CN109862006A - A kind of block catenary system cut-in method, apparatus and system - Google Patents
A kind of block catenary system cut-in method, apparatus and system Download PDFInfo
- Publication number
- CN109862006A CN109862006A CN201910086031.6A CN201910086031A CN109862006A CN 109862006 A CN109862006 A CN 109862006A CN 201910086031 A CN201910086031 A CN 201910086031A CN 109862006 A CN109862006 A CN 109862006A
- Authority
- CN
- China
- Prior art keywords
- key
- catenary system
- chain node
- block chain
- block
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The present invention provides a kind of block catenary system cut-in methods, apparatus and system, this method comprises: receiving the registration request from block chain node;The first biological information of registration user is obtained according to registration request;The first key pair of registration user is generated according to the first biological information;First key discloses the public key for including in block catenary system;Receive the access request from block chain node;It is verified by the digital signature that first key carries the public key for including to access request, wherein, digital signature is formed by block chain node according to the private key that the second key pair includes, and the second key pair is generated by block chain node according to the second biological information of accessing user;If digital signature authentication passes through, allow block chain node access area block catenary system;If digital signature authentication does not pass through, refusal block chain link point accesses block catenary system.This programme can be improved the safety of block catenary system.
Description
Technical field
The present invention relates to field of computer technology, in particular to a kind of block catenary system cut-in method, apparatus and system.
Background technique
Block chain is substantially the database of a decentralization, can not be tampered based on institute's storing data on block chain
Characteristic, block chain are with a wide range of applications in fields such as finance, insurance, medical treatment.It trades when being formed between block chain node
After information, Transaction Information is broadcasted in block catenary system, and the block chain node for receiving Transaction Information passes through common recognition mechanism to friendship
The credibility of easy information is known together, and stores Transaction Information onto block chain after determining that Transaction Information is credible.
When block chain node needs to access block catenary system, block catenary system needs to carry out the identity of block chain node
Verifying, verification process are specially private key generation digital signature of the block chain node using user, and block catenary system utilizes user's
Public key verifies digital signature, and block chain node is just allowed to access after being verified.
For the method for current block chain node access area block catenary system, since the private key of user is generally stored inside user institute
On the block chain node used, the private key that will lead to user if block chain node used by a user is by illegal invasion is let out
Dew, so lawless people then can use get private key access block catenary system, cause the safety of block catenary system compared with
It is low.
Summary of the invention
The embodiment of the invention provides a kind of block catenary system cut-in methods, apparatus and system, can be improved block linkwork
The safety of system.
In a first aspect, the embodiment of the invention provides a kind of block catenary system cut-in methods, comprising:
Receive the registration request from block chain node, wherein the registration request passes through the block by registration user
Chain node is sent;
The first biological information of the registration user is obtained according to the registration request;
The first key pair of the registration user is generated according to first biological information;
The first key discloses the public key for including in the block catenary system;
Receive the access request from the block chain node;
It is verified by the digital signature that the first key carries the public key for including to the access request,
In, the digital signature is formed, second key pair by the block chain node according to the private key that the second key pair includes
It is generated by the block chain node according to the second biological information of accessing user;
If the digital signature authentication passes through, the block chain node is allowed to access the block catenary system;
If the digital signature authentication does not pass through, refuses the block chain node and access the block catenary system.
Optionally, the first key pair that the registration user is generated according to first biological information, comprising:
Selection target inputs the factor from least one input factor of elliptic curve encryption algorithm;
The elliptic curve encryption algorithm is executed after first biological information is inputted the factor as the target, is obtained
The first key pair.
Optionally, it is described the first key discloses the public key for including in the block catenary system after, into
One step includes:
The first key deletes the private key for including from the block catenary system.
Optionally, after the permission block chain node accesses the block catenary system, further comprise:
Receive the Transaction Information from the block chain node, wherein the Transaction Information is by the block chain node benefit
It is signed with the private key that second key pair includes;
It controls the block catenary system and is known together to the public key for including to the Transaction Information using the first key.
Optionally,
First biological information includes: finger print information, iris information or face feature information;
Second biological information includes: finger print information, iris information or face feature information.
Second aspect, the embodiment of the present invention have also passed through a kind of block catenary system access device, comprising: registering unit connects
Receive unit, authentication unit and processing unit;
The registering unit is obtained according to the registration request and is infused for receiving the registration request from block chain node
The first biological information of volume user, and the first key for registering user is generated according to first biological information
It is right, and the first key discloses the public key for including in the block catenary system, wherein the registration request is by institute
Registration user is stated to send by the block chain node;
The receiving unit, for receiving the access request from the block chain node;
The authentication unit, the first key for being disclosed in by the registering unit in the block catenary system
The digital signature carried to the public key for including to the access request that the receiving unit receives is verified, wherein institute
It states digital signature and is formed by the block chain node according to the private key that the second key pair includes, second key pair is by described
Block chain node is generated according to the second biological information of accessing user;
The processing unit, for the verification result according to the authentication unit, if the digital signature authentication passes through,
The block chain node is then allowed to access the block catenary system, if the digital signature authentication does not pass through, described in refusal
Block chain node accesses the block catenary system.
Optionally,
The registering unit, execute it is described according to first biological information generate it is described registration user first
When key pair, for executing following processing:
Selection target inputs the factor from least one input factor of elliptic curve encryption algorithm;
The elliptic curve encryption algorithm is executed after first biological information is inputted the factor as the target, is obtained
The first key pair.
Optionally,
The registering unit, be further used for by the first key to the public key for including in the block catenary system
After open, the first key deletes the private key for including from the block catenary system.
Optionally,
The receiving unit is further used for receiving the Transaction Information from the block chain node, wherein the transaction
Information is signed by the block chain node using the private key that second key pair includes;
The authentication unit is further used for controlling the block catenary system using the first key to the public key for including
It knows together to the Transaction Information that the receiving unit receives.
The third aspect, the embodiment of the invention also provides a kind of block catenary system access systems, comprising: block chain node,
Any block catenary system access device in block catenary system and claim 6 to 9;
The block chain node sends to the block catenary system access device for the triggering according to registration user and registers
Request, and the second key pair is generated according to the second biological information of accessing user, include according to second key pair
Private key form digital signature, and send to the block catenary system access device and to carry the access of the digital signature and ask
It asks.
Block catenary system cut-in method provided in an embodiment of the present invention, apparatus and system pass through receiving registration user
After registration request transmitted by block chain node, the first biological information of registration user is obtained according to registration request, later
According to the first biological information generate registration user first key pair, by first key to the public key for including in block chain
The registration of block chain node is completed after disclosing in system.After receiving from the access request of block chain node, pass through first
The digital signature that the public key that key pair includes carries access request is verified, and then allows block chain node if the verification passes
Block catenary system is accessed, does not otherwise allow block chain node access area block chain node.The digital signature carried due to access request
It is formed by block chain node according to the private key that the second key pair includes, and the second key pair is used by block chain node according to access
Second biological information at family and generate, if registering user and accessing user as same user, the first biological characteristic is believed
Cease identical as the second biological information, and then first key is to identical with the second key pair, thus using first key to packet
The digital signature that the public key included includes access request packet can be verified when verifying, if instead accessing user and registration
User is not that same user then can not pass through the verifying of digital signature.It can be seen that the biological information using user is raw
At key pair, the private key of user will not be stored on block chain node, when block chain node access area block catenary system temporarily generates
The private key of user, the private key for avoiding user is stolen and block catenary system the case where unauthorized access is caused to be occurred, so as to
Improve the safety of block catenary system.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is the present invention
Some embodiments for those of ordinary skill in the art without creative efforts, can also basis
These attached drawings obtain other attached drawings.
Fig. 1 is a kind of flow chart of block catenary system cut-in method provided by one embodiment of the present invention;
Fig. 2 is the schematic diagram of equipment where a kind of block catenary system access device provided by one embodiment of the present invention;
Fig. 3 is a kind of schematic diagram of block catenary system access device provided by one embodiment of the present invention;
Fig. 4 is a kind of schematic diagram of block catenary system access system provided by one embodiment of the present invention;
Fig. 5 is the flow chart of another block catenary system cut-in method provided by one embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is
A part of the embodiment of the present invention, instead of all the embodiments, based on the embodiments of the present invention, those of ordinary skill in the art
Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
As shown in Figure 1, the embodiment of the invention provides a kind of block catenary system cut-in method, this method may include following
Step:
Step 101: receiving the registration request from block chain node, wherein registration request passes through block by registering user
Chain node is sent;
Step 102: the first biological information of registration user is obtained according to registration request;
Step 103: the first key pair of registration user is generated according to the first biological information;
Step 104: first key discloses the public key for including in block catenary system;
Step 105: receiving the access request from block chain node;
Step 106: it is verified by the digital signature that first key carries the public key for including to access request,
In, digital signature is formed by block chain node according to the private key that the second key pair includes, and the second key pair is by block chain node
It is generated according to the second biological information of accessing user;
Step 107: whether the digital signature for judging that access request carries is verified, if so, step 108 is executed, it is no
Then follow the steps 109;
Step 108: allowing block chain node access area block catenary system, and terminate current process;
Step 109: refusal block chain link point accesses block catenary system.
Block catenary system cut-in method provided in an embodiment of the present invention passes through block chain node institute receiving registration user
After the registration request of transmission, the first biological information of registration user is obtained according to registration request, later according to the first biology
Characteristic information generates the first key pair of registration user, after disclosing first key the public key for including in block catenary system
Complete the registration of block chain node.After receiving from the access request of block chain node, by first key to including
The digital signature that public key carries access request is verified, and then allows block chain node access area block linkwork if the verification passes
System, does not otherwise allow block chain node access area block chain node.Since the digital signature of access request carrying is by block chain node
Formed according to the private key that the second key pair includes, and the second key pair by block chain node according to the second of accessing user the biology
Characteristic information and generate, if registering user and accessing user as same user, the first biological information and second biological
Characteristic information is identical, and then first key is to identical with the second key pair, to be docked using first key to the public key for including
Entering when the digital signature that request includes is verified can be verified, if instead accessing user is not same with registration user
User then can not pass through the verifying of digital signature.It can be seen that the biological information using user generates key pair, in area
The private key of user will not be stored on block chain node, when block chain node access area block catenary system temporarily generates the private key of user, keeps away
The private key for having exempted from user is stolen and block catenary system the case where unauthorized access is caused to be occurred, so as to improve block catenary system
Safety.
Optionally, on the basis of block catenary system cut-in method shown in Fig. 1, step 103 is believed according to the first biological characteristic
Breath generates the first key clock synchronization of registration user, specifically can select one from least one input factor of elliptic curve encryption algorithm
A target inputs the factor, and then the first biological information that will acquire inputs after the factor as target and executes elliptic curve encryption calculation
Method obtains the first key pair of registration user.
Elliptic curve encryption algorithm (Elliptic curve cryptography, ECC) include one or more inputs because
Son, the key pair obtained if the value difference of the input factor when executing elliptic curve encryption algorithm is different, due to not having to the life of user
Object characteristic information is different, so as to select one of input factor from each input factor that elliptic curve encryption algorithm includes
The factor is inputted as target, and then executes elliptic curve encryption algorithm using the biological information of user as the target input factor to obtain
The key pair for taking family ensure that different user has different key pairs, and then guarantee the block to access block catenary system
The validity that chain link point is verified.
In addition, selecting one of input factor as target since elliptic curve encryption algorithm includes multiple input factors
The factor is inputted, executes elliptic curve encryption for the biological information of user as the target input factor when obtaining the key pair of user
Algorithm is targeted specifically that input factor for inputting the factor since lawless people can not determine, improves not
Method personnel crack the difficulty of private key for user, so as to further promote the safety of block catenary system.
Optionally, on the basis of block catenary system cut-in method shown in Fig. 1, in step 104 by first key to including
Public key disclosed in block catenary system after, first key deletes the private key for including from block catenary system.
First key discloses the public key for including in block catenary system, so that having accessed the block of block catenary system
The block chain link point that chain node can treat access block catenary system according to the public key being disclosed is verified.By first key
After being disclosed in block catenary system the public key for including, first key deletes the private key for including from block catenary system,
So that lawless people can not obtain the private key of registration user from block catenary system and carry out unauthorized access to block catenary system, from
And it can be further improved the safety of block catenary system.
Optionally, on the basis of block catenary system cut-in method shown in Fig. 1, step 108 allows block chain node to access
After block catenary system, block chain node can access block catenary system, and the block chain node of access block catenary system can be with it
He trades at block chain link point.After block chain node, which is participated in business, generates Transaction Information, block chain node can use
The private key that two key pairs include signs to Transaction Information, can send later to the Transaction Information by signature.?
After receiving the Transaction Information from block chain node, block catenary system can control using the public key of first key pair to transaction
Information common recognition.
During block chain node is participated in business, after block chain node generates Transaction Information, block chain node can be with
The second biological information for obtaining accessing user, regenerates the second key according to the second biological information got
It is right, and then signed using the private key that the second key pair includes to Transaction Information, it will be sent out later by the Transaction Information of signature
Block catenary system is given, and block catenary system can then know together to the public key for including to Transaction Information according to first key,
It is whether credible to verify check information.
Block chain node generates the biological information that user is resurveyed after Transaction Information every time, according to collected
Biological information regenerates the key pair of user, is signed using the private key that generated key pair includes to Transaction Information
Name, knows together to Transaction Information so that block catenary system can use the public key being disclosed, and guarantees the safety of transaction.
Optionally, on the basis of above-mentioned each embodiment provided block catenary system cut-in method, the first biological characteristic
Information may include finger print information, iris information or face feature information, and correspondingly, the second biological information also can wrap
Include finger print information, iris information or face feature information.
Since the fingerprint of different user, iris and facial characteristics are different, using the finger print information of user, iris information or
Face feature information generates the key pair of user, guarantees that different user has different key pairs.In addition, user can basis
Self-demand Selection utilization fingerprint, iris or facial characteristics generate key pair, to meet the individual demand of different user,
Help to be promoted the applicability of the block catenary system cut-in method.
As shown in Figure 2 and Figure 3, the embodiment of the invention provides a kind of block catenary system access devices.Installation practice can be with
By software realization, can also be realized by way of hardware or software and hardware combining.For hardware view, as shown in Fig. 2,
A kind of hardware structure diagram of equipment where block catenary system access device provided in an embodiment of the present invention, in addition to shown in Fig. 2
Except processor, memory, network interface and nonvolatile memory, equipment in embodiment where device usually can be with
Including other hardware, such as it is responsible for the forwarding chip of processing message.Taking software implementation as an example, as shown in figure 3, being patrolled as one
The device in meaning is collected, is to be read computer program instructions corresponding in nonvolatile memory by the CPU of equipment where it
Get what operation in memory was formed.Block catenary system access device provided in this embodiment, comprising: registering unit 301 receives list
Member 302, authentication unit 303 and processing unit 304;
Registering unit 301 obtains registration user according to registration request for receiving the registration request from block chain node
The first biological information, and generate according to the first biological information the first key pair of registration user, and by first
The public key that key pair includes discloses in block catenary system, wherein registration request is sent by registration user by block chain node;
Receiving unit 302, for receiving the access request from block chain node;
Authentication unit 303, the first key for being disclosed in block catenary system by registering unit 301 is to the public affairs for including
The digital signature that key carries the access request that receiving unit 302 receives is verified, wherein digital signature is by block chain link
It o'clock is formed according to the private key that the second key pair includes, the second key pair is by block chain node according to the second biology of accessing user
Characteristic information and generate;
Processing unit 304, if digital signature authentication passes through, allows for the verification result according to authentication unit 303
Block chain node access area block catenary system refuses block chain link point access block linkwork if digital signature authentication does not pass through
System.
Optionally, on the basis of block catenary system access device shown in Fig. 3,
Registering unit 301 is executing the first key clock synchronization for generating registration user according to the first biological information, is being used for
Execute following processing:
Selection target inputs the factor from least one input factor of elliptic curve encryption algorithm;
Elliptic curve encryption algorithm is executed after first biological information is inputted the factor as target, obtains first key pair.
Optionally, on the basis of block catenary system access device shown in Fig. 3,
Registering unit 301 is further used for after disclosing first key the public key for including in block catenary system,
First key deletes the private key for including from block catenary system.
Optionally, on the basis of block catenary system access device shown in Fig. 3,
Receiving unit 302 is further used for receiving the Transaction Information from block chain node, wherein Transaction Information is by area
Block chain node is signed using the private key that the second key pair includes;
It is single to receiving to the public key for including using first key to be further used for control block catenary system for authentication unit 303
The Transaction Information that member 302 receives is known together.
It should be noted that the contents such as information exchange, implementation procedure between each unit in above-mentioned apparatus, due to this
Inventive method embodiment is based on same design, and for details, please refer to the description in the embodiment of the method for the present invention, no longer superfluous herein
It states.
As shown in figure 4, one embodiment of the invention provides a kind of block catenary system access system, which be can wrap
It includes: block chain node 401, block catenary system 402 and any one block catenary system access device provided by the above embodiment
403;
Block chain node 401 is used to send registration to block catenary system access device 403 according to the triggering of registration user and ask
It asks;
Block catenary system access device 403 obtains the first biological characteristic letter of registration user after receiving registration request
Breath, according to the first biological information generate registration user first key pair, and by first key to the public key for including in area
It is disclosed in block catenary system;
Block chain node 401 is also used to generate the second key pair according to the second biological information of accessing user, utilizes
The private key that second key pair includes forms digital signature, and the access request for carrying digital signature is sent to block catenary system and is connect
Enter device 403;
Block catenary system access device 403 is also used to the number carried to the public key for including to access request using first key
Word signature is verified, and is then allowed block chain node 401 to access block catenary system 402 if the verification passes, is otherwise refused block
Chain node access area block catenary system 402.
Block catenary system access system provided in an embodiment of the present invention, when user is registered by block chain link point,
Block catenary system access device generates the key pair of user according to the biological information of user, and includes by generated key pair
Public key be disclosed in block catenary system, when user pass through block chain node access area block catenary system when, block chain node according to
The biological information of user generates the key pair of user, and generates digital signature, Zhi Houyou according to the private key that key pair includes
The access request for carrying digital signature is sent to block catenary system access device, block catenary system access device by block chain node
It can then be verified according to the digital signature that the public key having disclosed carries access request, the block accessed with checking request
Whether chain node has been registered.Since the key of user is not stored on block chain node, but when needing to access
It is temporarily generated according to the biological information of user, the private key so as to avoid user is stolen and causes block catenary system illegal
The case where access, occurs, so as to improve the safety of block catenary system.
Below with reference to block catenary system access system shown in Fig. 4, block catenary system provided in an embodiment of the present invention is connect
Enter method to be described in further detail, as shown in figure 5, this method may include steps of:
Step 501: block chain node sends registration request to block catenary system access device.
In embodiments of the present invention, when user needs through a block chain node access area block catenary system, Yong Huke
To send registration request to block catenary system access device by block chain node.
For example, user A first passes through block chain link when user A needs to access block catenary system C by block chain node B
Point B sends access request to block catenary system access device.
Step 502: the biological information of block catenary system access device acquisition user.
In embodiments of the present invention, block catenary system access device is receiving the registration request for both being from block chain node
Afterwards, block catenary system access device obtains the biological information of user.Specifically, block catenary system access device can pass through
Physical characteristics collecting device on block chain node is set to acquire the biological information of user, so after the completion of acquisition by
Collected biological information is sent to block catenary system access device by block chain node.
For example, block catenary system connects after block catenary system access device receives the registration request from block chain node B
Enter device and send fingerprint collecting instruction to block chain node B, block chain node B is used according to the fingerprint collecting instruction acquisition received
The finger print information of family A, and collected finger print information is sent to block catenary system access device.
Step 503: block catenary system access device generates the first key pair of user according to biological information.
In embodiments of the present invention, block catenary system access device will obtain after getting the biological information of user
The biological information got carries out operation as an input factor of elliptic curve encryption algorithm, and acquisition includes private key and public key
Key pair, using the key pair of acquisition as the first key pair of user.
For example, block catenary system access device will acquire after receiving the finger print information from block chain node B
Finger print information carries out operation as an input factor of elliptic curve encryption algorithm, and acquisition includes the first close of private key A and public key A
Key is to A.
Step 504: block catenary system access device discloses first key to the public key for including in block catenary system.
In embodiments of the present invention, block catenary system access device in the first key for generating user to later, by first
The public key that key pair includes discloses in block catenary system, and first key deletes the private key for including from block catenary system
It removes.
For example, block catenary system access device exists first key to the public key A that A includes after generating first key to A
It is disclosed in block catenary system C, and first key deletes the private key A that A includes, so that block catenary system access device and area
It is stored without private key A in block catenary system C.
Step 505: block chain node generates access request.
In embodiments of the present invention, when a user needs through block chain node access area block catenary system, block chain
Node can generate corresponding access request according to the triggering of user.Specifically, the organism of block chain node acquisition user
Characteristic information carries out operation for collected biological information as an input factor of elliptic curve encryption algorithm, is wrapped
The second key pair of private key and public key is included, forms digital signature using the private key that the second key pair includes later, and then generate
Carry the access request for being generated digital signature.
For example, block chain node B is receiving user when user D needs to access block catenary system by block chain node B
After the triggering of D, block chain node B acquires the finger print information of user D, using the finger print information of user D as elliptic curve encryption algorithm
One input factor carries out operation, and acquisition includes the second key pair D of private key D and public key D.Block chain node B is utilized later
Private key D generates digital signature D, and then forms the access request for carrying and being generated digital signature D.
Step 506: access request is sent to block catenary system access device by block chain node.
In embodiments of the present invention, block chain node, will be generated after generating the access request for carrying digital signature
Access request is sent to block catenary system access device.
Step 507: whether the digital signature that block catenary system access device verifying access request carries passes through, if so,
Step 508 is executed, it is no to then follow the steps 509.
In embodiments of the present invention, block catenary system access device is receiving the access request from block chain node
Afterwards, the corresponding public key being disclosed in block catenary system is obtained according to the identity information of block chain node, and then utilizes and obtains
The digital signature that the public key got carries access request is verified.If the verification passes, illustrate request access block linkwork
The user of system and block chain node is registered in the user of block catenary system before this is the same user, correspondingly executes step
508;If verifying does not pass through, illustrates the user of request access block catenary system and block chain node is registered to block chain before this
The user of system is not the same user, correspondingly executes step 509.
For example, block catenary system access device utilizes public key A after receiving the access request from block chain node B
The digital signature D carried to access request is verified, if be verified to digital signature D, illustrates user D and user A
It is the same user, correspondingly executes step 508, if do not passed through to digital signature D verifying, illustrates user D and user A not
It is the same user, correspondingly executes step 509.
Step 508: block catenary system access device allows block chain node access area block catenary system, and executes step 510.
For example, block catenary system access device allows block chain node B to access block catenary system C.
Step 509: block catenary system access device refuses block chain link point and accesses block catenary system, and terminates current stream
Journey.
For example, block catenary system access device refusal block chain link point B accesses block catenary system C.
Step 510: block chain node sends Transaction Information to block catenary system.
In embodiments of the present invention, block chain node is after being included in block catenary system, and block chain node is participated in business life
After Transaction Information, block chain node resurveys the biological information of user, and collected biological information is made
Operation is carried out for an input factor of elliptic curve encryption algorithm, acquisition includes the second key pair of private key and public key, Zhi Houli
It is signed with the private key that the second key pair includes to Transaction Information, block chain will be sent to by the Transaction Information of signature later
System.
For example, block chain node B after generating Transaction Information B, acquires the finger print information of user D, by the fingerprint of user D
Information carries out operation as an input factor of elliptic curve encryption algorithm, and acquisition includes the second key pair of private key D and public key D
D.Block chain node B signs to Transaction Information B using private key D later, and will be sent to area by the Transaction Information B of signature
Block catenary system C.
Step 511: block catenary system verifies the public key for including to Transaction Information using first key.
In embodiments of the present invention, block catenary system is after receiving Transaction Information transmitted by block chain node, block
Common recognition node included by catenary system obtains corresponding and is disclosed in block catenary system according to the identity information of block chain node
In public key, and then known together using the public key got to the Transaction Information received.
Such as block catenary system C is after receiving the Transaction Information B from block chain node B, block catenary system C packet
The common recognition node included knows together to the public key A that A includes to Transaction Information B using first key.
The embodiment of the invention also provides a kind of readable mediums, including execute instruction, when the processor of storage control is held
When executing instruction described in row, the storage control executes the block catenary system cut-in method that above-mentioned each embodiment provides.
The embodiment of the invention also provides a kind of storage controls, comprising: processor, memory and bus;
The memory is executed instruction for storing, and the processor is connect with the memory by the bus, when
When the storage control is run, the processor executes the described of memory storage and executes instruction, so that the storage
Controller executes the block catenary system cut-in method that above-mentioned each embodiment provides.
In conclusion block catenary system cut-in method, apparatus and system that each embodiment of the present invention provides, at least have
It is following the utility model has the advantages that
1, in embodiments of the present invention, after receiving registration user by registration request transmitted by block chain node,
The first biological information of registration user is obtained according to registration request, and registration is generated according to the first biological information later and is used
The first key pair at family completes the note of block chain node after disclosing first key the public key for including in block catenary system
Volume.After receiving from the access request of block chain node, the public key for including carries access request by first key
Digital signature verified, then allow block chain node access area block catenary system if the verification passes, otherwise do not allow block
Chain node access area block chain node.Since the digital signature that access request carries includes according to the second key pair by block chain node
Private key and formed, and the second key pair is generated by block chain node according to the second biological information of accessing user, such as
Fruit registers user and accessing user as same user, then the first biological information is identical as the second biological information, in turn
First key is to identical with the second key pair, to be signed using the number that first key includes the public key for including to access request packet
Name can be verified when being verified, to digital signature if instead not being same user if instead accessing user and registration user
Verifying can not pass through.It can be seen that the biological information using user generates key pair, will not be stored on block chain node
The private key of user, when block chain node access area block catenary system, temporarily generate the private key of user, and the private key for avoiding user is stolen
And block catenary system the case where unauthorized access is caused to be occurred, so as to improve the safety of block catenary system.
2, in embodiments of the present invention, elliptic curve encryption algorithm includes one or more input factors, executes elliptic curve encryption
The key pair obtained if the value difference of the input factor when algorithm is different, since the biological information for not having to user is different,
So as to selected from each input factor that elliptic curve encryption algorithm includes one of input factor as target input because
Son, and then elliptic curve encryption algorithm is executed using the biological information of user as the target input factor to obtain the key of user
It is right, it ensure that different user has different key pairs, and then guarantee that the block chain link point to access block catenary system is tested
The validity of card.
3, in embodiments of the present invention, since elliptic curve encryption algorithm includes multiple input factors, select one of them defeated
Enter the factor as target input the factor, obtain user key pair when using the biological information of user as target input because
Son executes elliptic curve encryption algorithm, is targeted specifically that input for inputting the factor since lawless people can not determine
The factor improves the difficulty that lawless people cracks private key for user, so as to further promote the safety of block catenary system.
It 4, will in embodiments of the present invention, after disclosing first key the public key for including in block catenary system
First key deletes the private key for including from block catenary system, so that lawless people can not obtain registration from block catenary system
The private key of user and to block catenary system carry out unauthorized access, so as to further increase the safety of block catenary system.
5, in embodiments of the present invention, block chain node resurveys the biological special of user after generating Transaction Information every time
Reference breath, the key pair of user is regenerated according to collected biological information, the private for including using generated key pair
Key signs to Transaction Information, knows together so that block catenary system can use the public key being disclosed to Transaction Information, protects
Demonstrate,prove the safety of transaction.
6, in embodiments of the present invention, due to the fingerprint of different user, iris and facial characteristics difference, the finger of user is utilized
Line information, iris information or face feature information generate the key pair of user, guarantee that different user has different keys
It is right.In addition, user can generate key pair according to self-demand Selection utilization fingerprint, iris or facial characteristics, to meet
The individual demand of different user facilitates the applicability for promoting the block catenary system cut-in method.
It should be noted that, in this document, such as first and second etc relational terms are used merely to an entity
Or operation is distinguished with another entity or operation, is existed without necessarily requiring or implying between these entities or operation
Any actual relationship or order.Moreover, the terms "include", "comprise" or its any other variant be intended to it is non-
It is exclusive to include, so that the process, method, article or equipment for including a series of elements not only includes those elements,
It but also including other elements that are not explicitly listed, or further include solid by this process, method, article or equipment
Some elements.In the absence of more restrictions, the element limited by sentence " including one ", is not arranged
Except there is also other identical factors in the process, method, article or apparatus that includes the element.
Those of ordinary skill in the art will appreciate that: realize that all or part of the steps of above method embodiment can pass through
The relevant hardware of program instruction is completed, and program above-mentioned can store in computer-readable storage medium, the program
When being executed, step including the steps of the foregoing method embodiments is executed;And storage medium above-mentioned includes: ROM, RAM, magnetic disk or light
In the various media that can store program code such as disk.
Finally, it should be noted that the foregoing is merely presently preferred embodiments of the present invention, it is merely to illustrate skill of the invention
Art scheme, is not intended to limit the scope of the present invention.Any modification for being made all within the spirits and principles of the present invention,
Equivalent replacement, improvement etc., are included within the scope of protection of the present invention.
Claims (10)
1. a kind of block catenary system cut-in method characterized by comprising
Receive the registration request from block chain node, wherein the registration request passes through the block chain link by registration user
Point is sent;
The first biological information of the registration user is obtained according to the registration request;
The first key pair of the registration user is generated according to first biological information;
The first key discloses the public key for including in the block catenary system;
Receive the access request from the block chain node;
It is verified by the digital signature that the first key carries the public key for including to the access request, wherein institute
It states digital signature and is formed by the block chain node according to the private key that the second key pair includes, second key pair is by described
Block chain node is generated according to the second biological information of accessing user;
If the digital signature authentication passes through, the block chain node is allowed to access the block catenary system;
If the digital signature authentication does not pass through, refuses the block chain node and access the block catenary system.
2. the method according to claim 1, wherein described according to first biological information generation
Register the first key pair of user, comprising:
Selection target inputs the factor from least one input factor of elliptic curve encryption algorithm;
The elliptic curve encryption algorithm is executed after first biological information is inputted the factor as the target, described in acquisition
First key pair.
3. the method according to claim 1, wherein it is described by the first key to the public key for including in institute
It states after being disclosed in block catenary system, further comprises:
The first key deletes the private key for including from the block catenary system.
4. method according to any one of claims 1 to 3, which is characterized in that allow the block chain node to connect described
After entering the block catenary system, further comprise:
Receive the Transaction Information from the block chain node, wherein the Transaction Information utilizes institute by the block chain node
The private key that the second key pair includes is stated to sign;
It controls the block catenary system and is known together to the public key for including to the Transaction Information using the first key.
5. method according to any one of claims 1 to 3, which is characterized in that
First biological information includes: finger print information, iris information or face feature information;
Second biological information includes: finger print information, iris information or face feature information.
6. a kind of block catenary system access device characterized by comprising registering unit, receiving unit, authentication unit and processing
Unit;
The registering unit obtains registration according to the registration request and uses for receiving the registration request from block chain node
First biological information at family, and the first key pair for registering user is generated according to first biological information,
And the first key discloses the public key for including in the block catenary system, wherein the registration request is by described
User is registered to send by the block chain node;
The receiving unit, for receiving the access request from the block chain node;
The authentication unit, the first key for being disclosed in the block catenary system by the registering unit is to packet
The digital signature that the public key included carries the access request that the receiving unit receives is verified, wherein the number
Word signature is formed by the block chain node according to the private key that the second key pair includes, and second key pair is by the block
Chain node is generated according to the second biological information of accessing user;
The processing unit is permitted for the verification result according to the authentication unit if the digital signature authentication passes through
Perhaps the described block chain node accesses the block catenary system and refuses the block if the digital signature authentication does not pass through
Chain node accesses the block catenary system.
7. device according to claim 6, which is characterized in that
The registering unit is executing the first key that the registration user is generated according to first biological information
Clock synchronization, for executing following processing:
Selection target inputs the factor from least one input factor of elliptic curve encryption algorithm;
The elliptic curve encryption algorithm is executed after first biological information is inputted the factor as the target, described in acquisition
First key pair.
8. device according to claim 6, which is characterized in that
The registering unit is further used for the public key for including disclosing the first key in the block catenary system
Later, the first key deletes the private key for including from the block catenary system.
9. according to the device any in claim 6 to 8, which is characterized in that
The receiving unit is further used for receiving the Transaction Information from the block chain node, wherein the Transaction Information
It is signed by the block chain node using the private key that second key pair includes;
The authentication unit, be further used for controlling the block catenary system using the first key to the public key for including to institute
The Transaction Information that receiving unit receives is stated to know together.
10. a kind of block catenary system access system characterized by comprising block chain node, block catenary system and claim
Any block catenary system access device in 6 to 9;
The block chain node sends registration to the block catenary system access device for the triggering according to registration user and asks
It asks, and the second key pair is generated according to the second biological information of accessing user, include according to second key pair
Private key forms digital signature, and the access request for carrying the digital signature is sent to the block catenary system access device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910086031.6A CN109862006A (en) | 2019-01-29 | 2019-01-29 | A kind of block catenary system cut-in method, apparatus and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910086031.6A CN109862006A (en) | 2019-01-29 | 2019-01-29 | A kind of block catenary system cut-in method, apparatus and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109862006A true CN109862006A (en) | 2019-06-07 |
Family
ID=66896631
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910086031.6A Pending CN109862006A (en) | 2019-01-29 | 2019-01-29 | A kind of block catenary system cut-in method, apparatus and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109862006A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110995837A (en) * | 2019-12-03 | 2020-04-10 | 湖南国奥电力设备有限公司 | Underground cable collected data uploading method and system based on block chain |
| CN111447070A (en) * | 2020-03-26 | 2020-07-24 | 丁莉萍 | Block chain signature verification method and device and storage medium |
| CN112580010A (en) * | 2020-12-23 | 2021-03-30 | 四川虹微技术有限公司 | Biological feature sharing method and device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016128491A1 (en) * | 2015-02-11 | 2016-08-18 | British Telecommunications Public Limited Company | Validating computer resource usage |
| CN106100847A (en) * | 2016-06-14 | 2016-11-09 | 惠众商务顾问(北京)有限公司 | Asymmetric encryption block chain identity information verification method and device |
| CN108650079A (en) * | 2018-03-26 | 2018-10-12 | 厦门快商通信息技术有限公司 | A kind of border safety inspection method and system based on block chain technology |
| CN108702622A (en) * | 2017-11-30 | 2018-10-23 | 深圳前海达闼云端智能科技有限公司 | Mobile network's access authentication method, device, storage medium and block chain node |
-
2019
- 2019-01-29 CN CN201910086031.6A patent/CN109862006A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2016128491A1 (en) * | 2015-02-11 | 2016-08-18 | British Telecommunications Public Limited Company | Validating computer resource usage |
| CN106100847A (en) * | 2016-06-14 | 2016-11-09 | 惠众商务顾问(北京)有限公司 | Asymmetric encryption block chain identity information verification method and device |
| CN108702622A (en) * | 2017-11-30 | 2018-10-23 | 深圳前海达闼云端智能科技有限公司 | Mobile network's access authentication method, device, storage medium and block chain node |
| CN108650079A (en) * | 2018-03-26 | 2018-10-12 | 厦门快商通信息技术有限公司 | A kind of border safety inspection method and system based on block chain technology |
Non-Patent Citations (1)
| Title |
|---|
| 袁勇,王飞跃: ""区块链技术发展现状与展望"", 《自动化学报》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110995837A (en) * | 2019-12-03 | 2020-04-10 | 湖南国奥电力设备有限公司 | Underground cable collected data uploading method and system based on block chain |
| CN111447070A (en) * | 2020-03-26 | 2020-07-24 | 丁莉萍 | Block chain signature verification method and device and storage medium |
| CN111447070B (en) * | 2020-03-26 | 2023-04-07 | 丁莉萍 | Block chain signature verification method and device and storage medium |
| CN112580010A (en) * | 2020-12-23 | 2021-03-30 | 四川虹微技术有限公司 | Biological feature sharing method and device, electronic equipment and storage medium |
| CN112580010B (en) * | 2020-12-23 | 2024-01-30 | 四川虹微技术有限公司 | Biological feature sharing method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11784791B2 (en) | Verifying an identity based on multiple distributed data sources using a blockchain to safeguard the identity | |
| US11936788B1 (en) | Distributed ledger system for identity data storage and access control | |
| US10396985B1 (en) | Federated identity management based on biometric data | |
| CN111046352B (en) | Identity information security authorization system and method based on block chain | |
| CN105429760B (en) | A kind of auth method and system of the digital certificate based on TEE | |
| KR102431834B1 (en) | System and method for carrying strong authentication events over different channels | |
| US10454677B1 (en) | Cryptographic key generation from biometric data | |
| US20180336554A1 (en) | Secure electronic transaction authentication | |
| US11876807B2 (en) | Secure online access control to prevent identification information misuse | |
| WO2020073491A1 (en) | Blockchain-based supply chain payment method, payment collection method, device, apparatus, and medium | |
| CN108959933A (en) | Risk analysis device and method for the certification based on risk | |
| CN110086608A (en) | User authen method, device, computer equipment and computer readable storage medium | |
| CN108989278A (en) | Identification service system and method | |
| WO2019127834A1 (en) | Transaction event processing method and device, terminal apparatus, and medium | |
| CN109150535A (en) | A kind of identity identifying method, equipment, computer readable storage medium and device | |
| CN106603563A (en) | Information safety realization method and system based on biometric features identification | |
| CN105827571B (en) | Multi-modal biological characteristic authentication method and equipment based on UAF agreement | |
| CN108418808A (en) | Identity information changes method, apparatus, terminal device and storage medium | |
| WO2021012904A1 (en) | Data updating method and related device | |
| CN109862006A (en) | A kind of block catenary system cut-in method, apparatus and system | |
| CN102456102A (en) | Method for carrying out identity recertification on particular operation of information system by using Usb key technology | |
| CN112468497B (en) | Block chain terminal equipment authorization authentication method, device, equipment and storage medium | |
| JP2006155547A (en) | Individual authentication system, terminal device and server | |
| US10541813B2 (en) | Incorporating multiple authentication systems and protocols in conjunction | |
| US11968526B2 (en) | Identity management on a mobile device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190607 |
|
| RJ01 | Rejection of invention patent application after publication |