CN110071807B - Block chain point-to-point node authentication method, system and computer readable storage medium - Google Patents

Block chain point-to-point node authentication method, system and computer readable storage medium Download PDF

Info

Publication number
CN110071807B
CN110071807B CN201910225548.9A CN201910225548A CN110071807B CN 110071807 B CN110071807 B CN 110071807B CN 201910225548 A CN201910225548 A CN 201910225548A CN 110071807 B CN110071807 B CN 110071807B
Authority
CN
China
Prior art keywords
node
point
certificate
authentication
block chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910225548.9A
Other languages
Chinese (zh)
Other versions
CN110071807A (en
Inventor
谭林
申涛
李旷
杨征
刘秀
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hunan Tianhe Guoyun Technology Co Ltd
Original Assignee
Hunan Tianhe Guoyun Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan Tianhe Guoyun Technology Co Ltd filed Critical Hunan Tianhe Guoyun Technology Co Ltd
Priority to CN201910225548.9A priority Critical patent/CN110071807B/en
Publication of CN110071807A publication Critical patent/CN110071807A/en
Application granted granted Critical
Publication of CN110071807B publication Critical patent/CN110071807B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a block chain point-to-point node authentication method, a system and a computer readable storage medium, wherein the point-to-point node authentication method comprises a certificate issuing process and a point-to-point authentication process; the certificate issuing process comprises the following steps: the node of the block chain applies for the block chain, and the block chain generates an encryption certificate after being checked and verified to the node applying for the block chain; (II) point-to-point authentication flow: and the node A and the node B perform mutual authentication based on the random code and the certificate. The block chain point-to-point node authentication method, the block chain point-to-point node authentication system and the computer readable storage medium are easy to implement and have the advantages of decentralization and flexible and convenient use.

Description

Block chain point-to-point node authentication method, system and computer readable storage medium
Technical Field
The invention relates to a block chain point-to-point node authentication method, a system and a computer readable storage medium.
Background
The point-to-point technology is the hot technology at present, and the point-to-point technology comprises the following steps: also known as P2P, P2P is an abbreviation for peer-to-peer length in english, i.e., person-to-person. Point-to-point in this patent refers primarily to between two services in a P2P network.
Current peer-to-peer networks either do not have authentication or are certified by a centralized server.
First, many existing peer-to-peer networks do not have any authentication mechanism, that is, any number of points can enter the whole network at any time, and if the peer-to-peer network has strict requirements on nodes, for example, the requirements meet certain performance and stability, the open peer-to-peer network cannot meet the requirements.
Secondly, the traditional certificate issuing, such as WEB, is performed through a centralized organization, which has risks brought by centralization, such as credibility, monopoly, and the like.
Therefore, the invention designs a decentralized authentication mechanism for the point-to-point network based on the block chain, effectively solves the node authentication mechanism in the point-to-point network, and simultaneously avoids the centralization problem of a certificate issuing organization.
Therefore, it is desirable to design a new method, system and computer readable storage medium for blockchain peer-to-peer node authentication.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a block chain point-to-point node authentication method, system and computer readable storage medium, which are easy to implement.
The technical solution of the invention is as follows:
a block chain point-to-point node authentication method is characterized by comprising a certificate signing and issuing process and a point-to-point authentication process;
the certificate issuing process comprises the following steps:
the method comprises the steps that a node needing to be authenticated applies for a block chain contract, and the block chain contract is verified according to a fixed flow and then generates an encryption certificate to the node applying for;
(II) point-to-point authentication flow:
and the node A and the node B perform mutual authentication based on the random code and the certificate.
The certificate issuing process comprises the following steps:
(1) the node provides basic information to apply for a certificate to the blockchain;
(2) and the block chain carries out Hash operation according to the basic information provided by the nodes, and then carries out encryption signature by using a private key of the block chain to generate a certificate to the nodes.
When a node applies for, a transfer is carried out to a fixed account of the block chain to generate a transaction ID, and the block chain contract needs to verify that the node applying for the certificate really provides the mortgage assets through the transaction ID.
The specific flow of the point-to-point authentication is as follows:
(1) after receiving the connection request, a node A sends a random code to a node B, and then waits for the node B to respond;
(2) the node B provides the certificate and original text information when applying for the certificate, and simultaneously responses to the node A after encrypting the received random code by using a private key of the node B;
(3) the node A checks the certificate responded by the node B:
performing hash operation on the certificate original text, decrypting the certificate by using a public key provided by a block chain center, and finally comparing whether the obtained hash values are matched or not;
(4) after the node A verifies the certificate sent by the node B, a public key corresponding to the certificate of the node B is obtained, and the encrypted random code sent by the node B is analyzed by the public key;
(5) and the node A continuously checks whether the random code is matched with the random code sent by the node A, and if so, the verification of the node A and the node B is finished.
A blockchain based point-to-point node authentication system, comprising:
the block chain is used for verifying the authentication request of the node and issuing a certificate;
a node in a blockchain having the following modules:
(1) the certificate request module is used for applying for a certificate to the blockchain;
(2) a module that makes an authentication request to another node: for making an authentication request to another node;
(3) a verification module: verifying authentication data sent by another node, wherein the authentication data comprises a certificate signed and issued by a block chain;
and the block chain point-to-point node authentication method is adopted to implement certificate issuing and point-to-point authentication.
A computer-readable storage medium, having stored thereon a computer program, which, when executed by a processor, is capable of implementing the aforementioned point-to-point node authentication method to implement certificate issuance and point-to-point authentication.
Has the advantages that:
the block chain point-to-point node authentication method, the block chain point-to-point node authentication system and the computer readable storage medium adopt a block chain based certificate issuing and point-to-point authentication scheme, and can bring the following benefits to a point-to-point network:
1. the invention can effectively seal the point-to-point network and provide solid basic support for the closed network.
2. The invention completes coverage from certificate issue to actual authentication, and can be directly applied to a point-to-point network environment needing node authentication.
Drawings
Fig. 1 is a flow diagram of a method, system, and computer-readable storage medium for block chain peer-to-peer node authentication.
Detailed Description
The invention will be described in further detail below with reference to the following figures and specific examples:
example 1:
as shown in fig. 1, the present invention may perform certificate issuance and provide for node authentication in a peer-to-peer network.
Firstly, certificate issuing based on a block chain mainly solves the problem of centralized pain points of the traditional issuing structure, and links an issuing process and an issuing result to form a fair and public certificate record.
The specific issuing process comprises the following steps:
1. nodes mortgage certain assets to ensure stability of the services that can be provided.
2. The node provides basic information to apply for a certificate to the blockchain.
3. The blockchain validates mortgage assets of the node.
4. And the block chain carries out Hash operation according to the basic information provided by the nodes, and then carries out encryption signature by using a private key of the block chain to generate a certificate to the nodes.
Brief introduction to Hash operations: hash, which is generally translated as a Hash, or transliteration, is a process of converting an input of arbitrary length (also called pre-map image) into an output of fixed length by a hashing algorithm, where the output is a Hash value. This transformation is a kind of compression mapping, i.e. the space of hash values is usually much smaller than the space of inputs, different inputs may hash to the same output, so it is not possible to determine a unique input value from a hash value. In short, it is a function of compressing a message of an arbitrary length to a message digest of a certain fixed length.
Secondly, when a node in the peer-to-peer network requests to link the other party, the node immediately requires the other party to perform identity authentication, wherein the authentication direction is bidirectional, namely, the validity of the certificate of the other party is mutually verified.
The authentication process of a specific party is as follows:
1. after receiving the connection request, a node A immediately sends a random code to the past, and then waits for the response of the other party.
2. The opposite node B needs to provide the certificate and the original text information when applying for the certificate, and simultaneously uses the private key of the opposite node B to encrypt the received random code and respond.
3. The node A checks the certificate responded by the node B: and carrying out Hash operation on the certificate original text, decrypting the certificate by using a public key provided by the block chain center, and finally comparing whether the obtained Hash values are matched or not.
4. After the node A verifies the certificate sent by the B, the public key corresponding to the certificate of the B is obtained, and then the encrypted random code sent by the B is verified by using the public key.
5. Node a continues to check whether the random code matches its own past.
And finally, combining certificate issuing and node authentication processes to form a complete set of block chain-based point-to-point node authentication scheme.

Claims (5)

1. A block chain point-to-point node authentication method is characterized by comprising a certificate signing and issuing process and a point-to-point authentication process;
the certificate issuing process comprises the following steps:
the method comprises the steps that a node needing to be authenticated applies for a block chain contract, and the block chain contract is verified according to a fixed flow and then generates an encryption certificate to the node applying for; when a node applies for, transferring accounts to a fixed account of a blockchain to generate a transaction ID, and verifying that the node applying for a certificate really provides mortgage assets through the transaction ID by a blockchain contract;
(II) point-to-point authentication flow:
and the node A and the node B perform mutual authentication based on the random code and the certificate.
2. The method of claim 1, wherein the certificate issuance process comprises the following steps:
(1) the node provides basic information to apply for a certificate to the blockchain;
(2) and the block chain carries out Hash operation according to the basic information provided by the nodes, and then carries out encryption signature by using a private key of the block chain to generate a certificate to the nodes.
3. A method of block chain point-to-point node authentication according to any of claims 1-2, wherein the specific flow of point-to-point authentication is as follows:
(1) after receiving the connection request, a node A sends a random code to a node B, and then waits for the node B to respond;
(2) the node B provides the certificate and original text information when applying for the certificate, and simultaneously responses to the node A after encrypting the received random code by using a private key of the node B;
(3) the node A checks the certificate responded by the node B:
performing hash operation on the certificate original text, decrypting the certificate by using a public key provided by a block chain center, and finally comparing whether the obtained hash values are matched or not;
(4) after the node A verifies the certificate sent by the node B, a public key corresponding to the certificate of the node B is obtained, and the encrypted random code sent by the node B is analyzed by the public key;
(5) and the node A continuously checks whether the random code is matched with the random code sent by the node A, and if so, the verification of the node A and the node B is finished.
4. A block chain based point-to-point node authentication system, comprising:
the block chain is used for verifying the authentication request of the node and issuing a certificate;
a node in a blockchain having the following modules:
(1) the certificate request module is used for applying for a certificate to the blockchain;
(2) a module that makes an authentication request to another node: for making an authentication request to another node;
(3) a verification module: verifying authentication data sent by another node, wherein the authentication data comprises a certificate signed and issued by a block chain;
performing certificate issuance and peer-to-peer authentication using the blockchain peer-to-peer node authentication method of any one of claims 1 to 2.
5. A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, is capable of implementing the peer-to-peer node authentication method as claimed in any one of claims 1-2 to implement certificate issuance and peer-to-peer authentication.
CN201910225548.9A 2019-03-22 2019-03-22 Block chain point-to-point node authentication method, system and computer readable storage medium Active CN110071807B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910225548.9A CN110071807B (en) 2019-03-22 2019-03-22 Block chain point-to-point node authentication method, system and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910225548.9A CN110071807B (en) 2019-03-22 2019-03-22 Block chain point-to-point node authentication method, system and computer readable storage medium

Publications (2)

Publication Number Publication Date
CN110071807A CN110071807A (en) 2019-07-30
CN110071807B true CN110071807B (en) 2022-03-01

Family

ID=67366444

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910225548.9A Active CN110071807B (en) 2019-03-22 2019-03-22 Block chain point-to-point node authentication method, system and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN110071807B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112446701B (en) * 2019-09-03 2024-04-05 上海唯链信息科技有限公司 Identity authentication method, equipment and storage device based on blockchain
CN110601816B (en) * 2019-09-18 2021-09-28 腾讯科技(深圳)有限公司 Lightweight node control method and device in block chain system
CN111131171B (en) * 2019-12-03 2021-05-11 深圳前海微众银行股份有限公司 Node authentication method and device based on block chain network
CN111818074B (en) * 2020-07-17 2022-08-05 上海朝夕网络技术有限公司 Distributed network node authentication method based on chip
CN114285861B (en) * 2021-12-21 2023-03-21 西安交通大学 Decentralized credible identity authentication method based on alliance chain
CN117478302B (en) * 2023-12-28 2024-03-01 湖南天河国云科技有限公司 Block chain-based privacy node identity verification method and device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107592293A (en) * 2017-07-26 2018-01-16 阿里巴巴集团控股有限公司 The means of communication, digital certificate management method, device and electronic equipment between block chain node
CN108182581A (en) * 2017-12-29 2018-06-19 北京欧链科技有限公司 A kind of bookkeeping methods and device of block chain
CN108512667A (en) * 2018-04-16 2018-09-07 北京天德科技有限公司 A kind of certification certificates constructing method based on block chain

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180082290A1 (en) * 2016-09-16 2018-03-22 Kountable, Inc. Systems and Methods that Utilize Blockchain Digital Certificates for Data Transactions

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107592293A (en) * 2017-07-26 2018-01-16 阿里巴巴集团控股有限公司 The means of communication, digital certificate management method, device and electronic equipment between block chain node
CN108182581A (en) * 2017-12-29 2018-06-19 北京欧链科技有限公司 A kind of bookkeeping methods and device of block chain
CN108512667A (en) * 2018-04-16 2018-09-07 北京天德科技有限公司 A kind of certification certificates constructing method based on block chain

Also Published As

Publication number Publication date
CN110071807A (en) 2019-07-30

Similar Documents

Publication Publication Date Title
CN110071807B (en) Block chain point-to-point node authentication method, system and computer readable storage medium
CN110569674B (en) Authentication method and device based on block chain network
CN110958111B (en) Block chain-based identity authentication mechanism of electric power mobile terminal
CN101777978B (en) Method and system based on wireless terminal for applying digital certificate and wireless terminal
CN113328997B (en) Alliance chain crossing system and method
CN101383707A (en) Light-weight authentication system and key algorithm
US20110167258A1 (en) Efficient Secure Cloud-Based Processing of Certificate Status Information
CN113360861B (en) Mortgage loan oriented decentralized identity method based on repeater cross-chain
US11367065B1 (en) Distributed ledger system for electronic transactions
CN113255014B (en) Data processing method based on block chain and related equipment
CN111737715A (en) Decentralized electronic contract online signing method and system
JP2022549070A (en) Computer-implemented methods and systems for storing authenticated data on a blockchain
CN111882410A (en) Tax information query method and system based on block chain
CN115174091A (en) Homomorphic encryption privacy protection method for distributed digital identity
CN110690969A (en) Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties
CN114051031B (en) Encryption communication method, system, equipment and storage medium based on distributed identity
Garba et al. LightCERT4IoTs: Blockchain-based lightweight certificates authentication for IoT applications
Yang et al. UCBIS: An improved consortium blockchain information system based on UBCCSP
CN114172655A (en) Secure multi-party computing data system, method, equipment and data processing terminal
CN113328854A (en) Service processing method and system based on block chain
Liou et al. T-auth: A novel authentication mechanism for the IoT based on smart contracts and PUFs
CN112926983A (en) Block chain-based deposit certificate transaction encryption system and method
Roy et al. Object Oriented approach of Digital certificate based E-Governance mechanism
CN115167975A (en) Block chain clustering system and method
JP2023532356A (en) Proxy method, apparatus and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant