CN110213263A - Auth method, equipment and storage medium based on alliance's block chain - Google Patents
Auth method, equipment and storage medium based on alliance's block chain Download PDFInfo
- Publication number
- CN110213263A CN110213263A CN201910466957.8A CN201910466957A CN110213263A CN 110213263 A CN110213263 A CN 110213263A CN 201910466957 A CN201910466957 A CN 201910466957A CN 110213263 A CN110213263 A CN 110213263A
- Authority
- CN
- China
- Prior art keywords
- service node
- user
- block chain
- alliance
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the present invention provides a kind of auth method based on alliance's block chain, equipment and storage medium.This method includes that the first service node in alliance's block chain receives the logging request that user node is sent to its first IP address, it include the user name that user submits in logging request, block chain mark, the first encryption data and the encryption information of the second service node in alliance's block chain;It is identified according to the block chain of second service node, the second IP address of second service node is searched in the account book of alliance's block chain, and forwarding message is sent to the second IP address, forwarding in message includes the first encryption data, user name and encryption information, so that the second encryption data that the first encryption data is calculated second service node with its own compares;The comparing result that second service node is sent is received, if the two is identical, it is determined that be verified, otherwise authentication failed.The embodiment of the present invention improves the safety and efficiency of authentication.
Description
Technical field
The present embodiments relate to block chain technical field more particularly to a kind of authentication sides based on alliance's block chain
Method, equipment and storage medium.
Background technique
There are many Internet Service Providers (Internet Service Provider, abbreviation on the internet
ISP)/Web content service provider (Internet Content Provider, abbreviation ICP), each user are enjoying ISP/ICP
It must be registered on the ISP/ICP before the service of offer, for example currently everyone generally has wechat, Alipay etc. each
Kind of APP, and if each APP is registered, and if the account registered on different APP as password, is easy to
Library attack is hit, the safety of account is lower, and if the account registered on different APP, password are different, and hold very much
Easily pass into silence, give for change again account, password it is cumbersome.
Summary of the invention
The embodiment of the present invention provides a kind of auth method based on alliance's block chain, equipment and storage medium, to
When improving user using Internet service, the efficiency and safety of authentication avoid user from remembering a large number of users name and password
Trouble, solve the problems, such as the username and password of the multiple Internet services of user it is consistent caused by be easy hit library attack.
In a first aspect, the embodiment of the present invention provides a kind of auth method based on alliance's block chain, this method comprises:
First service node in alliance's block chain receives the logging request that user node is sent to its first IP address, institute
The user name including user's submission in logging request is stated, the block chain mark of the second service node in alliance's block chain,
First encryption data and encryption information, wherein the user registered the user name on the second service node,
The encryption information includes the block chain mark of the first service node, and first encryption data is the user node root
Corresponding first user key of the user name and the encryption information according to user input, using preset algorithm to described
The random number of the newest publication of second service node carries out encryption acquisition;The first service node is according to the second service section
The block chain mark of point, searches the second IP address of the second service node in the account book of alliance's block chain, and to
Second IP address sends forwarding message, includes first encryption data, the user name and institute in the forwarding message
Encryption information is stated, so that the second encryption number that first encryption data is calculated the second service node with its own
According to comparing, wherein second encryption data is the second service node according to the encryption information and the user
The second user key being arranged when registering the user name carries out encryption acquisition to the random number using the preset algorithm
's;The first service node receives the comparing result that the second service node is sent, if first encryption data and institute
It is identical to state the second encryption data, it is determined that the authentication of the user passes through, and otherwise authentication fails.
In one embodiment, the encryption information further include: timestamp.
In one embodiment, the first service node in alliance's block chain receives user node to its first IP
Before the logging request that address is sent, the method also includes:
The first service node obtains the newest publication of second service node from the account book of alliance's block chain
Random number, and the random number is sent to the user node.
In one embodiment, the user node is used to generate the random number of first encryption data, is described
User node, which is searched from the account book of alliance's block chain, to be obtained.
Second aspect, the embodiment of the present invention provide a kind of service node, and the service node is suitable for a kind of alliance's block
Chain, the service node include:
Memory;
Processor;
Communication interface;And
Computer program;
Wherein, the computer program stores in the memory, and is configured as being executed by the processor following
Operation:
Receive the logging request that the first IP address of the service node where user node to its is sent, the logging request
In include user name that user submits, the block chain mark of the second service node in alliance's block chain, the first encryption number
According to and encryption information, wherein the user registered the user name on the second service node, the encryption letter
Breath includes the block chain mark of the service node where the processor, and first encryption data is the user node
According to corresponding first user key of the user name of user input and the encryption information, using preset algorithm to institute
The random number for stating the newest publication of second service node carries out encryption acquisition;According to the block chain mark of the second service node
Know, the second IP address of the second service node is searched in the account book of alliance's block chain, and to the 2nd IP
Location sends forwarding message, including first encryption data, the user name and the encryption information in the forwarding message, with
Compare the second service node by the second encryption data that first encryption data is calculated with its own,
In, second encryption data is second service node user name according to the encryption information and the user's registration
When the second user key that is arranged, encryption acquisition is carried out to the random number using the preset algorithm;Receive described second
The comparing result that service node is sent, if first encryption data is identical with second encryption data, it is determined that the use
The authentication at family passes through, and otherwise authentication fails.
In one embodiment, the encryption information further include: timestamp.
In one embodiment, the processor is executing first of the service node where receiving user node to its
Before the logging request that IP address is sent, it is also used to:
The random number of the newest publication of second service node is obtained from the account book of alliance's block chain, and will be described
Random number is sent to the user node.
In one embodiment, the user node is used to generate the random number of first encryption data, is described
User node, which is searched from the account book of alliance's block chain, to be obtained.
The third aspect, the embodiment of the present invention provide a kind of alliance's block chain, which includes above-mentioned second aspect
The service node.
Fourth aspect, the embodiment of the present invention provide a kind of computer readable storage medium, are stored thereon with computer program,
The computer program is executed by processor to realize method described in first aspect.
Provided in an embodiment of the present invention in the auth method of alliance's block chain, equipment and storage medium, alliance
First service node in block chain receive user node be sent to it to second service node block chain mark, use
After name in an account book, the first encryption data and encryption information, the account book from alliance's block chain is identified according to the block chain of second service node
It is middle to search the second IP address for obtaining second service node, and the user is sent to second service node according to the second IP address
Name, first encryption data and the encryption information, are arranged when so that second service node is according to the user's registration user name
Second user key, the encryption information, encryption life is carried out using random data of the preset algorithm to its own newest publication
It is compared at the second encryption data, and by the first encryption data and the second encryption data, first service node is tied according to comparison
Fruit obtains the result of subscriber authentication.Technical solution based on the embodiment of the present invention, as long as user is in alliance's block chain
User name and user key are had registered on upper any service node, so that it may log in area, alliance using the user name and user key
Other service nodes on block chain, and enjoy the service of the service node remember a large number of users name and close so as to avoid user
The trouble of key improves the convenience of authentication, and the embodiment of the present invention is by using P2P for the verification information in verification process
The mode of (being sent directly in the IP address of recipient) is sent to recipient, so that verification information is not recorded in area, alliance
It in block chain, can be avoided that verification information is obtained by a hacker in this way, reduce the risk for hitting library attack, in addition, since the present invention is implemented
The random number of example is to be regularly published by the second service node in alliance's block and be recorded in the account book of alliance's block chain, because
And user node can directly obtain the random number from the account book of alliance's block chain, without the forwarding of other nodes, into
And further improve the efficiency of authentication.
Detailed description of the invention
Fig. 1 is a kind of schematic diagram of communication system provided in an embodiment of the present invention;
Fig. 2 is a kind of flow chart of the auth method based on alliance's block chain provided in an embodiment of the present invention;
Fig. 3 is a kind of flow chart of auth method based on alliance's block chain provided in an embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of service node provided in an embodiment of the present invention.
Through the above attached drawings, it has been shown that the specific embodiment of the disclosure will be hereinafter described in more detail.These attached drawings
It is not intended to limit the scope of this disclosure concept by any means with verbal description, but is by referring to specific embodiments
Those skilled in the art illustrate the concept of the disclosure.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all implementations consistent with this disclosure.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the disclosure.
Auth method provided in an embodiment of the present invention based on alliance's block chain, it is intended to solve in the prior art if
The account that user registers in different application programs (APP) is as password, it is easy to be hit library attack, the safety of account
It is lower, and if the account registered on different APP, password are different, and be easy to pass into silence, give account, close for change again
The cumbersome technical problem of code, particularly, the embodiment of the present invention also focuses on the basis of solving above-mentioned technical problem
Improve the efficiency of authentication.This method can be adapted for communication system shown in FIG. 1.As shown in Figure 1, the communication system packet
Include: first service node 11, second service node 12, user node 13, third service node 14, the 4th service node 15, with
And the 5th service node 16, wherein first service node 11, second service node 12, user node 13, third service node
14, the 4th service node 15 and the 5th service node 16 belong to same alliance's block chain.Wherein, second service node 12,
Three service nodes 14, the 4th service node 15 and the 5th service node 16 can provide different services for user, and citing comes
It says, second service node 12, third service node 14, the 4th service node 15 and the 5th service node 16 can be used respectively
In offer " pushing away spy " service, " facebook " service, " wechat " service and " Alipay " service, certainly it is only for illustrate without
It is uniquely to limit.In addition, only schematically illustrate herein, the structure and alliance's block chain of alliance's block chain are not limited
Node number.
How technical solution of the present invention and technical solution of the present invention are solved with specifically embodiment below above-mentioned
Technical problem is described in detail.These specific embodiments can be combined with each other below, for the same or similar concept
Or process may repeat no more in certain embodiments.Below in conjunction with attached drawing, the embodiment of the present invention is described.
Fig. 2 is a kind of flow chart of the auth method based on alliance's block chain provided in an embodiment of the present invention.The party
Method is suitable for a kind of alliance's block chain, and the structure of alliance's block chain is referred to Fig. 1, and specific step is as follows for this method:
First service node in step 201, alliance's block chain receives user node and steps on to what its first IP address was sent
Record is requested, and includes the user name that user submits, the area of the second service node in alliance's block chain in the logging request
Block chain mark, the first encryption data and encryption information.
Wherein, the user registered the user name on the second service node, and the encryption information includes institute
The block chain mark of first service node is stated, first encryption data is the institute that the user node is inputted according to the user
Corresponding first user key of user name and the encryption information are stated, using preset algorithm to the newest hair of second service node
The random number of cloth carries out encryption acquisition.
Step 202, the first service node are identified according to the block chain of the second service node, in the area, alliance
The second IP address of the second service node is searched in the account book of block chain, and sends forwarding message to second IP address,
It include first encryption data, the user name and the encryption information in the forwarding message, so that the second service
Node compares the second encryption data that first encryption data is calculated with its own.
Wherein, second encryption data is the second service node according to the encryption information and the user's registration
The second user key being arranged when the user name carries out encryption acquisition to the random number using the preset algorithm.
Step 203, the first service node receive the comparing result that the second service node is sent, if described first
Encryption data is identical with second encryption data, it is determined that the authentication of the user passes through, and otherwise authentication fails.
By taking Fig. 1 as an example, second service node 12, third service node 14, the 4th service node 15, Yi Ji in Fig. 1
The building of five service nodes 16 forms alliance's block chain, and provides authentication service for other service nodes or user node.It should
Preserved in the wound generation block of alliance's block chain second service node 12, third service node 14, the 4th service node 15 and
The information such as the block chain mark of the 5th service node 16 and public key, second service node 12, third service node the 14, the 4th service
Node 15 and the 5th service node 16 are managed alliance's block chain collectively as the original node of this alliance block chain,
It includes whether that some service node is allowed to access this alliance block chain etc..
User by the mode under block chain chain carries out the registration of user name and key or in alliance's block chain
It was registered on some service node, in this example, it is assumed that user registered on second service node 12, but not in the first clothes
It is engaged in registering on node 11.
Specifically, in the present embodiment, the node of alliance's block chain, such as second service node, random number is regularly published,
Those random numbers are recorded in the account book of alliance's block chain.It is optional when user node 13 requests the service of first service node 11
, it can identify that (in history, user node 13 is registered on second service node 12 according to the block chain of second service node 12
User name, and record the block chain mark of second service node 12), second service node is obtained from the account book of alliance's block chain
The random number of newest publication.The encryption information generated and after getting the random number according to current time and user input
The first user key, using preset algorithm to the random number carry out encryption generate the first encryption data, wherein in the present embodiment
So-called encryption information includes the block chain mark and timestamp of first service node.
Further, after obtaining the first encryption data, user node 13 is according to the block chain mark of first service node 11
(the block chain mark of first service node, which can be, to be pre-stored in user node 13, is also possible to user and is passed through user for knowledge
Interactive interface input), from the account book of alliance's block chain search first service node 11 IP address (for the ease of distinguish,
Hereinafter referred to as the first IP address), logging request is sent to first service node 11 according to the IP address of first service node 11, it should
In logging request, block chain mark, the first encryption data and described of the user name, second service node 12 submitted including user
Encryption information.The present embodiment by checking request timestamp, first service node block chain mark etc. encryption information, with
And the block chain mark of second service node 12, malicious attack side's Replay Attack can be prevented.
First service node 11 is after the logging request for receiving user node 13, according to the block chain of second service node
Mark is searched corresponding second IP address of second service node from the account book of alliance's block chain, and is sent to the second IP address
Message is forwarded, includes the first encryption data, the user name and the encryption information in the forwarding message.
After second service node 12 receives the forwarding message of first service node, first look for described in user's history registration
The second user key being arranged when account name adds then according to second user key, the encryption information using with calculating first
Identical preset algorithm encrypts the random number of its own newest publication when ciphertext data, obtains the second encryption data, then
First encryption data and the second encryption data are compared, and comparison result is sent to first service node 11 (for example, will
Comparison result is broadcast on alliance's block chain, or sends comparison result in the IP address of first service node 11).
First service node 11 parses the comparison result of second service node 12, if the first encryption data and second
Encryption data is identical, then is verified, and first service node 11 provides service for user, otherwise authentication failed, does not provide service.
In the present embodiment, the process of entire authentication can inquire in area, alliance across there is complete record in chain.And it tests
Verification information during card, for example, the first encryption data, random number etc., (i.e. according to the IP address of recipient, directly by P2P
Recipient is given in sending and receiving) transmission mode, hacker can be prevented to obtain verification information, and then avoid hitting the hair of library attack
It is raw.In addition, the service node in alliance's block chain is recorded in alliance's block chain by regularly publishing random number, and by random number
In account book, user node can be facilitated to obtain the random number of respective service node publication directly from account book, simplify user's section
The behaviour that point obtains random number does, and improves the efficiency of authentication.
Provided in this embodiment in the auth method of alliance's block chain, equipment and storage medium, alliance's block
First service node in chain receive user node be sent to it to the block chain mark of second service node, user
After name, the first encryption data and encryption information, according to the block chain of second service node mark from the account book of alliance's block chain
The second IP address for obtaining second service node is searched, and the user is sent to second service node according to the second IP address
Name, first encryption data and the encryption information, are arranged when so that second service node is according to the user's registration user name
Second user key, the encryption information, encryption life is carried out using random data of the preset algorithm to its own newest publication
It is compared at the second encryption data, and by the first encryption data and the second encryption data, first service node is tied according to comparison
Fruit obtains the result of subscriber authentication.Based on technical solution provided in this embodiment, as long as user takes up an official post in alliance's block chain
User name and user key are had registered on one service node, so that it may log in alliance's block chain using the user name and user key
On other service nodes, and enjoy the service of the service node, remember a large number of users name and key so as to avoid user
Trouble, improves the convenience of authentication, and the present embodiment passes through the verification information in verification process is (i.e. direct using P2P
Be sent in the IP address of recipient) mode be sent to recipient so that verification information is not recorded in alliance's block chain,
It can be avoided that verification information is obtained by a hacker in this way, the risk for hitting library attack reduced, in addition, the random number due to the present embodiment is
It is regularly published by the second service node in alliance's block and is recorded in the account book of alliance's block chain, thus user node can
Directly to obtain the random number from the account book of alliance's block chain, mentioned without the forwarding of other nodes, and then further
The high efficiency of authentication.
Fig. 3 is a kind of flow chart of auth method based on alliance's block chain provided in an embodiment of the present invention, such as Fig. 3
It is shown, on the basis of Fig. 2 embodiment, this method comprises:
First service node in step 301, alliance's block chain obtains area, alliance from the account book of alliance's block chain
The random number of the newest publication of second service node in block chain, and the random number is sent to user node.
First service node in step 302, alliance's block chain receives user node and steps on to what its first IP address was sent
Record is requested, and includes the user name that user submits, the area of the second service node in alliance's block chain in the logging request
Block chain mark, the first encryption data and encryption information.
Wherein, the user registered the user name on the second service node, and the encryption information includes institute
The block chain mark of first service node is stated, first encryption data is the institute that the user node is inputted according to the user
Corresponding first user key of user name and the encryption information are stated, using preset algorithm to the newest hair of second service node
The random number of cloth carries out encryption acquisition.
Step 303, the first service node are identified according to the block chain of the second service node, in the area, alliance
The second IP address of the second service node is searched in the account book of block chain, and sends forwarding message to second IP address,
It include first encryption data, the user name and the encryption information in the forwarding message, so that the second service
Node compares the second encryption data that first encryption data is calculated with its own.
Wherein, second encryption data is the second service node according to the encryption information and the user's registration
The second user key being arranged when the user name carries out encryption acquisition to the random number using the preset algorithm.
Step 304, the first service node receive the comparing result that the second service node is sent, if described first
Encryption data is identical with second encryption data, it is determined that the authentication of the user passes through, and otherwise authentication fails.
The present embodiment, the second service node that will periodically be recorded in the account book of alliance's block chain by first service node 11
The random number of 12 publications is sent to user node 13, so that user node 13 need not be linked into always alliance's block chain, so that it may
The random number for getting the publication of second service node 12, has saved the electric energy loss of user node 13.
Fig. 4 is a kind of structural schematic diagram of service node provided in an embodiment of the present invention, which is suitable for one kind
Alliance's block chain, service node provided in an embodiment of the present invention can execute the above-mentioned auth method based on alliance's block chain
Execution embodiment of the method process flow.As shown in figure 4, service node 40 includes: memory 41, processor 42, computer
Program and communication interface 43;Wherein, the computer program stores in the memory, and is configured as being held by processor 42
The following operation of row:
Receive the logging request that the first IP address of the service node where user node to its is sent, the logging request
In include user name that user submits, the block chain mark of the second service node in alliance's block chain, the first encryption number
According to and encryption information, wherein the user registered the user name on the second service node, the encryption letter
Breath includes the block chain mark of the service node where the processor, and first encryption data is the user node
According to corresponding first user key of the user name of user input and the encryption information, using preset algorithm to institute
The random number for stating the newest publication of second service node carries out encryption acquisition;According to the block chain mark of the second service node
Know, the second IP address of the second service node is searched in the account book of alliance's block chain, and to the 2nd IP
Location sends forwarding message, including first encryption data, the user name and the encryption information in the forwarding message, with
Compare the second service node by the second encryption data that first encryption data is calculated with its own,
In, second encryption data is second service node user name according to the encryption information and the user's registration
When the second user key that is arranged, encryption acquisition is carried out to the random number using the preset algorithm;Receive described second
The comparing result that service node is sent, if first encryption data is identical with second encryption data, it is determined that the use
The authentication at family passes through, and otherwise authentication fails.
In one embodiment, the encryption information further include: timestamp.
In one embodiment, the processor is executing first of the service node where receiving user node to its
Before the logging request that IP address is sent, it is also used to:
The random number of the newest publication of second service node is obtained from the account book of alliance's block chain, and will be described
Random number is sent to the user node.
In one embodiment, the user node is used to generate the random number of first encryption data, is described
User node, which is searched from the account book of alliance's block chain, to be obtained.
The service node of embodiment illustrated in fig. 4 can be used for executing the technical solution of above method embodiment, realization principle
Similar with technical effect, details are not described herein again.
The embodiment of the present invention also provides a kind of alliance's block chain, which includes as described in above-mentioned Fig. 4 embodiment
Service node.
In addition, the embodiment of the present invention also provides a kind of computer readable storage medium, it is stored thereon with computer program, institute
Computer program is stated to be executed by processor to realize the auth method based on alliance's block chain described in above-described embodiment
Execution method.
In several embodiments provided by the present invention, it should be understood that disclosed device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, only
Only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components can be tied
Another system is closed or is desirably integrated into, or some features can be ignored or not executed.Another point, it is shown or discussed
Mutual coupling, direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING or logical of device or unit
Letter connection can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of hardware adds SFU software functional unit.
The above-mentioned integrated unit being realized in the form of SFU software functional unit can store and computer-readable deposit at one
In storage media.Above-mentioned SFU software functional unit is stored in a storage medium, including some instructions are used so that a computer
It is each that equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute the present invention
The part steps of embodiment the method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (Read-
Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. it is various
It can store the medium of program code.
Those skilled in the art can be understood that, for convenience and simplicity of description, only with above-mentioned each functional module
Division progress for example, in practical application, can according to need and above-mentioned function distribution is complete by different functional modules
At the internal structure of device being divided into different functional modules, to complete all or part of the functions described above.On
The specific work process for stating the device of description, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme.
Claims (10)
1. a kind of auth method based on alliance's block chain, which is characterized in that the described method includes:
First service node in alliance's block chain receives the logging request that user node is sent to its first IP address, described to step on
It include the user name that user submits, the block chain mark of the second service node in alliance's block chain, first in record request
Encryption data and encryption information, wherein the user registered the user name on the second service node, described
Encryption information includes the block chain mark of the first service node, and first encryption data is the user node according to institute
Corresponding first user key of the user name and the encryption information that user inputs are stated, using preset algorithm to described second
The random number of the newest publication of service node carries out encryption acquisition;
The first service node is identified according to the block chain of the second service node, in the account book of alliance's block chain
The second IP address of the second service node is searched, and sends forwarding message, the forwarding message to second IP address
In include first encryption data, the user name and the encryption information so that the second service node is by described the
The second encryption data that one encryption data is calculated with its own compares, wherein second encryption data is described
The second user key being arranged when second service node user name according to the encryption information and the user's registration uses
The preset algorithm carries out encryption acquisition to the random number;
The first service node receives the comparing result that the second service node is sent, if first encryption data and institute
It is identical to state the second encryption data, it is determined that the authentication of the user passes through, and otherwise authentication fails.
2. the method according to claim 1, wherein the encryption information further include: timestamp.
3. the method according to claim 1, wherein the first service node in alliance's block chain is received and is used
Before the logging request that family node is sent to its first IP address, the method also includes:
The first service node obtained from the account book of alliance's block chain the newest publication of second service node with
Machine number, and the random number is sent to the user node.
4. the method according to claim 1, wherein the user node is for generating first encryption data
Random number, be that the user node is searched from the account book of alliance's block chain and obtained.
5. a kind of service node, the service node is suitable for a kind of alliance's block chain, which is characterized in that the service node packet
It includes:
Memory;
Processor;
Communication interface;And
Computer program;
Wherein, the computer program stores in the memory, and is configured as executing following operation by the processor:
The logging request that the first IP address of the service node where user node to its is sent is received, is wrapped in the logging request
The user name for including user's submission, the block chain mark of the second service node in alliance's block chain, the first encryption data, with
And encryption information, wherein the user registered the user name on the second service node, and the encryption information includes
The block chain of the service node where the processor identifies, and first encryption data is the user node according to institute
Corresponding first user key of the user name and the encryption information that user inputs are stated, using preset algorithm to described second
The random number of the newest publication of service node carries out encryption acquisition;
It is identified according to the block chain of the second service node, searches the second service in the account book of alliance's block chain
Second IP address of node, and forwarding message is sent to second IP address, add in the forwarding message including described first
Ciphertext data, the user name and the encryption information so that the second service node by first encryption data and its from
The second encryption data that body is calculated compares, wherein second encryption data be the second service node according to
The second user key being arranged when user name described in the encryption information and the user's registration, using the preset algorithm to institute
It states random number and carries out encryption acquisition;
The comparing result that the second service node is sent is received, if first encryption data and the second encryption data phase
Together, it is determined that the authentication of the user passes through, and otherwise authentication fails.
6. service node according to claim 5, which is characterized in that the encryption information further include: timestamp.
7. service node according to claim 5, which is characterized in that the processor execute receive user node to its
Before the logging request that first IP address of the service node at place is sent, it is also used to:
The random number of the newest publication of second service node is obtained from the account book of alliance's block chain, and will be described random
Number is sent to the user node.
8. service node according to claim 5, which is characterized in that the user node is for generating first encryption
The random number of data is that the user node is searched from the account book of alliance's block chain and obtained.
9. a kind of alliance's block chain, which is characterized in that including the service node as described in any one of claim 5-8.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program
Such as method of any of claims 1-4 is realized when being executed by processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910466957.8A CN110213263B (en) | 2019-05-30 | 2019-05-30 | Identity authentication method, equipment and storage medium based on alliance block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910466957.8A CN110213263B (en) | 2019-05-30 | 2019-05-30 | Identity authentication method, equipment and storage medium based on alliance block chain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110213263A true CN110213263A (en) | 2019-09-06 |
CN110213263B CN110213263B (en) | 2021-10-22 |
Family
ID=67789822
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910466957.8A Active CN110213263B (en) | 2019-05-30 | 2019-05-30 | Identity authentication method, equipment and storage medium based on alliance block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110213263B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110855607A (en) * | 2019-09-29 | 2020-02-28 | 华为技术有限公司 | Vehicle control method based on Internet of vehicles, communication device and storage medium |
CN111914231A (en) * | 2020-07-23 | 2020-11-10 | 中国联合网络通信集团有限公司 | Block chain-based identity authentication method, system, equipment and storage medium |
CN112365263A (en) * | 2020-11-12 | 2021-02-12 | 湖南智慧政务区块链科技有限公司 | Block chain account management intercommunication method, device, equipment and storage medium |
CN114362957A (en) * | 2021-12-24 | 2022-04-15 | 杭州溪塔科技有限公司 | Alliance chain co-construction method and system using invitation codes |
CN114826766A (en) * | 2022-05-18 | 2022-07-29 | 北京交通大学 | Block chain cross-chain based security verifiable service providing method and system |
WO2023273269A1 (en) * | 2021-06-29 | 2023-01-05 | 达闼机器人股份有限公司 | Robot authentication system and method |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106789047A (en) * | 2017-03-03 | 2017-05-31 | 钱德君 | A kind of block chain identification system |
CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
WO2017195160A1 (en) * | 2016-05-13 | 2017-11-16 | nChain Holdings Limited | A method and system for verifying integrity of a digital asset using a distributed hash table and a peer-to-peer distributed ledger |
CN108377189A (en) * | 2018-05-09 | 2018-08-07 | 深圳壹账通智能科技有限公司 | User's communication encrypting method, device, terminal device and storage medium on block chain |
CN108632284A (en) * | 2018-05-10 | 2018-10-09 | 网易(杭州)网络有限公司 | User data authorization method, medium, device and computing device based on block chain |
CN108959911A (en) * | 2018-06-14 | 2018-12-07 | 联动优势科技有限公司 | A kind of key chain generates, verification method and its device |
CN109150546A (en) * | 2018-09-07 | 2019-01-04 | 全链通有限公司 | The method for realizing the registration of block chain system of real name based on phone number |
CN109495249A (en) * | 2018-11-23 | 2019-03-19 | 全链通有限公司 | A kind of date storage method of block catenary system, node and block catenary system |
CN109767220A (en) * | 2019-01-15 | 2019-05-17 | 中国联合网络通信集团有限公司 | Method of commerce based on block chain and the transaction system based on block chain |
-
2019
- 2019-05-30 CN CN201910466957.8A patent/CN110213263B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017195160A1 (en) * | 2016-05-13 | 2017-11-16 | nChain Holdings Limited | A method and system for verifying integrity of a digital asset using a distributed hash table and a peer-to-peer distributed ledger |
CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
CN106789047A (en) * | 2017-03-03 | 2017-05-31 | 钱德君 | A kind of block chain identification system |
CN108377189A (en) * | 2018-05-09 | 2018-08-07 | 深圳壹账通智能科技有限公司 | User's communication encrypting method, device, terminal device and storage medium on block chain |
CN108632284A (en) * | 2018-05-10 | 2018-10-09 | 网易(杭州)网络有限公司 | User data authorization method, medium, device and computing device based on block chain |
CN108959911A (en) * | 2018-06-14 | 2018-12-07 | 联动优势科技有限公司 | A kind of key chain generates, verification method and its device |
CN109150546A (en) * | 2018-09-07 | 2019-01-04 | 全链通有限公司 | The method for realizing the registration of block chain system of real name based on phone number |
CN109495249A (en) * | 2018-11-23 | 2019-03-19 | 全链通有限公司 | A kind of date storage method of block catenary system, node and block catenary system |
CN109767220A (en) * | 2019-01-15 | 2019-05-17 | 中国联合网络通信集团有限公司 | Method of commerce based on block chain and the transaction system based on block chain |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110855607A (en) * | 2019-09-29 | 2020-02-28 | 华为技术有限公司 | Vehicle control method based on Internet of vehicles, communication device and storage medium |
CN111914231A (en) * | 2020-07-23 | 2020-11-10 | 中国联合网络通信集团有限公司 | Block chain-based identity authentication method, system, equipment and storage medium |
CN112365263A (en) * | 2020-11-12 | 2021-02-12 | 湖南智慧政务区块链科技有限公司 | Block chain account management intercommunication method, device, equipment and storage medium |
WO2023273269A1 (en) * | 2021-06-29 | 2023-01-05 | 达闼机器人股份有限公司 | Robot authentication system and method |
CN114362957A (en) * | 2021-12-24 | 2022-04-15 | 杭州溪塔科技有限公司 | Alliance chain co-construction method and system using invitation codes |
CN114362957B (en) * | 2021-12-24 | 2023-05-16 | 杭州溪塔科技有限公司 | Alliance chain co-construction method and system using invitation code |
CN114826766A (en) * | 2022-05-18 | 2022-07-29 | 北京交通大学 | Block chain cross-chain based security verifiable service providing method and system |
Also Published As
Publication number | Publication date |
---|---|
CN110213263B (en) | 2021-10-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110213263A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
Roy et al. | On the design of provably secure lightweight remote user authentication scheme for mobile cloud computing services | |
Wustrow et al. | Telex: Anticensorship in the network infrastructure | |
CN104506510B (en) | Method and device for equipment authentication and authentication service system | |
US8756697B2 (en) | Systems and methods for determining vulnerability to session stealing | |
CN105450582B (en) | Method for processing business, terminal, server and system | |
CN110213046A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
KR102124665B1 (en) | Method and apparatus of identifying user risk | |
CN110198316A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
CN110213264A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
CN111294352A (en) | Data security authentication method between cloud and edge node | |
KR20140009105A (en) | One-time password authentication with infinite nested hash chains | |
CN103891329B (en) | Method for protected host configuration message | |
CN110225017A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
CN110166255A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
CN110392128B (en) | Method and system for providing quasi-unaddressed IPv6 public web service | |
CN109345245A (en) | Short-message verification method, equipment, network and storage medium based on block chain | |
CN109726545A (en) | A kind of information display method, equipment, computer readable storage medium and device | |
Xia et al. | Cryptanalysis and improvement of a group authentication scheme with multiple trials and multiple authentications | |
Bocovich et al. | Secure asymmetry and deployability for decoy routing systems | |
CN110138558A (en) | Transmission method, equipment and the computer readable storage medium of session key | |
WO2016174397A1 (en) | Platoform for generation of passwords and/or email addresses | |
JP2015158906A (en) | Network system for extracting configuration-related data | |
Dey et al. | AMLT: A mutual authentication scheme for mobile cloud computing | |
CN110048842A (en) | Session key processing method, equipment and computer readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |