CN108616362A - Vote information generation method and device - Google Patents

Vote information generation method and device Download PDF

Info

Publication number
CN108616362A
CN108616362A CN201810338333.3A CN201810338333A CN108616362A CN 108616362 A CN108616362 A CN 108616362A CN 201810338333 A CN201810338333 A CN 201810338333A CN 108616362 A CN108616362 A CN 108616362A
Authority
CN
China
Prior art keywords
voting
identification code
server
information
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810338333.3A
Other languages
Chinese (zh)
Other versions
CN108616362B (en
Inventor
林凡
成杰
张振华
张秋镇
杨峰
李盛阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GCI Science and Technology Co Ltd
Original Assignee
GCI Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GCI Science and Technology Co Ltd filed Critical GCI Science and Technology Co Ltd
Priority to CN201810338333.3A priority Critical patent/CN108616362B/en
Publication of CN108616362A publication Critical patent/CN108616362A/en
Application granted granted Critical
Publication of CN108616362B publication Critical patent/CN108616362B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C13/00Voting apparatus
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention relates to a kind of vote information generation methods, including step:The ballot object of selection is sent to server;Obtain the identification code with ballot object binding that credible arithmetic unit generates;Credible arithmetic unit is the device for generating identification code being locally configured;Identification code is sent to server, is signed to identification code according to ballot object for trigger the server;Receive the signature recognition code of server;Vote information is generated according to signature recognition code and ballot object.The vote information generation method, so that server carries out signature authentication to the identification code, the signature recognition code of server is received, vote information is generated according to the signature recognition code of server authentication and ballot object, the validity that ensure that vote information improves network voting reliability and safety.A kind of vote information generating means, computer equipment and computer readable storage medium are also provided.

Description

Voting information generation method and device
Technical Field
The present invention relates to the field of network security technologies, and in particular, to a voting information generation method, a voting information generation apparatus, a computer device, and a computer-readable storage medium.
Background
With the development of network security technology, network voting becomes a common information acquisition mode, and is usually used for expressing the selection preference of the public on a certain activity or affairs, and the general flow of network voting is as follows: the voting initiator states the related matters such as the voting purpose, the background, the rule and the like and distributes the votes through the network, then the voting initiator fills the voting information in the votes, and finally the filled votes are uniformly fed back to the voting initiator to count the votes and publish the voting results, so the validity of the voting information can influence the reliability of the network voting results.
The conventional technology is that the voting party inputs the voting result and an automatically generated random code into a voting terminal, such as a bluetooth device, and the voting information generated by the voting terminal is sent to the voting initiator for voting. However, this technique cannot guarantee the validity of the vote information because the vote information is generated by using the random code automatically generated by the voting terminal, and reduces the reliability and security of the network voting.
Disclosure of Invention
In view of the above, it is necessary to provide a voting information generation method, a voting information generation apparatus, a computer device, and a computer-readable storage medium, in order to solve the problem of low reliability of network voting in the conventional art.
A voting information generating method comprises the following steps:
sending the selected voting object to a server;
acquiring an identification code which is generated by a trusted arithmetic device and bound with the voting object; wherein the trusted computing device is a locally configured device for generating the identification code;
sending the identification code to the server, and triggering the server to sign the identification code according to the voting object to obtain a signature identification code;
receiving the signature identification code returned by the server; and generating voting information according to the signature identification code and the voting object.
The voting information generation method comprises the steps of sending a selected voting object to a server, acquiring an identification code which is generated by a locally configured trusted computing device and bound with the voting object, sending the identification code to the server, triggering the server to sign the identification code according to the voting object, enabling the server to sign and authenticate the identification code, receiving the signature identification code of the server, and generating voting information according to the signature identification code authenticated by the server and the voting object, so that the validity of the voting information is guaranteed, and the reliability and the safety of network voting are improved.
In one embodiment, the step of acquiring the identifier bound to the voting object and generated by the trusted computing device comprises:
extracting a register check value of the trusted arithmetic device; and binding the voting object with the register check value to obtain the identification code.
In one embodiment, the step of binding the voting object with the register check value comprises:
calculating a hash value of a register check value of the trusted arithmetic device; and binding the hash value of the register check value of the trusted arithmetic device with the selected voting object.
In one embodiment, the step of sending the identification code to the server comprises:
blind processing the identification code which is generated by the credible arithmetic device and bound with the voting object to obtain a blind identification code; and sending the blinding identification code to the server for triggering the server to carry out blind signature on the blinding identification code.
In one embodiment, the voting information generation method further includes the steps of:
sending local network node information to a community management server, wherein the local network node information is used for triggering the community management server to distribute an identity identification code according to the network node information; receiving the identity identification code distributed by the community management server;
the step of generating voting information according to the signature identification code and the voting object comprises the following steps:
generating voting information by using the identification code, the voting object and the signature identification code; and sending the voting information to the server for voting, wherein the voting information is used for triggering the server to carry out validity verification on the voting information, and if the voting information is valid voting information, voting is carried out on the voting object.
In one embodiment, the step of sending local network node information to the community management server comprises:
signing the network node information; and sending the signed network node information to the community management server for triggering the community management server to carry out validity check on the network node information.
In one embodiment, there is provided a voting information generating apparatus including:
the object sending module is used for sending the selected voting object to the server;
the identification code acquisition module is used for acquiring the identification code which is generated by the trusted arithmetic device and is bound with the voting object; wherein the trusted computing device is a locally configured device for generating the identification code;
the identification code sending module is used for sending the identification code to the server and triggering the server to sign the identification code according to the voting objects to obtain a signature identification code;
the information generation module is used for receiving the signature identification code returned by the server; and generating voting information according to the signature identification code and the voting object.
The voting information generation device sends the selected voting object to the server through the object sending module, acquires the identification code bound with the voting object and generated by the locally-configured trusted computing device through the identification code acquisition module, sends the identification code to the server through the identification code sending module, triggers the server to sign the identification code according to the voting object, enables the server to sign and authenticate the identification code, receives the signature identification code of the server through the information generation module, and generates the voting information according to the signature identification code authenticated by the server and the voting object, so that the validity of the voting information is guaranteed, and the reliability and the safety of network voting are improved.
In one embodiment, there is also provided a voting information generating method, including the steps of:
receiving a voting object selected by a client and an identification code which is generated by a credible arithmetic device and is bound with the voting object; wherein the trusted computing device is a device configured for the client to generate the identification code;
signing the identification code according to the voting object to obtain a signature identification code;
sending the signature identification code to the client; the signature identification code is used for triggering the client to generate voting information according to the signature identification code and the voting object.
According to the voting information generation method, the voting object selected by the client and the identification code which is generated by the credible operation device and bound with the voting object are received, signature authentication is carried out on the identification code according to the voting object, and the signature identification code is sent to the client, so that the client generates voting information according to the signature identification code and the voting object, the validity of the voting information is guaranteed, and the reliability and the safety of network voting are improved.
In one embodiment, the step of signing the identification code according to the voting object to obtain a signed identification code comprises:
blind signature is carried out on the blind identification code according to the voting object to obtain a blind signature identification code; the blinded identification code is obtained by the client performing blinding processing on the identification code.
In one embodiment, the step of signing the identification code according to the voting object to obtain a signed identification code comprises:
signing the check value of the register according to the voting object to obtain a blind signature identification code; the register check value is obtained by binding the voting object and the register check value generated by the trusted computing device by the client.
In one embodiment, the step of signing the identification code according to the voting object to obtain a blind signature identification code includes:
signing the hash value of the register check value according to the voting object; the hash value of the register check value is obtained by the client performing hash operation on the register check value generated by the trusted computing device.
In one embodiment, after the step of sending the signature identification code to the client, the method further comprises:
receiving voting information generated by the client; the voting information is generated by the client side by utilizing an identity identification code, a voting object and a signature identification code distributed by a community management server; carrying out validity verification on the voting information; and if the voting information is effective voting information, voting is carried out on the voting object.
In one embodiment, there is also provided a voting information generating apparatus including:
the receiving module is used for receiving the voting object selected by the client and the identification code which is generated by the credible operation device and is bound with the voting object; wherein the trusted computing device is a device configured for the client to generate the identification code;
the signature module is used for signing the identification code according to the voting object to obtain a signature identification code;
the sending module is used for sending the signature identification code to the client; the signature identification code is used for triggering the client to generate voting information according to the signature identification code and the voting object.
The voting information generating device receives the voting object selected by the client and the identification code which is generated by the credible operation device and is bound with the voting object through the receiving module, carries out signature authentication on the identification code according to the voting object through the signature module, and sends the signature identification code to the client through the sending module, so that the client generates voting information according to the signature identification code and the voting object, the validity of the voting information is ensured, and the reliability and the safety of network voting are improved.
In one embodiment, a computer device is provided, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, and when the processor executes the computer program, the voting information generation method according to any one of the above embodiments is implemented.
According to the computer equipment, the validity of the voting information is guaranteed and the reliability and the safety of network voting are improved through the computer program running on the processor.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which when executed by a processor implements the voting information generation method according to any one of the above embodiments.
The computer storage medium ensures the validity of the voting information and improves the reliability and the safety of the network voting through the stored computer program.
Drawings
FIG. 1 is a diagram of an application environment of a voting information generation method in one embodiment;
FIG. 2 is a flow diagram illustrating a voting information generation method according to an embodiment;
fig. 3 is a block diagram showing the structure of a voting information generating apparatus according to an embodiment;
FIG. 4 is a flow chart illustrating a voting information generation method according to another embodiment;
fig. 5 is a block diagram showing the structure of a voting information generating apparatus according to another embodiment;
FIG. 6 is a schematic diagram of the voting system in one embodiment;
FIG. 7 is a flow diagram of a business process of a voting method in one embodiment;
FIG. 8 is a diagram illustrating an internal structure of a computer device in one embodiment;
fig. 9 is an internal structural view of a computer device in another embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The voting information generating method provided by the invention can be applied to the application environment shown in fig. 1, wherein the voting system can comprise a voting terminal 100 and a vote counting server 200, the voting terminal 100 can communicate with the vote counting server 200 through a network, the voting terminal 100 can receive the votes issued by the vote counting server 200 and fill the voting information into the votes, and after the voting information is filled, the votes carrying the voting information can be returned to the vote counting server 200 for voting. The voting terminal 100 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices, and the vote counting server 200 may be implemented by an independent server or a server cluster formed by a plurality of servers.
In an embodiment, a voting information generating method is provided, as shown in fig. 2, fig. 2 is a schematic flow chart of the voting information generating method in an embodiment, and taking the application of the method to the voting terminal 100 in fig. 1 as an example for explanation, the method may include the following steps:
step S101, the selected voting object is transmitted to the server.
In this step, the voting objects include voting objects selected in the process of selecting a certain event or matter, for example, in a voting process, the voter lists a certain candidate as the voting object, and the voter can send the selected voting object to the vote counting server 200 through the voting terminal 100.
In step S102, the identification code bound to the voting object generated by the trusted computing device is acquired.
The trusted computing device is a hardware device disposed in the voting terminal 100, and the hardware device may be a hardware device that is uniformly allocated to each voting terminal by the vote counting server 200 and is used for generating an identification code of the voting terminal 100 so as to verify the identity of each voting terminal 100.
The trusted computing device may generate an identifier for the voting terminal 100 at a time T when the user selects the voting object through the voting terminal 100, for example, at the time T, and bind the identifier to the selected voting object, for example, may generate an identifier that identifies the binding of the voting object and the identifier. In this step, the voting terminal 100 acquires the identification code bound with the voting object and generated by the locally configured trusted computing device, and binds the identification code with the voting object, which is beneficial to improving the validity of the vote and the reliability and safety of the vote.
Step S103, the identification code is sent to the server.
The present step is mainly that the voting terminal 100 transmits the identification code acquired through the step S102 to the vote counting server 200, so that the vote counting server 200 digitally signs the identification code according to the voting object. The vote counting server 200 may check whether the identification code sent by the voting terminal 100 is the identification code bound with the voting object received in step S101, and if so, perform signature authentication on the identification code to ensure the validity of the identification code.
Step S104, receiving a signature identification code returned by the server; and generating voting information according to the signature identification code and the voting object.
In this step, the voting terminal 100 receives the signature identification code returned by the vote counting server 200, and since the identification code is authenticated by the signature of the vote counting server 200, the voting terminal 100 can generate voting information using the identification code authenticated by the signature and the voting object selected by the user.
The voting information generation method comprises the steps of sending a selected voting object to a server, acquiring an identification code which is generated by a locally configured trusted computing device and bound with the voting object, sending the identification code to the server, triggering the server to sign the identification code according to the voting object, enabling the server to sign and authenticate the identification code, receiving the signature identification code of the server, and generating voting information according to the signature identification code authenticated by the server and the voting object, so that the validity of the voting information is guaranteed, and the reliability and the safety of network voting are improved.
In one embodiment, the step of acquiring the identifier bound to the voting object and generated by the trusted computing device in step S102 may include:
extracting a register check value of the trusted arithmetic device; and binding the voting object with the register check value to obtain the identification code.
In this embodiment, the register check value of the trusted computing device is mainly used as the identification code. The voting terminal 100 may extract the register check value of the trusted computing device at the time T of selecting the voting object, and bind the voting object and the register check value by generating an identifier, so that the vote counting server 200 may check whether the register check value is bound with the voting object through the identifier.
In the embodiment, the register check value of the trusted computing device is bound with the voting object, which is beneficial to ensuring the validity of the voting information and the safety and reliability of voting, and the voting object and the register check value are bound in a way of generating an identifier, so that the vote counting server 200 can check the binding condition of the register check value and the voting object conveniently, and the voting efficiency is also improved.
In one embodiment, the step of binding the voting object and the register check value in step S102 may further include:
calculating a hash value of a register check value of the trusted arithmetic device; and binding the hash value of the register check value of the trusted arithmetic device with the selected voting object.
In this embodiment, the hash value of the register check value of the trusted computing device is mainly used as the identification code.
After extracting the register check value of the trusted computing device, the voting terminal 100 may perform hash operation on the register check value to obtain a hash value of the register check value, and bind the hash value of the register check value with the selected voting object to obtain an identification code for signature authentication of the vote counting server 200.
According to the embodiment, the hash operation is performed on the register check value of the trusted arithmetic device to obtain the identification code, so that the identification code can be effectively prevented from being tampered in the transmission process, the safety and the reliability of the vote information are further improved, and the safety and the reliability of the voting are also ensured.
In one embodiment, the step of sending the identification code to the server in step S103 may include:
blind processing the identification code which is generated by the credible arithmetic device and bound with the voting object; and sending the blinded identification code to a server.
In this embodiment, before sending the identification code to the vote counting server, the voting terminal 100 may perform blind processing on the identification code to hide the identification code generated by the trusted computing device, and send the identification code after blind processing to the vote counting server 200, so that the vote counting server 200 performs blind signature on the identification code under the condition that the identification code generated by the trusted computing device is invisible.
In an embodiment, the voting information generating method according to any one of the above embodiments may further include the following steps:
sending local network node information to a community management server; and receiving the identification code distributed by the community management server.
The group management server is a server for uniformly managing a certain number of voting terminals, and may be a group authorized by a voting center, such as the vote counting server 200, and distributes the identification codes of the voting terminals in the group to the voting terminals on behalf of the group.
In this embodiment, the voting terminal 100 may send local network node information to a group management server, so that the group management server allocates a corresponding identity code to the voting terminal 100 according to the network node information of the voting terminal 100, for example, the group management server may randomly generate a prime number as an identity code of the voting terminal 100, store the network node information of the voting terminal 100 and the corresponding identity code in a database, and after the group management server generates the identity code, the voting terminal 100 receives the identity code allocated by the group management server. In the generation process of the voting information, the community management server divides the voting terminals into certain communities and distributes corresponding identification codes to the voting terminals, so that anonymous voting is performed on the voting terminals, the protection of the voting information of the voting terminals is enhanced, and the voting safety is improved.
In one embodiment, the step of sending the local network node information to the community management server in the above embodiment may further include:
signing the network node information; and sending the signature network node information to the community management server.
In this embodiment, the voting terminal 100 may perform signature authentication on local network node information, and send the network node information of the signature authentication to the group management server, where the network node information of the signature authentication is used to trigger the group management server to perform validity check on the network node information of the voting terminal 100, for example, the voting terminal 100 may perform signature on the local network node information, and encrypt and send the signature and the corresponding network node information to the group management server through a public key of the group management server, and the group management server may decrypt the encrypted information by using a private key carried by itself to obtain the signature and the corresponding network node information sent by the voting terminal 100, so as to perform validity check on the signature and the corresponding network node information by using the public key of the voting terminal 100, thereby ensuring the validity of the identity voted by the voting terminal 100, the safety and the reliability of the generation of the voting information are ensured.
In one embodiment, the step of generating the voting information according to the signature identification code and the voting object in step S104 may further include:
generating voting information by using the identity identification code, the voting object and the signature identification code; and sending the voting information to the server for voting.
In this embodiment, the identification code refers to an identification code allocated by the community management server to each voting terminal. The voting terminal 100 of this embodiment may generate voting information by using the id assigned by the community management server, the voting object selected by the user, and the identifier for signature authentication of the vote counting server, and send the voting information to the vote counting server through the network, so that the vote counting server performs validity verification according to the voting information, for example, the community management server checks whether the id is a legal id, whether the voting object selected by the voter conforms to the voting range, whether the signature identifier is an identifier for signature authentication of the vote counting server, and so on Safety and reliability.
In an embodiment, there is provided a voting information generating device, and referring to fig. 3, fig. 3 is a block diagram illustrating a structure of the voting information generating device in an embodiment, where the voting information generating device may include: an object sending module 101, an identification code obtaining module 102, an identification code sending module 103 and an information generating module 104; wherein,
an object sending module 101, configured to send the selected voting object to a server;
an identification code obtaining module 102, configured to obtain an identification code that is generated by a trusted computing device and is bound to the voting object; wherein the trusted computing device is a locally configured device for generating the identification code;
an identification code sending module 103, configured to send the identification code to the server, and be configured to trigger the server to sign the identification code according to the voting object to obtain a signature identification code;
an information generating module 104, configured to receive the signature identifier returned by the server; and generating voting information according to the signature identification code and the voting object.
The voting information generating device sends the selected voting object to the server through the object sending module 101, acquires the identification code which is generated by the locally configured trusted computing device and bound with the voting object through the identification code acquisition module 102, sends the identification code to the server through the identification code sending module 103, triggers the server to sign the identification code according to the voting object, enables the server to sign and authenticate the identification code, receives the signature identification code of the server through the information generating module 104, and generates voting information according to the signature identification code authenticated by the server and the voting object, thereby ensuring the validity of the voting information and improving the reliability and the safety of network voting.
In an embodiment, a voting information generating method is further provided, referring to fig. 4, fig. 4 is a schematic flow chart of the voting information generating method in another embodiment, which is described by taking the method as an example applied to the vote counting server 200 in fig. 1, and the method may include the following steps:
in step S401, the voting object selected by the client and the identification code bound to the voting object generated by the trusted computing device are received.
The vote counting server 200 receives the voting object sent by the voting terminal 100 and the identification code bound with the voting object, wherein the identification code is generated by a trusted computing device configured at the voting terminal 100, and the trusted computing device can be a hardware device uniformly distributed to each voting terminal by the vote counting server 200 and used for generating the identification code of the voting terminal 100 so as to verify the identity of each voting terminal 100; the voting object comprises a voting object selected in a process of selecting a certain event or affair, for example, in a voting process, an voter lists a certain candidate as the voting object, and the voter can send the selected voting object to the vote counting server 200 through the voting terminal 100.
Step S402, signing the identification code according to the voting object to obtain a signature identification code.
In this step, the vote counting server 200 digitally signs the identification code according to the voting object selected by the voting terminal 100, and the vote counting server 200 may first check whether the identification code sent by the voting terminal 100 is the identification code bound to the voting object, and if so, perform signature authentication on the identification code to obtain a signature identification code, so as to ensure the validity of the identification code.
Step S403, sending the signature identification code to the client.
In this step, the vote counting server 200 returns the digitally signed identification code to the voting terminal 100 after digitally signing the identification code, so that the voting terminal 100 generates voting information by using the signature identification code of the signature authentication and the selected voting object to vote.
According to the voting information generation method, the voting object selected by the client and the identification code which is generated by the credible operation device and bound with the voting object are received, signature authentication is carried out on the identification code according to the voting object, and the signature identification code is sent to the client, so that the client generates voting information according to the signature identification code and the voting object, the validity of the voting information is guaranteed, and the reliability and the safety of network voting are improved.
In one embodiment, the step of signing the identifier according to the voting object in step S402 to obtain a signed identifier may include:
and signing the check value of the register according to the voting object to obtain a signature identification code.
In this embodiment, the register check value is a register check value generated by a trusted computing device disposed in the voting terminal 100, and the register check value is bound to the voting object selected by the voting terminal 100. The method mainly includes the steps that digital signature is carried out on a register check value which is generated by a credible operation device and bound with a voting object, wherein the voting terminal 100 can extract the register check value of the credible operation device at the T moment of selecting the voting object and binds the voting object and the register check value in a mode of generating an identifier, and the vote counting server 200 can check whether the register check value is bound with the voting object through the identifier, so that signature identification codes are obtained by signing the register check value.
The embodiment signs the register check value bound with the voting object of the trusted computing device, so that the validity of the voting information and the safety and reliability of voting are favorably ensured, and the voting counting server can check the binding condition of the register check value and the voting object conveniently by binding the voting object and the register check value in a mode of generating an identifier, thereby improving the voting efficiency.
In one embodiment, the step of signing the identifier according to the voting object in step S402 to obtain a signed identifier may include:
and signing the hash value of the register check value according to the voting object to obtain a signature identification code.
In this embodiment, the hash value of the register check value refers to a hash value of a register check value generated by a trusted computing device configured in the voting terminal 100, where the hash value is a hash value bound with the voting object; after the trusted computing device of the voting terminal 100 generates the register check value, hash operation may be performed on the register check value to generate a hash value of the register check value, and the hash value of the register check value is bound to the selected voting object to obtain an identification code for signature authentication of the vote counting server 200.
According to the embodiment, the hash value of the register check value of the trusted computing device is signed according to the voting object, so that the identification code generated by the trusted computing device can be effectively prevented from being tampered in the transmission process, the safety and the reliability of the vote information are further improved, and the safety and the reliability of voting are also ensured.
In one embodiment, the step of signing the identifier according to the voting object in step S402 to obtain a signed identifier may include:
and blind signature is carried out on the blind identification code according to the voting object to obtain a blind signature identification code.
In this embodiment, the blinding identification code refers to a blinding identification code obtained by blinding the identification code by the voting terminal 100; before sending the identification code to the voting statistics server 200, the voting terminal 100 may blind the identification code to hide the identification code generated by the trusted computing device, and send the identification code after blind processing to the voting statistics server 200, where the voting statistics server 200 performs blind signature on the identification code to obtain a blind signature identification code under the condition that the identification code generated by the trusted computing device is invisible.
In one embodiment, after step S403, the following steps may be further included:
receiving voting information generated by a client; carrying out validity verification on the voting information; and if the voting information is effective voting information, voting is carried out on the voting object.
The voting information is generated by the voting terminal 100 according to the id, the voting object, and the signature id assigned by the group management server, the group management server is a server for uniformly managing a certain number of voting terminals, and the server may be a group authorized by a voting center, such as the vote counting server 200, and the id of the voting terminal in the group is assigned to each voting terminal on the behalf of the group.
The vote counting server 200 in this embodiment may vote for a corresponding voting object according to the identification code, the voting object, and the signature identification code in the voting information generated by the voting terminal 100, for example, the vote counting server 200 may check whether the identification code is a legal identification code through the group management server, verify the validity of the voting information in a manner of whether the voting object selected by the voter meets the voting range, whether the signature identification code is an identification code for signature authentication by the vote counting server, and the like, and vote for the voting object in the voting information if the voting information is valid voting information, which not only ensures the anonymity of the voting terminal, but also ensures the validity, security, and reliability of the vote.
In an embodiment, there is further provided a voting information generating device, as shown in fig. 5, where fig. 5 is a block diagram of a voting information generating device in another embodiment, the voting information generating device may include: a receiving module 401, a signing module 402 and a sending module 403; wherein,
a receiving module 401, configured to receive a voting object selected by a client and an identification code generated by a trusted computing device and bound to the voting object; wherein the trusted computing device is a device configured for the client to generate the identification code;
a signature module 402, configured to sign the identifier according to the voting object to obtain a signature identifier;
a sending module 403, configured to send a signature identifier to the client; the signature identification code is used for triggering the client to generate voting information according to the signature identification code and the voting object.
The voting information generating device receives the voting object selected by the client and the identification code bound with the voting object and generated by the credible operation device through the receiving module 401, performs signature authentication on the identification code according to the voting object by using the signature module 402, and transmits the signature identification code to the client through the transmitting module 403, so that the client generates voting information according to the signature identification code and the voting object, the validity of the voting information is ensured, and the reliability and the safety of network voting are improved.
For specific limitations of the voting information generation device, reference may be made to the above limitations of the voting information generation method, which are not described herein again. The respective modules in the voting information generating device can be wholly or partially implemented by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
To more clearly illustrate the technical solution of the present invention, the voting information generating method is applied to the voting system shown in fig. 6, referring to fig. 6, fig. 6 is a schematic structural diagram of the voting system in an embodiment, the voting system may include a plurality of voters T1, T2 … … Tn, a group management server a, a candidate H1 and a vote counting system X, wherein each voter is allocated to vote through a respective voting terminal, each voting terminal is configured with a trusted computing device for generating a corresponding identification code, each candidate is configured with a candidate terminal, wherein the group management server, the voting terminal, the candidate terminals and the vote counting system each have a corresponding public key pair, for example, T represents a terminal, and its private key pair is PKT、SKT(ii) a H represents a candidate terminal, and the public and private key pairs of the candidate terminal are PKH、SKHX denotes vote counting system, the public and private key pair of which is PKX、SKXFor encrypting the information to be communicated such as voting information, the trusted arithmetic device sets a hash function having a strong collision-free function as H and provides authentication information to each device, disclosed by the group management server AParameter is { F1,F2,P,q,H,Sr,PG},F1Adding the cyclic groups for elliptic curves having the same order q, F2For multiplication loops with the same order P, SrKey value parameter, P, selected for the group AGIs the public key of community a.
Referring to fig. 7, fig. 7 is a timing diagram of a service flow of a voting method in an embodiment, and a service flow of the voting method based on the voting system may include the following stages:
1. initialization phase of the voting system:
each main body of the voting system obtains the corresponding public and private key pair, if a new voting terminal is randomly added into a certain group, such as the group management server A, the voting terminal will firstly pass the public key P of the group management server AGAnd encrypting the network node information subjected to self signature authentication and the network node information, and sending the encrypted information to the group management server A. The community management server A decrypts the encrypted information through a private key carried by the community management server A, and further acquires the information sent by the voting terminal. The group management server A judges the validity of the identity verification information of the voting terminal in the first step, when the judgment result is safe, the group management server A randomly selects a prime number as the identity identification code ID of the voter, calculates and distributes the substitute identity public and private key, PK, of the voterT=gID-1mod(n),SKTIDxd + kmod (n). Wherein k, g, x and d are random numbers, and n is 2P. The community management server a redistributes the calculated key to the voting terminals and stores the user's information in the database.
2. And a voting right acquisition stage:
when a voter needs to acquire the voting right, the voting terminal needs to perform the following operations: the voting terminal sets voting information data ═ (choice, value, H (RV, time), binding, ID). Wherein, the value is the effective time of the voting, the choice is the selected voting object, H is the strong collision-free Hash function, and RV is the time time, the register of the current trusted computing device checks the value, and the binding true indicates whether the vote is identity bound with the trusted computing device. The voting terminal generates a random blind coefficient t1∈Z*Blinding the voting information, and further calculating dat' a as t1H (dat) a. And the voting terminal sends data', H (RV, tim) e to the vote counting system and applies for the voting right.
After receiving the application information of the voting terminal, the vote counting system checks whether the voter accords with the voting range according to the choice of the information, and if so, the vote counting system transmits data back to the voting terminal (R)1,S1,S2) Wherein R is1=k·P,S1=k-1data'·P,S2=k-1SKX,k∈Z*And recording that the voting device has acquired the ballot. After the voting terminal acquires the return information, the terminal randomly selects t2∈Z*And calculateFinally (data, R, S, SK) is transmitted to the voting terminalX) Verifying, if the result is correct, further calculating by the voting terminal to obtain a signature sign of the vote systemdataAfter the signature of the vote counting system is obtained, the voting terminal can be regarded as obtaining the voting right.
3. A voting stage:
assuming that the voter A selects to vote to the candidate B in the voting system, the candidate terminal performs broadcast invitation votingThe voting terminal receives the invitation informationFollowed by a response (H (RV, time), PK)T,data,signdataChoice). The candidate receives the voting response information by judging, then checks the validity period of the voting and the voting selection in the first step, if the signature in the response information has passed the validity period, the candidate can check the voting selectionAnd the voting terminal refuses to receive the voting. On the contrary, when the voting rule further determines whether the binding and the RV are valid. When the verification is passed, the candidate receives the voting information.
4. And (3) a vote counting stage:
the process uploads all votes obtained to the vote system for the candidate terminal. Firstly, the candidate terminal will obtain the vote information (H (RV, time), PKH,data,signdata) Uploading the votes to a vote system, and verifying whether the series of votes are valid or not by the system. After all checks are correct, the system carries out database matching on the generated votes, if the votes are not matched to correspond to the votes, the votes are recorded under the list of the candidate, otherwise, the system considers that the votes are voted repeatedly and refuses to receive the votes.
The technical scheme provided by the embodiment can enhance the safety performance of the voting platform and ensure the operating efficiency of the voting system through the trusted arithmetic device and the ECC algorithm, and the system further adds a group signature algorithm and a blind signature algorithm in the voting process. The group signature divides the voting terminal into a certain group, and signs the voting information under the name of the group, thereby realizing the anonymity of the voting terminal, the blind signature algorithm hides the content in the voting information, so that the signature party signs the information under the condition that the voting information is not clear, and the two are combined to improve the safety of the system and enhance the protection of the voting information; the reliability of each node in the voting system is verified according to the mapping relation of the register value of the credible operation device, the voting object and the time for selecting the voting object, the voting terminal can autonomously realize peer-to-peer identity verification under the condition of not influencing user experience and power consumption performance, and the information safety and reliability performance of the voting system is greatly improved.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 8. The computer device includes a processor, a memory, a network interface, a display screen, and an input device connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a voting information generation method. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 9. The computer device includes a processor, a memory, a network interface, and a database connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing data required in the flow of the voting information generation method. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a voting information generation method.
It will be appreciated by those skilled in the art that the configurations shown in fig. 8 or 9 are only block diagrams of some of the configurations relevant to the inventive arrangements and do not constitute a limitation on the computing devices to which the inventive arrangements may be applied, and that a particular computing device may include more or less components than those shown, or some of the components may be combined, or have a different arrangement of components.
In one embodiment, a computer device is provided, which may be a voting terminal or a vote counting server, and includes a memory, a processor and a computer program stored in the memory and running on the processor, wherein the processor implements the voting information generation method according to any one of the above embodiments when executing the computer program.
According to the computer equipment, the validity of the voting information is guaranteed and the reliability and the safety of network voting are improved through the computer program running on the processor.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which when executed by a processor implements the voting information generation method according to any one of the above embodiments.
The computer storage medium ensures the validity of the voting information and improves the reliability and the safety of the network voting through the stored computer program.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, databases, or other media used in embodiments provided herein may include non-volatile and/or volatile memory. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. A voting information generating method, characterized by comprising the steps of:
sending the selected voting object to a server;
acquiring an identification code which is generated by a trusted arithmetic device and bound with the voting object; wherein the trusted computing device is a locally configured device for generating the identification code;
sending the identification code to the server, and triggering the server to sign the identification code according to the voting object to obtain a signature identification code;
receiving the signature identification code returned by the server; and generating voting information according to the signature identification code and the voting object.
2. A voting information generation method according to claim 1, wherein the step of acquiring the identification code bound to the voting object, the identification code being generated by the trusted computing device, comprises:
extracting a register check value of the trusted arithmetic device;
and binding the voting object with the register check value to obtain the identification code.
3. A voting information generation method according to claim 2, wherein the step of binding the voting object to the register check value includes:
calculating a hash value of a register check value of the trusted arithmetic device;
and binding the hash value of the register check value of the trusted arithmetic device with the selected voting object.
4. A voting information generation method according to claim 1, wherein the step of transmitting the identification code to the server comprises:
blind processing the identification code which is generated by the credible arithmetic device and bound with the voting object to obtain a blind identification code;
and sending the blinding identification code to the server for triggering the server to carry out blind signature on the blinding identification code.
5. A voting information generation method according to any one of claims 1 to 4, further comprising the steps of:
sending local network node information to a community management server; the network node information is used for triggering the community management server to distribute an identity identification code according to the network node information;
receiving the identity identification code distributed by the community management server;
the step of generating voting information according to the signature identification code and the voting object comprises the following steps:
generating voting information by using the identification code, the voting object and the signature identification code;
and sending the voting information to the server for voting, wherein the voting information is used for triggering the server to carry out validity verification on the voting information, and if the voting information is valid voting information, voting is carried out on the voting object.
6. A voting information generation method according to claim 5, wherein the step of transmitting local network node information to a community management server comprises:
signing the network node information;
and sending the signed network node information to the community management server for triggering the community management server to carry out validity check on the network node information.
7. A voting information generating method, characterized by comprising the steps of:
receiving a voting object selected by a client and an identification code which is generated by a credible arithmetic device and is bound with the voting object; wherein the trusted computing device is a device configured for the client to generate the identification code;
signing the identification code according to the voting object to obtain a signature identification code;
and sending the signature identification code to the client, and triggering the client to generate voting information according to the signature identification code and the voting object.
8. The voting information generation method according to claim 7,
the step of signing the identification code according to the voting object to obtain a signature identification code comprises the following steps:
blind signature is carried out on the blind identification code according to the voting object to obtain a blind signature identification code; the blinded identification code is obtained by the client performing blinding processing on the identification code;
or
The step of signing the identification code according to the voting object to obtain a signature identification code comprises the following steps:
signing the check value of the register according to the voting object to obtain a signature identification code; the register check value is obtained by binding the voting object and the register check value generated by the trusted computing device by the client;
or
The step of signing the identification code according to the voting object to obtain a signature identification code comprises the following steps:
signing the hash value of the register check value according to the voting object to obtain a signature identification code; the hash value of the register check value is obtained by the client performing hash operation on the register check value generated by the trusted computing device.
9. A voting information generation method according to any one of claims 7 and 8, wherein after the step of transmitting the signature identification code to the client, the method further comprises:
receiving voting information generated by the client; the voting information is generated by the client side by utilizing an identity identification code, a voting object and a signature identification code distributed by a community management server;
carrying out validity verification on the voting information; and if the voting information is effective voting information, voting is carried out on the voting object.
10. A voting information generating apparatus, comprising:
the object sending module is used for sending the selected voting object to the server;
the identification code acquisition module is used for acquiring the identification code which is generated by the trusted arithmetic device and is bound with the voting object; wherein the trusted computing device is a locally configured device for generating the identification code;
the identification code sending module is used for sending the identification code to the server and triggering the server to sign the identification code according to the voting objects to obtain a signature identification code;
the information generation module is used for receiving the signature identification code returned by the server; generating voting information according to the signature identification code and the voting object;
or
The receiving module is used for receiving the voting object selected by the client and the identification code which is generated by the credible operation device and is bound with the voting object; wherein the trusted computing device is a device configured for the client to generate the identification code;
the signature module is used for signing the identification code according to the voting object to obtain a signature identification code;
the sending module is used for sending the signature identification code to the client; the signature identification code is used for triggering the client to generate voting information according to the signature identification code and the voting object.
CN201810338333.3A 2018-04-16 2018-04-16 Voting information generation method and device Active CN108616362B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810338333.3A CN108616362B (en) 2018-04-16 2018-04-16 Voting information generation method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810338333.3A CN108616362B (en) 2018-04-16 2018-04-16 Voting information generation method and device

Publications (2)

Publication Number Publication Date
CN108616362A true CN108616362A (en) 2018-10-02
CN108616362B CN108616362B (en) 2022-03-29

Family

ID=63660467

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810338333.3A Active CN108616362B (en) 2018-04-16 2018-04-16 Voting information generation method and device

Country Status (1)

Country Link
CN (1) CN108616362B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110995413A (en) * 2019-12-05 2020-04-10 杭州趣链科技有限公司 Alliance chain consensus node management method for preventing pseudo node attack
CN110995711A (en) * 2019-12-05 2020-04-10 全链通有限公司 Electronic voting method, device and storage medium based on block chain
CN111314095A (en) * 2019-12-05 2020-06-19 全链通有限公司 Electronic voting method, device and storage medium based on block chain
CN115001785A (en) * 2022-05-26 2022-09-02 平安普惠企业管理有限公司 Signature service method and device based on voting, electronic equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003041338A1 (en) * 2001-11-06 2003-05-15 International Business Machines Corporation Method and system for the supply of data, transactions and electronic voting
CN1658202A (en) * 2004-02-20 2005-08-24 武传坤 Large disclosed internet voting system and method
US20080105742A1 (en) * 2006-11-06 2008-05-08 Kim Keonwoo Device and method of electronic voting using mobile terminal
CN102087761A (en) * 2010-12-03 2011-06-08 深圳市大明通信有限公司 Electronic voting method and system of mobile terminal
CN102722931A (en) * 2012-06-21 2012-10-10 陈利浩 Voting system and voting method based on intelligent mobile communication devices
CN102984126A (en) * 2012-11-02 2013-03-20 天地融科技股份有限公司 System and method of voting certification and electronic signature tool and transmission method of voting data

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003041338A1 (en) * 2001-11-06 2003-05-15 International Business Machines Corporation Method and system for the supply of data, transactions and electronic voting
CN1658202A (en) * 2004-02-20 2005-08-24 武传坤 Large disclosed internet voting system and method
US20080105742A1 (en) * 2006-11-06 2008-05-08 Kim Keonwoo Device and method of electronic voting using mobile terminal
CN102087761A (en) * 2010-12-03 2011-06-08 深圳市大明通信有限公司 Electronic voting method and system of mobile terminal
CN102722931A (en) * 2012-06-21 2012-10-10 陈利浩 Voting system and voting method based on intelligent mobile communication devices
CN102984126A (en) * 2012-11-02 2013-03-20 天地融科技股份有限公司 System and method of voting certification and electronic signature tool and transmission method of voting data

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110995413A (en) * 2019-12-05 2020-04-10 杭州趣链科技有限公司 Alliance chain consensus node management method for preventing pseudo node attack
CN110995711A (en) * 2019-12-05 2020-04-10 全链通有限公司 Electronic voting method, device and storage medium based on block chain
CN111314095A (en) * 2019-12-05 2020-06-19 全链通有限公司 Electronic voting method, device and storage medium based on block chain
CN111314095B (en) * 2019-12-05 2023-01-31 全链通有限公司 Electronic voting method, device and storage medium based on block chain
CN110995413B (en) * 2019-12-05 2023-03-31 杭州趣链科技有限公司 Alliance chain consensus node management method for preventing pseudo node attack
CN115001785A (en) * 2022-05-26 2022-09-02 平安普惠企业管理有限公司 Signature service method and device based on voting, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN108616362B (en) 2022-03-29

Similar Documents

Publication Publication Date Title
US11349674B2 (en) Digital certificate management method and apparatus, computer device, and storage medium
US10637665B1 (en) Blockchain-based digital identity management (DIM) system
CN108616362B (en) Voting information generation method and device
CN110581860A (en) identity authentication method, device, storage medium and equipment based on block chain
CN112104665B (en) Block chain-based identity authentication method and device, computer and storage medium
CN108881252B (en) Identity authentication data processing method and device, computer equipment and storage medium
CN111191294B (en) Single-node accounting method, system, equipment and storage medium based on block chain
CN112165382B (en) Software authorization method and device, authorization server side and terminal equipment
US20190141048A1 (en) Blockchain identification system
CN109587154B (en) Digital identity verification method, device, computer equipment and storage medium
CN110011796B (en) Certificate updating method and device, computer equipment and storage medium
CN113434889B (en) Service data access method, device, equipment and storage medium
CN110661613B (en) Anti-quantum-computation implicit certificate issuing method and system based on alliance chain
CN110737915B (en) Anti-quantum-computation anonymous identity recognition method and system based on implicit certificate
CN110502889B (en) Login method, login device, computer readable storage medium and computer equipment
CN111881483A (en) Resource account binding method, device, equipment and medium based on block chain
CN110830244A (en) Anti-quantum computing vehicle networking method and system based on identity secret sharing and alliance chain
CN111989892B (en) Authentication system and computer-readable recording medium
CN114168922B (en) User CA certificate generation method and system based on digital certificate
CN114168923B (en) Group CA certificate generation method and system based on digital certificate
CN111937348B (en) Authentication system and computer-readable recording medium
US11888987B2 (en) Method and system for digital voting using a trusted digital voting platform
CN111901359B (en) Resource account authorization method, device, system, computer equipment and medium
CN113901520A (en) Data processing method, device, equipment and medium based on block chain
CN114862388B (en) Identity management method based on digital wallet, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant