CN109245897B - Node authentication method and device based on non-interactive zero-knowledge proof - Google Patents

Node authentication method and device based on non-interactive zero-knowledge proof Download PDF

Info

Publication number
CN109245897B
CN109245897B CN201810966585.0A CN201810966585A CN109245897B CN 109245897 B CN109245897 B CN 109245897B CN 201810966585 A CN201810966585 A CN 201810966585A CN 109245897 B CN109245897 B CN 109245897B
Authority
CN
China
Prior art keywords
verifier
public key
requester
key
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810966585.0A
Other languages
Chinese (zh)
Other versions
CN109245897A (en
Inventor
刘杨
陈凯敏
关建峰
许长桥
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Posts and Telecommunications
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CN201810966585.0A priority Critical patent/CN109245897B/en
Publication of CN109245897A publication Critical patent/CN109245897A/en
Application granted granted Critical
Publication of CN109245897B publication Critical patent/CN109245897B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention provides a node authentication method and a node authentication device based on non-interactive zero-knowledge proof, wherein a registrant is arranged between a requester and a verifier as a third-party trust mechanism; the registrant generates and sends information in the authentication process between the requester and the verifier, so that in the whole node authentication process, the requester and the verifier do not need information interaction except that the verifier finally informs the requester whether authentication is successful. Therefore, the requesting party can not leak any secret information, so that the high confidentiality of the privacy information of the requesting party is achieved, the requesting party and the verifying party can successfully authenticate without carrying out multiple information interaction, and the efficiency of the node authentication process and the good sensitivity of user experience are improved.

Description

Node authentication method and device based on non-interactive zero-knowledge proof
Technical Field
The invention relates to the technical field of computers, in particular to a node authentication method and device based on non-interactive zero-knowledge proof.
Background
As a new product of the big data era, the mobile crowd sensing network can enable the functions of people to be extremely rich, people who are independent individuals in the society can not only use sensing data in the network, but also can actively upload production data to the network so as to be used by other users, and the users start to serve as data sensing, collecting, analyzing and mining main bodies to spontaneously complete all processes so as to complete sensing tasks published in the network. With the popularization of mobile terminal devices, the mobile crowd sensing network has started to have wide application and has penetrated aspects of social life, such as environmental pollution-free quality monitoring, intelligent transportation travel, municipal management services and the like, which are changing our work and life style widely and profoundly.
However, when many users share the perception data in order to collaborate to complete the same task, they need to collaborate with each other, and in order to ensure that the privacy is not leaked, trust verification needs to be completed between the mobile nodes without disclosing any information to other nodes, and then collaboration notification data is developed.
The traditional node authentication mechanism is generally divided into two types: one is a mechanism based on password checking, but this method has the risk of password theft; the second is a mechanism based on key encryption, but this method has the risk that the key is broken after multiple detections.
Therefore, the two traditional node authentication mechanisms both have the problem that privacy information is leaked in the authentication process to cause node authentication risks, so that a node authentication mode based on zero-knowledge proof is mainly adopted at present, the zero-knowledge proof can prove that the node has secret information under the condition that the privacy information is not leaked, and the problem that the node authentication is completed on the premise that the privacy information is not leaked in the node authentication process is well solved.
However, the traditional node authentication method based on zero-knowledge proof requires that the two authentication parties interact for many times, so that the authentication party can trust the authenticated party only after determining that the proof is not accidental every time.
Disclosure of Invention
In order to solve the problems of low node authentication efficiency and poor user experience in the conventional node authentication mode based on zero knowledge proof, on one hand, the invention provides a node authentication method, which comprises the following steps:
the registrant generates a registrant public key and a registrant private key and broadcasts the registrant public key;
the verifier generates a verifier public key and a verifier private key according to the registrar public key;
the requester initiates registration to the registrar and obtains the master key of the requester, and the registrar informs the master key of the requester to the verifier;
the verifier generates a verification public key according to the registrant public key, the verifier private key and the requester master key and informs the registrant of the verification public key;
the requester obtains a verification result according to the requester master key and the verification public key, and the registrant informs the verification result to the verifier;
the registrant obtains an investigation result according to the registrant public key and the verification public key and informs the investigation result to the verifier;
and the verifier judges whether the verification result is correct or not and informs the requester according to the private key of the verifier, the verification result and the investigation result.
Preferably, the method for requesting the registration party to initiate registration with the registration party and the registration party returning the registration party to request the master key comprises the following steps:
if the registration party agrees with the registration of the requesting party, the registration party returns the requesting party with the master key of the requesting party;
if the registration party does not agree with the registration of the requester, the registration of the requester fails, and the node authentication process is stopped.
Preferably, the registrar calls a registrar key generation algorithm to generate a registrar public key and a registrar private key, the verifier calls a verifier key generation algorithm to generate a verifier public key and a verifier private key, the registrar calls a requester master key generation algorithm to generate a requester master key, the verifier calls a verifier public key generation algorithm to generate a verifier public key, the requester calls a verifier result generation algorithm to obtain a verification result, the registrar calls a verifier public key validity check algorithm to obtain an investigation result, and the verifier calls the verifier result check algorithm to determine whether the verification result is correct.
Preferably, the registry key generation algorithm, the verifier key generation algorithm, the requester master key generation algorithm, the verification public key generation algorithm, the verification result generation algorithm, the verification public key validity check algorithm and the result check algorithm all adopt a high-order group theory and are all stored in the cloud.
Preferably, the survey results include:
if the requester is a legal user, outputting a non-0 natural number;
and if the requester is an illegal user, outputting 0.
Preferably, the verifier is one of the nodes whose verification result is correct.
In another aspect, the present invention provides a node authentication apparatus based on zero knowledge proof, including:
the request module is used for initiating registration to a registration party and acquiring a master key of the request party; or obtaining a verification result according to the main key of the requesting party and the verification public key;
the registration module is used for generating a public key of a registration party and a private key of the registration party and broadcasting the public key of the registration party; or informing the main key of the requesting party to the verifying party; or obtaining an investigation result according to the public key of the registrant and the verification public key, and informing the investigation result to the verifier;
the verification module is used for generating a public key of a verifier and a private key of the verifier; or generating a verification public key according to the registrant public key, the verifier private key and the requester master key, and informing the registrant of the verification public key; or judging whether the verification result is correct or not according to the private key of the verifier, the verification result and the investigation result, and informing the requester.
In yet another aspect, the present invention provides an electronic device for node authentication based on zero knowledge proof, comprising:
the processor and the memory are communicated with each other through a bus; the memory stores program instructions executable by the processor, which invokes the program instructions to perform the methods described above.
In a further aspect, the invention provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the method described above.
The invention provides a node authentication method and a node authentication device based on non-interactive zero-knowledge proof, wherein a registrant is arranged between a requester and a verifier as a third-party trust mechanism; the registrant generates and sends information in the authentication process between the requester and the verifier, so that in the whole node authentication process, the requester and the verifier do not need information interaction except that the verifier finally informs the requester whether authentication is successful. Therefore, the requesting party can not leak any secret information, so that the high confidentiality of the privacy information of the requesting party is achieved, the requesting party and the verifying party can successfully authenticate without carrying out multiple information interaction, and the efficiency of the node authentication process and the good sensitivity of user experience are improved.
Drawings
Fig. 1 is a flowchart illustrating a node authentication method according to a preferred embodiment of the present invention;
fig. 2 is a schematic structural diagram of a node authentication apparatus according to a preferred embodiment of the present invention;
FIG. 3 is a schematic diagram of an electronic device for node authentication according to a preferred embodiment of the present invention;
fig. 4 is a signaling interaction diagram of a node authentication method according to a preferred embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
At present, the mobile crowd sensing network can enrich functions of people, people who are independent individuals in the society can not only use sensing data in the network, but also can actively upload production data to the network so as to be used by other users, and the users start to serve as data sensing, collecting, analyzing and mining main bodies to spontaneously complete all processes so as to complete sensing tasks published in the network. However, when many users share the sensing data in order to cooperate to complete the same task, they need to cooperate with each other, i.e. perform node authentication.
In a traditional node authentication mode, the problems that privacy information is leaked in the authentication process to cause node authentication risks, or the node authentication efficiency is low and the user experience is poor exist.
Fig. 1 is a schematic flow chart of a node authentication method according to a preferred embodiment of the present invention, and as shown in fig. 1, the present invention provides a node authentication method, including:
step S101, a registrant generates a registrant public key and a registrant private key and broadcasts the registrant public key;
step S102, the verifier generates a verifier public key and a verifier private key according to the registrant public key;
step S103, the requester initiates registration and acquires the requester master key, and the registrar informs the verifier of the requester master key;
step S104, the verifier generates a verification public key according to the registrant public key, the verifier private key and the requester master key, and informs the registrant of the verification public key;
step S105, the requester obtains a verification result according to the requester master key and the verification public key, and the registrant informs the verification result to the verifier;
step S106, the registrant obtains an investigation result according to the registrant public key and the verification public key and informs the investigation result to the verifier;
and S107, the verifier judges whether the verification result is correct or not and informs the requester according to the verifier private key, the verification result and the investigation result.
Specifically, the registrant is generally served by a task publisher, generates a private and public key pair of the registrant, namely a registrant public key and a registrant private key, and broadcasts the registrant public key in the network; after capturing the public key of the registrant in the network, the verifier takes some elements as self generating elements to generate a self public and private key pair, namely the verifier public key and the verifier private key; the requester initiates a registration task to the registrar, and if the requester successfully registers, the registrar sends a requester master key to the requester and informs the verifier of the requester master key; and the verifier generates a verification public key and informs the registrar according to the registrar public key, the verifier private key and the requester master key.
Then, the requester obtains a verification result according to the requester master key and the verification public key, and the registrant informs the verification result of the verification result; and the registrant obtains the investigation result according to the registrant public key and the verification public key and informs the verifier of the investigation result.
And finally, after the verifying party obtains the verification result and the investigation result, judging whether the verification result is correct or not by combining the private key of the verifying party and informing the requesting party of the verification result. The verifier calculates the verification result and the investigation result by combining the private key of the verifier; if the calculation result reaches the expectation, the verification result is correct, the requester is judged to be a legal user, and the verifier informs the requester that the authentication is successful; if the calculation result is not expected, the verification result is incorrect, the requester is judged to be an illegal user, and the verifier informs the requester of the failure of authentication.
In the embodiment of the invention, the registrant is used as a third-party trust mechanism, and the information for authentication is transmitted before the requester and the verifier, so that in the whole node authentication process, the requester and the verifier do not need information interaction except that the verifier finally informs the requester whether the authentication is successful. Therefore, the requesting party can not leak any secret information, so that the privacy information of the requesting party is highly confidential, the requesting party and the verifying party can be successfully authenticated without performing multiple information interaction, and the node authentication process and the user experience are improved.
Based on the above embodiment, the method for initiating registration by a registrar and returning the requester to the registrar to request a master key includes:
if the registration party agrees with the registration of the requesting party, the registration party returns the requesting party with the master key of the requesting party;
if the registration party does not agree with the registration of the requester, the registration of the requester fails, and the node authentication process is stopped.
Further, the registrar calls a registrar key generation algorithm to generate a registrar public key and a registrar private key, the verifier calls a verifier key generation algorithm to generate a verifier public key and a verifier private key, the registrar calls a requester master key generation algorithm to generate a requester master key, the verifier calls a verification public key generation algorithm to generate a verification public key, the requester calls a verification result generation algorithm to obtain a verification result, the registrar calls a verification public key validity check algorithm to obtain an investigation result, and the verifier calls a result check algorithm to determine whether the verification result is correct.
It should be noted that the registrar key generation algorithm, the authenticator key generation algorithm, the requester master key generation algorithm, the authentication public key generation algorithm, the authentication result generation algorithm, the authentication public key validity check algorithm, and the result check algorithm all adopt a high-order group theory and are all stored in the cloud.
Based on the above embodiment, the registrar obtains an investigation result according to the registrar public key and the verification public key, where the investigation result includes:
if the requester is a legal user, outputting a non-0 natural number;
and if the requester is an illegal user, outputting 0.
It should be noted that the verifier is one of the nodes whose verification result is correct.
Fig. 4 is a signaling interaction diagram of a node authentication method according to a preferred embodiment of the present invention, and as shown in fig. 4, an embodiment of the present invention provides a complete embodiment for explaining a specific application process of the node authentication method of the present invention, and sequence numbers in the following description correspond to sequence numbers in fig. 4.
The specific application process of the node authentication method comprises the following steps:
1. the registrant generates a registrant public key and a registrant private key, broadcasts the registrant public key, and the verifier captures the registrant public key in the broadcast;
2. the verifier generates a verifier public key and a verifier private key according to the registrant public key and informs the registrant of the verifier public key;
3-5, the requester initiates registration and acquires a requester master key, and the registrar informs the requester and the verifier of the requester master key;
6-7, the verifier generates a verification public key according to the registrant public key, the verifier private key and the requester master key, and informs the registrant of the verification public key; after the registrant obtains the verification public key, the registrant informs the requester of the verification public key;
8-9, the requester obtains a verification result and informs the registrar according to the requester master key and the verification public key; after the registrant obtains the verification result, the registrant informs the verifier of the verification result;
10. the registrant obtains an investigation result according to the registrant public key and the verification public key and informs the investigation result to the verifier;
11. and the verifier judges whether the verification result is correct or not and informs the requester according to the private key of the verifier, the verification result and the investigation result.
Fig. 2 is a schematic structural diagram of a node authentication apparatus according to a preferred embodiment of the present invention, and as shown in fig. 2, an embodiment of the present invention provides a node authentication apparatus based on zero-knowledge proof, the apparatus including a request module 201, a registration module 202, and a verification module 203, where:
a request module 201, configured to initiate registration with a registrar and obtain a master key of the requestor; or obtaining a verification result according to the main key of the requesting party and the verification public key;
the registration module 202 is configured to generate a registrar public key and a registrar private key, and broadcast the registrar public key; or informing the main key of the requesting party to the verifying party; or obtaining an investigation result according to the public key of the registrant and the verification public key, and informing the investigation result to the verifier;
the verification module 203 is used for generating a public key of a verifier and a private key of the verifier; or generating a verification public key according to the registrant public key, the verifier private key and the requester master key, and informing the registrant of the verification public key; or judging whether the verification result is correct or not according to the private key of the verifier, the verification result and the investigation result, and informing the requester.
Fig. 3 is a schematic structural diagram of an electronic device for node authentication according to a preferred embodiment of the present invention, and as shown in fig. 3, an embodiment of the present invention provides an electronic device for node authentication based on zero-knowledge proof, which includes a processor 301, a memory 302 and a bus 303;
wherein, the processor 301 and the memory 302 complete the communication with each other through the bus 303;
processor 301 is configured to call program instructions in memory 302 to perform the methods provided by the various method embodiments described above, including, for example:
the registrant generates a registrant public key and a registrant private key and broadcasts the registrant public key;
the verifier generates a verifier public key and a verifier private key according to the registrar public key;
the requester initiates registration to the registrar and obtains the master key of the requester, and the registrar informs the master key of the requester to the verifier;
the verifier generates a verification public key according to the registrant public key, the verifier private key and the requester master key and informs the registrant of the verification public key;
the requester obtains a verification result according to the requester master key and the verification public key, and the registrant informs the verification result to the verifier;
the registrant obtains an investigation result according to the registrant public key and the verification public key and informs the investigation result to the verifier;
and the verifier judges whether the verification result is correct or not and informs the requester according to the private key of the verifier, the verification result and the investigation result.
An embodiment of the present invention discloses a computer program product, which includes a computer program stored on a non-transitory computer readable storage medium, where the computer program includes program instructions, and when the program instructions are executed by a computer, the computer can execute the method provided by the above method embodiments, for example, the method includes:
the registrant generates a registrant public key and a registrant private key and broadcasts the registrant public key;
the verifier generates a verifier public key and a verifier private key according to the registrar public key;
the requester initiates registration to the registrar and obtains the master key of the requester, and the registrar informs the master key of the requester to the verifier;
the verifier generates a verification public key according to the registrant public key, the verifier private key and the requester master key and informs the registrant of the verification public key;
the requester obtains a verification result according to the requester master key and the verification public key, and the registrant informs the verification result to the verifier;
the registrant obtains an investigation result according to the registrant public key and the verification public key and informs the investigation result to the verifier;
and the verifier judges whether the verification result is correct or not and informs the requester according to the private key of the verifier, the verification result and the investigation result.
An embodiment of the present invention provides a non-transitory computer-readable storage medium, where the non-transitory computer-readable storage medium stores computer instructions, and the computer instructions cause a computer to execute the method provided by the foregoing method embodiments, for example, the method includes:
the registrant generates a registrant public key and a registrant private key and broadcasts the registrant public key;
the verifier generates a verifier public key and a verifier private key according to the registrar public key;
the requester initiates registration to the registrar and obtains the master key of the requester, and the registrar informs the master key of the requester to the verifier;
the verifier generates a verification public key according to the registrant public key, the verifier private key and the requester master key and informs the registrant of the verification public key;
the requester obtains a verification result according to the requester master key and the verification public key, and the registrant informs the verification result to the verifier;
the registrant obtains an investigation result according to the registrant public key and the verification public key and informs the investigation result to the verifier;
and the verifier judges whether the verification result is correct or not and informs the requester according to the private key of the verifier, the verification result and the investigation result.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
The above-described embodiments of the apparatuses and devices are merely illustrative, and units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the embodiment of the present invention. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods of the various embodiments or some parts of the embodiments.
The invention provides a node authentication method and a node authentication device based on non-interactive zero-knowledge proof, wherein a registrant is arranged between a requester and a verifier as a third-party trust mechanism; the registrant generates and sends information in the authentication process between the requester and the verifier, so that in the whole node authentication process, the requester and the verifier do not need information interaction except that the verifier finally informs the requester whether authentication is successful. Therefore, the requesting party can not leak any secret information, so that the high confidentiality of the privacy information of the requesting party is achieved, the requesting party and the verifying party can successfully authenticate without carrying out multiple information interaction, and the efficiency of the node authentication process and the good sensitivity of user experience are improved.
Finally, the method of the present invention is only a preferred embodiment and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (9)

1. A node authentication method, comprising:
the registrant generates a registrant public key and a registrant private key and broadcasts the registrant public key;
the verifier generates a verifier public key and a verifier private key according to the registrar public key;
the requester initiates registration to the registrar and obtains a requester master key, and the registrar informs the verifier of the requester master key;
the verifier generates a verification public key according to the registrant public key, the verifier private key and the requester master key and informs the registrant of the verification public key;
the requester obtains a verification result according to the requester master key and the verification public key, and the registrant informs the verification result to the verifier;
the registrant obtains an investigation result according to the registrant public key and the verification public key and informs the verifier of the investigation result;
and the verifier judges whether the verification result is correct or not according to the verifier private key, the verification result and the investigation result, and informs the requester.
2. The node authentication method as claimed in claim 1, wherein the requesting party initiates registration with the registering party, and the registering party returns the requesting party with a requesting party master key, comprising:
if the registrant agrees with the registration of the requester, the registrant returns the requester with a requester master key;
and if the registrant does not agree with the registration of the requester, the registration of the requester fails, and the node authentication process is stopped.
3. The node authentication method as claimed in claim 1, wherein the registrar invokes a registrar key generation algorithm to generate the registrar public key and the registrar private key, the verifier invokes a verifier key generation algorithm to generate the verifier public key and the verifier private key, the registrar invokes a requester master key generation algorithm to generate the requester master key, the verifier invokes a verifier public key generation algorithm to generate the verification public key, the supplicant invokes a verification result generation algorithm to obtain the verification result, the registrar invokes a verification public key validity check algorithm to obtain the investigation result, and the verifier invokes a result check algorithm to determine whether the verification result is correct.
4. The node authentication method according to claim 3, wherein the registrar key generation algorithm, the verifier key generation algorithm, the requester master key generation algorithm, the verification public key generation algorithm, the verification result generation algorithm, the verification public key validity check algorithm, and the result check algorithm all adopt a high-order group theory and are stored in the cloud.
5. The node authentication method according to claim 1, wherein the investigation result comprises:
if the requester is a legal user, outputting a non-0 natural number;
and if the requester is an illegal user, outputting 0.
6. The node authentication method according to claim 1, wherein the verifier is one of the nodes whose verification result is correct.
7. A node authentication apparatus, comprising:
the registration module is used for generating a public key of a registrant and a private key of the registrant and broadcasting the public key of the registrant;
the verifying module is used for generating a verifying party public key and a verifying party private key according to the registrant public key;
the system comprises a request module, a verification module and a request module, wherein the request module is used for initiating registration to a registration party and acquiring a master key of a request party, and the registration party informs the master key of the request party to the verification party;
the verification module is further configured to generate a verification public key according to the registrar public key, the verifier private key and the requester master key, and notify the registrar of the verification public key;
the request module is further configured to obtain a verification result according to the requester master key and the verification public key, and the registrar informs the verification result to the verifier;
the registration module is further configured to obtain an investigation result according to the registrant public key and the verification public key, and notify the verifier of the investigation result;
the verification module is further configured to determine whether the verification result is correct according to the private key of the verifier, the verification result, and the investigation result, and notify the requestor of the result.
8. An electronic device for node authentication, comprising:
the processor and the memory are communicated with each other through a bus; the memory stores program instructions executable by the processor, the processor invoking the program instructions to perform the method of any of claims 1 to 6.
9. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1 to 6.
CN201810966585.0A 2018-08-23 2018-08-23 Node authentication method and device based on non-interactive zero-knowledge proof Active CN109245897B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810966585.0A CN109245897B (en) 2018-08-23 2018-08-23 Node authentication method and device based on non-interactive zero-knowledge proof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810966585.0A CN109245897B (en) 2018-08-23 2018-08-23 Node authentication method and device based on non-interactive zero-knowledge proof

Publications (2)

Publication Number Publication Date
CN109245897A CN109245897A (en) 2019-01-18
CN109245897B true CN109245897B (en) 2020-06-19

Family

ID=65068105

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810966585.0A Active CN109245897B (en) 2018-08-23 2018-08-23 Node authentication method and device based on non-interactive zero-knowledge proof

Country Status (1)

Country Link
CN (1) CN109245897B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110224837B (en) * 2019-06-06 2021-11-19 西安纸贵互联网科技有限公司 Zero-knowledge proof method and terminal based on distributed identity
CN111245626B (en) * 2020-01-19 2021-05-18 平安科技(深圳)有限公司 Zero knowledge proving method, device and storage medium
CN112636922B (en) * 2020-12-21 2022-05-03 电子科技大学 IOT identity authentication method based on non-interactive zero-knowledge proof
CN113783705A (en) * 2021-11-12 2021-12-10 北京华云安信息技术有限公司 Zero knowledge proof method, verification terminal, equipment and storage medium of key
CN114760067B (en) * 2022-03-30 2023-09-12 西安电子科技大学 Privacy security protection method for blockchain crowd sensing system by using zero knowledge proof

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008022158A2 (en) * 2006-08-14 2008-02-21 The Regents Of The University Of California System for non-interactive zero-knowledge proofs
CN101175076A (en) * 2007-10-23 2008-05-07 赵运磊 High-efficiency, deniable, safety-unforgeable cryptographic key exchanging protocol of on-line computation
CN102263639A (en) * 2010-05-31 2011-11-30 索尼公司 Authentication device, authentication method, program, and signature generation device
WO2015055765A1 (en) * 2013-10-16 2015-04-23 Thomson Licensing Method for generating a quasi-adaptive non-interactive zero-knowledge proof and corresponding electronic device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2860905A1 (en) * 2013-10-09 2015-04-15 Thomson Licensing Method for ciphering a message via a keyed homomorphic encryption function, corresponding electronic device and computer program product
CN104717067B (en) * 2013-12-17 2018-02-23 中国移动通信集团辽宁有限公司 Safe verification method, equipment and system based on non-interactive type Zero Knowledge
US10791123B2 (en) * 2015-11-25 2020-09-29 Yaron Gvili Selectivity in privacy and verification with applications
US20180034636A1 (en) * 2017-09-12 2018-02-01 QED-it Systems LTD Method and system for creating public randomness

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008022158A2 (en) * 2006-08-14 2008-02-21 The Regents Of The University Of California System for non-interactive zero-knowledge proofs
CN101175076A (en) * 2007-10-23 2008-05-07 赵运磊 High-efficiency, deniable, safety-unforgeable cryptographic key exchanging protocol of on-line computation
CN102263639A (en) * 2010-05-31 2011-11-30 索尼公司 Authentication device, authentication method, program, and signature generation device
WO2015055765A1 (en) * 2013-10-16 2015-04-23 Thomson Licensing Method for generating a quasi-adaptive non-interactive zero-knowledge proof and corresponding electronic device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于非交互零知识证明的匿名电子调查系统;柳璐;《网络与信息安全学报》;20161231;第2卷(第12期);第3节 *

Also Published As

Publication number Publication date
CN109245897A (en) 2019-01-18

Similar Documents

Publication Publication Date Title
CN109245897B (en) Node authentication method and device based on non-interactive zero-knowledge proof
Mukta et al. Blockchain-based verifiable credential sharing with selective disclosure
CN109983466A (en) A kind of account management system and management method, storage medium based on block chain
CN108769230B (en) Transaction data storage method, device, server and storage medium
CN108537046A (en) A kind of online contract signature system and method based on block chain technology
CN112000744B (en) Signature method and related equipment
US9973491B2 (en) Determining an identity of a third-party user in an SAML implementation of a web-service
US20210241270A1 (en) System and method of blockchain transaction verification
KR20210064076A (en) Anonymous credential authentication system and method thereof
US11575667B1 (en) System and method for secure communications
CN113129008B (en) Data processing method, device, computer readable medium and electronic equipment
CN110610418B (en) Transaction state query method, system, device and storage medium based on block chain
CN113364763B (en) Verifiable statement generation method and device, electronic equipment and storage medium
CN114553440A (en) Cross-data center identity authentication method and system based on block chain and attribute signature
CN108833105B (en) Electronic signature method and device
CN116506227B (en) Data processing method, device, computer equipment and storage medium
CN111552950B (en) Software authorization method and device and computer readable storage medium
US11902451B2 (en) Cross-blockchain identity and key management
Dimitriou et al. “I wasn’t there”—Deniable, privacy-aware scheme for decentralized Location-based Services
CN113194082B (en) Identity verification method based on block chain, block chain platform and operator platform
CN111723347B (en) Identity authentication method, identity authentication device, electronic equipment and storage medium
CN112036884A (en) Signature method and related equipment
Chan et al. Private blockchain for visitor authentication and access control
CN113810426B (en) Access system, method and device of instant messaging service
CN113992380B (en) Trusted employee certificate authentication method and system based on network mapping certificate

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant