CN108737105A - Method for retrieving, device, private key equipment and the medium of private key - Google Patents

Method for retrieving, device, private key equipment and the medium of private key Download PDF

Info

Publication number
CN108737105A
CN108737105A CN201810427694.5A CN201810427694A CN108737105A CN 108737105 A CN108737105 A CN 108737105A CN 201810427694 A CN201810427694 A CN 201810427694A CN 108737105 A CN108737105 A CN 108737105A
Authority
CN
China
Prior art keywords
private key
terminal
stored
sub
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810427694.5A
Other languages
Chinese (zh)
Other versions
CN108737105B (en
Inventor
孙丽
张锋
张一锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongchao Credit Card Industry Development Co Ltd Hangzhou Blockchain Technology Research Institute
Original Assignee
Zhongchao Credit Card Industry Development Co Ltd Hangzhou Blockchain Technology Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongchao Credit Card Industry Development Co Ltd Hangzhou Blockchain Technology Research Institute filed Critical Zhongchao Credit Card Industry Development Co Ltd Hangzhou Blockchain Technology Research Institute
Priority to CN201810427694.5A priority Critical patent/CN108737105B/en
Publication of CN108737105A publication Critical patent/CN108737105A/en
Application granted granted Critical
Publication of CN108737105B publication Critical patent/CN108737105B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Finance (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a kind of method for retrieving of private key, device, private key equipment and media.This method includes:First terminal gives private key request for change to second terminal transmission;According to threshold signature scheme and give private key request for change, second terminal, which is pre-stored sub- private key and is pre-stored sub- private key with third terminal, signs, and obtains final signed data;Pass through the intelligent final signed data of contract certification on block chain;After certification passes through, from pre-stored M slice, thin pieces private key selecting sub- private key is issued to first terminal.The scheme provided according to embodiments of the present invention, by being pre-stored M slice, thin piece private keys at key storage center in advance so that after sub- private key loss, sub- private key can be given for change from being pre-stored in M slice, thin piece private keys in key storage center, be traded by the sub- private key given for change.The phenomenon that appearance can not merchandise since complete private key is lost not only is avoided in this way, but also can improve the flexibility of private key.

Description

Method for retrieving, device, private key equipment and the medium of private key
Technical field
The present invention relates to computer realm more particularly to a kind of method for retrieving of private key, device, private key equipment and media.
Background technology
With the rise of digital cash, numerous digital cash wallets are emerged, how to ensure the safety of digital cash wallet Just become a major issue.One transaction is weighed really or the certification of message integrity, needs key (private key and public key) to it Signature is carried out with sign test to ensure.
Since current private key is all complete, if private key is lost, user is difficult to be traded, so improving private key in number Safety in word currency wallet becomes urgent problem to be solved.
Invention content
The embodiment of the present invention provide private key method for retrieving, device, private key equipment and medium, can private key loss after, It is retrieved in time, improves the safety and flexibility of private key.
According to a first aspect of the embodiments of the present invention, a kind of method for retrieving of private key is provided, the method for retrieving includes:
First terminal gives private key request for change to second terminal transmission;
It is asked according to threshold signature scheme and the private key of giving for change, second terminal is pre-stored sub- private key and prestores with third terminal It stores up sub- private key to sign, obtains final signed data;
Pass through final signed data described in the intelligent contract certification on block chain;
After certification passes through, from pre-stored M slice, thin pieces private key selecting sub- private key is issued to the first terminal.
According to a second aspect of the embodiments of the present invention, a kind of device for retrieving of private key is provided, the device for retrieving includes:
First terminal, second terminal, third terminal, certification terminal and key storage center;
The first terminal, for giving private key request for change to second terminal transmission;
Second terminal is pre-stored by the second terminal for being asked according to threshold signature scheme and the private key of giving for change Sub- private key is pre-stored sub- private key with third terminal and signs, and obtains final signed data;
The third terminal, for giving the final signed data hair to the certification terminal,
The certification terminal, for passing through final signed data described in the intelligent contract certification on block chain;
Sub- private key granting is appointed in the key storage center for after certification passes through, being selected from pre-stored M slice, thin pieces private key To the first terminal.
According to a third aspect of the embodiments of the present invention, a kind of private key equipment is provided, the private key equipment includes:Processor with And it is stored with the memory of computer program instructions;
The processor realizes the method for retrieving of the private key described in first aspect when executing the computer program instructions.
According to a fourth aspect of the embodiments of the present invention, a kind of computer readable storage medium, which is characterized in that the calculating Computer program instructions are stored on machine readable storage medium storing program for executing, the computer program instructions realize first when being executed by processor The method for retrieving of private key described in aspect.
Method, apparatus, private key equipment and medium according to embodiments of the present invention are made by prestoring M slice, thin piece private keys It obtains after sub- private key loss, sub- private key can be given for change from pre-stored M slice, thin pieces private key, be traded by the sub- private key given for change. The phenomenon that appearance can not merchandise since complete private key is lost not only is avoided in this way, but also can improve the flexibility of private key.
Description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, will make below to required in the embodiment of the present invention Attached drawing is briefly described, for those of ordinary skill in the art, without creative efforts, also It can be obtain other attached drawings according to these attached drawings.
Fig. 1 is the flow chart of the method for retrieving for the private key for showing the embodiment of the present invention;
Fig. 2 is the detail flowchart of the method for retrieving for the private key for showing another embodiment of the present invention;
Fig. 3 is the schematic diagram for the distribution for showing client private key of the embodiment of the present invention;
Fig. 4 is the schematic diagram for the System Back-end private key distribution for showing business bank of the embodiment of the present invention;
Fig. 5 is the flow chart for the verification process for showing the embodiment of the present invention;
Fig. 6 is the flow chart of the method for retrieving for the private key for showing another embodiment of the present invention;
Fig. 7 is the structural schematic diagram for the device for retrieving for showing private key provided in an embodiment of the present invention;
Fig. 8 is to show to realize the exemplary hard of the computing device of method for retrieving and device according to the ... of the embodiment of the present invention The structure chart of part framework.
Specific implementation mode
The feature and exemplary embodiment of various aspects of the invention is described more fully below, in order to make the mesh of the present invention , technical solution and advantage be more clearly understood, with reference to the accompanying drawings and embodiments, the present invention is further retouched in detail It states.It should be understood that specific embodiment described herein is only configured to explain the present invention, it is not configured as limiting the present invention. To those skilled in the art, the present invention can be real in the case of some details in not needing these details It applies.Below to the description of embodiment just for the sake of by showing that the example of the present invention is better understood from the present invention to provide.
It should be noted that herein, relational terms such as first and second and the like are used merely to a reality Body or operation are distinguished with another entity or operation, are deposited without necessarily requiring or implying between these entities or operation In any actual relationship or order or sequence.Moreover, the terms "include", "comprise" or its any other variant are intended to Non-exclusive inclusion, so that the process, method, article or equipment including a series of elements is not only wanted including those Element, but also include other elements that are not explicitly listed, or further include for this process, method, article or equipment Intrinsic element.In the absence of more restrictions, the element limited by sentence " including ... ", it is not excluded that including There is also other identical elements in the process, method, article or equipment of the element.
(2,3) thresholding private key refers to by private key fragment into 3 sub- private keys of fragment, second terminal in embodiments of the present invention (business bank), third terminal (Central Bank) obtain 1 sub- private key of fragment, 3 fragments respectively with first terminal (client) Arbitrary 2 in sub- private key are signed together, you can it is 2 to complete signature namely thresholding.But (2,3) thresholding private key exists centainly Defect, for example the sub- private key of first terminal fragment loses or forgets, it is private that fragment can only be reacquired by way of resetting Key, and participating parties is distributed again, the efficiency for reducing abnormal flow processing increases complexity.Therefore, in order to The defect present invention is overcome to implement following technical solution.
In order to better understand the present invention, below in conjunction with attached drawing, private key according to the ... of the embodiment of the present invention is described in detail Method for retrieving, device and medium, it should be noted that these embodiments are not for limiting the scope of the present disclosure.
Fig. 1 is the flow chart of the method for retrieving for the private key for showing the embodiment of the present invention.
As shown in Figure 1, the method for retrieving 100 of the private key in the embodiment of the present invention includes the following steps:
Step S110, first terminal give private key request for change to second terminal transmission.
In this step, the embodiment of the present invention is an embodiment participated in many ways, and first terminal or second terminal can Think the System Back-end of client or business bank.Such as:When first terminal is client, then second terminal is business bank System Back-end.
Step S120 according to threshold signature scheme and gives private key request for change, and it is whole with third that second terminal is pre-stored sub- private key End is pre-stored sub- private key and signs, and obtains final signed data.
In this step, second terminal, which is pre-stored sub- private key and is pre-stored sub- private key with third terminal, signs, such as:Visitor Family end is repeatedly signed with System Back-end, is specifically determined by the threshold signature scheme of sub- private key, and threshold signature scheme is Refer to the group of n member composition, any no less than t member cooperates that signature can be generated in group, any to cooperate all less than t member It can not forge a signature.
It also should be noted that second terminal is pre-stored sub- private key and prestores with third terminal in embodiments of the present invention Sub- private key is stored up repeatedly to be signed, when number of signing is 4 times, i.e., signature process needs 4 data transmissions, such as:For the first time Client first generates a data A with the sub- private key signature of oneself.Second of System Back-end generates data B according to data A signatures. Third time client, which needs to be signed again according to data B, generates data C.Fourth system rear end needs to be generated according to data C signatures Data D becomes final signed data E.
It is signed in this step by repeatedly interaction, improves the accuracy of subsequent authentication.
Step S130 passes through the intelligent final signed data of contract certification on block chain.
In this step, block chain (Blockchain) is Distributed Storage, point-to-point transmission, common recognition mechanism, adds The new application pattern of the computer technologies such as close algorithm.So-called common recognition mechanism is built between realizing different nodes in block catenary system The vertical mathematical algorithm trusted, obtain equity.
And intelligent contract is for user perspective, intelligent contract is typically considered an automatic security account, for example, working as When specific condition meets, the contract program in intelligent contract will discharge and shift fund automatically.
Technically, intelligent contract is considered as network server, and only these servers are not to use IP Address is set up on the internet, but is erected on block chain.So as to run specific contract program in the above.
But unlike network server, owner is it can be seen that intelligent contract, because of these intelligent contracts Code and state all on block chain (assuming that block chain is disclosed).Moreover, unlike network server, intelligent contract Some specific hardware device is not depended on, in fact, the contract program of intelligent contract is executed by all equipment for participating in digging mine.
Intelligent contract is the assembler language being programmed on block chain.The execution of the intelligence contract is automatic or successfully It executes or all state changes is all cancelled (including the information sent or received from the contract currently to fail).
Step S140, after certification passes through, from pre-stored M slice, thin pieces private key selecting sub- private key is issued to first terminal.
Method according to embodiments of the present invention, by being pre-stored M slice, thin piece private keys so that lost in the sub- private key of client Afterwards, sub- private key can be given for change from being pre-stored in M slice, thin piece private keys in key storage center, is traded by the sub- private key given for change. Not only avoid in this way appearance due to complete private key is lost and the phenomenon that can not merchandising, but also the flexibility of private key can be improved.Simultaneously Be no longer limited to when private key is lost can only private key resetting restore, to simple flow and improve each participant efficiency.
Fig. 2 is the detail flowchart of the method for retrieving for the private key for showing another embodiment of the present invention.
As shown in Fig. 2, method for retrieving 200 includes:
Step 210, client gives private key request for change to System Back-end transmission.
Step 220, it is asked according to threshold signature scheme with private key is given for change, System Back-end and the Central Bank are repeatedly signed Name.
Step 230, final signed data is sent to the intelligent contract on block chain by the Central Bank, carries out cochain.
Step 240, intelligent contract feedback provides sub- private key information and gives key storage center.
Step 250, sub- private key is selected to client granting in key storage center from pre-stored M slice, thin pieces private key.
In one embodiment, after certification passes through, from pre-stored M slice, thin pieces private key selecting sub- private key is issued to first terminal Before, further include:
First terminal generates the first private key;
N slice, thin piece private keys are generated according to the first private key, and delete the first private key;
Arbitrary M slice, thin pieces private key is pre-stored in key storage center, M is the natural number more than or equal to 3, and N is big In or equal to 6 natural number.
In one embodiment, second terminal be pre-stored sub- private key and third terminal to be pre-stored sub- private key be from first terminal In the sub- private key arbitrarily selected in remaining N-M slice, thin pieces private key, and to be pre-stored sub- private key pre-stored with third terminal for second terminal Sub- private key is different.
Here be to obtaining pre-stored M slice, thin pieces private key, second terminal is pre-stored sub- private key and the pre-stored son of third terminal is private The process of key is described.
Fig. 3 is the schematic diagram for showing the distribution of client private key of the embodiment of the present invention.
When N is equal to 6, and M is equal to 3, the distribution method 300 of the private key of client includes the following steps in the present embodiment:
Step 310, client generates private key I.
Step 320, it is divided into 6 slice, thin piece private key Ii, i 1,2,3,4,5,6.
Step 330, private key I is deleted.
Step 340, a piece of I is preserved1
Step 350, by I2, I3, I4Sub- private key is sent to key storage center.
In this step, I2, I3, I4Sub- private key is exactly the sub- private key being pre-stored in key storage center.
Step 360, when key storage center acknowledges receipt of I2, I3, I4After sub- private key, feedback acknowledgment information is to client.
Step 370, the I in client is deleted2, I3, I4Sub- private key.
Step 380, by I5Sub- private key is sent to the System Back-end of business bank.
In this step, I5Sub- private key is exactly that second terminal is pre-stored sub- private key.
Step 390, when the System Back-end of business bank acknowledges receipt of I5After sub- private key, feedback acknowledgment information is to client.
Step 3100, the I in client is deleted5Sub- private key.
Step 3110, by I6Sub- private key is sent to the Central Bank.
In this step, I6Sub- private key is exactly that third terminal is pre-stored sub- private key.
Step 3120, when the Central Bank acknowledges receipt of I5After sub- private key, feedback acknowledgment information is to client.
Step 3130, the I in client is deleted6Sub- private key.
Business bank's private key storage center of the embodiment of the present invention stores 3 sub- private keys of fragment, business bank's (System Back-end Belong to or be hosted in business bank), the Central Bank, 3 side of client, each side respectively gets a slice, thin piece private key.Client and commercial silver Row is responsible for the implementation of transaction, and business bank is responsible for the implementation of supervision with the Central Bank, and depositing for sub- private key is responsible at key storage center Storage, ensures the safety of digital cash transaction in this way, while also taking into account the supervision demand for realizing the Central Bank, improves private key Safety also achieves the flexibility of private key.
Fig. 4 is the schematic diagram for the System Back-end private key distribution for showing business bank of the embodiment of the present invention.
The System Back-end private key distribution of business bank in Fig. 4 is identical as the private key distribution of the client in Fig. 3, herein not Do detailed parsing explanation.
Fig. 5 is the flow chart for the verification process for showing the embodiment of the present invention.
In one embodiment, as shown in figure 5, step S130 passes through the intelligent final number of signature of contract certification on block chain According to, including:
S131 is based on final signed data, and corresponding intelligent contract is found on block chain.
S132 is obtained corresponding with the private key that first terminal generates according to preset number signature algorithm on intelligent contract Public key.
In this step, public key can extremely accurate be found by preset number signature algorithm, improves the standard of lookup True property.
Preset number signature algorithm is mainly used for the algorithm that public key carries out signature authentication with private key in embodiments of the present invention, Digital Signature Algorithm (DSA-Digital Signature Algorithm, DSA), not merely only public key, private key, also count Word is signed.Private key encryption generates digital signature, public key verifications private key data and digital signature, if private key data and digital signature Mismatch then thinks authentication failed.Therefore, by Digital Signature Algorithm may insure sub- private key data in transmission process not by Modification.
S133 passes through the final signed data of authentication public key.
The embodiment of the present invention is authenticated by the intelligent contract on block chain, this may insure the standard of user identity Really, while subsequently accurately key storage center can notified to provide sub- private key to first terminal.
Fig. 6 is the flow chart of the method for retrieving for the private key for showing another embodiment of the present invention.Fig. 6 is identical as Fig. 1 or equivalent The step of use identical label.As shown in fig. 6, method for retrieving 600 is substantially identical to method for retrieving 100, the difference is that, Method for retrieving 600 further includes:
S610, after pre-stored M slice, thin pieces private key is sent, first terminal sends resetting private key request to second terminal.
S620, according to threshold signature scheme and resetting private key request, it is pre- with third terminal that second terminal is pre-stored sub- private key It stores sub- private key to sign, obtains signed data to be certified.
S630 passes through the intelligent contract certification signed data to be certified on block chain.
S640 regenerates private key after certification passes through according to resetting private key information, first terminal.
Method through the embodiment of the present invention can reset private key, can be avoided the occurrence of in this way since sub- private key is lost The phenomenon that losing and can not being traded.
Below in conjunction with the accompanying drawings, device according to the ... of the embodiment of the present invention is discussed in detail.
Fig. 7 is the structural schematic diagram for the device for retrieving for showing private key provided in an embodiment of the present invention.As shown in fig. 7, giving for change Device 700 includes:
First terminal 710, second terminal 720, third terminal 730, certification terminal 740 and key storage center 721;
First terminal 710, for giving private key request for change to the transmission of second terminal 720;
Second terminal 720, for being asked according to threshold signature scheme with private key is given for change, by the pre-stored son of second terminal 720 Private key is pre-stored sub- private key with third terminal 730 and signs, and obtains final signed data;
Third terminal 730, for by final signed data hair to certification terminal 740,
Certification terminal 740, for passing through the intelligent final signed data of contract certification on block chain;
Key storage center 721, for after certification passes through, from pre-stored M slice, thin pieces private key selecting sub- private key is issued to First terminal 710.
In one embodiment, first terminal 710 are additionally operable to generate the first private key;And for generating N according to the first private key Slice, thin piece private key, and delete first private key;Arbitrary M slice, thin pieces private key is pre-stored in key storage center 721, M be more than or Person is equal to 3 natural number, and N is the natural number more than or equal to 6.
In one embodiment, second terminal 720 be pre-stored sub- private key and third terminal 730 to be pre-stored sub- private key be from The sub- private key arbitrarily selected in remaining N-M slice, thin pieces private key in one terminal 710, and second terminal 720 is pre-stored sub- private key and It is different that three terminals 730 are pre-stored sub- private key.
In one embodiment, certification terminal 740 is specifically used for being based on final signed data, be found on block chain pair The intelligent contract answered;
And for according to preset number signature algorithm, the private key generated with first terminal 710 to be obtained on intelligent contract Corresponding public key;Pass through the final signed data of authentication public key.
In one embodiment, first terminal 710 are additionally operable to send resetting private key request to second terminal 720;
Second terminal 720 is additionally operable to according to threshold signature scheme and resetting private key request, the pre-stored son of second terminal 720 Private key is pre-stored sub- private key with third terminal 730 and signs, and obtains signed data to be certified;
Certification terminal 740, is additionally operable to treat authentication signature data and is authenticated, and resetting private key letter is sent after certification passes through It ceases to first terminal 710;
First terminal 710 is additionally operable to according to resetting private key information, and first terminal 710 regenerates private key.
Device according to embodiments of the present invention is made by being pre-stored M slice, thin piece private keys at key storage center 721 in advance It obtains after private key loss, sub- private key can be given for change from being pre-stored in M slice, thin piece private keys in key storage center 721, pass through what is given for change Sub- private key is traded.Not only avoid in this way appearance due to complete private key is lost and the phenomenon that can not merchandising, but also private can be improved The flexibility of key.Be no longer limited to simultaneously when private key is lost can only private key resetting restore, to simple flow and improve Each participant efficiency.
The other details of device for retrieving according to the ... of the embodiment of the present invention with above in association with Fig. 1 to Fig. 7 describe according to this hair The method of bright embodiment is similar, and details are not described herein.
It can be realized by computing device in conjunction with Fig. 1 to Fig. 7 method for retrieving and device according to the ... of the embodiment of the present invention described. Fig. 8 is the exemplary hardware architecture for showing to realize the computing device of method for retrieving and device according to the ... of the embodiment of the present invention Structure chart.
As shown in figure 8, computing device 800 includes input equipment 801, input interface 802, central processing unit 803, memory 804, output interface 805 and output equipment 806.Wherein, input interface 802, central processing unit 803, memory 804 and Output interface 805 is connected with each other by bus 810, and input equipment 801 and output equipment 806 pass through 802 He of input interface respectively Output interface 805 is connect with bus 810, and then is connect with the other assemblies of computing device 800.Specifically, input equipment 801 connects It receives from external input information, and input information is transmitted to by central processing unit 803 by input interface 802;Central processing Device 803 is handled input information based on the computer executable instructions stored in memory 804 to generate output information, will Output information is temporarily or permanently stored in memory 804, is then transmitted to output information by output interface 805 defeated Go out equipment 806;Output information is output to the outside of computing device 800 for users to use by output equipment 806.
That is, computing device shown in Fig. 8 can also be implemented as include:It is stored with computer executable instructions Memory;And processor, the processor may be implemented when executing computer executable instructions that Fig. 1 to Fig. 7 to be combined to describe Method for retrieving and device.
It should be clear that the invention is not limited in specific configuration described above and shown in figure and processing. For brevity, it is omitted here the detailed description to known method.In the above-described embodiments, several tools have been described and illustrated The step of body, is as example.But procedure of the invention is not limited to described and illustrated specific steps, this field Technical staff can be variously modified, modification and addition after the spirit for understanding the present invention, or suitable between changing the step Sequence.
Functional block shown in structures described above block diagram can be implemented as hardware, software, firmware or their group It closes.When realizing in hardware, it may, for example, be electronic circuit, application-specific integrated circuit (ASIC), firmware appropriate, insert Part, function card etc..When being realized with software mode, element of the invention is used to execute program or the generation of required task Code section.Either code segment can be stored in machine readable media program or the data-signal by being carried in carrier wave is passing Defeated medium or communication links are sent." machine readable media " may include any medium for capableing of storage or transmission information. The example of machine readable media includes electronic circuit, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), soft Disk, CD-ROM, CD, hard disk, fiber medium, radio frequency (RF) link, etc..Code segment can be via such as internet, inline The computer network of net etc. is downloaded.
It should also be noted that, the exemplary embodiment referred in the present invention, is retouched based on a series of step or device State certain methods or system.But the present invention is not limited to the sequence of above-mentioned steps, that is to say, that can be according in embodiment The sequence referred to executes step, may also be distinct from that the sequence in embodiment or several steps are performed simultaneously.
The above description is merely a specific embodiment, it is apparent to those skilled in the art that, For convenience of description and succinctly, the system, module of foregoing description and the specific work process of unit can refer to preceding method Corresponding process in embodiment, details are not described herein.It should be understood that scope of protection of the present invention is not limited thereto, it is any to be familiar with Those skilled in the art in the technical scope disclosed by the present invention, can readily occur in various equivalent modifications or substitutions, These modifications or substitutions should be covered by the protection scope of the present invention.

Claims (12)

1. a kind of method for retrieving of private key, which is characterized in that the method for retrieving includes:
First terminal gives private key request for change to second terminal transmission;
It is asked according to threshold signature scheme and the private key of giving for change, second terminal is pre-stored sub- private key and the pre-stored son of third terminal Private key is signed, and final signed data is obtained;
Pass through final signed data described in the intelligent contract certification on block chain;
After certification passes through, from pre-stored M slice, thin pieces private key selecting sub- private key is issued to the first terminal.
2. method for retrieving according to claim 1, which is characterized in that after certification passes through, from pre-stored M slice, thin pieces private key It selects sub- private key to be issued to before the first terminal, further includes:
The first terminal generates the first private key;
N slice, thin piece private keys are generated according to first private key, and delete first private key;
Arbitrary M slice, thin pieces private key is pre-stored in key storage center, M is the natural number more than or equal to 3, and N be more than or Person is equal to 6 natural number.
3. method for retrieving according to claim 2, which is characterized in that the second terminal is pre-stored sub- private key and described It is the sub- private key arbitrarily selected from remaining N-M slice, thin pieces private key in the first terminal that three terminals, which are pre-stored sub- private key, and The second terminal is pre-stored sub- private key, and from the third terminal to be pre-stored sub- private key different.
4. method for retrieving according to claim 1, which is characterized in that the intelligent contract certification institute by block chain Final signed data is stated, including:
Based on the final signed data, corresponding intelligent contract is found on block chain;
According to preset number signature algorithm, public affairs corresponding with the private key that the first terminal generates are obtained on the intelligent contract Key;
Pass through final signed data described in the authentication public key.
5. according to any method for retrieving of claim 1-4, which is characterized in that it is described after certification passes through, from pre-stored M Sub- private key is selected in slice, thin piece private key to be issued to after the first terminal, further includes:
After the pre-stored M slice, thin pieces private key is sent, the first terminal sends resetting private key to the second terminal and asks It asks;
It is asked according to threshold signature scheme and the resetting private key, the second terminal is pre-stored sub- private key and the third terminal It is pre-stored sub- private key to sign, obtains signed data to be certified;
Pass through signed data to be certified described in the intelligent contract certification on block chain;
Private key is regenerated according to resetting private key information, the first terminal after certification passes through.
6. a kind of device for retrieving of private key, which is characterized in that the device for retrieving includes:
First terminal, second terminal, third terminal, certification terminal and key storage center;
The first terminal, for giving private key request for change to second terminal transmission;
The second terminal, it is for being asked according to threshold signature scheme and the private key of giving for change, the pre-stored son of second terminal is private Key is pre-stored sub- private key with third terminal and signs, and obtains final signed data;
The third terminal, for giving the final signed data hair to the certification terminal,
The certification terminal, for passing through final signed data described in the intelligent contract certification on block chain;
The key storage center appoints sub- private key to be issued to institute for after certification passes through, being selected from pre-stored M slice, thin pieces private key State first terminal.
7. device for retrieving according to claim 6, which is characterized in that the first terminal is additionally operable to generate the first private key;
And for generating N slice, thin piece private keys according to first private key, and delete first private key;
Arbitrary M slice, thin pieces private key is pre-stored in the key storage center, M is the natural number more than or equal to 3, and N is big In or equal to 6 natural number.
8. device for retrieving according to claim 7, which is characterized in that the second terminal is pre-stored sub- private key and described It is the sub- private key arbitrarily selected from remaining N-M slice, thin pieces private key in the first terminal that three terminals, which are pre-stored sub- private key, and The second terminal is pre-stored sub- private key, and from the third terminal to be pre-stored sub- private key different.
9. device for retrieving according to claim 6, which is characterized in that the certification terminal,
Specifically for being based on the final signed data, corresponding intelligent contract is found on block chain;
And for according to preset number signature algorithm, the private key generated with the first terminal to be obtained on the intelligent contract Corresponding public key;
Pass through final signed data described in the authentication public key.
10. according to any device for retrieving of claim 6-9, which is characterized in that
The first terminal is additionally operable to send resetting private key request to the second terminal;
The second terminal is additionally operable to ask according to threshold signature scheme and the resetting private key, and the second terminal is pre-stored Sub- private key is pre-stored sub- private key with the third terminal and signs, and obtains signed data to be certified;
The certification terminal is additionally operable to be authenticated the signed data to be certified, and resetting private is sent after certification passes through Key information gives the first terminal;
The first terminal is additionally operable to according to resetting private key information, and the first terminal regenerates private key.
11. a kind of private key equipment, which is characterized in that the private key equipment includes:It processor and is stored with computer program and refers to The memory of order;
The processor realizes the side of giving for change of private key according to any one of claims 1 to 5 when executing the computer program instructions Method.
12. a kind of computer readable storage medium, which is characterized in that be stored with computer on the computer readable storage medium Program instruction, the computer program instructions realize looking for for private key according to any one of claims 1 to 5 when being executed by processor Back method.
CN201810427694.5A 2018-05-07 2018-05-07 Method and device for retrieving private key, private key equipment and medium Active CN108737105B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810427694.5A CN108737105B (en) 2018-05-07 2018-05-07 Method and device for retrieving private key, private key equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810427694.5A CN108737105B (en) 2018-05-07 2018-05-07 Method and device for retrieving private key, private key equipment and medium

Publications (2)

Publication Number Publication Date
CN108737105A true CN108737105A (en) 2018-11-02
CN108737105B CN108737105B (en) 2021-09-28

Family

ID=63937196

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810427694.5A Active CN108737105B (en) 2018-05-07 2018-05-07 Method and device for retrieving private key, private key equipment and medium

Country Status (1)

Country Link
CN (1) CN108737105B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639421A (en) * 2019-01-09 2019-04-16 山东浪潮质量链科技有限公司 A kind of method that private key is given for change and server
CN109660346A (en) * 2019-01-16 2019-04-19 中钞信用卡产业发展有限公司杭州区块链技术研究院 Information trustship method, apparatus, equipment and computer storage medium
CN109784888A (en) * 2019-01-28 2019-05-21 杭州复杂美科技有限公司 Red packet processing method, equipment and storage medium
CN111275419A (en) * 2020-01-17 2020-06-12 上海佩俪信息科技有限公司 Block chain wallet signature right confirming method, device and system
CN111385098A (en) * 2018-12-29 2020-07-07 华为技术有限公司 Key generation method and device
CN112272087A (en) * 2020-10-26 2021-01-26 链盟智能科技(广州)有限公司 Application method in block chain based on safe multi-party calculation

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101938353A (en) * 2010-08-03 2011-01-05 北京海泰方圆科技有限公司 Method for remotely resetting personal identification number (PIN) of key device
CN103580855A (en) * 2013-11-07 2014-02-12 江南大学 Usbkey management plan based on sharing technology
CN104954390A (en) * 2015-07-17 2015-09-30 青岛大学 Cloud storage integrity detection method for recovering lost secret keys and system applying cloud storage integrity detection method
WO2017011601A1 (en) * 2015-07-14 2017-01-19 Fmr Llc Computationally efficient transfer processing, auditing, and search apparatuses, methods and systems
CN106548345A (en) * 2016-12-07 2017-03-29 北京信任度科技有限公司 The method and system of block chain private key protection are realized based on Secret splitting
CN106559211A (en) * 2016-11-22 2017-04-05 中国电子科技集团公司第三十研究所 Secret protection intelligence contract method in a kind of block chain
CN107171796A (en) * 2017-06-27 2017-09-15 济南浪潮高新科技投资发展有限公司 A kind of many KMC key recovery methods
CN107273759A (en) * 2017-05-08 2017-10-20 上海点融信息科技有限责任公司 Method, equipment and computer-readable recording medium for protecting block chain data
CN107979461A (en) * 2017-10-27 2018-05-01 财付通支付科技有限公司 Secret key method for retrieving, device, terminal, key escrow server and computer-readable recording medium

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101938353A (en) * 2010-08-03 2011-01-05 北京海泰方圆科技有限公司 Method for remotely resetting personal identification number (PIN) of key device
CN103580855A (en) * 2013-11-07 2014-02-12 江南大学 Usbkey management plan based on sharing technology
WO2017011601A1 (en) * 2015-07-14 2017-01-19 Fmr Llc Computationally efficient transfer processing, auditing, and search apparatuses, methods and systems
CN104954390A (en) * 2015-07-17 2015-09-30 青岛大学 Cloud storage integrity detection method for recovering lost secret keys and system applying cloud storage integrity detection method
CN106559211A (en) * 2016-11-22 2017-04-05 中国电子科技集团公司第三十研究所 Secret protection intelligence contract method in a kind of block chain
CN106548345A (en) * 2016-12-07 2017-03-29 北京信任度科技有限公司 The method and system of block chain private key protection are realized based on Secret splitting
CN107273759A (en) * 2017-05-08 2017-10-20 上海点融信息科技有限责任公司 Method, equipment and computer-readable recording medium for protecting block chain data
CN107171796A (en) * 2017-06-27 2017-09-15 济南浪潮高新科技投资发展有限公司 A kind of many KMC key recovery methods
CN107979461A (en) * 2017-10-27 2018-05-01 财付通支付科技有限公司 Secret key method for retrieving, device, terminal, key escrow server and computer-readable recording medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
沈文婷等: "具有私钥可恢复能力的云存储完整性检测方案", 《软件学报》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111385098A (en) * 2018-12-29 2020-07-07 华为技术有限公司 Key generation method and device
CN109639421A (en) * 2019-01-09 2019-04-16 山东浪潮质量链科技有限公司 A kind of method that private key is given for change and server
CN109639421B (en) * 2019-01-09 2021-09-21 山东浪潮质量链科技有限公司 Method for retrieving private key and server
CN109660346A (en) * 2019-01-16 2019-04-19 中钞信用卡产业发展有限公司杭州区块链技术研究院 Information trustship method, apparatus, equipment and computer storage medium
CN109784888A (en) * 2019-01-28 2019-05-21 杭州复杂美科技有限公司 Red packet processing method, equipment and storage medium
CN111275419A (en) * 2020-01-17 2020-06-12 上海佩俪信息科技有限公司 Block chain wallet signature right confirming method, device and system
CN111275419B (en) * 2020-01-17 2023-04-11 上海简苏网络科技有限公司 Block chain wallet signature right confirming method, device and system
CN112272087A (en) * 2020-10-26 2021-01-26 链盟智能科技(广州)有限公司 Application method in block chain based on safe multi-party calculation
CN112272087B (en) * 2020-10-26 2023-04-18 链盟智能科技(广州)有限公司 Application method in block chain based on safe multi-party calculation

Also Published As

Publication number Publication date
CN108737105B (en) 2021-09-28

Similar Documents

Publication Publication Date Title
CN108737105A (en) Method for retrieving, device, private key equipment and the medium of private key
US11790370B2 (en) Techniques for expediting processing of blockchain transactions
CN109146490B (en) Block generation method, device and system
KR102050129B1 (en) Block chain supporting multiple one-way functions used for verification of blocks
US11270030B2 (en) System and method for consensus management
US20190147343A1 (en) Unsupervised anomaly detection using generative adversarial networks
CN110414567B (en) Data processing method and device and electronic equipment
CN112527912B (en) Data processing method and device based on block chain network and computer equipment
GB2539430A (en) Digital token exchange system
US20220086131A1 (en) Multi-factor authentication for non-internet applications
CN113746638B (en) NFT storage method, NFT restoration method, computer device, and storage medium
CN109379343A (en) A kind of the isomery common recognition method and terminal of block chain
CN112799943A (en) Automatic testing method and device for business system
CN113645278A (en) Cross-chain message transmission method, device and storage medium of block chain
CN112766560B (en) Alliance blockchain network optimization method, device, system and electronic equipment
CN113469811A (en) Block chain transaction processing method and device
CN113255011A (en) Block chain state mapping method, system, computer device and storage medium
CN112950180A (en) Community certificate method and system based on alliance chain, electronic device and storage medium
CN111951112A (en) Intelligent contract execution method based on block chain, terminal equipment and storage medium
CN110618989B (en) Information processing method, information processing device and related products
CN112766455A (en) Learning model training method and system
CN116051269A (en) Mortgage financing service data processing method and device based on blockchain and zero knowledge proof
CN115375303A (en) Calling method and device of intelligent contract, computer readable medium and electronic equipment
CN112950183A (en) Cross-link data interchange method, system, device and electronic equipment
WO2021124341A1 (en) Processing transactions in a distributed ledger network based on labels of the transactions

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant