A kind of method, system, equipment and the storage medium of user-isolated identity information
Technical field
The present invention relates to block chain technical field more particularly to a kind of method, system, the equipment of user-isolated identity information
And storage medium.
Background technique
Current Internet era various network applications emerge one after another, and drop drop is called a taxi, and are hungry, not busy fish, 58 is some with city etc.
Be related to true sale requires user's real-name authentication using App, and user out of privacy concerns, is often not intended to privacy to believe
Breath reveals to these using App, and with the arriving of data age, user data will be more and more valuable to application software, and user
Also will increasingly pay attention to oneself privacy, be unwilling to reveal, but in order to use application software, have to reveal, with
Higher attention of the government to application App safety, various application App also have to that user is allowed to provide more detailed certification material
Material, it is desirable that user's real-name authentication, not only user takes pictures identity card tow sides upload, but also face is wanted to take pictures identification,
If the mechanism for running application is used in ID card information elsewhere, user will not know;The privacy for causing user to reveal
More and more, user increasingly dislikes, and contradiction is becoming increasingly acute.
Chinese invention patent application, publication number: CN108063752A;Publication date: 2018.05.22;The disclosure of the invention one
Credible genetic test and data sharing method of the kind based on block chain and proxy re-encryption technology, are applied based on sequentially connected
The application system of managed application data-layer, block link layer and Distributed Storage layer.This method is established based on block chain technology
The honesty managemen scheme of testing agency and hospital, solves the problems, such as that the third-party institution arbitrarily provides testing result.Meanwhile it being based on
Public key cryptography scheme protects the private data of personal user so that it is personal to the gene data of oneself have complete control and
Ownership.Finally, realizing a kind of voidable proxy re-encryption scheme in block chain intelligence contract, guarantee that scientific research institution is obtaining
Genomic data is obtained after to personal user's authorization.The patent is towards personal user, for this privacy number of genetic test
According to leakage-preventing sharing method, can not accomplish when gene data is disclosed towards the third-party institution in absolute sense prevent it is hidden
Private leakage.
Summary of the invention
1. technical problems to be solved by the inivention
In order to overcome the above technical problems, the present invention provides method, system, the equipment of a kind of user-isolated identity information
And storage medium.It can protect the privacy of user, prevent privacy of user from revealing.
2. technical solution
To solve the above problems, technical solution provided by the invention are as follows:
A kind of method of user-isolated identity information, comprising the following steps:
S1, user generate public key and private key by block chain;
The mode for generating public key and private key shares 2 kinds, one is, public key and private key are randomly generated by block chain, it is another
Kind is that block chain operator is according to subscriber identity information (name, gender, identification card number, cell-phone number, mailbox, sound, face figure
Picture, fingerprint, home address, personal users' identity information such as registered permanent residence location or enterprise, tissue, mechanism or unit title,
The community identities information such as unified social credibility code, address, duty paragraph) carry out Hash encryption after, generate private key and public key, private key is such as
Fruit is lost, and can be given for change to block chain operator.
S2, the public key of user and subscriber identity information are stored in block chain;
Block chain, point of identity information are saved in after the identity information of user needs and Third Party Authentication agency qualification is signed
Class difference may have different Third Party Authentication mechanisms, for example ID card information needs public security bureau of government to authenticate, and academic information needs
Want colleges and universities to authenticate, bank card assets information may bank authentication, automobile information authenticated by vehicle management, is saved according to classification
It is string number due to being signing messages on block chain, this string certificate signature information includes certification authority, is certified use
The block chain account ID at family, and to the ciphering signature information of real information, can be identified by Third Party Authentication organization web true
Reality, while specifying information is not revealed again, such as identification card number, facial information etc., while also demonstrating the true of identity information
The privacy information of user is stashed, protects privacy of user by credibility, so that user privacy information can not be stolen or excessively
With.Real information can also be obtained when obtaining user and agreeing to by Third Party Authentication mechanism by waiting if necessary simultaneously.
S3, block chain generate multiple and different account ID to same user;
If user only one account ID, by trading activity of the retrospect account ID on block chain or
Crawler behavior will increase the risk that the account ID of the user is attacked, so that user privacy information is easy to cause to be stolen;One
User's correspondence possesses multiple account ID, can not trace the behavior of the user, and then plays the role of protecting user privacy information, makes
Obtaining attacker can not be determined by the behavior of some account ID to user.The quantity of account ID can be set to block chain and produce at random
It is raw, it also can be set to request to generate by user, and the producing method of account ID can be and do different numbers to the public key of user
Hash, that is, can produce multiple and different account ID.
S4, user are registered in application by account ID.
User does not need to provide the sensitive informations such as user identity card to application, and account ID has represented the privacy information of user
It is backed up and is authenticated by block chain, the privacy information of user is stored on block chain, and the offer of block chain has represented user privacy information
The account ID that is backed up and is authenticated is applying upper registration, these applications are not necessarily builds on block chain, can be fortune
The software application of battalion side's independent development is also possible to the application built based on block, but each application has connection with block chain
Interface, to block chain, there are certain foundation of trust to facilitate acquisition to represent user so that user in corresponding application when registering
The account ID of privacy information, so that the privacy information of user and application be kept apart.
Preferably, by block chain public key and private key is randomly generated in user in step S1.
Preferably, block chain operator generates private key and public key according to subscriber identity information.The subscriber identity information
Including identification card number, cell-phone number, mailbox, sound, face-image, fingerprint, home address, the user identity such as registered permanent residence location letter
Breath can be given for change if private key is lost to block chain operator.
Preferably, the registration in S4 the following steps are included:
S401, user send a verifying transaction to block chain, and an account ID and private key signature information is selected to be sent to
Block chain;
S402, block chain node can verify account ID and user's signature information, be verified, it was demonstrated that this account ID
Belong to the user, and be not used by, is used in the upper renewal of registration of application;Verifying does not pass through, it was demonstrated that account ID is not the user
All or account ID has been used, and cannot above register to use in application;
S403, it is verified, and after succeeding in registration, block chained record account ID state is to be used.
In order to avoid next time registration new opplication when reuse account ID, in order to avoid the same account ID by it is multiple using,
Tracking account ID whereabouts are manufactured to attacker, and then attack the chance of user, in order to avoid become the object attacked, it can be further
The privacy of user is protected not to be leaked.
A kind of system of user-isolated identity information, a kind of user-isolated identity information according to any of the above item
Method, comprising: public and private key generation module generates public key and private key by block chain for user;Privacy information preserving module is used
The public key and subscriber identity information generated in the public and private key generation module of preservation;Account ID generation module, is protected on block chain
The user for depositing public key and subscriber identity information generates multiple and different account ID;Application module, user generate mould using account ID
Account is applied in the account ID registration that block generates.
Preferably, public key and private is randomly generated according to the request of user on block chain in the public and private key generation module
Key, alternatively, generating private key and public key according to subscriber identity information.
Preferably, the privacy information preserving module includes distributed storage database and the block chain operation of block chain
The private data library of side.
Preferably, the application module includes account ID authentication module and registration module, and account ID authentication module is used for
Whether verifying account ID belongs to corresponding user, and whether verifying account ID is used;Registration module is generated according to account ID
User applies upper account information at this.
A kind of equipment, including processor, input equipment, output equipment and memory, it is the processor, input equipment, defeated
Equipment and memory interconnect out, wherein for the memory for storing computer program, the computer program includes journey
Sequence instruction, the processor are configured for calling described program instruction, execute method as previously discussed.
A kind of computer readable storage medium, the computer storage medium are stored with computer program, the computer
Program includes program instruction, and described program instructs when being executed by a processor, and the processor is made to execute method as previously discussed.
3. beneficial effect
Using technical solution provided by the invention, compared with prior art, have the following beneficial effects:
(1) the present invention is based on block chain technologies, provide a kind of method of user-isolated identity information, by third party
Using an identifiable block chain account ID is only provided, without other any information, that is, family can be used to enjoy application
While brought convenient, do not have to worry leakage of private information;
(2) traditional third-party application needs to acquire the privacy information of user, grasps a large number of users information, answers in third party
During with operation, it is frequently present of privacy leakage problem actively or passively, many risks, present invention benefit are brought to user
It is stored with block chain information ciphertext, decentralization, the characteristic that can not be distorted is isolated by the privacy information of user with third-party application
Come, registered to use on third-party application using the account ID that block chain is generated to user, third-party application can not learn with
Account ID corresponds to the privacy information of user, so that also active leakage can not be carried out to the privacy of user;
(3) in a kind of method of user-isolated identity information provided by the invention, user can produce on block chain
Multiple account ID are used using different account ID, i.e. multiple account ID of sole user with user in face of different
Application correspond, so that it is guaranteed that user in application, account ID used is different, and then is avoiding user same using different
Behavior of the one account ID in different application is traced and is collected, and behavior of the user in different application is avoided to there is passive leakage
A possibility that;
(4) method of a kind of user-isolated identity information provided by the invention, user, can be to block chains in application registration
Verifying transaction is sent, after being verified, could above be registered to use in application, the privacy letter that user is provided to each application is not needed
Breath, and each application can also quickly obtain registration number of users group based on the trust to block chain very much;
(5) a kind of method of user-isolated identity information of the invention, the privacy information that user saves on block chain are
It after Hash, is stored in the form of ciphertext on block chain, not the private key signature verifying of user, anyone is can not to obtain
Know the clear content of privacy information, therefore user can control personal privacy information completely, prevent leakage of private information.
Detailed description of the invention
Fig. 1 is the application schematic diagram of method;
Fig. 2 is one of the flow diagram of method;
Fig. 3 is the two of the flow diagram of method;
Fig. 4 is verifying transaction flow figure;
Fig. 5 is system block diagram;
Fig. 6 is equipment block diagram;
Fig. 7 is one of the schematic diagram of embodiment 2;
Fig. 8 is the two of the schematic diagram of embodiment 2;
Fig. 9 is the schematic diagram of embodiment 3;
Figure 10 is the schematic diagram of embodiment 7;
Figure 11 is one of the schematic diagram of embodiment 8;
Figure 12 is the two of the schematic diagram of embodiment 8.
Specific embodiment
To further appreciate that the contents of the present invention, in conjunction with accompanying drawings and embodiments, the present invention is described in detail.
Embodiment 1
As shown in Figure 2,3, a kind of method of user-isolated identity information, comprising the following steps:
S1, user generate public key and private key by block chain;
The mode for generating public key and private key shares 2 kinds, one is, public key and private key are randomly generated by block chain, once
Private key loss can not be given for change, and another kind is that block chain operator is according to subscriber identity information (name, gender, identification card number, hand
Machine number, mailbox, sound, face-image, fingerprint, home address, personal users' identity information such as registered permanent residence location or enterprise,
The community identities information such as tissue, the title of mechanism or unit, unified social credibility code, address, duty paragraph) carry out Hash encryption
Afterwards, private key and public key are generated, if private key is lost, can be given for change to block chain operator.
S2, the public key of user and subscriber identity information are stored in block chain;
Block chain, point of identity information are saved in after the identity information of user needs and Third Party Authentication agency qualification is signed
Class difference may have different Third Party Authentication mechanisms, for example ID card information needs public security bureau of government to authenticate, and academic information needs
Want colleges and universities to authenticate, bank card assets information may bank authentication, automobile information authenticated by vehicle management, is saved according to classification
It is string number due to being signing messages on block chain, this string certificate signature information includes certification authority, is certified use
The block chain account ID at family, and to the ciphering signature information of real information, can be identified by Third Party Authentication organization web true
Reality, while specifying information is not revealed again, such as identification card number, facial information etc., while also demonstrating the true of identity information
The privacy information of user is stashed, protects privacy of user by credibility, so that user privacy information can not be stolen or excessively
With.Real information can also be obtained when obtaining user and agreeing to by Third Party Authentication mechanism by waiting if necessary simultaneously.
The public key and subscriber identity information of user can also be stored in the private data library of block chain operator, such as Fig. 3
Shown, user information is more concentrated, rather than open and diffusion, is not needed each business application and is authenticated.
S3, block chain generate multiple and different account ID to same user;
If user only one account ID, by trading activity of the retrospect account ID on block chain or
Crawler behavior will increase the risk that the account ID of the user is attacked, so that user privacy information is easy to cause to be stolen;One
User's correspondence possesses multiple account ID, can not trace the behavior of the user, and then plays the role of protecting user privacy information, makes
Obtaining attacker can not be determined by the behavior of some account ID to user.The quantity of account ID can be set to block chain and produce at random
It is raw, it also can be set to request to generate by user, and the producing method of account ID can be and do different numbers to the public key of user
Hash, that is, can produce multiple and different account ID.
S4, user are registered in application by account ID.
User does not need to provide the sensitive informations such as user identity card to application, and account ID has represented the privacy information of user
It is backed up and is authenticated by block chain, the privacy information of user is stored on block chain, and the offer of block chain has represented user privacy information
The account ID that is backed up and is authenticated is applying upper registration, these applications are not necessarily builds on block chain, can be fortune
The software application of battalion side's independent development is also possible to the application built based on block, but each application has connection with block chain
Interface, to block chain, there are certain foundation of trust to facilitate acquisition to represent user so that user in corresponding application when registering
The account ID of privacy information, so that the privacy information of user and application be kept apart.
The operator of one application just knows that the account ID of user, and determines that account ID is backed up by block chain
With authenticated, the operation that can be used for oneself uses, but can not obtain the privacy information of the user, so can not will use
Family privacy information be used in elsewhere, the privacy information of user can not be revealed, solve user using different in application, depositing
The privacy leakage the problem of.
Embodiment 2
A kind of method of user-isolated identity information, is further improved on the basis of embodiment 1, comprising the following steps:
Public key and private key is randomly generated by block chain in S1, user, as shown in Figure 7;
S2, the public key of user and subscriber identity information are stored in block chain;As privately owned chain, alliance's chain are in block chain
Permit chain, each node participated in block catenary system is by license, and unauthorized node can not access system
In.But if a limited number of multiple certification nodes join together to be also that can make the identity information leakage of user in license chain
At what is centainly threatened, so if block chain is license chain, after the public key and subscriber identity information of user carries out Hash encryption, then
It is uploaded to block chain;If block chain is publicly-owned chain, can be to the carry out Hash encryption of subscriber identity information selectivity.Such as figure
Shown in 8.
S3, block chain generate multiple and different account ID to same user;
S4, user are registered in application by account ID.
Embodiment 3
A kind of method of user-isolated identity information is further improved on the basis of embodiment 1,2, including following step
It is rapid:
S1, user generate private key and public key according to subscriber identity information by block chain operator, as shown in Figure 9.
If block chain is license chain, after the public key and subscriber identity information of user carries out Hash encryption, then private key is generated
And public key;If block chain is publicly-owned chain, can be to the carry out Hash encryption of subscriber identity information selectivity.Wherein, described
Subscriber identity information include identification card number, cell-phone number, mailbox, sound, face-image, fingerprint, home address, registered permanent residence location
Equal subscriber identity informations can be given for change if private key is lost to block chain operator.
S2, the public key of user and subscriber identity information are stored in block chain;As privately owned chain, alliance's chain are in block chain
Permit chain, each node participated in block catenary system is by license, and unauthorized node can not access system
In.But if a limited number of multiple certification nodes join together to be also that can make the identity information leakage of user in license chain
At what is centainly threatened, so if block chain is license chain, after the public key and subscriber identity information of user carries out Hash encryption, then
It is uploaded to block chain;If block chain is publicly-owned chain, can be to the carry out Hash encryption of subscriber identity information selectivity.Such as figure
Shown in 8.
S3, block chain generate multiple and different account ID to same user;
S4, user are registered in application by account ID.
Embodiment 4
A kind of method of user-isolated identity information is further improved on the basis of embodiment 1,2,3, including following step
It is rapid:
S1, user generate public key and private key by block chain;
S2, the public key of user and subscriber identity information are stored in block chain;
S3, block chain generate multiple and different account ID to same user;
S4, user are registered in application by account ID.
As shown in Fig. 1,3 and 4, registration in S4 the following steps are included:
S401, user send a verifying transaction to block chain, and an account ID and private key signature information is selected to be sent to
Block chain;
S402, block chain node can verify account ID and user's signature information, be verified, it was demonstrated that this account ID
Belong to the user, and be not used by, is used in the upper renewal of registration of application;Verifying does not pass through, it was demonstrated that account ID is not the user
All or account ID has been used, and cannot above register to use in application;
S403, it is verified, and after succeeding in registration, block chained record account ID state is to be used.
In order to avoid next time registration new opplication when reuse account ID, in order to avoid the same account ID by it is multiple using,
Tracking account ID whereabouts are manufactured to attacker, and then attack the chance of user, in order to avoid become the object attacked, it can be further
The privacy of user is protected not to be leaked.
The present embodiment stashes the privacy information of user completely, is stored using the information ciphertext of block chain, goes to center
Change, distributed storage, the advantages of can not distorting, the account ID and third-party interface applications that user is generated by block chain, and
Third-party application device can not but know the privacy information of user, entirely prevented third-party application operator to privacy of user
The leakage of information, at the same time, user can normally be enjoyed convenient brought by third-party application mechanism.
Embodiment 5
As described in figures 1 and 5, a kind of system of user-isolated identity information, according in any one of embodiment 1-4 technical solution
The method of a kind of user-isolated identity information, comprising: public and private key generation module generates public affairs by block chain for user
Key and private key;Privacy information preserving module, for saving the public key and subscriber identity information that generate in public and private key generation module;Account
Family ID generation module generates multiple and different account ID to the user for saving public key and subscriber identity information on block chain;It answers
With module, account is applied in the account ID registration that user is generated using account ID generation module.
Embodiment 6
As described in figures 1 and 5, a kind of system of user-isolated identity information, is further improved on the basis of embodiment 5,
Include: public and private key generation module, public key and private key are generated by block chain for user;Privacy information preserving module, for protecting
Deposit the public key and subscriber identity information generated in public and private key generation module;Account ID generation module, it is public to being saved on block chain
The user of key and subscriber identity information generates multiple and different account ID;Application module, user are raw using account ID generation module
At account ID registration apply account.Further, public and private key generation module is on block chain according to the request of user, random production
Raw public key and private key, alternatively, generating private key and public key according to subscriber identity information.If block chain is license chain, the public affairs of user
After key and subscriber identity information carry out Hash encryption, then generate private key and public key;If block chain be publicly-owned chain, can to
The carry out Hash encryption of family identity information selectivity.Wherein, the subscriber identity information includes identification card number, cell-phone number, postal
Case, sound, face-image, fingerprint, home address, the subscriber identity informations such as registered permanent residence location can be to areas if private key is lost
Block chain operator is given for change.
Embodiment 7
A kind of system of user-isolated identity information is further improved, comprising: public and private key on the basis of embodiment 5,6
Generation module generates public key and private key by block chain for user;Privacy information preserving module is generated for saving public and private key
The public key and subscriber identity information generated in module;Account ID generation module, to preservation public key and user identity on block chain
The user of information generates multiple and different account ID;Application module, user are infused using the account ID that account ID generation module generates
Volume applies account.Further, as shown in Figure 10, the privacy information preserving module includes the distributed storage number of block chain
According to the private data library in library and block chain operator.If be stored in private data library, subscriber identity information needs to carry out
Hash encryption, to ensure that subscriber identity information reveals brought risk.
Embodiment 8
A kind of system of user-isolated identity information is further improved, comprising: public and private on the basis of embodiment 5,6,7
Key generation module generates public key and private key by block chain for user;Privacy information preserving module is produced for saving public and private key
The public key and subscriber identity information generated in raw module;Account ID generation module, to preservation public key and user's body on block chain
The user of part information generates multiple and different account ID;Application module, the account ID that user uses account ID generation module to generate
Account is applied in registration.Further, as shown in Figure 11,12, the application module includes account ID authentication module and registration mould
Block, account ID authentication module, for verifying whether account ID belongs to corresponding user, whether verifying account ID is used;
Registration module, according to account ID generate user this apply upper account information.
Embodiment 9
It is the processor, defeated as shown in fig. 6, a kind of equipment, including processor, input equipment, output equipment and memory
Enter equipment, output equipment and memory to interconnect, wherein the memory is for storing computer program, the computer
Program includes program instruction, and the processor is configured for calling described program instruction, is executed such as any one of embodiment 1-5 skill
Art scheme the method.
Embodiment 10
A kind of computer readable storage medium, the computer storage medium are stored with computer program, the computer
Program includes program instruction, and described program instructs when being executed by a processor, executes the processor as embodiment 1-5 is any
Item technical solution the method.
Embodiment 11
The present embodiment is based on block chain technology, a kind of method that true identity information is isolated is provided, in embodiment 1-5
Method described in any one technical solution, by only providing the account of a credible identifiable block chain user to third-party application
Family ID, without other any information, thus take pictures the acquisition with the application-oriented APP of other information instead of identity card, thus
Largely protect personal user's privacy.
User's (including forms such as individual, enterprise, public institution, incorporation);User information, personally for, packet
Include but be not limited to personal photo, birth certificate, ID card No., mailbox, phone number, the login account of certain website, QQ number code,
The data such as contact address;User information, for the mechanisms such as enterprise, public institution or incorporation, including but not limited to society
It can unify the data such as credit code, organization mechanism code, scope of operation, external mailbox, office telephone.
In order to prove that certain account ID is that certain specific user is all, user can send one to block chain and test for certain network application
This account ID is sent to block chain with oneself private key signature by card transaction, and block chain node can believe account ID and user's signature
Breath is verified, by that can prove that this account ID belongs to this user.Do not pass through, illustrates this non-user institute of this account ID
Have.This account ID can be trusted by rear network application, and user is all thus.There is no need to provide a person by user in this way
The sensitive informations such as part card are to network application.
Oneself a private key is randomly generated based on block chain in personal user, while obtaining corresponding public key;It can also be by
Block chain company demonstrate,proves ID one unique private of generation according to user identity and can transport to block chain when such private key for user is lost
It gives for change battalion side.
User is by the authentic ID card information of Third Party Authentication mechanism acquisition, the real informations such as face acquires, simultaneously
Public key information, such as ID card information are provided, facial information etc., which data such a user has all can be from the side
It arrives, meets demand of the company to information of different APP.
In order to adapt to different network applications, block chain is that same user generates different account ID, is utmostly protected
Individual privacy, such as the account ID, account ID of Taobao businessman etc. of net about vehicle class.
User registers oneself identity information to application by the account ID generated for network application.In order to prove this account
ID is that user is all, and user can send a verifying transaction to block chain, this account ID is sent to oneself private key signature
Block chain, block chain node can verify account ID and user's signature information, by that can prove that this account ID belongs to
This user.Do not pass through, illustrates that this non-user of this account ID is all.
This account ID can be trusted by rear network application, and user is all thus.User is a there is no need to provide in this way
The sensitive informations such as people's identity card are to network application.By above scheme, user only can provide oneself to network application company
Account ID on block chain, without providing real identity card information, to utmostly protect individual subscriber privacy.And
And the block chain account ID based on different application, it can be also effectively isolated the collection between different application to user information, avoid using
Family information is tracked, leakage.In addition, passport information can also be replaced if in need in the future with this block chain account id information,
Global general-use.
Schematically the present invention and embodiments thereof are described above, description is not limiting, institute in attached drawing
What is shown is also one of embodiments of the present invention, and actual structure is not limited to this.So if the common skill of this field
Art personnel are enlightened by it, without departing from the spirit of the invention, are not inventively designed and the technical solution
Similar frame mode and embodiment, are within the scope of protection of the invention.