identity of mobile terminal to be certified.
After the mobile terminal to be certified sends account distribution request packet, by account distribution request packet pair
The second block in the intersection record write-in block chain that should be generated for other querying nodes or obtains data.
Receiving module 101:The accounts information sent in response to the present node of the account distribution request packet is received,
The accounts information endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key;
After present node obtains the account distribution request packet to block chain, in response to account distribution request data
Wrap and distribute accounts information for the mobile terminal to be certified.
In a kind of possible design, the following scheme of present node concrete foundation is that mobile terminal to be certified distributes account letter
Breath:
First, present node obtains the identity letter of the mobile terminal to be certified in the account distribution request packet
Breath, and distribute accounts information according to the identity information for the mobile terminal to be certified.
2nd, the checking information that present node includes according to the identity information, the mobile terminal to be certified is carried out
Checking, after being verified, Multi Digital Signature and public affairs itself of the present node with its private key to last generation of merchandising
Key carries out the uniqueness Multi Digital Signature of the summary encryption generation present node of hash operations family generation, and more with the uniqueness
Weight digital signature signs the accounts information.
3rd, the accounts information that endorsed the uniqueness Multi Digital Signature is sent to be certified by block chain network
Mobile terminal.Mobile terminal to be certified receives account information and signed with the multiple numeral of the public key verifications of the present node uniqueness
Name is matched with to verify account information and the identity information of itself and account information is strictly as transmitted by present node
's.
Deciphering module 102:The uniqueness Multi Digital Signature is decrypted to obtain with the public key of present node
State accounts information.
After present node distributes accounts information for the mobile terminal to be certified, the multiple numeral of the uniqueness will be endorsed
The public key of the accounts information of signature, the identity information of mobile terminal to be certified and present node writes as the first intersection record
In second block, it can be stored in the database of second block and broadcasted with a kind of corresponding relation mapped one by one
The intersection record of this time, when mobile terminal to be certified receives the related data broadcasted backward block chain and obtain this intersection record.
Specifically, mobile terminal to be certified obtains the accounts information that endorsed the uniqueness Multi Digital Signature first
And go out the accounts information with the public key decryptions of present node.Mobile terminal to be certified obtains again to be stored up with account information relevance
The identity information for the mobile terminal to be certified being stored in database, by the identity information for contrasting the mobile terminal to be certified obtained
With the identity information of itself, if matching, it is the account to match with self-identity information to demonstrate the accounts information decrypted
Information.
Preferably, in the embodiment of the present invention, the mobile terminal to be certified decrypts what body identity information therewith matched
After accounts information, account authentication request data package is initiated to block chain.At the same time, the mobile terminal to be certified uses itself
Private key the uniqueness Multi Digital Signature of acquisition is encrypted cipher-text information corresponding to generation, and it is close to block chain to send this
Literary information simultaneously writes the account authentication request data package and the cipher-text information in the second block as the second intersection record
And broadcast.Present node obtains the account authentication request data package and the cipher-text information after receiving broadcast and the certification moves
The public key of dynamic terminal, and the cipher-text information described in the public key decryptions of mobile terminal to be certified obtains uniqueness Multi Digital Signature,
When the uniqueness Multi Digital Signature that present node contrast decrypts signs accounts information with it for the mobile terminal to be certified
The uniqueness Multi Digital Signature of signature, if the two is consistent, demonstrate the identity of mobile terminal to be certified.Preferably, currently
Using the result as the second intersection record write-in described second after the identity information of the complete mobile terminal to be certified of node verification
In case inquiry in block.This checking and the identity of mobile terminal to be certified checking present node are enough into dual authentication mechanism, carry
Rise the reliability of this programme.
Understood with reference to the above embodiments, the maximum beneficial effect of the present invention is that the present invention is coordinated by mobile terminal
Certification node completes distribution and the verification process of accounts information.
Specifically, mobile terminal to be certified initiates the distribution request packet of accounts information by block chain to present node
And write corresponding intersection record in block chain, present node is mobile terminal to be certified according to account information distribution request
Distribute accounts information and corresponding intersection record is write in block chain to the distribution for completing accounts information.
Mobile terminal to be certified sends accounts information certification request packet by block chain to present node, and will be corresponding
Intersection record write-in block chain in, present node according to accounts information certification request packet be mobile terminal authentication to be certified
Accounts information simultaneously writes corresponding intersection record in block chain, completes the certification of accounts information.
Therefore, mobile terminal is shown, it coordinates certification node to complete distribution, certification and the revocation of accounts information, look into
Each interaction is ask, ensures the accuracy and reliability of the data transfer of each interaction, coordinates certification node to complete dual
Authentication mechanism.
The embodiment of the present invention also provides one kind a kind of mobile terminal, as shown in figure 8, for convenience of description, illustrate only
The part related to the embodiment of the present invention, particular technique details do not disclose, refer to present invention method part.The end
End can be to include mobile phone, tablet personal computer, PDA (Personal Digital Assistant, personal digital assistant), POS
Any terminal device such as (Point of Sales, point-of-sale terminal), vehicle-mounted computer, so that terminal is mobile phone as an example:
Fig. 8 is illustrated that the block diagram of the part-structure of the mobile phone related to terminal provided in an embodiment of the present invention.Reference chart
8, mobile phone includes:The parts such as touch-sensitive display 0813, processor 0811, memory 0814.It will be understood by those skilled in the art that
The handset structure shown in Fig. 8 does not form the restriction to mobile phone, can include than illustrating more or less parts, or group
Close some parts, or different parts arrangement.
Each component parts of mobile phone is specifically introduced with reference to Fig. 8:
Memory 0814 can be used for storage software program and module, and processor 0811 is stored in memory by operation
0814 software program and module, so as to perform the various function application of mobile phone and data processing.Memory 0814 can be led
To include storing program area and storage data field, wherein, storing program area can storage program area, needed at least one function
Application program (such as sound-playing function, image player function etc.) etc.;Storage data field can store uses institute according to mobile phone
Data (such as voice data, phone directory etc.) of establishment etc..Stored in addition, memory 0814 can include high random access
Device, nonvolatile memory can also be included, a for example, at least disk memory, flush memory device or other volatibility are consolidated
State memory device.
Touch-sensitive display 0813 may include both touch detecting apparatus and touch controller.Wherein, touch detection fills
The touch orientation of detection user is put, and detects the signal that touch operation is brought, transmits a signal to touch controller;Touch control
Device receives touch information from touch detecting apparatus, and is converted into contact coordinate, then gives processor, and can reception processing
Order that device is sent simultaneously is performed.Furthermore, it is possible to using multiple types such as resistance-type, condenser type, infrared ray and surface acoustic waves
Type realizes touch-sensitive display.
Touch-sensitive display 0813 can be used for display by the information of user's input or be supplied to the information and mobile phone of user
Various menus, such as information editing interface.Touch-sensitive display 0813 may include display panel, optionally, can use liquid crystal
Show device (Liquid Crystal Display, LCD), Organic Light Emitting Diode (Organic Light-Emitting Diode,
) etc. OLED form configures touch-sensitive display.Further, when touch-sensitive display 0813 detects the touch on or near it
After operation, processor is sent to determine the type of touch event, is followed by subsequent processing device according to the type of touch event touch-sensitive aobvious
Show and corresponding visual output is provided on device.
Mobile phone may also include at least one sensor 0812, such as optical sensor, motion sensor and other sensors.
Specifically, optical sensor may include ambient light sensor and proximity transducer, wherein, ambient light sensor can be according to ambient light
Light and shade adjust the brightness of display panel, proximity transducer can close display panel and/or the back of the body when mobile phone is moved in one's ear
Light.As one kind of motion sensor, accelerometer sensor can detect in all directions the size of (generally three axles) acceleration,
Size and the direction of gravity are can detect that when static, application (such as horizontal/vertical screen switching, related trip available for identification mobile phone posture
Play, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap) etc.;The gyro that can also configure as mobile phone
The other sensors such as instrument, barometer, hygrometer, thermometer, infrared ray sensor, will not be repeated here.
Processor 0811 is the control centre of mobile phone, using various interfaces and the various pieces of connection whole mobile phone,
By running or performing the software program and/or module that are stored in memory 0814, and call and be stored in memory 0814
Interior data, the various functions and processing data of mobile phone are performed, so as to carry out integral monitoring to mobile phone.Optionally, processor
0811 may include one or more processing units;Preferably, processor 0811 can integrate application processor and modulation /demodulation processing
Device, wherein, application processor mainly handles operating system, user interface and application program etc., and modem processor is mainly located
Manage radio communication.It is understood that above-mentioned modem processor can not also be integrated into processor 0811.
Mobile phone also includes the power supply (such as battery) to all parts power supply, it is preferred that power supply can pass through power management
System and processor 0811 are logically contiguous, so as to realize management charging, electric discharge and power managed etc. by power-supply management system
Function.
Although being not shown, mobile phone can also include camera, bluetooth module etc., will not be repeated here.
In embodiments of the present invention, the processor 0811 included by the terminal also has following functions:
Account distribution request packet is sent to block chain network;
Receive the accounts information sent in response to the present node of the account distribution request packet, the accounts information
It endorsed the uniqueness Multi Digital Signature that the certification node is generated with its private key;
The uniqueness Multi Digital Signature is decrypted to obtain the accounts information with the public key of present node.
The block chain includes the first block for being used to store the private key of each node and for storing other guide
Two blocks, present node include the accounts information, to be certified by handle the corresponding generation of the account distribution request packet
The first intersection record write-in of the public key of the identity information of mobile terminal, the uniqueness Multi Digital Signature and certification node
In second block, and first intersection record is broadcasted in block chain network.
The identity for obtaining the mobile terminal to be certified being stored in the accounts information relevance in second block is believed
Breath;
The identity information and the identity information of itself are contrasted, if unanimously, verifying that the accounts information is effective.
Account authentication request data package is initiated to block chain, and the mobile terminal to be certified is sent with its private to block chain
Key encrypts the cipher-text information of the uniqueness Multi Digital Signature generation so that present node is according to account certification request data
Bag and the cipher-text information are authenticated to the mobile terminal to be certified.
By described in the public key comprising the mobile terminal and the corresponding generation of the processing account authentication request data package
Second intersection record of cipher-text information is write in the second block of the block chain, and described second is broadcasted in block chain network
Intersection record.
Result after checking is fed back into the block chain.
One of ordinary skill in the art will appreciate that all or part of step of above-described embodiment be can by program come
Related hardware is instructed to complete, the program can be stored in a computer-readable recording medium, and storage medium can include:
Read-only storage (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), magnetic
Disk or CD etc..
One of ordinary skill in the art will appreciate that all or part of step for realizing above-described embodiment is can to pass through journey
Sequence come instruct correlation hardware complete, described program can be stored in a kind of computer-readable recording medium, mentioned above
Storage medium can be read-only storage, disk or CD etc..
A kind of mobile terminal provided by the present invention is described in detail above, for the general technology people of this area
Member, according to the thought of the embodiment of the present invention, there will be changes in specific embodiments and applications, in summary,
This specification content should not be construed as limiting the invention.