CN108471352B

CN108471352B - Processing method, system, computer equipment and storage medium based on distributed private key

Info

Publication number: CN108471352B
Application number: CN201810220635.0A
Authority: CN
Inventors: 张永强
Original assignee: Guangdong Xinjian Information Technology Co ltd; Shuan Times Technology Co ltd
Current assignee: Guangdong Xinjian Information Technology Co ltd; Shuan Times Technology Co ltd
Priority date: 2018-03-16
Filing date: 2018-03-16
Publication date: 2022-03-04
Anticipated expiration: 2038-03-16
Also published as: CN108471352A

Abstract

The application relates to a processing method based on a distributed private key, a computer device and a computer storage medium, wherein the processing method based on the distributed private key of one embodiment comprises the following steps: receiving a message sent by a client; and when the message meets the service end private key component using condition, sending a control instruction to the cipher machine, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate a service end private key component according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a service end platform identification. According to the scheme, a large amount of keys do not need to be stored in the cipher machine, the possibility that the stored keys are illegally acquired by a third party is avoided, and the safety of the private key component of the distributed private key is enhanced.

Description

Processing method, system, computer equipment and storage medium based on distributed private key

Technical Field

The present application relates to the field of cryptography, and in particular, to a processing method based on a distributed private key, a processing system based on a distributed private key, a computer device, and a computer storage medium.

Background

With the development of mobile internet, it is an urgent need to implement digital signatures in mobile terminals. Since the operating system of the mobile terminal is a modifiable untrusted operating environment, in order to effectively protect the private key of the user for signature in the mobile terminal, many researchers have proposed a scheme for cooperatively generating an electronic signature based on a distributed key. In the scheme, partial private keys are respectively stored in both communication parties, the two parties can carry out operations such as signature or decryption on the message only by combining, and both the communication parties cannot acquire any information of the private key of the other party. However, when implementing the technical scheme of the collaborative signature, measures must be taken to realize effective protection of private key components of the client and the server so as to resist attack measures such as monitoring channels, trojans of the client and the like.

Disclosure of Invention

Based on this, there is a need to provide a distributed private key based processing method, a distributed private key based processing system, a computer device and a computer storage medium.

A method of distributed private key based processing, the method comprising the steps of:

receiving a message sent by a client;

and when the message meets the service end private key component using condition, sending a control instruction to the cipher machine, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate a service end private key component according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a service end platform identification.

the client generates a client private key component, acquires a user identification code, generates a client temporary key based on the user identification code, encrypts the client private key component by adopting the client temporary key to obtain a client private key component ciphertext, and sends a message to a server;

the method comprises the steps that a server receives a message sent by a client, and sends a control instruction to a cipher machine when the message meets the service condition of the private key component of the server, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the private key component of the server according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a platform identifier of the server.

the client acquires a user identification code and a client private key component ciphertext, generates a client temporary key based on the user identification code, decrypts the client private key component ciphertext by adopting the client temporary key to obtain a client private key component, and sends a message to a server;

A processing system based on a distributed private key comprises a client and a server;

the server receives a message sent by a client, and sends a control instruction to the cipher machine when the message meets the service condition of the server private key component, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the server private key component according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a server platform identifier.

the client acquires a user identification code and a client private key component ciphertext, generates a client temporary key based on the user identification code, decrypts the client private key component ciphertext by adopting the client temporary key to acquire a client private key component, and sends a message to a server;

A computer device comprising a memory having stored thereon a computer program, and a processor implementing the steps of the above method when executing the computer program, or implementing the processing steps of a client or server as in the above method.

A computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of the above method, or implements the processing steps of a client or server as in the above method.

According to the scheme of the embodiment, when the server side needs to use the server side private key component, the server side platform identification is encrypted through the symmetric key of the cipher machine to generate the server side private key component, so that the server side private key component can be generated for a plurality of users only by storing the symmetric key in the cipher machine without storing a large number of keys in the cipher machine, the possibility that the stored key is illegally obtained by a third party is avoided, and the safety of the private key component of the distributed private key is enhanced.

Drawings

FIG. 1 is a flow diagram that illustrates a distributed private key-based processing method, under an embodiment;

FIG. 2 is a flow diagram of a distributed private key-based processing method in another embodiment;

FIG. 3 is a flow diagram that illustrates processing in the distributed private key-based processing method, according to one embodiment;

FIG. 4 is a flow diagram of a distributed private key-based processing method in another embodiment;

FIG. 5 is a flow diagram that illustrates processing in the distributed private key-based processing method, in one embodiment;

FIG. 6 is a block diagram of a distributed private key based processing system in another embodiment;

FIG. 7 is a diagram illustrating an internal configuration of a computer device, according to an embodiment.

Detailed Description

In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.

In a specific technical application, the scheme of the embodiment of the application relates to two devices, and the two devices are marked as a device I and a device II, wherein the device I is provided with a device I private key component, the device II is provided with a device II private key component, and when the signature and the decryption are performed cooperatively, the device I is based on the device I private key component, and the device II is based on the device II private key component, so that the signature and the decryption are completed cooperatively. In some embodiments, the first device may be a terminal, and the second device may be a server, so as to implement the processes of co-signing and decrypting between the terminal and the server. The first device and the second device may specifically be a desktop terminal, a mobile terminal, an intelligent wearable device, and other devices that may or may not cooperate with signing or decrypting, and when the second device is a server, it may be an independent server or a server cluster formed by a plurality of servers.

As shown in fig. 1, the processing method based on the distributed private key in one embodiment includes the following steps S101 and S102, and the method is applicable to a server.

Step S101: and receiving a message sent by the client.

The message sent by the client may be any possible message as long as the message sent by the client can instruct or trigger the server to perform an operation related to the server private key component. In one embodiment, the message sent by the client may be a message sent in a process of instructing the server to generate a server private key, or may be a message sent in a process of performing digital signature or decryption. The information contained in the message may vary in different technical scenarios.

In one embodiment, the message sent by the client may only include information that can instruct or trigger the server to perform an operation related to the server private key component.

In one embodiment, the message sent by the client may include a user identification. Therefore, by including the user identifier in the message, the server can subsequently generate the server private key component corresponding to the user identifier based on the user identifier, so that different server private key components can be generated for different users.

In one embodiment, the message sent by the client may include a key identification. Therefore, the server side can subsequently generate the server side private key component corresponding to the key identification based on the key identification by including the key identification in the message, so that different server side private key components can be generated based on different key identifications, and the generated different server side private key components can be used for different purposes.

In one embodiment, the message sent by the client may also include both the user identifier and the key identifier. Therefore, by including the user identifier and the key identifier in the message, the server can subsequently generate different server private key components corresponding to the user identifier based on the user identifier and the key identifier, and the generated different server private key components can be used for different purposes corresponding to the user identifier.

Step S102: and when the message meets the service end private key component using condition, sending a control instruction to the cipher machine, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate a service end private key component according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a service end platform identification.

The service side private key component using conditions can be set differently, as long as the message can trigger the service side to send the control instruction to the cipher machine.

As in one embodiment, the message may be a related message in the process of the client and the server collaboratively generating the server private key component.

In another embodiment, the message may be a related message in the process of encrypting, signing or decrypting the client and the server side cooperatively. Taking signing as an example, the control instruction may be a signature instruction, where the signature instruction is used to instruct the cryptographic machine to generate a server-side private key component according to the association information and a symmetric key of the cryptographic machine, and perform digital signature based on the server-side private key component, so as to instruct the cryptographic machine to generate the server-side private key component in the process of executing digital signature. Therefore, the server side completes the generation process of the server side private key component in the process of executing the digital signature, the server side and the cipher machine where the server side is located do not need to store the generated server side private key component, and under the condition that the server side needs to cooperate with users of a plurality of different user terminals for signature, the server side and the cipher machine do not need to store massive server side private key components, so that the safety is further improved.

In an embodiment, when the message sent by the client includes the user identifier, the association information may further include the user identifier. At this time, based on the control instruction, the cryptographic machine generates a server private key component based on the server platform identifier, the user identifier and the symmetric key of the cryptographic machine. Therefore, the server side can generate the server side private key component corresponding to the user identification based on the user identification, and accordingly different server side private key components can be generated for different users.

In one embodiment, when the message sent by the client includes the key identifier, the association information further includes the key identifier. At this time, based on the control instruction, the cryptographic engine generates a server private key component based on the server platform identifier, the cryptographic identifier, and a symmetric key of the cryptographic engine. Therefore, the server side can generate different server side private key components based on different key identifications, and the generated different server side private key components can be used for different purposes.

In one embodiment, when the message sent by the client includes both the user identifier and the key identifier, the association information further includes both the user identifier and the key identifier. At this time, based on the control instruction, the cryptographic engine generates a server private key component based on the server platform identifier, the user identifier, the cryptographic identifier, and the symmetric key of the cryptographic engine. Therefore, the server can generate different server private key components corresponding to the user identifier based on the user identifier and the key identifier, and the generated different server private key components can be used for different purposes corresponding to the user identifier.

The generated server private key component can be limited to be not derived from the cipher machine in a plaintext form, and also can be limited to be not allowed to be stored in the non-volatile storage component, so that the protection of the server private key component is further enhanced, and the security is further enhanced.

The identification of the server platform may be determined in any possible manner. In an embodiment, before the sending the control instruction to the cryptographic machine, the method may further include the steps of: and generating a service end platform identification. The server platform identifier may be generated in any possible manner, for example, in an embodiment, a random number may be generated by a random number generator, and the random number is used as the server platform identifier, so as to enhance the randomness of the obtained server platform identifier, so as to enhance the randomness of the server private key component generated based on the server platform identifier, and further enhance the randomness. In another embodiment, the server platform identifier may be generated by using a certain algorithm based on the relevant information of the server.

In one embodiment, after the sending of the control instruction, the method may further include:

and sending a destroying instruction to the password machine, wherein the destroying instruction is used for indicating the password machine to destroy the server side private key component copy in the memory. Therefore, after the server side private key component is used each time, the copy of the server side private key component in the memory is destroyed, once the copy is destroyed, the authentication process of client side private key component pairing needs to be executed, the server side private key component can be recovered again, and the condition that an unauthorized server side application uses the server side private key component of a certain user by sending an instruction to the cipher machine is avoided, so that the security is further enhanced.

The following is a detailed illustration of one of the examples. In this example, the generation of the server-side private key component, the use of the server-side private key component, and the protection of the server-side private key component are involved.

In order to generate the server private key component, the server generates a platform identifier platform id of the server, and generates and stores a symmetric key X of a symmetric encryption algorithm inside the cryptographic machine. The generation flow of the server-side private key component in a specific example may be as follows:

receiving a user identification UserID and a key identification KeyID sent by a client, wherein the user identification UserID is used for identifying different users, the key identification KeyID is used for distinguishing different keys, and one key identification corresponds to one client private key component and one server private key component.

Then, the server side calls an interface of the encryption machine, and a server side private key component d with the length of klen bits is calculated by the encryption machine based on the platform identification platform ID, the user identification UserID, the key identification KeyID and the symmetric key X of the server side₂The formula can be expressed as:

seed＝Encrypt(PlatformID||UserID||KeyID，X)；

d₂＝KDF(seed，Klen)。

the Encrypt is a symmetric Encryption Algorithm, which uses a symmetric key X for Encryption, and the Algorithm used may be any possible symmetric Encryption Algorithm, such as DES (Data Encryption Algorithm), AES (Advanced Encryption Standard), SM4 (block cipher Algorithm), and the like. The KDF is a key derivation algorithm, which may be specifically a function defined by PKCS #5 standard, or part 4 of the elliptic curve public key cryptography algorithm GM/T0003.4-2012 SM 2: a key derivation algorithm defined in public key encryption algorithm ], and the like.

In the process of using the server-side private key component, the server-side private key component needs to be recovered so as to use the server-side private key component. The process of recovering the server-side private key component is completely consistent with the process of generating the server-side private key component. In a specific technical application scenario, a server side private key component can be generated without a special process, and when the server side private key component needs to be used, the server side private key component is generated through a cipher machine, so that the server side and the cipher machine do not need to store massive secret key data.

Taking a digital signature as an example, in the process of executing a digital signature, after the server obtains the user identifier UserID and the key identifier KeyID sent by the client, the server calls an interface of an encryptor, and a server private key component d with a length of klen bits is calculated by the encryptor based on the platform identifier platform id of the server, the user identifier UserID, the key identifier KeyID and the symmetric key X₂And based on the generated clothesClient private key component d₂The digital signature process is completed.

Wherein, in order to form effective protection to the private key component, the calculated server private key component d can be limited and ensured during specific implementation₂Cannot be derived in clear text outside the crypto-engine and defines and guarantees the server-side private key component d generated by the crypto-engine₂Storage in the non-volatile storage unit is not allowed. On the other hand, in the stage of cooperatively executing the digital signature by the client and the server, the server sends an instruction to the cipher machine, and calculates the private key component d according to X in the cipher machine₂And finishing the step of the cooperative signature. On the other hand, whether the public key is calculated or the cooperative signature is carried out, the server-side private key component d can be used in the cipher machine₂And then, the server destroys the copy of the server private key component in the memory of the cipher machine by sending an instruction to the cipher machine.

As shown in fig. 2, the method related to the client and the server in one embodiment includes the following steps S201 to S202, which is described by taking a scenario in which the client generates a private key component as an example.

Step S201: the client generates a client private key component, acquires a user identification code, generates a client temporary key based on the user identification code, encrypts the client private key component by adopting the client temporary key to obtain a client private key component ciphertext, and sends a message to the server.

Step S202: the method comprises the steps that a server receives a message sent by a client, and sends a control instruction to a cipher machine when the message meets the service condition of the private key component of the server, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the private key component of the server according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a platform identifier of the server.

The processing procedure of the server in step S202 may be the same as the processing procedure of the server in the embodiment shown in fig. 1.

The step S201 may be performed in the user terminal device, and in one embodiment, as shown in fig. 3, the step S201 may include the following steps S2011 to S2013.

Step S2011: and acquiring a user identification code, and generating a client temporary key based on the user identification code.

The user identification code, which in one embodiment may be a PIN (personal identification number) of the user, may be obtained based on user input.

The generation of the client temporary key based on the user identification code may be performed in any possible manner. In one embodiment, the client temporary key may be obtained by executing a key derivation algorithm with the obtained user identification code input by the user as an input parameter.

In one embodiment, before the obtaining of the user identification code input by the user, the method may further include the steps of: the method comprises the steps of obtaining equipment hardware parameters, equipment software parameters and equipment identity marks, and generating equipment fingerprint information based on the equipment hardware parameters, the equipment software parameters and the equipment identity marks.

At this time, the step of generating the client temporary key based on the user identification code includes: a client temporary key is generated based on the user identification code and the device fingerprint information. In one example, the user identification code and the device fingerprint information input by the user can be obtained as input parameters, and the client temporary key is obtained by executing a key derivation algorithm.

In an example, before the obtaining of the device identity, the method further includes: and generating an equipment identity by using a random number generator, and storing the generated equipment identity, wherein the equipment identity can be stored in a non-volatile storage space so as to be convenient for reading in the subsequent application process.

In one embodiment, before acquiring the user identification code input by the user, the method further comprises the following steps: and generating a salt value and storing the salt value (an additional value added in the password encryption process), wherein the salt value can be stored in a non-volatile storage space so as to be convenient to read in a subsequent application process.

In this case, the step of generating the client temporary key based on the user identification code includes: a client temporary key is generated based on the user identification code and the salt value. In a specific example, the obtained user identification code input by the user and the salt value may be used as input parameters, and the client temporary key may be obtained by executing a key derivation algorithm. Therefore, by introducing the salt value, the rainbow table attack resistance can be facilitated, and the safety is further enhanced.

In one embodiment, before acquiring the user identification code input by the user, the method further comprises the following steps: generating a salt value and storing the salt value; and acquiring the hardware parameters, the software parameters and the ID of the device, and generating the fingerprint information based on the hardware parameters, the software parameters and the ID of the device.

In this case, the step of generating the client temporary key based on the user identification code includes: generating the temporary key based on the user identification code, the salt value, and the device fingerprint information. In a specific example, the client temporary key may be obtained by performing a key derivation algorithm with the obtained user identification code input by the user, the device fingerprint information, and the salt value as input parameters.

In one embodiment, before acquiring the user identification code input by the user, the method may further include the steps of: and generating a random integer, and storing the random integer, wherein the random integer can be stored in a non-volatile storage space to facilitate reading in a subsequent application process.

In this case, the step of generating the client temporary key based on the user identification code includes: and executing a random integer number of key derivation algorithms to generate a client temporary key based on the user identification code. For example, a client temporary key is generated by executing a random integer number of key derivation algorithms using the user identification code as an input parameter. Therefore, by introducing random integers, the rainbow table attack resistance can be facilitated, and the security is further enhanced.

In one embodiment, before acquiring the user identification code input by the user, the method may further include the steps of: generating a salt value and a random integer, and storing the salt value and the random integer.

At this time, the step of generating the client temporary key based on the user identification code includes: and executing a random integer number of key derivation algorithms to generate a client temporary key based on the user identification code and the salt value.

In one embodiment, when a random integer is generated and the client temporary key is generated using the user identification code and the device fingerprint information as input parameters, a random integer number of times of key derivation algorithm is performed using the user identification code and the device fingerprint information as input parameters to generate the client temporary key. In one embodiment, in the case that the salt value and the random integer are generated at the same time, and the temporary key is generated based on the user identification code, the salt value and the device fingerprint information, the client temporary key may be generated by performing a key derivation algorithm of a random integer number of times with the acquired user identification code input by the user, the device fingerprint information and the salt value as input parameters.

In one embodiment, before the obtaining of the user identification code input by the user, the method may further include the steps of: acquiring password authentication information and a verification code input by a user; and verifying the password authentication information and the verification code, and displaying a user identification code input interface when the verification is passed. Thus, a double authentication of the password authentication and the verification code can be used, and the user identification code is allowed to be input only when the verification is correct. In one specific example, the length of the password and the character type may also be defined, such as the length of the password must be greater than a first predetermined length, the character type must contain capital letters, lowercase letters, numbers, and so on, to implement high-strength authentication.

On the other hand, in an embodiment, the verification password authentication information and the verification code mechanism may also be locked when the password authentication information and the verification code are not verified for the first predetermined number of times consecutively, that is, the user is not allowed to continue to execute the corresponding process, and unlocked after waiting for the first time period, and when the password authentication information and the verification code are not verified for the second predetermined number of times consecutively after unlocking, the verification password authentication information and the verification code mechanism are locked, and unlocked after waiting for the second time period, and the second time period is greater than the first time period, and so on.

Step S2012: a client private key component is generated.

The generation of the client private key component is performed in any possible manner. In one embodiment, a random number generator may be used to generate a random number and the random number may be used as the client private key component.

Step S2013: and encrypting the client private key component by adopting the client temporary key to obtain a client private key component ciphertext.

When the client side private key component is encrypted by using the client side temporary key, any possible encryption mode can be adopted. If the client temporary key can be used as a symmetric key, symmetric encryption is performed on the client private key component through the client temporary key to obtain a client private key ciphertext. In one embodiment, the obtained client private key ciphertext may be stored in a non-volatile storage space inside an isolation container of the client.

In one embodiment, in the digital signature process, after the digital signature is performed based on the client-side private key component, the copy of the client-side private key component in the memory can be destroyed. The method and the device can avoid the possibility that the copy of the client private key component in the memory is known by others, so as to further strengthen the security.

In one embodiment, before performing the digital signature, the method may further include the steps of: and verifying whether the server side private key component is matched with the client side private key component or not, thereby avoiding unauthorized use of the server side private key component.

As shown in fig. 4, the method involving the client and the server in one embodiment includes the following steps S401 to S402, and this embodiment is described by taking a scenario in which the client decrypts to obtain the client private key component as an example.

Step S401: the client acquires the user identification code and the client private key component ciphertext, generates a client temporary key based on the user identification code, decrypts the client private key component ciphertext by adopting the client temporary key to obtain the client private key component, and sends a message to the server.

Step S402: the method comprises the steps that a server receives a message sent by a client, and sends a control instruction to a cipher machine when the message meets the service condition of the private key component of the server, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the private key component of the server according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a platform identifier of the server.

The processing procedure of the server in step S402 may be the same as the processing procedure of the server in the embodiment shown in fig. 1.

The step S401 may be executed in the user terminal device, and in one embodiment, the step S401 may include the following steps S4011 to S4012.

Step S4011: and acquiring a user identification code and a client private key component ciphertext, and generating a client temporary key based on the user identification code.

The client private key ciphertext can be directly read from the storage space. The user identification code, which in one embodiment may be a PIN (personal identification number) of the user, may be obtained based on user input.

In one embodiment, before the generating the client temporary key based on the user identification code, the method may further include: and reading the hardware parameters, the software parameters and the identity of the equipment, and generating the fingerprint information of the equipment based on the hardware parameters, the software parameters and the identity of the equipment.

In one embodiment, before generating the client temporary key based on the user identification code, the method further comprises the steps of: the stored salt value (the extra value added in the cryptographic process) is read.

In this case, the step of generating the client temporary key based on the user identification code includes: a client temporary key is generated based on the user identification code and the read salt value. In a specific example, the client temporary key may be obtained by executing a key derivation algorithm with the obtained user identifier input by the user and the salt value as input parameters. Therefore, by introducing the salt value, the rainbow table attack resistance can be facilitated, and the safety is further enhanced.

In one embodiment, before generating the client temporary key based on the user identification code, the method further comprises the steps of: reading the stored salt value; and reading the device hardware parameters, the device software parameters and the device identity, and generating device fingerprint information based on the device hardware parameters, the device software parameters and the device identity.

In one embodiment, before generating the client temporary key based on the user identification code, the method may further include the steps of: the stored random integer is read.

In this case, the step of generating the client temporary key based on the user identification code includes: and executing a random integer number of key derivation algorithms to generate a client temporary key based on the user identification code. Therefore, by introducing random integers, the rainbow table attack resistance can be facilitated, and the security is further enhanced.

In one embodiment, before generating the client temporary key based on the user identification code, the method may further include the steps of: the stored salt value and random integer are read.

It is to be understood that, in the case of generating the client temporary key using the user identification code as an input parameter, the client temporary key may be generated by performing a key derivation algorithm for random integer times using the user identification code as an input parameter. In one embodiment, in the case where the random integer is read and the client temporary key is generated using the user identification code and the device fingerprint information as input parameters, the client temporary key is generated by performing a key derivation algorithm for a random integer number of times using the user identification code and the device fingerprint information as input parameters. In one embodiment, in the case that the salt value and the random integer are read at the same time, and the temporary key is generated based on the user identification code, the salt value and the device fingerprint information, the client temporary key may be generated by performing a random integer number key derivation algorithm with the obtained user identification code, device fingerprint information and the salt value input by the user as input parameters.

On the other hand, in an embodiment, the verified password authentication information and the verification code mechanism may also be locked when the password authentication information and the verification code are not verified for the first predetermined number of times continuously, that is, the flow of response is not allowed to be performed by the user, and the user is unlocked after waiting for the first time period, and when the password authentication information and the verification code are not verified for the second predetermined number of times continuously after the user is unlocked, the verified password authentication information and the verification code mechanism are locked and unlocked after waiting for the second time period, and the second time period is greater than the first time period, and so on.

Step S4012: and decrypting the client private key component ciphertext by adopting the client temporary key to obtain a client private key component.

When the client side temporary key is used for decrypting the client side private key component, any possible decryption mode can be used as long as the decryption mode can correspond to the encryption mode. If the client temporary key can be a symmetric key, symmetric decryption is performed on the client private key component through the client temporary key to obtain the client private key component.

The following is a detailed illustration of one of the examples. In this example, the generation of the client private key component, the use of the client private key component, and the protection of the client private key component are involved.

The process of generating the client private key component may include steps a1 through a4 described below.

Step A1: generating relevant non-sensitive parameters. The non-sensitive parameters in one embodiment include Salt value, Salt, random integer Rounds, and device identity UUID.

Salt number Salt: the client may generate a Salt value Salt using a random number generator.

Random integer Rounds: the client may generate a random integer Rounds with a random number generator, which may be used as the number of iterations of the key derivation function KDF.

Equipment identity UUID: the client can generate a device identity UUID for identifying the device identity by using a random number generator.

The generated Salt value Salt, the random integer Rounds, and the device id UUID may be stored in a non-volatile storage space inside an isolation container of a client (e.g., a mobile APP (Application program)).

Step A2: and generating the device fingerprint information MobileID.

In a specific implementation, the client may read the relevant hardware parameter SysInfo1 from the non-volatile storage space of the isolation container of the client of the mobile device, where the hardware parameter SysInfo1 may include hardware parameters such as a type of a CPU (Central Processing Unit) and the number of CPUs.

In addition, the client can read the relevant software parameter SysInfo2 of the terminal device, and the software parameter SysInfo2 may include relevant software parameters such as operating system type.

In addition, the client may read the device identification UUID from the non-volatile storage space of the isolated container of the client of the mobile device.

It is understood that the process of reading the hardware parameter syslnfo 1, the software parameter syslnfo 2, and the device id UUID may not be sequential, as long as the hardware parameter syslnfo 1, the software parameter syslnfo 2, and the device id UUID can be read before the device fingerprint information MobileID is calculated as described below.

Then, after the hardware parameter syslnfo 1, the software parameter syslnfo 2 and the device id UUID are concatenated, the parameters after concatenation are used as input, and a digest algorithm is executed to calculate the device fingerprint information MobileID, which may be 256 bits of information and may be represented as:

MobileID＝Hash(SysInfo1||SysInfo2||UUID)。

the digest Algorithm Hash may be any possible digest Algorithm, such as MD5 (fifth version of message digest Algorithm), SHA256(Secure Hash Algorithm), SM3 (a cryptographic Hash Algorithm), and the like.

Step A3: a temporary key TK is generated.

The client displays a user identification code input interface, prompts a user to input a user identification code (PIN code), and acquires the user identification code input by the user. In addition, the client also reads the Salt value Salt and the random integer Rounds from the non-volatile storage space of the isolation container of the client of the mobile device.

Subsequently, after the user identification code (PIN code), the Salt value Salt and the device fingerprint information MobileID are connected in series, the information after the connection is used as an input parameter, and a random integer Rounds key derivation algorithm is executed to obtain a temporary key TK, wherein the formula can be expressed as follows:

TK＝KDF(PIN||Salt||MobileID，Rounds)。

step A4: and generating a client private key component and carrying out encrypted storage.

The client generates a random number by using a random number generator and takes the random number as a client private key component d₁。

The client then shares the client private key component d₁As an input, a symmetric encryption algorithm (e.g., AES, SM4, etc.) is performed using the temporary key TK as a symmetric key, with the client private key component d₁And encrypting to obtain a client private key component ciphertext SD 1. The specific encryption mode can adopt any encryption mode (such as ECB/CBC/OFB and the like).

The obtained client private key component ciphertext SD1 is stored in a non-volatile storage space inside an isolation container of a client (such as a mobile App) of the user terminal.

In the process of using the client private key component, the client private key component needs to be recovered so as to use the client private key component. The process of recovering the client private key component may include steps B1 through B4 described below.

Step B1: and extracting parameters.

In a specific example, the extracted parameters may include: salt value Salt, random integer Rounds, device identity UUID, and client private key component ciphertext SD 1.

Step B2: and extracting the device fingerprint information MobileID.

In specific implementation, the client may read the relevant hardware parameter syslnfo 1 from the non-volatile storage space of the isolation container of the client of the mobile device, read the relevant software parameter syslnfo 2 of the terminal device where the client is located, and read the device identity UUID from the non-volatile storage space of the isolation container of the client of the mobile device.

Subsequently, after the hardware parameter syslnfo 1, the software parameter syslnfo 2 and the device identity UUID are connected in series, the parameters after the series connection are used as input, and a digest algorithm is executed to calculate the device fingerprint information MobileID.

Step B3: a temporary key TK is generated.

TK＝KDF(PIN||Salt||MobileID，Rounds)。

step B4: a client private key component is computed.

Client-side and client-sideThe private key component ciphertext SD1 is used as input, a decryption algorithm (such as AES, SM4, etc.) for symmetric encryption is executed by using the temporary key TK as a symmetric key, the client private key component ciphertext SD1 is decrypted, and a client private key component d is obtained₁Encryption is performed.

Obtaining a client private key component d₁Thereafter, the execution-related encryption, signing, decryption, etc. processes may be employed.

In order to form effective protection for the private key component, the following related strategies may be adopted in specific implementation.

In one embodiment, the two-factor verification of password authentication and verification code may be used when the user logs in a client (such as App) of the user terminal, where the verification code may specifically be a short message verification code. The password authentication may use CHAP protocol or the password authentication protocol defined by IEEE P1363 (such as SRP-6), etc. And under the condition of verifying that the password is correct, displaying a PIN code input interface, and allowing the PIN code to be input to call the private key component of the client.

In one embodiment, a verification policy may be applied to the strength of the user password and PIN code, such as requiring the PIN code to satisfy the condition: firstly, the length is larger than a first preset length, or the length is within a preset length range, such as the length is 8-12 characters; secondly, capital letters, lowercase letters and numbers are required to be contained at the same time; and thirdly, weak password checking is carried out through a preset list.

In one embodiment, after each execution of the cooperative signature algorithm, the client destroys the private key component d of the client in the memory immediately₁Any copy of (a).

In one embodiment, the client recovers the client private key component d₁Then, before executing the steps of collaborative signing and the like, whether the client side private key component is matched with the server side private key component needs to be further verified. Only in the case of a match can the client-side private key component d be used₁Participate in the signature operation, thereby utilizing the reliable and safe server private key component d₂To enable enhanced verification of the identity of the user. The specific implementation manner of verifying private key component pairing is not limited in this embodimentFor example, reference can be made to GB/T15843 standard.

In the password authentication process and the private key component pairing process in the collaborative signature stage, the server side can implement abnormal handling measures of authentication failure. If the wrong authentication process is continuously executed for a first predetermined number of times (e.g. 3 times), the server restricts the user from continuing to execute the corresponding process, and forces the user to wait for a first predetermined time period (e.g. 1 minute) before allowing the user to continue to operate. If after unlocking a second predetermined number of consecutive incorrect authentications again occurs (which second predetermined number may be the same as or different from the first predetermined number, e.g. also set to 3), locking continues and the time for locking may be doubled, and so on. And if the client successfully completes one-time authentication, releasing the error locking delay strategy of the corresponding account.

In summary, the solutions of the embodiments of the present application as described above improve the safety performance in the following manner.

Protecting server private key component d by using cryptographic engine satisfying three levels of security₂Even if the client private key component d is leaked₁The attacker also cannot obtain the complete private key d.

Generating a client private key component d using a random number generator that satisfies the cryptographic random number detection specification₁Encrypting and protecting the client private key component d by using a temporary key TK derived from the PIN code₁。

The strength of the PIN code is verified, so that the method is beneficial to resisting off-line dictionary attack. And by introducing Salt value Salt and random integer Rounds, the rainbow table attack resistance is facilitated.

In the process of deriving the temporary key TK by using the PIN code, considerable execution time is consumed for executing the KDF algorithm with random integer Rounds, which increases the difficulty for an attacker to implement offline enumeration or dictionary attack. In this embodiment, the enumeration space of the PIN code at least includes 62⁸In one case, assuming that computing one KDF iteration consumes 100 milliseconds, enumeration takes approximately 2.2 x 10¹⁶Milliseconds (-6900 century).

By adding the verification step of the pairing of the private key components of the client and the server, the authentication strength of the client identity is increased, and meanwhile, the unauthorized use of the private key component of the server can be avoided.

By implementing risk control measures on error abnormity of online verification processes such as password supervisor/user password authentication, client and server private key component pairing and the like, an attacker cannot implement online enumeration or dictionary attack within acceptable time.

When a user logs in a client of a user terminal, the two-factor authentication of a login password and a short message authentication code is adopted. And the login password of the user role is completely separated from the protection PIN of the certificate private key, so that the password is prevented from participating in the operation process of generating/recovering the private key component of the client.

As shown in fig. 5, the distributed private key based processing system in one embodiment includes a client 1 and a server 2. Taking a scenario in which the client generates the private key component as an example, at this time:

the client 1 generates a client private key component, acquires a user identification code, generates a client temporary key based on the user identification code, encrypts the client private key component by adopting the client temporary key to obtain a client private key component ciphertext, and sends a message to a server;

the server 2 receives a message sent by the client 1, and sends a control instruction to the cipher machine when the message meets the service condition of the server private key component, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the server private key component according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a server platform identifier.

Referring to fig. 5, in one embodiment, the server 2 includes a server communication module 21 and a private key component processing control module 22.

And the server communication module 21 is configured to receive a message sent by the client. The message sent by the client may be any possible message as long as the message sent by the client can instruct or trigger the server to perform an operation related to the server private key component. In one embodiment, the message sent by the client may be a message sent in a process of instructing the server to generate a server private key, or may be a message sent in a process of performing digital signature or decryption. The information contained in the message may vary in different technical scenarios.

And the private key component processing control module 22 is configured to send a control instruction to the cryptographic machine when the message meets the service-side private key component using condition, where the control instruction carries associated information, and the control instruction is used to instruct the cryptographic machine to generate a service-side private key component according to the associated information and a symmetric key of the cryptographic machine, where the associated information includes a service-side platform identifier.

In another embodiment, the message may be a related message in the process of encrypting, signing or decrypting the client and the server side cooperatively. Taking signing as an example, the control instruction may be a signature instruction, where the signature instruction is used to instruct the cryptographic machine to generate a server-side private key component according to the association information and a symmetric key of the cryptographic machine, and perform digital signature based on the server-side private key component. Thus, the cryptographic engine may be instructed to generate the server-side private key component during execution of the digital signature. Therefore, the server side completes the generation process of the server side private key component in the process of executing the digital signature, the server side and the cipher machine where the server side is located do not need to store the generated server side private key component, and under the condition that the server side needs to cooperate with users of a plurality of different user terminals for signature, the server side and the cipher machine do not need to store massive server side private key components, so that the safety is further improved.

In an embodiment, when the message sent by the client includes the user identifier, the association information may further include the user identifier. At this time, based on the control instruction, the cryptographic machine generates a server private key component based on the server platform identifier, the user identifier and the symmetric key of the cryptographic machine. Therefore, the server side can generate the server side private key component corresponding to the user identification based on the user identification, and different server side private key components can be generated for different users.

Referring to fig. 5, in one embodiment, the server 2 further includes: and a platform identifier generating module 23, configured to generate the server platform identifier. The server platform identifier may be generated in any possible manner, for example, in an embodiment, a random number may be generated by a random number generator, and the random number is used as the server platform identifier, so as to enhance the randomness of the obtained server platform identifier, so as to enhance the randomness of the server private key component generated based on the server platform identifier, and further enhance the security. In another embodiment, the server platform identifier may be generated by using a certain algorithm based on the relevant information of the server.

Referring to fig. 5, in one embodiment, the server 2 further includes: and the server-side private key copy destroying module 24 is configured to send a destroy instruction to the cryptographic machine, where the destroy instruction is used to instruct the cryptographic machine to destroy the server-side private key component copy in the memory. Therefore, after the server side private key component is used each time, the copy of the server side private key component in the memory is destroyed, the possibility that the copy of the server side private key component in the memory is obtained by a third party is avoided, and the safety is further enhanced.

Referring to fig. 5, in one embodiment, the server 2 further includes: a security authority control module 25, configured to control that the server-side private key component cannot be derived from the cryptographic engine in a plaintext form; and controlling the server private key component without being allowed to be stored in the non-volatile storage component. Therefore, the protection of the private key component of the server side is further enhanced, and the security is further enhanced.

Referring to fig. 5, in an embodiment, taking an application scenario of generating a client private key component as an example, the client 1 includes: a client private key component generation module 101, a temporary key generation module 102, a private key component encryption module 103, and a client communication module 104.

A client private key component generating module 101, configured to generate a client private key component.

The temporary key generation module 102 is configured to obtain a user identifier, and generate a client temporary key based on the user identifier.

Referring to fig. 5, in one embodiment, the client 1 further includes: the device fingerprint information module 107 is configured to obtain a device hardware parameter, a device software parameter, and a device identity, and generate device fingerprint information based on the device hardware parameter, the device software parameter, and the device identity.

At this time, the temporary key generation module 102 generates the temporary key based on the user identification code and the device fingerprint information. In a specific example, the client temporary key may be obtained by executing a key derivation algorithm with the obtained user identification code and device fingerprint information input by the user as input parameters.

In one embodiment, the client 1 further comprises: and an equipment identity generating module (not shown in the figure) for generating an equipment identity by using the random number generator and storing the generated equipment identity, wherein the equipment identity can be stored in the non-volatile storage space so as to facilitate reading in a subsequent application process.

Referring to fig. 5, in one embodiment, the client 1 further includes: a salt value module 108 for generating a salt value (an additional value added during the cryptographic process) and storing the salt value. The salt value can be stored in a non-volatile storage space so as to be convenient for reading in the subsequent application process.

At this time, the temporary key generation module 102 may generate the temporary key based on the user identification code and the salt value.

In one embodiment, as shown with reference to FIG. 5, client 1 may include both device fingerprint information module 107 and salt module 108. At this time, the temporary key generation module 102 obtains the client temporary key by executing a key derivation algorithm with the acquired user identification code, device fingerprint information, and the salt value input by the user as input parameters. Therefore, by introducing the salt value, the rainbow table attack resistance is facilitated, and the safety is further enhanced.

Referring to fig. 5, in one embodiment, the client 1 may further include: and a random integer module 109, configured to generate a random integer and store the random integer. The random integer can be stored in a non-volatile storage space to facilitate reading in a subsequent application process.

In this case, the temporary key generation module 102 may execute the random integer key derivation algorithm based on the user identification code to generate the temporary key. Therefore, by introducing random integers, the rainbow table attack resistance can be facilitated, and the security is further enhanced.

In an embodiment, the client 1 may include the device fingerprint information module 107 and the random integer module 109, and in this case, the temporary key generation module 102 is configured to generate the client temporary key by performing a random integer key derivation algorithm with the user identification code and the device fingerprint information as input parameters.

In one embodiment, client 1 may also include both salt module 108 and random integer module 109. In this case, the temporary key generation module 102 may generate the temporary key by executing the random integer key derivation algorithm based on the user identification code and the salt value.

In one embodiment, the client 1 may further include a device fingerprint information module 107, a salt module 108, and a random integer module 109. At this time, the temporary key generation module 102 may generate the temporary key by performing a random integer number of key derivation algorithms based on the user identifier, the device fingerprint information, and the salt value.

Referring to fig. 5, in one embodiment, the client 1 further includes: and the password verification module 106 is used for acquiring password authentication information and a verification code input by a user, verifying the password authentication information and the verification code, and displaying a user identification code input interface when the verification is passed. Thus, a double authentication of the password authentication and the verification code can be used, and the user identification code is allowed to be input only when the verification is correct. In one specific example, the length of the password and the character type may also be defined, such as the length of the password must be greater than a first predetermined length, the character type must contain capital letters, lowercase letters, numbers, and so on, to implement high-strength authentication.

In one embodiment, the password verification module 106 may further lock the verification password authentication information and the verification code mechanism when the password authentication information and the verification code are not verified for a first predetermined number of consecutive times, that is, limit the process of not allowing the user to continue to execute the response, unlock the password authentication information and the verification code mechanism after waiting for a first time period, lock the verification password authentication information and the verification code mechanism when the password authentication information and the verification code are not verified for a second predetermined number of consecutive times after unlocking, unlock the password authentication information and the verification code mechanism after waiting for a second time period, and the second time period is greater than the first time period, and so on.

And the private key component encryption and decryption module 103 is configured to encrypt the client private key component by using the client temporary key to obtain a client private key component ciphertext.

Accordingly, as shown in fig. 5, the client may further include a client private key ciphertext storage module 105, configured to store the client private key component ciphertext.

A client communication module 104, configured to send a message to the server.

Referring to fig. 5, in an embodiment, taking an application scenario of an application client private key component as an example, at this time, a processing system based on a distributed private key includes a client 1 and a server 2, where:

the client 1 acquires a user identification code and a client private key component ciphertext, generates a client temporary key based on the user identification code, decrypts the client private key component ciphertext by adopting the client temporary key to acquire a client private key component, and sends a message to a server;

the server 2 receives a message sent by a client, and sends a control instruction to the cipher machine when the message meets the service condition of the server private key component, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the server private key component according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a server platform identifier. The structure of the server 2 may be the same as that in the scenario of generating the client private key component.

At this time, the client 1 includes: a client private key ciphertext storage module 105, a temporary key generation module 102, a private key component decryption module 112, and the client communication module 104.

And the client private key ciphertext storage module 105 is used for storing the client private key ciphertext. Specifically, the client-side private key ciphertext obtained by the private key component encryption module 103 may be stored.

Referring to fig. 5, in one embodiment, when the client 1 includes the device fingerprint information module 107, the device fingerprint information module 107 may read device hardware parameters, device software parameters, and device identification, and generate device fingerprint information based on the device hardware parameters, the device software parameters, and the device identification.

Referring to FIG. 5, in one embodiment, when client 1 includes a salt module 108, the salt module 108 also reads the stored salt. At this time, the temporary key generation module 102 may generate the temporary key based on the user identification code and the salt value.

In an embodiment, referring to fig. 5, when the client 1 includes the device fingerprint information module 107 and the salt value module 108, the temporary key generation module 102 obtains the client temporary key by performing a key derivation algorithm, with the read user identification code, device fingerprint information and the salt value input by the user as input parameters. Therefore, by introducing the salt value, the rainbow table attack resistance can be facilitated, and the safety is further enhanced.

Referring to FIG. 5, in one embodiment, when client 1 includes random integer module 109, random integer module 109 also reads the stored random integer. In this case, the temporary key generation module 102 may generate the temporary key by performing a random integer key derivation algorithm based on the user identification code. Therefore, by introducing random integers, the rainbow table attack resistance can be facilitated, and the security is further enhanced.

It is to be understood that, in an embodiment, when the client 1 includes both the device fingerprint information module 107 and the random integer module 109, the temporary key generation module 102 is configured to generate the client temporary key by performing a random integer key derivation algorithm with the user identification code and the device fingerprint information as input parameters. When the client 1 includes both the salt module 108 and the random integer module 109, the temporary key generation module 102 may generate the temporary key by performing a key derivation algorithm for the random integer number of times based on the user identification code and the salt. When the client 1 includes the device fingerprint information module 107, the salt value module 108, and the random integer module 109, the temporary key generation module 102 may execute the random integer key derivation algorithm to generate the temporary key based on the user identifier, the device fingerprint information, and the salt value.

Referring to fig. 5, in one embodiment, the client 1 further includes: and the password verification module 106 is used for acquiring password authentication information and a verification code input by a user, verifying the password authentication information and the verification code, and displaying a user identification code input interface when the verification is passed.

On the other hand, the password verification module 106 may further lock the verification password authentication information and the verification code mechanism when the password authentication information and the verification code are not verified for the first predetermined number of times continuously, that is, limit the process that the user is not allowed to continue to execute the response, unlock the password authentication information and the verification code mechanism after waiting for the first time period, lock the verification password authentication information and the verification code mechanism when the password authentication information and the verification code are not verified for the second predetermined number of times continuously after unlocking, and unlock the password authentication information and the verification code mechanism after waiting for the second time period, where the second time period is greater than the first time period, and so on.

And a private key component decryption module 112, configured to read the client private key ciphertext, and decrypt the client private key component ciphertext with the client temporary key to obtain a client private key component.

When the client side temporary key is used to decrypt the client side private key component, any possible encryption method can be used as long as it can correspond to the encryption method as if it were. If the client temporary key can be used as a symmetric key, symmetric decryption is performed on the client private key component through the client temporary key to obtain the client private key component.

Referring to fig. 5, in one embodiment, the client 1 further includes: the client private key copy destruction module 110 is configured to destroy the copy of the client private key component in the memory after performing digital signature based on the client private key component in the digital signature process. Therefore, the possibility that the copy of the client private key component in the memory is known by others can be avoided, and the security is further enhanced.

Referring to fig. 5, in one embodiment, the client 1 further includes: and the client private key component matching verification module 111 is configured to collaboratively verify, with the server, whether the server private key component is matched with the client private key component. Thereby avoiding unauthorized use of server private key component

Based on the examples described above, there is also provided in one embodiment a computer device comprising a memory having stored thereon a computer program and a processor, wherein the processor when executing the program implements the method of any of the embodiments described above.

FIG. 6 is a diagram illustrating an internal structure of a computer device in one embodiment. The computer device may specifically be device one and device two as referred to in the above environment. As shown in fig. 6, the computer device includes a processor, a memory, and a network interface connected by a system bus. In case the computer device is a user terminal, an input means may also be included. Wherein the memory includes a non-volatile storage medium and an internal memory. The non-volatile storage medium of the computer device stores an operating system and may also store a computer program that, when executed by the processor, causes the processor to implement a distributed private key based processing method. The internal memory may also have stored therein a computer program that, when executed by the processor, causes the processor to perform a distributed private key based processing method.

Those skilled in the art will appreciate that the architecture shown in fig. 6 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.

It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a non-volatile computer-readable storage medium, and can include the processes of the embodiments of the methods described above when the program is executed. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and bus dynamic RAM (RDRAM).

Accordingly, in an embodiment there is also provided a computer storage medium having a computer program stored thereon, which when executed by a processor, performs the method of any of the embodiments described above.

The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.

Claims

1. A processing method based on a distributed private key is applied to a server side, and is characterized in that the method comprises the following steps:

receiving a message sent by a client;

when the message meets the service end private key component using condition, sending a control instruction to a cipher machine, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate a service end private key component according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a service end platform identification; the server private key component cannot be derived from the cipher machine in a plaintext form, and the server private key component is not allowed to be stored in the non-volatile storage unit;

after the server side private key component is used every time, a destroying instruction is sent to the password machine, and the destroying instruction is used for indicating the password machine to destroy the server side private key component copy in the memory;

when the message is a related message in the process of cooperatively generating the server private key component by the client and the server, or a related message in the process of cooperatively encrypting, signing or decrypting the client and the server, determining that the message meets the service condition of the server private key component;

when the message is a related message in the process of collaborative signing of the client and the server, the control instruction is a signature instruction, and the signature instruction is used for instructing the cipher machine to generate a server private key component according to the related information and a symmetric key of the cipher machine and carry out digital signing based on the server private key component;

when the message comprises a user identifier and a key identifier, the associated information also comprises the user identifier and the key identifier at the same time, the control instruction is used for indicating the cipher machine to generate a server private key component based on a symmetric key of a server platform identifier, the user identifier, the cipher identifier and the cipher machine, so that the server generates different server private key components corresponding to the user identifier based on the user identifier and the key identifier, and the generated different server private key components are used for different purposes corresponding to the user identifier.

2. The method of claim 1, further comprising, prior to sending the control command to the cryptographic machine, the steps of: and generating the service end platform identification.

3. A method for processing based on a distributed private key, the method comprising the steps of:

the method comprises the steps that a server receives a message sent by a client, and sends a control instruction to a cipher machine when the message meets the service condition of the private key component of the server, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the private key component of the server according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a platform identifier of the server; the server private key component cannot be derived from the cipher machine in a plaintext form, and the server private key component is not allowed to be stored in the non-volatile storage unit;

after the server uses the server private key component every time, sending a destroying instruction to the password machine, wherein the destroying instruction is used for indicating the password machine to destroy the server private key component copy in the memory;

4. The method of claim 3, further comprising, prior to sending the control command to the cryptographic machine, the steps of: and generating the service end platform identification.

5. The method of claim 3, comprising any one of:

the first item:

before the client acquires the user identification code input by the user, the method further comprises the following steps: acquiring equipment hardware parameters, equipment software parameters and equipment identity, and generating equipment fingerprint information based on the equipment hardware parameters, the equipment software parameters and the equipment identity;

the step of the client generating a client temporary key based on the user identification code comprises: generating the temporary key based on the user identification code and the device fingerprint information;

the second term is:

before the client acquires the user identification code input by the user, the method further comprises the following steps: generating a salt value and storing the salt value;

the step of the client generating a client temporary key based on the user identification code comprises: generating the temporary key based on the user identification code and the salt value;

the third item:

before the client acquires the user identification code input by the user, the method further comprises the following steps: generating a salt value and storing the salt value; acquiring equipment hardware parameters, equipment software parameters and equipment identity, and generating equipment fingerprint information based on the equipment hardware parameters, the equipment software parameters and the equipment identity;

the step of the client generating a client temporary key based on the user identification code comprises: generating the temporary key based on the user identification code, the salt value, and the device fingerprint information;

the fourth item:

before the client acquires the user identification code input by the user, the method further comprises the following steps: generating a random integer and storing the random integer;

the step of the client generating a client temporary key based on the user identification code comprises: executing the random integer number of key derivation algorithm to generate the temporary key based on the user identification code;

the fifth item:

before the client acquires the user identification code input by the user, the method further comprises the following steps: generating a salt value and a random integer, and storing the salt value and the random integer;

the step of the client generating a client temporary key based on the user identification code comprises: executing the random integer number of key derivation algorithm to generate the temporary key based on the user identification code and the salt value;

the sixth item:

before the client acquires the user identification code input by the user, the method further comprises the following steps: generating a random integer, acquiring an equipment hardware parameter, an equipment software parameter and an equipment identity, and generating equipment fingerprint information based on the equipment hardware parameter, the equipment software parameter and the equipment identity;

the step of the client generating a client temporary key based on the user identification code comprises: executing the random integer key derivation algorithm to generate the temporary key based on the user identification code and the device fingerprint information;

the seventh item:

before the client acquires the user identification code input by the user, the method further comprises the following steps: generating a salt value and a random integer, and storing the salt value and the random integer; acquiring equipment hardware parameters, equipment software parameters and equipment identity, and generating equipment fingerprint information based on the equipment hardware parameters, the equipment software parameters and the equipment identity;

the step of the client generating a client temporary key based on the user identification code comprises: and executing the random integer number of key derivation algorithm to generate the temporary key based on the user identification code, the salt value and the device fingerprint information.

6. The method according to any one of claims 3 to 5, comprising at least one of:

the first item:

before the client acquires the user identification code input by the user, the method further comprises the following steps:

acquiring password authentication information and a verification code input by a user;

verifying the password authentication information and the verification code, and displaying a user identification code input interface when the password authentication information and the verification code pass the verification;

the second term is:

in the process of digital signature, the client destroys the copy of the client private key component in the memory after performing digital signature based on the client private key component;

the third item:

before the digital signature is carried out, the client and the server collaboratively verify whether the server private key component is matched with the client private key component.

7. A method for processing based on a distributed private key, the method comprising the steps of:

8. The method of claim 7, further comprising, prior to sending the control command to the cryptographic machine, the steps of: and generating the service end platform identification.

9. The method of claim 7, comprising any one of:

the first item:

before the client generates a client temporary key based on the user identification code, the client further comprises the following steps: reading equipment hardware parameters, equipment software parameters and equipment identity marks, and generating equipment fingerprint information based on the equipment hardware parameters, the equipment software parameters and the equipment identity marks;

the second term is:

before the client generates a client temporary key based on the user identification code, the client further comprises the following steps: reading the stored salt value;

the third item:

before the client generates a client temporary key based on the user identification code, the client further comprises the following steps: reading the stored salt value; reading equipment hardware parameters, equipment software parameters and equipment identity marks, and generating equipment fingerprint information based on the equipment hardware parameters, the equipment software parameters and the equipment identity marks;

the fourth item:

before the client generates a client temporary key based on the user identification code, the client further comprises the following steps: reading the stored random integer;

the fifth item:

before the client generates a client temporary key based on the user identification code, the client further comprises the following steps: reading the stored salt value and the random integer;

the sixth item:

before the client generates a client temporary key based on the user identification code, the client further comprises the following steps: reading the stored random integer, reading an equipment hardware parameter, an equipment software parameter and an equipment identity, and generating equipment fingerprint information based on the equipment hardware parameter, the equipment software parameter and the equipment identity;

the seventh item:

before the client generates a client temporary key based on the user identification code, the client further comprises the following steps: reading the stored salt value and the random integer; acquiring equipment hardware parameters, equipment software parameters and equipment identity, and generating equipment fingerprint information based on the equipment hardware parameters, the equipment software parameters and the equipment identity;

10. The method according to any one of claims 7 to 9, comprising at least one of:

the first item:

the second term is:

the third item:

11. A processing system based on a distributed private key is characterized by comprising a client and a server;

the server receives a message sent by a client, and sends a control instruction to the cipher machine when the message meets the service condition of the private key component of the server, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the private key component of the server according to the associated information and the symmetric key of the cipher machine, and the associated information comprises a platform identifier of the server; the server private key component cannot be derived from the cipher machine in a plaintext form, and the server private key component is not allowed to be stored in the non-volatile storage unit;

the server side comprises:

the security authority control module is used for controlling the server side private key component not to be derived from the cipher machine in a plaintext form; the server side private key component is controlled, and the server side private key component is not allowed to be stored in a non-volatile storage component;

the server-side private key copy destroying module is used for sending a destroying instruction to the password machine, wherein the destroying instruction is used for indicating the password machine to destroy the server-side private key component copy in the memory;

the server side further comprises:

the server communication module is used for receiving the message sent by the client;

the private key component processing control module is used for sending a control instruction to the cipher machine when the message meets the service end private key component using condition, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate a service end private key component according to the associated information and a symmetric key of the cipher machine, and the associated information comprises a service end platform identifier;

the private key component processing control module is used for determining that the message meets the service side private key component using condition when the message is related message in the process that the client side and the service side generate the service side private key component in a cooperative mode or related message in the process that the client side and the service side encrypt, sign or decrypt in a cooperative mode; when the message is a related message in the process of collaborative signing of the client and the server, the control instruction is a signature instruction, and the signature instruction is used for instructing the cipher machine to generate a server private key component according to the related information and a symmetric key of the cipher machine and carry out digital signing based on the server private key component;

12. The system of claim 11, wherein the server further comprises:

and the platform identifier generating module is used for generating the server platform identifier.

13. The system of claim 11, wherein the client comprises:

the client private key component generating module is used for generating a client private key component;

the temporary key generation module is used for acquiring a user identification code and generating a client temporary key based on the user identification code;

the private key component encryption module is used for encrypting the client private key component by adopting the client temporary key to obtain a client private key component ciphertext;

and the client communication module is used for sending the message to the server.

14. The system of claim 13, comprising any one of:

the first item:

the client further comprises: the device fingerprint information module is used for acquiring device hardware parameters, device software parameters and device identity marks and generating device fingerprint information based on the device hardware parameters, the device software parameters and the device identity marks;

the temporary key generation module generates the temporary key based on the user identification code and the device fingerprint information;

the second term is:

the client further comprises: the salt value module is used for generating a salt value and storing the salt value;

the temporary key generation module generates the temporary key based on the user identification code and the salt value;

the third item:

the client further comprises an equipment fingerprint information module and a salt value module;

the device fingerprint information module is used for acquiring device hardware parameters, device software parameters and device identity marks and generating device fingerprint information based on the device hardware parameters, the device software parameters and the device identity marks;

the salt value module is used for generating a salt value and storing the salt value;

the temporary key generation module generates the temporary key based on the user identification code, the salt value and the device fingerprint information;

the fourth item:

the client further comprises: the random integer module is used for generating a random integer and storing the random integer;

the temporary key generation module executes the random integer key derivation algorithm to generate the temporary key based on the user identification code;

the fifth item:

the client further comprises: a random integer module and an equipment fingerprint information module;

the random integer module is used for generating a random integer and storing the random integer;

the temporary key generation module executes the random integer key derivation algorithm to generate the temporary key based on the user identification code and the device fingerprint information;

the sixth item:

the client further comprises: a random integer module and a salt value module;

the temporary key generation module executes the random integer key derivation algorithm to generate the temporary key based on the user identification code and the salt value;

the seventh item:

the client further comprises: the device comprises a random integer module, an equipment fingerprint information module and a salt value module;

the temporary key generation module executes the random integer number of key derivation algorithms to generate the temporary key based on the user identification code, the salt value and the device fingerprint information.

15. The system according to any one of claims 11 to 14, comprising at least one of:

the first item:

the client further comprises: the password verification module is used for acquiring password authentication information and a verification code input by a user, verifying the password authentication information and the verification code and displaying a user identification code input interface when the verification is passed;

the second term is:

the client further comprises: the client private key copy destroying module is used for destroying the copy of the client private key component in the memory after digital signature is carried out based on the client private key component in the digital signature process;

the third item:

the client further comprises: and the client private key component matching verification module is used for cooperatively verifying whether the server private key component is matched with the client private key component with the server.

16. A processing system based on a distributed private key is characterized by comprising a client and a server;

the server receives a message sent by a client, and sends a control instruction to the cipher machine when the message meets the service condition of the private key component of the server, wherein the control instruction carries associated information, the control instruction is used for indicating the cipher machine to generate the private key component of the server according to the associated information and the symmetric key of the cipher machine, and the associated information comprises a platform identifier of the server;

the server side comprises:

the server side further comprises:

17. The system of claim 16, wherein the server further comprises: and the platform identifier generating module is used for generating the server platform identifier.

18. The system of claim 16, wherein the client comprises:

the client private key ciphertext storage module is used for storing a client private key ciphertext;

the private key component decryption module is used for reading the client private key ciphertext and decrypting the client private key component ciphertext by adopting the client temporary key to obtain a client private key component;

19. The system of claim 18, comprising any one of:

the first item:

the client further comprises: the device fingerprint information module is used for reading device hardware parameters, device software parameters and device identity marks and generating device fingerprint information based on the device hardware parameters, the device software parameters and the device identity marks;

the second term is:

the client further comprises: the salt value module is used for reading the stored salt value;

the third item:

the device fingerprint information module is used for reading device hardware parameters, device software parameters and device identity marks and generating device fingerprint information based on the device hardware parameters, the device software parameters and the device identity marks;

the salt value module is used for reading the stored salt value;

the fourth item:

the client further comprises: the random integer module is used for reading the stored random integer;

the fifth item:

the random integer module is used for reading the stored random integer;

the sixth item:

the client further comprises: a random integer module and a salt value module;

the random integer module is used for reading the stored random integer;

the salt value module is used for reading the stored salt value;

the seventh item:

the random integer module is used for reading the stored random integer;

the salt value module is used for reading the stored salt value;

20. The system according to any one of claims 17 to 19, comprising at least one of:

the first item: the client further comprises: the password verification module is used for acquiring password authentication information and a verification code input by a user, verifying the password authentication information and the verification code and displaying a user identification code input interface when the verification is passed;

the second term is:

the third item:

21. A computer device comprising a memory and a processor, the memory having stored thereon a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of claim 1 or 2, or implements the processing steps of a client or server in the method of any of claims 3 to 10.

22. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out the steps of the method of claim 1 or 2, or the processing steps of a client or server of the method of any one of claims 3 to 10.