CN108989347A - Account generating method, device, system, medium and equipment - Google Patents
Account generating method, device, system, medium and equipment Download PDFInfo
- Publication number
- CN108989347A CN108989347A CN201811003482.0A CN201811003482A CN108989347A CN 108989347 A CN108989347 A CN 108989347A CN 201811003482 A CN201811003482 A CN 201811003482A CN 108989347 A CN108989347 A CN 108989347A
- Authority
- CN
- China
- Prior art keywords
- ciphertext
- generated energy
- information
- account
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000012795 verification Methods 0.000 claims abstract description 66
- 238000003860 storage Methods 0.000 claims description 39
- 238000004590 computer program Methods 0.000 claims description 6
- 238000001514 detection method Methods 0.000 claims description 5
- 230000005611 electricity Effects 0.000 abstract description 40
- 238000010248 power generation Methods 0.000 abstract description 23
- 230000003111 delayed effect Effects 0.000 abstract description 4
- 238000004364 calculation method Methods 0.000 description 10
- 238000004891 communication Methods 0.000 description 9
- 238000012790 confirmation Methods 0.000 description 8
- 238000012546 transfer Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000005236 sound signal Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 238000007639 printing Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 2
- 241000283973 Oryctolagus cuniculus Species 0.000 description 2
- 241000270295 Serpentes Species 0.000 description 2
- 241001441724 Tetraodontidae Species 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000004146 energy storage Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- KLDZYURQCUYZBL-UHFFFAOYSA-N 2-[3-[(2-hydroxyphenyl)methylideneamino]propyliminomethyl]phenol Chemical compound OC1=CC=CC=C1C=NCCCN=CC1=CC=CC=C1O KLDZYURQCUYZBL-UHFFFAOYSA-N 0.000 description 1
- 241000208340 Araliaceae Species 0.000 description 1
- 235000005035 Panax pseudoginseng ssp. pseudoginseng Nutrition 0.000 description 1
- 235000003140 Panax quinquefolius Nutrition 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 239000003990 capacitor Substances 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 201000001098 delayed sleep phase syndrome Diseases 0.000 description 1
- 208000033921 delayed sleep phase type circadian rhythm sleep disease Diseases 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 235000008434 ginseng Nutrition 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/102—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04Q—SELECTING
- H04Q2209/00—Arrangements in telecontrol or telemetry systems
- H04Q2209/60—Arrangements in telecontrol or telemetry systems for transmitting utility meters data, i.e. transmission of data from the reader of the utility meter
Abstract
The disclosure relates to an account generation method, an account generation device, an account generation system, an account generation medium and account generation equipment. An account generation method is applied to an account generation device, and comprises the following steps: detecting the power generation state of power generation equipment to generate first power generation amount information; acquiring a private key of a settlement device; generating a first digital signature according to the first power generation amount information and the private key; and when the decryption is successful, determining that second power generation amount information in the second certificate information passes the verification. Therefore, the accuracy of the generated energy information of the power generation equipment and the electricity fee settlement is guaranteed, and the electricity fee corresponding to the generated energy information can be settled in a delayed mode.
Description
Technical field
This disclosure relates to mobile energy field, and in particular, to a kind of account generation method and device, medium, are set system
It is standby.
Background technique
In the area of no alternating current, community, tissue or individual want to possess generating capacity, need to invest to build centralization or distributing
Generating equipment.
For the generating equipment of centralization, when carrying out charge calculation with consumer after investing to build, ammeter meter is generally used
Measure electricity consumption number, periodically collect electricity cost.There are community, tissue or the personal accomplishment centralization generating equipment of generating capacity
The side of investing to build and operator, be responsible for investing to build from generating equipment, the relevant whole process business of power generation such as operation and maintenance and the electricity charge are collected.
For distributing generating equipment, single generating equipment capacity is smaller, most of not have the bigger supply network of composition
Function.It is that generating equipment is respective in settlement network for small part by the generating equipment for forming bigger supply network function
Contribution is usually also required to the generated energy of measuring instrument record generating equipment, to be settled accounts according to generated energy, this kind of clearing side
Method requires measuring instrument and generating equipment corresponding, applies in general to mobile less frequent or fixed distributing generating equipment.?
When distributing generating equipment withdraws from system, it usually needs clearing electricity charge income is cashed to the owner of generating equipment, also in time
It is to be traded using the mode of paying as you go, pay as usage, when consumer has power demand, electric energy needed for immediate payment obtains.
It is removed for putting into and withdrawing from the very frequent dislocation generation equipment of system if to ensure the reliability of generated energy
Repeatedly confirmation starting generated energy and at the end of generated energy, and using except real time settlement mode, there are no having for other rows
The solution of effect.
Summary of the invention
Purpose of this disclosure is to provide a kind of simple and effective account generation method and device, system, medium, equipment.
To achieve the goals above, the disclosure provides a kind of account generation method, is applied to account generating means.The side
Method includes: to detect the generating state of generating equipment, generates the first generated energy information;Obtain the private key of checkout apparatus;According to described
First generated energy information and the private key generate the first digital signature;First credential information of account is sent to the user terminal,
Wherein, first credential information includes first digital signature, and the checkout apparatus is being received for user's offer
When the verification request of the second credential information, second in second credential information is decrypted with public key corresponding with the private key
Digital signature, and in successful decryption, determine that the second generated energy information in second credential information passes through verification.
Optionally, the step of private key for obtaining checkout apparatus includes any one in following: receiving checkout apparatus
The private key of the checkout apparatus sent when determining that the generating equipment accesses the account generating means;Acquisition is solidificated in institute
State the private key of the checkout apparatus in account generating means;Obtain the checkout apparatus being stored in advance in the account generating means
Private key.
Optionally, described the step of generating the first digital signature according to the first generated energy information and the private key, wraps
Include: the first generated energy information described in the private key encryption generates the first digital signature, wherein the second generated energy information is
The generated energy information that second digital signature is decrypted.
Optionally, described the step of generating the first digital signature according to the first generated energy information and the private key, wraps
It includes: the first generated energy information being encrypted by scheduled first cipher mode, generate the first generated energy informative abstract;With institute
It states the first generated energy informative abstract described in private key encryption and generates first digital signature, wherein first credential information is also
Including the first generated energy information, second credential information further includes the second generated energy information, the checkout apparatus
When receiving the verification request for second credential information, decrypt second digital signature to obtain the second generated energy
Informative abstract, and the second generated energy information is encrypted by scheduled first cipher mode, generate third generated energy
Informative abstract determines described second when the second generated energy informative abstract is consistent with the third generated energy informative abstract
The second generated energy information in credential information passes through verification.
Optionally, first credential information further includes digital certificate, and the digital certificate is for confirming first number
Word signature closing unit as belonging to the checkout apparatus signs and issues.
Optionally, the method also includes: obtain user input first password;The first password is passed through scheduled
The encryption of second cipher mode, generates the first ciphertext;Wherein, first credential information further includes first ciphertext, and described
Two credential informations further include the second ciphertext, and the checkout apparatus obtains the second password of user's input, logical to second password
It crosses scheduled second cipher mode to be encrypted, generates third ciphertext, and by second ciphertext and the third ciphertext
It is checked, to the second digital signature successful decryption, and when second ciphertext is consistent with the third ciphertext verification,
Determine that the second generated energy information in second credential information passes through verification.
Optionally, the method also includes: obtain user input first password;Using the first password as secret key pair
The first generated energy information encryption, generates the 4th ciphertext;Wherein, first credential information further includes the 4th ciphertext,
Second credential information further includes the second generated energy information and the 5th ciphertext, and the checkout apparatus obtains user's input
Second password is encrypted second password as the second generated energy information described in secret key pair, generates the 6th ciphertext, and will
5th ciphertext and the 6th ciphertext are checked, to the second digital signature successful decryption, and it is described 5th close
When literary consistent with the 6th ciphertext verification, determine that the second generated energy information in second credential information passes through verification.
Optionally, the method also includes: obtain user input first password;Pass through scheduled third cipher mode pair
The first generated energy information carries out encryption and generates the first generated energy informative abstract;
It is encrypted the first password as the first generated energy informative abstract described in secret key pair, generates the 7th ciphertext;Wherein,
First credential information further includes the 7th ciphertext, second credential information further include the second generated energy information and
8th ciphertext, the checkout apparatus obtains the second password of user's input, by the scheduled third cipher mode to described
The encryption of second generated energy information generates the second generated energy informative abstract, using second password as the second power generation described in secret key pair
Amount informative abstract is encrypted, and the 9th ciphertext is generated, and the 8th ciphertext and the 9th ciphertext are checked, to institute
State the second digital signature successful decryption, and when the 8th ciphertext is consistent with the 9th ciphertext verification, determine described second with
The second generated energy information in card information passes through verification.
Optionally, the method also includes: when storage device is connected to the account generating means, read the storage
The tenth ciphertext stored in device, the tenth ciphertext are passed through scheduled by the first password that the storage device inputs user
The encryption of second cipher mode generates, wherein first credential information further includes the tenth ciphertext, second credential information
It further include the second ciphertext, the checkout apparatus obtains the second password of user's input, passes through to second password described predetermined
The second cipher mode encrypted, generate third ciphertext, and second ciphertext and the third ciphertext checked,
To the second digital signature successful decryption, and when second ciphertext is consistent with the third ciphertext verification, described is determined
The second generated energy information in two credential informations passes through verification.
Optionally, the method also includes: first credential information is sent to the checkout apparatus.
The disclosure also provides a kind of account generating means.Described device includes: detection module, for detecting generating equipment
Generating state generates the first generated energy information;First obtains module, for obtaining the private key of checkout apparatus;Generation module is used for
The first digital signature is generated according to the first generated energy information and the private key;First sending module, for by the of account
One credential information is sent to the user terminal, wherein first credential information includes first digital signature, the clearing dress
It sets in the verification request for receiving the second credential information provided for user, is decrypted with public key corresponding with the private key
The second digital signature in second credential information, and in successful decryption, determine second in second credential information
Generated energy information passes through verification.
Optionally, described device further include: read module, for being connected to the account generating means when storage device
When, read the tenth ciphertext stored in the storage device, the tenth ciphertext user is inputted by the storage device
One password is generated by the encryption of scheduled second cipher mode.
Wherein, first credential information further includes the tenth ciphertext, and second credential information further includes second close
Text, the checkout apparatus obtain the second password of user's input, pass through the scheduled second encryption side to second password
Formula is encrypted, and generates third ciphertext, and second ciphertext and the third ciphertext are checked, to second number
Word is signed successful decryption, and when second ciphertext is consistent with the third ciphertext verification, is determined in second credential information
The second generated energy information pass through verification.
The disclosure also provides a kind of account and generates system, the account generating means that provide including the disclosure and above-mentioned deposits
Storage device.
The disclosure also provides a kind of generating equipment, the above-mentioned account generating means provided including the disclosure.
The disclosure also provides a kind of computer readable storage medium, is stored thereon with computer program, and the program is processed
The step of above method that the disclosure provides is realized when device executes.
The disclosure also provides a kind of electronic equipment, comprising: memory is stored thereon with computer program;Processor is used for
Execute the computer program in the memory, with realize the disclosure provide the above method the step of.
Through the above technical solutions, on the one hand, due to generating equipment owner (user) there is no checkout apparatus private
Key, therefore, user cannot distort the generated energy information of generating equipment.On the other hand, if checkout apparatus being capable of successful decryption use
The digital signature (the second digital signature) that family provides then illustrates that the second digital signature is exactly raw according to the private key of checkout apparatus oneself
At, illustrate to have recognized that the generating equipment in the power grid of oneself before checkout apparatus.Therefore, generating equipment has been ensured
Generated energy information have can not tamper and non repudiation, ensured the generated energy information and charge calculation of generating equipment
Accuracy enables the corresponding electricity charge of generated energy information to be delayed clearing.
Other feature and advantage of the disclosure will the following detailed description will be given in the detailed implementation section.
Detailed description of the invention
Attached drawing is and to constitute part of specification for providing further understanding of the disclosure, with following tool
Body embodiment is used to explain the disclosure together, but does not constitute the limitation to the disclosure.In the accompanying drawings:
Fig. 1 is a kind of flow chart for account generation method that an exemplary embodiment provides;
Fig. 2 is a kind of block diagram for account generating means that an exemplary embodiment provides;
Fig. 3 is the block diagram for a kind of electronic equipment that an exemplary embodiment provides.
Specific embodiment
It is described in detail below in conjunction with specific embodiment of the attached drawing to the disclosure.It should be understood that this place is retouched
The specific embodiment stated is only used for describing and explaining the disclosure, is not limited to the disclosure.
The Construction Party (or power generation side) of centralized generating equipment and operator are generally difficult to divide, and general use is invested to build-transported
Battalion or power generation-operation integration mode are operated, and power generation transaction participant is less, more demanding to power generation transaction participant
(financial strength) limits the promotion and application of generating equipment.
In distributed power grid, some moveable generating equipments (distributing generating equipment) can be accessed as a kind of point
The cloth energy, these generating equipments may belong to different owners, can carry or move according to user demand.When one
When generating equipment withdraws from power grid, owner can go to (the closing unit in the disclosure where checkout apparatus of specified agency
Outlet) the clearing electricity charge, that is, collect the income of the power generation.The electricity charge are settled accounts, both sides' (clearing are first had to
Unit and user) confirmation generated energy information.
Generating equipment can be connect by account generating means with power grid, and account generating means can detecte generating equipment
Generated energy information.Generating equipment can withdraw from power grid, i.e., the generating equipment is dislocation generation equipment.Since the expense in power grid is
Generated electricity generation jointly by all generating equipments in net, therefore, in order to make the electricity charge of power grid generation all users in power grid
It is accurately distributed between (owner of generating equipment) it is necessary to accurately determine the generated energy information of each generating equipment.
Traditional metering and settlement method is in confirmation generated energy information and guarantees the reliability of generated energy information and can not usurp
It is very cumbersome in terms of changing, it needs to confirm repeatedly generated energy of the starting generated energy at the end of, also to guarantee the generated energy calculated not
It is artificially modified, it is intended to use real time settlement mode, cannot achieve delay in payment and delay income function, do not have good
Circulation and Financial Attribute limit the enthusiasm that generating equipment owner participates in power generation.
The disclosure provides a kind of account generation method, is applied to account generating means.For to move the energy as point of representative
The electricity generation system for dissipating formula provides a kind of completely new power generation operation management mode, has effectively facilitated dislocation generation equipment owner ginseng
With the enthusiasm of power generation.Fig. 1 is a kind of flow chart for account generation method that an exemplary embodiment provides.As shown in Figure 1, side
Method includes the following steps.
Step S11 detects the generating state of generating equipment, generates the first generated energy information.
Step S12 obtains the private key of checkout apparatus.
Step S13 generates the first digital signature according to the first generated energy information and private key.
First credential information of account is sent to the user terminal by step S14, wherein the first credential information includes first
Digital signature, checkout apparatus is in the verification request for receiving the second credential information provided for user, with corresponding with private key
Public key decrypt the second digital signature in the second credential information, and in successful decryption, determine in the second credential information
Second generated energy information passes through verification.
Wherein, generating equipment can pass through account generating means and power grid (checkout apparatus corresponding power grid) connection.One
Generating equipment can correspond to an account generating means.Account generating means are able to detect the first of generating equipment connected to it
Generated energy information, alternatively, account generating means can get the first generated energy of the generating equipment from other detection devices
Information.Wherein, the first generated energy information (and second generated energy information hereinafter) may include generated energy, system voltage,
Power generation mean power, electric current, power generation place, generating dutation, power generation duration, generate electricity electricity price, exchange validity period, exchange rule at that time
(as by the electricity price computed monetary value of payments made in securities or in kind at that time still by exchange when electricity price if calculate the amount of money) etc..
Account generating means can generate first according to the first generated energy information of generating equipment and the private key of checkout apparatus
Digital signature.For example, the first generated energy information is generated the first number by the private key encryption of checkout apparatus by account generating means
Signature, alternatively, account generating means, which encrypt the first generated energy information, generates abstract, then this is plucked with the private key encryption of checkout apparatus
Generate the first digital signature.Then, the first digital signature is sent to user by account generating means
Terminal (user holds).It that is include the first digital signature in the first credential information.Account in account generating means is understood that
For the account of a corresponding power generation process.Using the account, power grid where the owner of generating equipment can go generating equipment
The generated energy that the generating equipment is contributed is exchanged into cash earnings by agency.
First digital signature can be checkout apparatus and utilize through third party's trusted authorities authentication center (Certificate
Authority, CA) certification checkout apparatus public key corresponding to obtained by private key encryption generated energy information or generated energy informative abstract
The number of segment word string arrived, the numeric string can utilize the checkout apparatus public key decryptions of ca authentication, obtain generated energy information or generated energy
Informative abstract, can check whether generated energy information is tampered.
When user wants to settle accounts the generated energy of generating equipment to, user terminal can be taken to specified business
Point, alternatively, the first credential information printing portion in user terminal is taken to specified agency, alternatively, depositing by dedicated
Equipment is stored up from user terminal downloads and stores the first credential information, takes agency to.The first generated energy letter is not distorted in user
In the case where breath, when user goes verification generated energy information, provided credential information should be exactly the first credential information, be provided
Credential information in digital signature should be exactly the first digital signature, the generated energy information in provided credential information should
It is exactly the first generated energy information.However, in view of the disclosure be for verify user offer credential information in generated energy information,
Therefore, hereinafter, credential information user provided is called the second credential information, the number label in the credential information that user provides
Name is called the second digital signature, and the generated energy information in credential information that user provides is called the second generated energy information.
It, can be by the people that works when the carrier that user provides the second credential information is the paper piece of printing in agency
Member will be in the second credential information input checkout apparatus of printing.When user provides the carrier of the second credential information as stored digital Jie
When matter (such as USB flash disk, SD card, mobile hard disk, tape, film, CD or other dedicated accounts store equipment), knot can be passed through
Device is calculated to be read out the digital storage media.In this way, checkout apparatus has got the second credential information of user's offer.
Verification request, which can be, to be sent by the triggering key in click system by the staff of agency.When connecing
When receiving verification request, checkout apparatus is decrypted the second digital signature in the second credential information with the public key of oneself.
Successful decryption illustrates that second digital signature is generated according to the private key encryption of checkout apparatus, it is, clearing
Device has recognized that the generating equipment has accessed the power grid of oneself, can settle accounts to the generated energy of the generating equipment.
When the second digital signature is generated by the second generated energy information by private key encryption, decryption obtains the second generated energy letter
Breath can directly determine the second generated energy information that decryption obtains and pass through verification.
If user has distorted the first generated energy information, since user is not aware that the code key of checkout apparatus, root
Digital signature according to generated energy information and the generation of other code keys after distorting is can not to be settled the public key decryptions success of device
's.Therefore, checkout apparatus decryption is unsuccessful, then explanation is likely to be user and has distorted generated energy information and digital signature, settles accounts
Unit can be refused to settle accounts.
Through the above technical solutions, on the one hand, due to generating equipment owner (user) there is no checkout apparatus private
Key, therefore, user cannot distort the generated energy information of generating equipment.On the other hand, if checkout apparatus being capable of successful decryption use
The digital signature (the second digital signature) that family provides then illustrates that the second digital signature is exactly raw according to the private key of checkout apparatus oneself
At, illustrate to have recognized that the generating equipment in the power grid of oneself before checkout apparatus.Therefore, generating equipment has been ensured
Generated energy information have can not tamper and non repudiation, ensured the generated energy information and charge calculation of generating equipment
Accuracy enables the corresponding electricity charge of generated energy information to be delayed clearing.
In embodiment of the disclosure, on the basis of Fig. 1, the step of obtaining the private key of checkout apparatus (step S12), can
To include any one in following:
Receive the private key for the checkout apparatus that checkout apparatus is sent when determining that generating equipment accesses account generating means;It obtains
It is solidificated in the private key of the checkout apparatus in account generating means;Obtain the checkout apparatus being stored in advance in account generating means
Private key.
In the first above-mentioned embodiment, account generating means can be connected in advance in the power grid of the checkout apparatus.Knot
Calculating device can be communicated by common communication means with account generating means, to confirm that generating equipment has accessed account
Generating means.Generating equipment has accessed account generating means, then illustrates that the generated energy of the generating equipment is contributed in the power grid,
The owner (user) of the generating equipment can calculate the corresponding electricity charge to closing unit.
When determining that generating equipment accesses account generating means, checkout apparatus can send clearing dress to account generating means
The private key set.Wherein, for the opportunity to account generating means transmission private key, it can be checkout apparatus and connect in confirmation generating equipment
It is just sent when entering account generating means, is also possible to after account generating means get the first generated energy information, is filled to clearing
It sets request and sends private key, for checkout apparatus when receiving the request of account generating means transmission, confirmation generating equipment accesses account
Generating means retransmit.
In above-mentioned second of embodiment, the private key of checkout apparatus is solidificated in account generating means, in this way, checkout apparatus
It does not need to retransmit private key, and the account generating means also become the dedicated device in the power grid of the checkout apparatus, and cannot
For in other power grids.
In the third above-mentioned embodiment, the private key of checkout apparatus is stored in advance in account generating means.For example, one
Closing unit just can tie this family before the production of account generating means is offline when factory customizes a collection of account generating means
The private key storage of unit is calculated into this collection of account generating means, it can also be after consigning to closing unit, by closing unit
To store.In this case, checkout apparatus can not send private key, the private stored in account generating means to account generating means
Therefore key can be deleted and change, account generating means can also change affiliated advice of settlement by changing stored private key
Position, and be not to be only used for a closing unit.
In another embodiment, on the basis of Fig. 1, the first digital signature is generated according to the first generated energy information and private key
The step of (step S13) may include: with private key encryption the first generated energy information generate the first digital signature, wherein second hair
Information about power is the generated energy information decrypted to the second digital signature.
It is, account generating means can not send the first generated energy information (plaintext), checkout apparatus to user terminal
Decryption obtains the plaintext of the second generated energy information, so that it may determine that the second generated energy information passes through verification, when clearing, Ke Yizhi
The plaintext for connecing the second generated energy information obtained according to decryption is settled accounts.In the embodiment, account can be using full ciphertext
Mode is presented, and does not need to transmit the plaintext of generated energy information, and therefore, generated energy information is not easy the quilt when data are transmitted
It distorts.
In another embodiment, on the basis of Fig. 1, the first digital signature is generated according to the first generated energy information and private key
The step of (step S13) may include:
The first generated energy information is encrypted by scheduled first cipher mode, generates the first generated energy informative abstract;With
Private key encryption the first generated energy informative abstract generates the first digital signature, wherein the first credential information further includes the first generated energy
Information, the second credential information further include the second generated energy information, and checkout apparatus is receiving the verification for the second credential information
When request, the second digital signature is decrypted to obtain the second generated energy informative abstract, and by scheduled first cipher mode to the
The encryption of two generated energy information, generates third generated energy informative abstract, in the second generated energy informative abstract and third generated energy information
When making a summary consistent, determine that the second generated energy information in the second credential information passes through verification.
In this embodiment, the first cipher mode can using hash/Hash enciphered method (for example, SHA1, SHA224,
SHA256, SHA384, SHA512, MD5, HmacSHA1, HmacSHA224, Hmac256, HmacSHA384, HmacSHA512,
HmacMD5, PBKDF2 etc.), can also using other symmetric encipherment algorithms (for example, AES, DES, 3DES, RC2, RC4, RC5,
RC6, Blowfish, Twofish, Serpent, Gost, Rijndae, Cast, Xtea, Rabbit, TripleDes, BASE64 are compiled
Code etc.) and rivest, shamir, adelman (for example, RSA, DSA, ECC etc.), to guarantee that the ciphertext exported after encryption can not be by violence also
It is former.
The corresponding scene of the embodiment is, when user goes to agency to settle accounts the electricity charge, agency needs: (1) using checkout apparatus
The second credential information of public key decryptions in the second digital signature, obtain the second generated energy informative abstract;(2) user is provided
The second generated energy information in second credential information is encrypted by the first cipher mode made an appointment, and generates third hair
Information about power abstract;(3) it checks the second generated energy informative abstract and whether third generated energy informative abstract is consistent.
In this embodiment, account can be presented in such a way that ciphertext adds and combines in plain text, although account generating means are straight
The plaintext of the second generated energy information is received and sent, still, server still will encrypt the plaintext and verify, this is same in plain text
It cannot be distorted by user.
In another embodiment, the first credential information further includes digital certificate, and digital certificate is for confirming the first number label
Name closing unit as belonging to checkout apparatus signs and issues.
The digital certificate of third party's trusted authorities authentication center CA granting can be previously stored in account generating means.
The digital certificate is used to the public key of checkout apparatus and other identifier information (for example, identity information of checkout apparatus) being bundled in one
It rises, by the private key encryption of CA, the digital certificate can be decrypted using the public key of CA, obtain the public key and checkout apparatus of checkout apparatus
Identity information.In this way, capableing of the reliability of effective guarantee transaction when the credit worthiness of closing unit is lower.
When user goes to agency to settle accounts the electricity charge, electricity consumption information can be not only verified, the identity of user can also be verified, this
When just need to check user input password.In another embodiment, method further include:
Obtain the first password of user's input;First password is encrypted by scheduled second cipher mode, generates first
Ciphertext.
Wherein, the first credential information further includes the first ciphertext, and the second credential information further includes the second ciphertext, and checkout apparatus obtains
The second password for taking family input, the second password is encrypted by scheduled second cipher mode, generates third ciphertext, and
Second ciphertext and third ciphertext are checked, to the second digital signature successful decryption, and the second ciphertext and third ciphertext core
To it is consistent when, determine that the second generated energy information in the second credential information passes through verification.
It is, user can input the first password (plaintext) of oneself, account generating means in account generating means
It can be encrypted by the second cipher mode, generate the first ciphertext.First ciphertext by as a part in the first credential information,
It is sent to user terminal.
Human-computer interaction device can be set in account generating means, for inputting first password by user.For example, with
Family can input first password by the soft keyboard in keyboard or display screen, can also be inputted by voice, or pass through movement
Terminal sends first password to the account generating means.
First password can be stored in RAM in a manner of temporary variable, after account generating means power loss, be stored in RAM
In data all disappear, first password is destroyed in account generating means at this time.And account generating means do not allow to
Outer output first password can reduce the risk that first password is leaked in this way.
Since the second cipher mode is that account generating means and checkout apparatus both sides are pre-stored, when user exists
The first password (plaintext) inputted in account generating means with user when the second password (plaintext) that checkout apparatus inputs is consistent,
Then the second ciphertext is consistent with third ciphertext.Similarly, when the second ciphertext is consistent with third ciphertext, it is possible to determine that user is raw in account
It is consistent with the password that checkout apparatus inputs at device, it can determine that the user of current input password is the account generating means at this time
The owner of corresponding generating equipment.
In the embodiment, since the first ciphertext in the first credential information is unrelated with the first generated energy information, user
The opportunity that first password is inputted in account generating means can be before generating equipment introduces power grid, period or withdraw from electricity
After net.
In another embodiment, method can also include:
Obtain the first password of user's input;It is encrypted first password as secret key pair the first generated energy information, generates the
Four ciphertexts.
Wherein, the first credential information further includes the 4th ciphertext, and the second credential information further includes the second generated energy information and
Five ciphertexts, checkout apparatus obtain the second password of user's input, carry out the second password as secret key pair the second generated energy information
Encryption generates the 6th ciphertext, and the 5th ciphertext and the 6th ciphertext is checked, to the second digital signature successful decryption, and
When 5th ciphertext is consistent with the 6th ciphertext verification, determine that the second generated energy information in the second credential information passes through verification.
In embodiment, when account generating means generate the first digital signature, the object of encryption is the first generated energy information, is used
The first password of the family input code key used as encryption.In this way, when the 5th ciphertext is consistent with the 6th ciphertext verification, not only
It is able to confirm that first password and the second password of user's input are consistent, and is able to confirm that the first generated energy information and the second power generation
It is consistent to measure information.Therefore, by once checking, it is thus identified that two kinds of information of password and generated energy accelerate the speed of verification.
In another embodiment, method is further comprising the steps of: obtaining the first password of user's input;Pass through scheduled
Three cipher modes carry out encryption to the first generated energy information and generate the first generated energy informative abstract;Using first password as secret key pair
The encryption of first generated energy informative abstract, generates the 7th ciphertext.
Wherein, the first credential information further includes the 7th ciphertext, and the second credential information further includes the second generated energy information and
Eight ciphertexts, checkout apparatus obtains the second password of user's input, by scheduled third cipher mode to the second generated energy information
Encryption generates the second generated energy informative abstract, encrypts the second password as secret key pair the second generated energy informative abstract, raw
It is checked at the 9th ciphertext, and by the 8th ciphertext and the 9th ciphertext, to the second digital signature successful decryption, and the 8th ciphertext
When consistent with the 9th ciphertext verification, determine that the second generated energy information in the second credential information passes through verification.
Wherein, third cipher mode can using hash/Hash enciphered method (for example, SHA1, SHA224, SHA256,
SHA384, SHA512, MD5, HmacSHA1, HmacSHA224, Hmac256, HmacSHA384, HmacSHA512, HmacMD5,
PBKDF2 etc.), can also using other symmetric encipherment algorithms (for example, AES, DES, 3DES, RC2, RC4, RC5, RC6,
Blowfish, Twofish, Serpent, Gost, Rijndae, Cast, Xtea, Rabbit, TripleDes, BASE64 coding
Deng) and rivest, shamir, adelman (for example, RSA, DSA, ECC etc.).
In this embodiment, when account generating means generate the first digital signature, the object of encryption is the first generated energy letter
Breath abstract, the first password of the user's input code key used as encryption.It is, account generating means need first to first
Generated energy information is encrypted, and the first generated energy informative abstract is generated.Checkout apparatus be also required to first to the second generated energy information into
Row encryption, generates the second generated energy informative abstract.In this way, when the 8th ciphertext is consistent with the 9th ciphertext verification, it can not only be true
First password and the second password for recognizing user's input are consistent, and are able to confirm that the first generated energy information and the second generated energy information
Unanimously.In this way, by once checking, it is thus identified that two kinds of information of password and generated energy accelerate the speed of verification.
In the embodiment of above-mentioned verifying user identity, it is (bright to be that user inputs first password in account generating means
Text), in another embodiment, method can be read with the following steps are included: when storage device is connected to account generating means
The tenth ciphertext stored in storage device, the first password that the tenth ciphertext is inputted user by storage device is by scheduled second
Cipher mode encryption generates.
Wherein, the first credential information further includes the tenth ciphertext, and the second credential information further includes the second ciphertext, and checkout apparatus obtains
The second password for taking family input, the second password is encrypted by scheduled second cipher mode, generates third ciphertext, and
Second ciphertext and third ciphertext are checked, to the second digital signature successful decryption, and the second ciphertext and third ciphertext core
To it is consistent when, determine that the second generated energy information in the second credential information passes through verification.
In this embodiment, user inputs first password on the storage device, by the storage device according to above-mentioned reality
The identical encryption method encryption first password that account generating means in example use is applied, the tenth ciphertext is generated and stores.User can
The storage device is inserted into account generating means, to read the tenth ciphertext of storage device generation by account generating means.
Storage device user can carry, convenient to access and withdraw from any time account generating means.
In the embodiment, account generating means can be not provided with the interactive devices such as key, and the clear-text passwords of user is not yet
It can be stored in account generating means, reduce the risk that the password of user leaks in account generating means.
After generating the tenth ciphertext, the clear-text passwords (first password) of user's input can be in the storage device by pin
It ruins, reduces the risk of the clear-text passwords leakage of user.Due to when settling accounts the electricity charge, it is desirable that user's input is clear-text passwords,
Even if the storage device is lost or is stolen, other people can not get clear-text passwords by the storage device, can not assume another's name
Closing unit is gone to settle accounts the electricity charge.
The plaintext of user password is not stored in account generating means, it is close thus, there is no being leaked in account generating means
The risk of code, account number safety are higher.
It, can be with both the step of the step of checking user password and verification generated energy information when user carries out charge calculation
For arbitrary sequence.
In another embodiment, method further include: the first credential information is sent to checkout apparatus.
It is, account generating means can also also be sent while the first credential information is sent to user terminal
To checkout apparatus.In this way, checkout apparatus just has " bill kept on file ", for user when checking generated energy information, checkout apparatus can be first
Whether the second credential information and the information on " bill kept on file " for checking user's offer are consistent, if inconsistent it may be considered that generated energy
Information checking result is inconsistent, the refusal clearing electricity charge.The speed of " bill kept on file ", account paper carrier are recalled to accelerate checkout apparatus
The number of account can be labeled in credential information in upper or account digital storage media.
After generated energy information determines, the clearing electricity charge, which can be according to the electricity price made an appointment, is settled accounts, i.e., electricity price is solid
It is fixed, it can also be settled accounts according to the agreement of agreement.For example, Spot Price when according to clearing is settled accounts, rather than press when generating electricity
Electricity price clearing.Since disclosed method enables to electricity charge delay clearing, when being settled accounts according to Spot Price, user can be in electricity
The electricity charge are settled accounts when valence is higher, to backspread, can increase the enthusiasm that user runs generating equipment in this way.Therefore, the account
Can have certain Financial Attribute, i.e. the owner of account can find suitable opportunity according to electricity price fluctuation situation
Electricity is bought at a low price, and sells electricity in high price, price difference therein is earned, can be also used for defraying and trade.
Above-mentioned account can be the account of a corresponding power generation process, and the owner (user) of generating equipment can settle accounts
Center has an account.There can be one or more accounts under the account.If the account is not provided with the close of user's input
Code, then user can maintain secrecy to the account, to prevent the stolen income of converting into money of account;If account setting is useful
The password of family input, then user can maintain secrecy the account, only keep properly password, to carry out school using the password in clearing
It tests.
In addition, in order to reduce account paper carrier (including bill kept on file and/or the document exchanged) preservation and management difficulty,
The validity period that may further specify that clearing settles accounts effective in the scheduled duration after generating equipment withdraws from power grid.Effectively more than this
The label of " out of date " can be added in received credential information, forbid settling accounts for phase, checkout apparatus.On account paper carrier
The information such as the validity period of clearing can be indicated.
After settling accounts the electricity charge, user repeats to settle accounts in order to prevent, and user can be required to carry out signature confirmation.It can be
It signs on papery document, or carries out electronic signature with capacitance pen.In the embodiment, charge calculation method can also include:
After charge calculation, obtains the third digital signature of user and store, wherein third digital signature is by second
Credential information encryption generates.In the embodiment, non repudiation is realized by the digital signature of user, prevents user from repeating to tie
It calculates, reliability is higher.
For example, user settles accounts in confirmation, and after confirming that Transaction Information is errorless, using the private key of user, (private key is corresponding
Public key is by ca authentication) in account settlement information and it is additional clearing or Transaction Information encrypt, generate informative abstract, and
The digital certificate that the offer of ca authentication mechanism is provided, the identity information containing the user and for decrypting digital label in the digital certificate
The public key of name.Due to the presence of the third digital signature of user, user can not repeat to exchange, and can not also deny and trade to him
The ownership of the account of people.
In addition, charge calculation method can also include: to obtain associated with the second credential information after charge calculation
User handwritten signature and storage.
For preventing for repeating to exchange, and increase and forge the difficulty exchanged, the handwritten signature of user can be with the
Two credential informations are associated, for example, the handwritten signature of user can be overlapped with having text on account paper carrier, user can be with
It directly signs on paper carrier, electronic signature can also be completed on the terminating machine that closing unit provides, such as use capacitor
Pen completes signature on the screen of digital terminal.By retaining the handwritten signature of user associated with the second credential information,
Also it can be realized non repudiation, prevent user from repeating to settle accounts.
The owner (user) of generating equipment can also transfer the possession of the income of generating equipment.When transfer, user can be with
Agency is gone to together with assignee to handle.In agency, checkout apparatus can receive the account information and password of user, replacement
The account information and password provided for assignee.In this way, the income of generating equipment can transfer ownership, flexibility is preferable.If emphasizing account
Number trackability, checkout apparatus can not remove account, password, the ciphertext content of original subscriber, if emphasizing the trace that maintains secrecy and go
Mark, checkout apparatus can remove account, password, the ciphertext content of original subscriber.It is true through original subscriber, closing unit and assignee tripartite
After recognizing, transfer formality is completed.After the completion of transfer, the assignee for obtaining the account can go to tie by updated account, password
Settle accounts the electricity charge in calculation center.
To sum up, it in each embodiment in the disclosure, respectively for the distorting of account, denies, repeat to exchange, steal, it can
It is effectively prevented from, specific as follows:
(1) prevent the owner (user) of account from distorting generated energy information.
User is the plaintext for allowing to modify generated energy information, but digital signature corresponding with the plaintext is with clearing dress
The ciphertext that the private key set generates, there is no the private keys of checkout apparatus by user, therefore, it is impossible to bright according to modified generated energy information
Text generates corresponding digital signature.
(2) prevent closing unit from not recognizing that the generated energy information in account is provided by it or do not recognized to the account.
Digital signature in account be generated by the private key encryption of checkout apparatus, and public key corresponding with the private key and
Prove that the information of the checkout apparatus identity is recognized in third party's trusted authorities authentication center CA (Certificate Authority)
On the books in the digital certificate of card, which is generated by CA private key encryption, any to apply for public affairs to authentication center per capita
Key decrypts the content of digital certificate, obtains the public key for dismissing unit, recycles the public key decryptions number by checkout apparatus of acquisition
The content of signature, the content after decryption are consistent with the abstract of generated energy information plaintext or plaintext, then prove that the account is exactly by this
Checkout apparatus granting, closing unit can not deny or distort.
(3) prevent closing unit from forging voucher of clearing, refusal is settled accounts to user.
User is after completing clearing, and in order to increase the difficulty to forge a signature, can record on account paper carrier has symbol
Number or the part of text on sign (text overlays), show to have occurred and that the clearing.Within clearing validity period, if closing unit
Bill kept on file with the signature cannot be provided, then show that the clearing do not occur, need to fulfil the obligation settled accounts to user.
(4) prevent user from repeating to settle accounts.
After user completes clearing, signature (text on the part for having symbol or text can be recorded on account paper carrier
Overlapping), show to have occurred and that the clearing.Within clearing validity period, closing unit only needs to provide the clearing of user's signature
Bill kept on file, i.e., the provable exchange have occurred and that refusal repeats to exchange.
(5) account is forged after preventing third party from having stolen the credential information of account to exchange.
In account be provided with cryptographic secret, when being exchanged every time, need user input account number cipher (password only by with
Family knows), the password of input can be converted ciphertext in checkout apparatus, and the voucher that checkout apparatus provides the ciphertext and user is believed
Ciphertext verification in breath, incorrect refusal to pay have prevented the possibility that account is stolen by third party.It should be noted that user needs
Password is kept properly, if password leakage or loss, the electricity charge may be falsely claimed as one's own by other people, be caused damages.
When either party in counterparty has a question to the credential information in account, it can use and recorded in digital certificate
The public key of checkout apparatus decrypts the content of digital signature, and the generated energy information (or generated energy informative abstract) that decryption is obtained
It is checked with the generated energy information (or generated energy informative abstract) in account paper carrier and bill kept on file, confirmation can then be eliminated doubtful
It asks, guarantees safety, dependably account is settled accounts, traded and is transferred the possession of.
Through the above technical solutions, moveable generating equipment is incorporated into knot with can be convenient by the owner of generating equipment
It calculates in the corresponding network system of device, and carries out time escrow formula clearing, for closing unit, it is only necessary to it is raw to provide account
At device, in this embodiment it is not even necessary to arrange that building for power supply network can be completed in generating equipment.To maintain electrical stability, closing unit can
The energy storage device of certain capacity can be needed to configure.In the case that some pairs of power supply reliabilities requirements are not stringent, in this embodiment it is not even necessary to match
Set energy storage device, with hair with, with being free to come and go with walking, really realize making a return journey for generating equipment or even mobile energy device
Freely.
For a user, need to be to do is to which generating equipment be linked into the power grid of closing unit's arrangement, and accessing
When or generate and input password after generated energy information, and remember and take good care of the password, prevent from losing or reveal.Exit power grid system
When system, the first credential information is sent to user terminal to account generating means or user holds digital storage media (before power generation
There is provided by user or provided by closing unit) the first credential information of downloading, user is using the account and the password of oneself setting
Complete charge calculation and the operation such as subsequent transfer and transaction.
It is designed in this way, allows closing unit not arrange the generating equipment of centralization when arranging network system, greatly
Reduce generating equipment investment, due to easy to operation, generating equipment owner obtain account clearing the time limit in very
To there is appreciation space, generating equipment owner can further be promoted to participate in the enthusiasm of power generation, mobile energy circulation can be made
It is more convenient.
Based on identical inventive concept, the disclosure also provides a kind of account generating means.Fig. 2 is that an exemplary embodiment mentions
A kind of block diagram of the account generating means supplied.As shown in Fig. 2, the account generating means 10 are obtained including detection module 11, first
Module 12, generation module 13 and the first sending module 14.
Detection module 11 is used to detect the generating state of generating equipment, generates the first generated energy information.
First acquisition module 12 is used to obtain the private key of checkout apparatus.
Generation module 13 is used to generate the first digital signature according to the first generated energy information and private key.
First sending module 14 is for the first credential information of account to be sent to the user terminal.
Wherein, the first credential information includes the first digital signature, and checkout apparatus is receiving second provided for user
When the verification request of credential information, the second digital signature in the second credential information is decrypted with public key corresponding with private key, and
In successful decryption, determine that the second generated energy information in the second credential information passes through verification.
Optionally, the first acquisition module 12 includes receiving submodule or acquisition submodule.
Receiving submodule is used to receive the clearing that checkout apparatus is sent when determining that generating equipment accesses account generating means
The private key of device.
Acquisition submodule is used to obtain the private key for the checkout apparatus being solidificated in account generating means.
Optionally, generation module 13 includes the first encryption submodule.
First encryption submodule is used to generate the first digital signature with private key encryption the first generated energy information.
Wherein, the second generated energy information is the generated energy information decrypted to the second digital signature.
Optionally, generation module 13 includes that the second encryption submodule and third encrypt submodule.
Second encryption submodule generates first for encrypting by scheduled first cipher mode to the first generated energy information
Generated energy informative abstract.
Third encrypts submodule and is used to generate the first digital signature with private key encryption the first generated energy informative abstract.
Wherein, the first credential information further includes the first generated energy information, and the second credential information further includes the second generated energy letter
Breath, checkout apparatus decrypt the second digital signature to obtain the second hair when receiving the verification request for the second credential information
Information about power abstract, and the second generated energy information is encrypted by scheduled first cipher mode, generate third generated energy information
Abstract, when the second generated energy informative abstract is consistent with third generated energy informative abstract, determines second in the second credential information
Generated energy information passes through verification.
Optionally, the first credential information further includes digital certificate, and digital certificate is for confirming the first digital signature by settling accounts
Device is signed and issued.
Optionally, device 10 further includes the second acquisition module and the first encrypting module.
Second acquisition module is used to obtain the first password of user's input.
First encrypting module is used to encrypt first password by scheduled second cipher mode, generates the first ciphertext.
Wherein, the first credential information further includes the first ciphertext, and the second credential information further includes the second ciphertext, and checkout apparatus obtains
The second password for taking family input, the second password is encrypted by scheduled second cipher mode, generates third ciphertext, and
Second ciphertext and third ciphertext are checked, to the second digital signature successful decryption, and the second ciphertext and third ciphertext core
To it is consistent when, determine that the second generated energy information in the second credential information passes through verification.
Optionally, device 10 further includes the second acquisition module and the second encrypting module.
Second acquisition module is used to obtain the first password of user's input.
Second encrypting module is used to encrypt first password as secret key pair the first generated energy information, generates the 4th ciphertext.
Wherein, the first credential information further includes the 4th ciphertext, and the second credential information further includes the second generated energy information and
Five ciphertexts, checkout apparatus obtain the second password of user's input, carry out the second password as secret key pair the second generated energy information
Encryption generates the 6th ciphertext, and the 5th ciphertext and the 6th ciphertext is checked, to the second digital signature successful decryption, and
When 5th ciphertext is consistent with the 6th ciphertext verification, determine that the second generated energy information in the second credential information passes through verification.
Optionally, device 10 further includes the second acquisition module, third encrypting module and the 4th encrypting module.
Second acquisition module is used to obtain the first password of user's input.
Third encrypting module is used to carry out encryption generation the to the first generated energy information by scheduled third cipher mode
One generated energy informative abstract.
4th encrypting module is used to encrypt first password as secret key pair the first generated energy informative abstract, and it is close to generate the 7th
Text.
Wherein, the first credential information further includes the 7th ciphertext, and the second credential information further includes the second generated energy information and
Eight ciphertexts, checkout apparatus obtains the second password of user's input, by scheduled third cipher mode to the second generated energy information
Encryption generates the second generated energy informative abstract, encrypts the second password as secret key pair the second generated energy informative abstract, raw
It is checked at the 9th ciphertext, and by the 8th ciphertext and the 9th ciphertext, to the second digital signature successful decryption, and the 8th ciphertext
When consistent with the 9th ciphertext verification, determine that the second generated energy information in the second credential information passes through verification.
Optionally, device 10 further includes read module.
Read module is used for when storage device is connected to account generating means, and the tenth stored in read storage device is close
Text, the first password that the tenth ciphertext is inputted user by storage device are generated by the encryption of scheduled second cipher mode.
Wherein, the first credential information further includes the tenth ciphertext, and the second credential information further includes the second ciphertext, and checkout apparatus obtains
The second password for taking family input, the second password is encrypted by scheduled second cipher mode, generates third ciphertext, and
Second ciphertext and third ciphertext are checked, to the second digital signature successful decryption, and the second ciphertext and third ciphertext core
To it is consistent when, determine that the second generated energy information in the second credential information passes through verification.
Optionally, device 10 further includes the second sending module.
Second sending module is used to the first credential information being sent to checkout apparatus.
About the device in above-described embodiment, wherein modules execute the concrete mode of operation in related this method
Embodiment in be described in detail, no detailed explanation will be given here.
Through the above technical solutions, on the one hand, due to generating equipment owner (user) there is no checkout apparatus private
Key, therefore, user cannot distort the generated energy information of generating equipment.On the other hand, if checkout apparatus being capable of successful decryption use
The digital signature (the second digital signature) that family provides then illustrates that the second digital signature is exactly raw according to the private key of checkout apparatus oneself
At, illustrate to have recognized that the generating equipment in the power grid of oneself before checkout apparatus.Therefore, generating equipment has been ensured
Generated energy information have can not tamper and non repudiation, ensured the generated energy information and charge calculation of generating equipment
Accuracy enables the corresponding electricity charge of generated energy information to be delayed clearing.
The disclosure also provides a kind of account generation system, including above-mentioned account generating means 10 and above-mentioned storage dress
It sets.
Account generating means 10 can be individual device, also can integrate in generating equipment.The disclosure also provides one
Kind generating equipment, the above-mentioned account generating means 10 provided including the disclosure.
Fig. 3 is the block diagram for a kind of electronic equipment 300 that an exemplary embodiment provides.As shown in figure 3, the electronic equipment
300 may include: processor 301, memory 302.The electronic equipment 300 can also include multimedia component 303, input/defeated
One or more of (I/O) interface 304 and communication component 305 out.
Wherein, processor 301 is used to control the integrated operation of the electronic equipment 300, to complete above-mentioned account generation side
All or part of the steps in method.Memory 302 is for storing various types of data to support the behaviour in the electronic equipment 300
To make, these data for example may include the instruction of any application or method for operating on the electronic equipment 300, with
And the relevant data of application program, such as contact data, the message of transmitting-receiving, picture, audio, video etc..The memory 302
It can be realized by any kind of volatibility or non-volatile memory device or their combination, such as static random-access is deposited
Reservoir (Static Random Access Memory, abbreviation SRAM), electrically erasable programmable read-only memory
(Electrically Erasable Programmable Read-Only Memory, abbreviation EEPROM), erasable programmable
Read-only memory (Erasable Programmable Read-Only Memory, abbreviation EPROM), programmable read only memory
(Programmable Read-Only Memory, abbreviation PROM), and read-only memory (Read-Only Memory, referred to as
ROM), magnetic memory, flash memory, disk or CD.Multimedia component 303 may include screen and audio component.Wherein
Screen for example can be touch screen, and audio component is used for output and/or input audio signal.For example, audio component may include
One microphone, microphone is for receiving external audio signal.The received audio signal can be further stored in storage
Device 302 is sent by communication component 305.Audio component further includes at least one loudspeaker, is used for output audio signal.I/O
Interface 304 provides interface between processor 301 and other interface modules, other above-mentioned interface modules can be keyboard, mouse,
Button etc..These buttons can be virtual push button or entity button.Communication component 305 is for the electronic equipment 300 and other
Wired or wireless communication is carried out between equipment.Wireless communication, such as Wi-Fi, bluetooth, near-field communication (Near Field
Communication, abbreviation NFC), 2G, 3G or 4G or they one or more of combination, therefore corresponding communication
Component 305 may include: Wi-Fi module, bluetooth module, NFC module.
In one exemplary embodiment, electronic equipment 300 can be by one or more application specific integrated circuit
(Application Specific Integrated Circuit, abbreviation ASIC), digital signal processor (Digital
Signal Processor, abbreviation DSP), digital signal processing appts (Digital Signal Processing Device,
Abbreviation DSPD), programmable logic device (Programmable Logic Device, abbreviation PLD), field programmable gate array
(Field Programmable Gate Array, abbreviation FPGA), controller, microcontroller, microprocessor or other electronics member
Part is realized, for executing above-mentioned account generation method.
In a further exemplary embodiment, a kind of computer readable storage medium including program instruction is additionally provided, it should
The step of above-mentioned account generation method is realized when program instruction is executed by processor.For example, the computer readable storage medium
It can be the above-mentioned memory 302 including program instruction, above procedure instruction can be executed by the processor 301 of electronic equipment 300
To complete above-mentioned account generation method.
The preferred embodiment of the disclosure is described in detail in conjunction with attached drawing above, still, the disclosure is not limited to above-mentioned reality
The detail in mode is applied, in the range of the technology design of the disclosure, a variety of letters can be carried out to the technical solution of the disclosure
Monotropic type, these simple variants belong to the protection scope of the disclosure.
It is further to note that specific technical features described in the above specific embodiments, in not lance
In the case where shield, it can be combined in any appropriate way.In order to avoid unnecessary repetition, the disclosure to it is various can
No further explanation will be given for the combination of energy.
In addition, any combination can also be carried out between a variety of different embodiments of the disclosure, as long as it is without prejudice to originally
Disclosed thought equally should be considered as disclosure disclosure of that.
Claims (16)
1. a kind of account generation method is applied to account generating means, which is characterized in that the described method includes:
The generating state of generating equipment is detected, the first generated energy information is generated;
Obtain the private key of checkout apparatus;
The first digital signature is generated according to the first generated energy information and the private key;
First credential information of account is sent to the user terminal, wherein first credential information includes first number
Signature, the checkout apparatus receive for user provide the second credential information verification request when, with the private key
Corresponding public key decrypts the second digital signature in second credential information, and in successful decryption, determines described second
The second generated energy information in credential information passes through verification.
2. the method according to claim 1, wherein the step of private key for obtaining checkout apparatus includes following
In any one:
Receive the checkout apparatus that checkout apparatus is sent when determining that the generating equipment accesses the account generating means
Private key;
Obtain the private key for the checkout apparatus being solidificated in the account generating means;
Obtain the private key for the checkout apparatus being stored in advance in the account generating means.
3. the method according to claim 1, wherein described according to the first generated energy information and the private key
The step of generating the first digital signature include:
The first generated energy information described in the private key encryption generates the first digital signature,
Wherein, the second generated energy information is the generated energy information decrypted to second digital signature.
4. the method according to claim 1, wherein described according to the first generated energy information and the private key
The step of generating the first digital signature include:
The first generated energy information is encrypted by scheduled first cipher mode, generates the first generated energy informative abstract;
The first generated energy informative abstract described in the private key encryption generates first digital signature,
Wherein, first credential information further includes the first generated energy information, and second credential information further includes described
Second generated energy information, the checkout apparatus is when receiving the verification request for second credential information, by described the
Two digital signature decrypt to obtain the second generated energy informative abstract, and by scheduled first cipher mode to second hair
Information about power encryption, generates third generated energy informative abstract, in the second generated energy informative abstract and the third generated energy
When informative abstract is consistent, determine that the second generated energy information in second credential information passes through verification.
5. method described in any claim in -4 according to claim 1, which is characterized in that first credential information also wraps
Digital certificate is included, the digital certificate is for confirming the first digital signature closing unit as belonging to checkout apparatus label
Hair.
6. method described in any claim in -4 according to claim 1, which is characterized in that the method also includes:
Obtain the first password of user's input;
The first password is encrypted by scheduled second cipher mode, generates the first ciphertext;
Wherein, first credential information further includes first ciphertext, and second credential information further includes the second ciphertext, institute
The second password that checkout apparatus obtains user's input is stated, second password is carried out by scheduled second cipher mode
Encryption generates third ciphertext, and second ciphertext and the third ciphertext is checked, to second digital signature
Successful decryption, and when second ciphertext is consistent with the third ciphertext verification, determine second in second credential information
Generated energy information passes through verification.
7. method described in any claim in -4 according to claim 1, which is characterized in that the method also includes:
Obtain the first password of user's input;
It is encrypted the first password as the first generated energy information described in secret key pair, generates the 4th ciphertext;
Wherein, first credential information further includes the 4th ciphertext, and second credential information further includes second hair
Information about power and the 5th ciphertext, the checkout apparatus obtains the second password of user's input, using second password as code key
The second generated energy information is encrypted, generates the 6th ciphertext, and the 5th ciphertext and the 6th ciphertext are carried out
Verification, to the second digital signature successful decryption, and when the 5th ciphertext is consistent with the 6th ciphertext verification, determination
The second generated energy information in second credential information passes through verification.
8. method described in any claim in -4 according to claim 1, which is characterized in that the method also includes:
Obtain the first password of user's input;
Encryption is carried out to the first generated energy information by scheduled third cipher mode and generates the first generated energy informative abstract;
It is encrypted the first password as the first generated energy informative abstract described in secret key pair, generates the 7th ciphertext;
Wherein, first credential information further includes the 7th ciphertext, and second credential information further includes second hair
Information about power and the 8th ciphertext, the checkout apparatus obtain the second password of user's input, are encrypted by the scheduled third
Mode encrypts the second generated energy information and generates the second generated energy informative abstract, using second password as secret key pair institute
It states the second generated energy informative abstract to be encrypted, generates the 9th ciphertext, and the 8th ciphertext and the 9th ciphertext are carried out
Verification, to the second digital signature successful decryption, and when the 8th ciphertext is consistent with the 9th ciphertext verification, determination
The second generated energy information in second credential information passes through verification.
9. method described in any claim in -4 according to claim 1, which is characterized in that the method also includes:
When storage device is connected to the account generating means, the tenth ciphertext stored in the storage device is read, it is described
The first password that tenth ciphertext is inputted user by the storage device is generated by the encryption of scheduled second cipher mode,
Wherein, first credential information further includes the tenth ciphertext, and second credential information further includes the second ciphertext, institute
The second password that checkout apparatus obtains user's input is stated, second password is carried out by scheduled second cipher mode
Encryption generates third ciphertext, and second ciphertext and the third ciphertext is checked, to second digital signature
Successful decryption, and when second ciphertext is consistent with the third ciphertext verification, determine second in second credential information
Generated energy information passes through verification.
10. method described in any claim in -4 according to claim 1, which is characterized in that the method also includes:
First credential information is sent to the checkout apparatus.
11. a kind of account generating means, which is characterized in that described device includes:
Detection module generates the first generated energy information for detecting the generating state of generating equipment;
First obtains module, for obtaining the private key of checkout apparatus;
Generation module, for generating the first digital signature according to the first generated energy information and the private key;
First sending module, for the first credential information of account to be sent to the user terminal, wherein first credential information
Including first digital signature, the checkout apparatus is in the verification request for receiving the second credential information provided for user
When, the second digital signature in second credential information is decrypted with public key corresponding with the private key, and in successful decryption
When, determine that the second generated energy information in second credential information passes through verification.
12. device according to claim 11, which is characterized in that described device further include:
Read module stores in the storage device for reading when storage device is connected to the account generating means
Tenth ciphertext, the tenth ciphertext pass through scheduled second cipher mode by the first password that the storage device inputs user
Encryption generates,
Wherein, first credential information further includes the tenth ciphertext, and second credential information further includes the second ciphertext, institute
The second password that checkout apparatus obtains user's input is stated, second password is carried out by scheduled second cipher mode
Encryption generates third ciphertext, and second ciphertext and the third ciphertext is checked, to second digital signature
Successful decryption, and when second ciphertext is consistent with the third ciphertext verification, determine second in second credential information
Generated energy information passes through verification.
13. a kind of account generates system, which is characterized in that including account generating means according to claim 12 and root
According to the storage device described in claim 12.
14. a kind of generating equipment, which is characterized in that including account generating means according to claim 11 or 12.
15. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is by processor
The step of any one of claim 1-10 the method is realized when execution.
16. a kind of electronic equipment characterized by comprising
Memory is stored thereon with computer program;
Processor, for executing the computer program in the memory, to realize any one of claim 1-10 institute
The step of stating method.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811003482.0A CN108989347A (en) | 2018-08-30 | 2018-08-30 | Account generating method, device, system, medium and equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811003482.0A CN108989347A (en) | 2018-08-30 | 2018-08-30 | Account generating method, device, system, medium and equipment |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108989347A true CN108989347A (en) | 2018-12-11 |
Family
ID=64548349
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811003482.0A Pending CN108989347A (en) | 2018-08-30 | 2018-08-30 | Account generating method, device, system, medium and equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108989347A (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1581241A (en) * | 2003-08-15 | 2005-02-16 | 深圳市科陆电子科技股份有限公司 | Long-distance collecting method for electric power |
CN102347838A (en) * | 2011-08-29 | 2012-02-08 | 大连明江咨询服务有限公司 | Telephone transaction method for automatic identity authentication device |
CN104683107A (en) * | 2015-02-28 | 2015-06-03 | 深圳市思迪信息技术有限公司 | Digital certificate storage method and device, and digital signature method and device |
WO2017041599A1 (en) * | 2015-09-08 | 2017-03-16 | 腾讯科技(深圳)有限公司 | Service processing method and electronic device |
CN106790183A (en) * | 2016-12-30 | 2017-05-31 | 广州华多网络科技有限公司 | Logging on authentication method of calibration, device |
CN106960166A (en) * | 2017-03-14 | 2017-07-18 | 清华大学 | A kind of smart jack management system and its method based on distributed general ledger technology |
CN108256811A (en) * | 2017-04-18 | 2018-07-06 | 平安科技(深圳)有限公司 | Job information processing method, device, computer equipment and storage medium |
-
2018
- 2018-08-30 CN CN201811003482.0A patent/CN108989347A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1581241A (en) * | 2003-08-15 | 2005-02-16 | 深圳市科陆电子科技股份有限公司 | Long-distance collecting method for electric power |
CN102347838A (en) * | 2011-08-29 | 2012-02-08 | 大连明江咨询服务有限公司 | Telephone transaction method for automatic identity authentication device |
CN104683107A (en) * | 2015-02-28 | 2015-06-03 | 深圳市思迪信息技术有限公司 | Digital certificate storage method and device, and digital signature method and device |
WO2017041599A1 (en) * | 2015-09-08 | 2017-03-16 | 腾讯科技(深圳)有限公司 | Service processing method and electronic device |
CN106790183A (en) * | 2016-12-30 | 2017-05-31 | 广州华多网络科技有限公司 | Logging on authentication method of calibration, device |
CN106960166A (en) * | 2017-03-14 | 2017-07-18 | 清华大学 | A kind of smart jack management system and its method based on distributed general ledger technology |
CN108256811A (en) * | 2017-04-18 | 2018-07-06 | 平安科技(深圳)有限公司 | Job information processing method, device, computer equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
KR102044751B1 (en) | Method for providing reward according to user authentication based on blockchain | |
US7028191B2 (en) | Trusted authorization device | |
TWI497336B (en) | Data security devices and computer program | |
CN110458542A (en) | Offline electronic payment system and method based on block chain | |
CN109697365A (en) | Information processing method and block chain node, electronic equipment | |
CN109087056A (en) | Electronic contract signs method, apparatus and server | |
CN108476227A (en) | System and method for equipment push supply | |
JP2018522353A (en) | Authentication system and method for server-based payment | |
CN107210914A (en) | The method supplied for security credence | |
CN106682903B (en) | A kind of feedback validation method of bank paying Licensing Authority information | |
KR20120017044A (en) | System and method for personal certification using a mobile device | |
CN105162607A (en) | Authentication method and system of payment bill voucher | |
EP3674936A1 (en) | Authentication terminal, authentication device and authentication method and system using authentication terminal and authentication device | |
CN109951524A (en) | Key devices Activiation method, electronic equipment and computer readable storage medium | |
CN110189184A (en) | A kind of electronic invoice storage method and device | |
KR101914649B1 (en) | Radio link authentication system and methods using Devices and automation devices | |
CN109815659A (en) | Safety certifying method, device, electronic equipment and storage medium based on WEB project | |
WO2014080353A1 (en) | Secure transaction system and virtual wallet | |
CN110659899B (en) | Offline payment method, device and equipment | |
CN106330888B (en) | The method and device of payment safety in a kind of guarantee the Internet line | |
EP3671601A2 (en) | Data structure, transmission device, reception device, settlement device, method, and computer program | |
EP4191939A1 (en) | Knowledge proof method, knowledge proof program, and information processing apparatus | |
CN104270650B (en) | The safety control system and method for a kind of internet television | |
CN115136545B (en) | Method and system for managing data exchange in medical examination environment | |
CN108989347A (en) | Account generating method, device, system, medium and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
AD01 | Patent right deemed abandoned | ||
AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20201110 |