CN110224837A - Zero-knowledge proof method and terminal based on distributed identity - Google Patents

Zero-knowledge proof method and terminal based on distributed identity Download PDF

Info

Publication number
CN110224837A
CN110224837A CN201910493263.3A CN201910493263A CN110224837A CN 110224837 A CN110224837 A CN 110224837A CN 201910493263 A CN201910493263 A CN 201910493263A CN 110224837 A CN110224837 A CN 110224837A
Authority
CN
China
Prior art keywords
terminal
verify
statement
verifying
proof
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910493263.3A
Other languages
Chinese (zh)
Other versions
CN110224837B (en
Inventor
李卫
王虎
陈昌
杨文韬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xi'an Paper Internet Technology Co Ltd
Original Assignee
Xi'an Paper Internet Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xi'an Paper Internet Technology Co Ltd filed Critical Xi'an Paper Internet Technology Co Ltd
Priority to CN201910493263.3A priority Critical patent/CN110224837B/en
Publication of CN110224837A publication Critical patent/CN110224837A/en
Application granted granted Critical
Publication of CN110224837B publication Critical patent/CN110224837B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The embodiment of the present invention provides a kind of zero-knowledge proof method and terminal based on distributed identity, and method includes: to verify terminal to send checking request to proof terminal;Receive proof terminal return can verify that statement, documentary evidence, the cryptographic Hash and signature that can verify that statement, it can verify that the cryptographic Hash of statement and signature be that credible third party terminal issues proof terminal, it was demonstrated that file is to prove that terminal can verify that statement according to disclosed in credible third party terminal and prove that key generates;The cryptographic Hash is verified with signature according to verification public key, verification public key is obtained from credible third party terminal;If passing through to the cryptographic Hash that can verify that statement with signature verification, documentary evidence is verified according to proving program, verification result is issued into proof terminal, proving program is generated according to the authentication secret obtained from credible third party terminal.It can be achieved to utilize zero-knowledge proof, stating to carry out Information Authentication to can verify that corresponding to distributed identity.

Description

Zero-knowledge proof method and terminal based on distributed identity
Technical field
The present invention relates to field of computer technology more particularly to a kind of zero-knowledge proof sides based on distributed identity Method and terminal.
Background technique
With the rapid development of information network technique, how identity information to be verified in network, information is pacified It is very important for complete.
Currently, block chain sub-project Hyperledger Fabric realizes a set of card of the Zero Knowledge used in alliance's chain It is bright, the certificate of generation can be issued, by third party to prove certain specific informations of alliance's chain link point.
But the zero-knowledge proof that Hyperledger Fabric is realized is only applicable to Hyperledger Fabric itself System, can not be used outside system;And the zero-knowledge proof that Hyperledger Fabric is realized is using Proxy Signature Mode, thus the information being signed can not be determined when third party's certificate, thus be able to validate only node itself on alliance's chain Intrinsic information or chain on the information that generates, there is significant limitation.
Summary of the invention
In view of the problems of the existing technology, the embodiment of the present invention provides a kind of Zero Knowledge based on distributed identity Method of proof and terminal.
The embodiment of the present invention provides a kind of zero-knowledge proof method based on distributed identity, comprising:
It verifies terminal and sends checking request to proof terminal;
Receive the proof terminal can verify that statement, documentary evidence, can verify that statement based on what the checking request returned Cryptographic Hash and signature, the cryptographic Hash that can verify that statement and signature be that credible third party terminal is sent to the proofs end End, the documentary evidence is that the proof terminal can verify that statement and proof according to disclosed in the credible third party terminal Key and generate;
According to verification public key, the cryptographic Hash that can verify that statement is verified with signature, the verification public key be from What the credible third party terminal obtained;
If passing through to the cryptographic Hash that can verify that statement with signature verification, according to proving program, to the proof text Part is verified, and transmits verification result to proof terminal, and the proving program is according to from the credible third party terminal The authentication secret of acquisition and generate;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective point Cloth identity.
The embodiment of the present invention provides a kind of zero-knowledge proof method based on distributed identity, comprising:
Prove that terminal receives the checking request that verifying terminal is sent;
Based on the checking request, statement, documentary evidence, the Kazakhstan that can verify that statement can verify that verifying terminal transmission Uncommon value and signature, so that the verifying terminal carries out the cryptographic Hash that can verify that statement and signature and the documentary evidence Verifying, the cryptographic Hash that can verify that statement and signature are obtained from the credible third party terminal, the documentary evidence It is that can verify that statement according to disclosed in the credible third party terminal and prove key and generate;
Receive the verification result that the verifying terminal is sent;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective point Cloth identity.
The embodiment of the present invention provides a kind of verifying terminal characterized by comprising
First sending module, for sending checking request to proof terminal;
First receiving module can verify that statement, card based on what the checking request returned for receiving the proof terminal Prescribed paper, the cryptographic Hash and signature that can verify that statement, the cryptographic Hash that can verify that statement and signature are credible third party ends It is described proving terminal that end is sent to, and the documentary evidence is that the proof terminal is disclosed according to the credible third party terminal Can verify that statement and prove key and generate;
First authentication module, for being verified with signature to the cryptographic Hash that can verify that statement according to verification public key, The verification public key is obtained from the credible third party terminal;
Second authentication module, if for passing through to the cryptographic Hash that can verify that statement with signature verification, according to verifying Program verifies the documentary evidence, transmits verification result to proof terminal, and the proving program is according to from described Credible third party terminal obtain authentication secret and generate;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective point Cloth identity.
The embodiment of the present invention provides a kind of proof terminal, comprising:
Second receiving module, the checking request sent for receiving verifying terminal;
Second sending module can verify that statement to verifying terminal transmission, prove text for being based on the checking request Part, the cryptographic Hash and signature that can verify that statement so that the verifying terminal to the cryptographic Hash that can verify that statement and signature with And the documentary evidence is verified, the cryptographic Hash that can verify that statement with signature is obtained from the credible third party terminal It takes, the documentary evidence is to can verify that statement according to disclosed in the credible third party terminal and prove key and generate 's;
Third receiving module, the verification result sent for receiving the verifying terminal;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective point Cloth identity.
The embodiment of the present invention provides a kind of electronic equipment, including memory, processor and storage are on a memory and can be The computer program run on processor, the processor are realized when executing described program such as the step of the above method.
Zero-knowledge proof method and terminal provided in an embodiment of the present invention based on distributed identity, eventually by verifying It holds to terminal transmission checking request is proved, receive proof terminal return can verify that statement, documentary evidence, the Kazakhstan that can verify that statement Wish value and signature, it may be verified that the cryptographic Hash and signature of statement are that credible third party terminal is sent to proof terminal, it was demonstrated that text Part proves that terminal can verify that statement according to disclosed in credible third party terminal and prove key and generate, according to from credible The verification public key for appointing third party's terminal to obtain verifies the cryptographic Hash that can verify that statement with signature, if to can verify that statement Cryptographic Hash passes through with signature verification, then the proving program pair generated according to the authentication secret obtained from credible third party terminal Documentary evidence is verified, and proof terminal is transmitted verification result to;Wherein, it verifies terminal, prove terminal and trusted third Square terminal is respectively provided with respective distributed identity, thus, it can be achieved that using zero-knowledge proof, to distributed identity Corresponding can verify that statement carries out Information Authentication.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root Other attached drawings are obtained according to these attached drawings.
Fig. 1 is a kind of process for zero-knowledge proof method based on distributed identity that one embodiment of the invention provides Schematic diagram;
Fig. 2 is the verifying terminal for the zero-knowledge proof that the embodiment of the present invention utilizes, proves that terminal and credible third party are whole The tripartite relationship figure at end;
Fig. 3 be another embodiment of the present invention provides a kind of zero-knowledge proof method based on distributed identity stream Journey schematic diagram;
Fig. 4 is a kind of structural schematic diagram for verifying terminal that one embodiment of the invention provides;
Fig. 5 is a kind of structural schematic diagram for proof terminal that one embodiment of the invention provides;
Fig. 6 is the entity structure schematic diagram for the electronic equipment that one embodiment of the invention provides.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without creative efforts, shall fall within the protection scope of the present invention.
Fig. 1 shows a kind of zero-knowledge proof method based on distributed identity of one embodiment of the invention offer Flow diagram, as shown in Figure 1, the zero-knowledge proof method based on distributed identity of the present embodiment, comprising:
S1, verifying terminal send checking request to proof terminal.
It should be noted that the executing subject of the present embodiment the method is verifying terminal.
It is understood that the terminal being related in the present embodiment includes: verifying terminal, proves terminal and trusted third Square terminal, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distributed body Part mark (Distributed identity, abbreviation DID), the verifying terminal, the proof terminal and the trusted the When communicating between tripartite terminal three, information/request of transmission carries respective distributed identity.
It is understood that distributed identity is a kind of digital identity form that can verify that, in block catenary system, DID is the address that the public and private key key pair that one group of cryptography generates derives, it has mapped the digital identity document of a user, Containing user customized visible personal information in document and obtaining third party's terminal authentication can verify that statement, entire literary Shelves are signed by user oneself and are endorsed, it was demonstrated that and it is all for some specific DID, thus can be used as the identity of user.
S2, receive it is described prove terminal based on the checking request return can verify that statement (Verifiable Claim, Abbreviation VC), documentary evidence, the cryptographic Hash and signature that can verify that statement, the cryptographic Hash that can verify that statement is credible with signature Third party's terminal is appointed to be sent to described proving terminal, the documentary evidence is the proof terminal according to the trusted third It can verify that statement disclosed in square terminal and prove key and generate.
It is understood that can refer to the verifying terminal of zero-knowledge proof in the present embodiment shown in Fig. 2, proving terminal and can The tripartite relationship figure for trusting third party's terminal, before this step, the credible third party terminal, which generates, proves key, can Verifying statement and the cryptographic Hash and signature that can verify that statement;The proof terminal obtains proof from credible third party terminal Key can verify that statement and can verify that the cryptographic Hash and signature of statement, and can verify that statement and proof key are raw according to described At documentary evidence.
It is understood that can verify that statement is the user information endorsed of being signed by third party's terminal, by user Information field carries out Hash hash conversion, obtained hash value is carried out signature endorsement by third party's terminal, in daily life Many information can be converted to such work experience letter that can verify that statement, endorse such as the identity information of public security bureau's endorsement, company Breath, the academic information of school's endorsement, credit evaluation information of bank stamp etc..These can verify that statement can with self assemble at Different identity documents, for the verifying of user identity and the inspection of relevant information, it is mentioned that third party's terminal be distributed It is also to be identified in a manner of DID in formula system.
S3, according to verification public key, the cryptographic Hash that can verify that statement is verified with signature, the verification public key is It is obtained from the credible third party terminal.
It is understood that can refer to the verifying terminal of zero-knowledge proof in the present embodiment shown in Fig. 2, proving terminal and can Trust the tripartite relationship figure of third party's terminal, before this step, the credible third party terminal discloses verification public key, tests Terminal is demonstrate,proved according to the verification public key obtained from the credible third party terminal, to the cryptographic Hash that can verify that statement and signature It is verified.
If S4, passing through to the cryptographic Hash that can verify that statement and signature verification, according to proving program, to the proof File is verified, and proof terminal is transmitted verification result to, and the proving program is according to whole from the credible third party It holds the authentication secret obtained and generates.
It is understood that can refer to the verifying terminal of zero-knowledge proof in the present embodiment shown in Fig. 2, proving terminal and can Trust the tripartite relationship figure of third party's terminal, before this step, the credible third party terminal generates authentication secret;It tests Card terminal generates proving program according to the authentication secret obtained from the credible third party terminal, can verify that statement to described Cryptographic Hash and signature verification when passing through, verify terminal according to the proving program, the documentary evidence verified, will be tested Card result is sent to proof terminal, zero-knowledge proof is utilized to realize, to can verify that statement corresponding to distributed identity Carry out Information Authentication.
It is understood that the zero knowledge probative agreement of the succinct non-interactive knowledge proof system zk-SNARKs of Zero Knowledge It is current using extensive a set of zero-knowledge proof system, it realizes succinct non-interactive zero-knowledge proof, theoretically can It is enough that zero-knowledge proof is carried out to all the problem of being converted into mathematical logic verifying.The present embodiment is drawn in distributed identity The zero-knowledge proof scheme for entering zk-SNARKs can ask all available mathematical logic expression for the protection of identity information Topic carries out zero-knowledge proof, thus the present embodiment the method has wide applicability;Use zero-knowledge proof, it is possible to reduce The participation of third party's terminal in the verification, third party's terminal only need to carry out preparatory preparation, and subsequent proof procedure is only It needs to prove terminal and verifying terminal to complete, realizes the secret protection of distributed identity;Zero-knowledge proof is as distribution Formula identity can verify that statement uses, and exposed information can be reduced to most when verification information or data It is small, substantially increase the secret protection to user data and information.
Zero-knowledge proof method provided in this embodiment based on distributed identity, it is whole to proving by verifying terminal End sends checking request, and receive proof terminal return can verify that statement, documentary evidence, the cryptographic Hash and label that can verify that statement Name, it may be verified that the cryptographic Hash and signature of statement are that credible third party terminal is sent to proof terminal, it was demonstrated that file is to prove Terminal can verify that statement according to disclosed in credible third party terminal and prove key and generate, according to from credible third party Terminal obtain verification public key the cryptographic Hash that can verify that statement is verified with signature, if to can verify that statement cryptographic Hash and Signature verification passes through, then the proving program generated according to the authentication secret obtained from credible third party terminal is to documentary evidence It is verified, transmits verification result to proof terminal;Wherein, it verifies terminal, prove terminal and credible third party terminal point Not Ju You respective distributed identity, thus, it can be achieved that using zero-knowledge proof, to corresponding to distributed identity It can verify that statement carries out Information Authentication, exposed information can be reduced to minimum, greatly when verification information or data The secret protection to user data and information is improved greatly.
Further, on the basis of the above embodiments, in the step S4 " according to proving program, to the proof File is verified ", may include:
According to proving program, Information hiding verifying is carried out to the documentary evidence;
Alternatively,
According to proving program, information condition verifying is carried out to the documentary evidence.
Specifically, described according to proving program, Information hiding verifying is carried out to the documentary evidence, may include:
According to proving program, by verifying the first formula, Information hiding verifying is carried out to the documentary evidence;
Wherein, first formula are as follows:
Hash (X+D)==H;
Wherein, H is the cryptographic Hash that can verify that the binary data calculating after statement conversion, is open reliable information;D Be it is described proof terminal in the documentary evidence to be converted into binary data can verify that statement disclosed in information, X is institute Stating proves terminal in the documentary evidence to the privacy information that can verify that statement is hiding for being converted into binary data.
As an example it is assumed that A is the credible third party terminal, the distributed identity of A is DID_A, and B is to prove Terminal, the cloth identity of B are DID_B, and C is verifying terminal, and the distributed identity of C is DID_C.A has promulgated one to B A to can verify that statement: { " Name ": " Alice ", " Age ": " 024 ", " Sex ": " Male ", " ID ": " 123456 " } utilizes this reality Apply example according to proving program, by verifying the first formula, to the documentary evidence carry out Information hiding verifying, it can be achieved that as follows Verifying: the Name that C verifies B is Alice, without obtaining other privacy informations of B.
Assuming that the binary data that can verify that after stating conversion that A is promulgated to B are as follows: 10110110100010101011, it should The cryptographic Hash that binary data calculates is H, carries out row as defined in each field of binary data when Information hiding verifying Column sequence is as shown in table 1 below.
Table 1
In table 1, V is the complete information that can verify that statement for being converted into binary data;X is the proof terminal described To the privacy information that can verify that statement is hiding for being converted into binary data in documentary evidence, being here will be after Name field zero setting Other hiding informations;D is that the proof terminal can verify that statement to be converted into binary data in the documentary evidence Disclosed information is that can verify that the disclosed information of statement after retaining other field zero setting of Name field here.Obvious V=X+D, because The Name of this verifying B is Alice, does not expose the other information in addition to Name, can be converted into verifying first formula.
It is understood that being verified since H can sign according to cryptographic Hash, for open reliable information;It is described Documentary evidence, which is equivalent to, proves that oneself known X and possessing met first formula can verify that statement (namely X+D), thus Demonstrate D can verify that in statement what the proof terminal was sent, and without can verify that the privacy hidden in statement described in exposure Information.
In this way, the present embodiment the method can utilize zero-knowledge proof, realizes and sign in verifying by third party's terminal When the identity information of endorsement, only exposure needs the information verified, and without other privacy informations of exposure, and realizes effectiveness of information It proves, it can be achieved that the Information hiding of identity information is verified.
Specifically, described according to proving program, Information hiding verifying is carried out to the documentary evidence, may include:
According to proving program, by verifying the second formula, information condition verifying is carried out to the documentary evidence;
Wherein, second formula are as follows:
Hash (V)==Hand S
Wherein, H is the cryptographic Hash that can verify that the binary data calculating after statement conversion, is open reliable information;V It is the complete information that can verify that statement for being converted into binary data, is hidden in the documentary evidence for the proof terminal Privacy information;S be the information X ' to be verified that is extracted from V in the documentary evidence of proof terminal to be verified meet item Part.
As an example it is assumed that A is the credible third party terminal, the distributed identity of A is DID_A, and B is to prove Terminal, the cloth identity of B are DID_B, and C is verifying terminal, and the distributed identity of C is DID_C.A has promulgated one to B A to can verify that statement: { " Name ": " Alice ", " Age ": " 024 ", " Sex ": " Male ", " ID ": " 123456 " } utilizes this reality Apply example according to proving program, by verifying the second formula, to the documentary evidence carry out information condition verifying, it can be achieved that as follows Verifying: the Age that C verifies B is greater than 18, and do not obtain B can verify that statement all information.
Assuming that the binary data that can verify that after stating conversion that A is promulgated to B are as follows: 10110110100010101011, it should The cryptographic Hash that binary data calculates is H, carries out row as defined in each field of binary data when information condition verifying Column sequence is as shown in table 2 below.
Table 2
In table 2, V is the complete information that can verify that statement for being converted into binary data, is the proof terminal described The privacy information hidden in documentary evidence;S is the information to be verified that the proof terminal is extracted from V in the documentary evidence What X ' to be verified meets condition, i.e. S indicates this condition of X ' > D ', wherein X ' is the proof terminal in the documentary evidence In the information to be verified that is extracted from V, be the Age field information extracted from V here, it may be assumed that " Age ": " 024 ";D ' expression is wanted Verifying meets conditional information, it may be assumed that " Age ": " 018 ";The Age for verifying B is greater than 18, does not expose Age and other information, Ke Yizhuan Turn to verifying second formula.
It is understood that being verified since H can sign according to cryptographic Hash, for open reliable information;It is described It proves terminal to hide the information X ' of V in the documentary evidence to be the Age information extracted from V, it was demonstrated that the card that terminal B is generated Prescribed paper is equivalent to the known V of proof oneself and meets comprising X ' in cryptographic Hash verifying and V, and X ' satisfaction is greater than D ', has also turned out B Age be greater than 18, while without exposure Age and other information.
In this way, the present embodiment the method can utilize zero-knowledge proof, realizes and sign in verifying by third party's terminal When whether the identity information of endorsement meets a certain condition, any information that can verify that in statement is not exposed, realizes what condition met It proves, it can be achieved that the information condition of identity information is verified.
Zero-knowledge proof method provided in this embodiment based on distributed identity can utilize zero-knowledge proof, Realize to can verify that corresponding to distributed identity statement carry out Information Authentication, it can be achieved that the information condition of identity information is tested Card and the information condition verifying for realizing identity information;The problem of capable of expressing all available mathematical logics, carries out Zero Knowledge card It is bright, there is wide applicability, the Information hiding scheme that can be extended in character information;Using zero-knowledge proof, can subtract The few participation of third party's terminal in the verification, third party's terminal only need to carry out preparatory preparation, subsequent proof procedure It needs to prove terminal and verifying terminal only to complete, realizes the secret protection of distributed identity;Zero-knowledge proof, which is used as, to be divided Cloth identity can verify that statement uses, and exposed information can be reduced to when verification information or data Minimum substantially increases the secret protection to user data and information.
Fig. 3 show another embodiment of the present invention provides a kind of zero-knowledge proof method based on distributed identity Flow diagram, as shown in figure 3, the zero-knowledge proof method based on distributed identity of the present embodiment, comprising:
P1, prove that terminal receives the checking request that verifying terminal is sent.
It should be noted that the executing subject of the present embodiment the method is to prove terminal.
It is understood that the terminal being related in the present embodiment includes: verifying terminal, proves terminal and trusted third Square terminal, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distributed body Part mark (Distributed identity, abbreviation DID), the verifying terminal, the proof terminal and the trusted the When communicating between tripartite terminal three, information/request of transmission carries respective distributed identity.
It is understood that distributed identity is a kind of digital identity form that can verify that, in block catenary system, DID is the address that the public and private key key pair that one group of cryptography generates derives, it has mapped the digital identity document of a user, Containing user customized visible personal information in document and obtaining third party's terminal authentication can verify that statement, entire literary Shelves are signed by user oneself and are endorsed, it was demonstrated that and it is all for some specific DID, thus can be used as the identity of user.
P2, it is based on the checking request, can verify that statement, documentary evidence to verifying terminal transmission, can verify that statement Cryptographic Hash and signature so that the verifying terminal is to the cryptographic Hash that can verify that statement and signature and the documentary evidence It is verified, the cryptographic Hash that can verify that statement and signature are obtained from the credible third party terminal, the proof File is to can verify that statement according to disclosed in the credible third party terminal and prove key and generate.
It is understood that can refer to the verifying terminal of zero-knowledge proof in the present embodiment shown in Fig. 2, proving terminal and can The tripartite relationship figure for trusting third party's terminal, before this step, the credible third party terminal discloses verification public key, simultaneously Authentication secret is generated, key is proved, can verify that statement and can verify that the cryptographic Hash and signature of statement;The proof terminal from Credible third party terminal, which obtains, to be proved key, can verify that statement and can verify that the cryptographic Hash and signature of statement, and according to institute Stating can verify that statement and proves that key generates documentary evidence, then can verify that statement by described, documentary evidence, can verify that statement Cryptographic Hash and signature are sent to the verifying terminal, so that the verifying terminal is to the cryptographic Hash that can verify that statement and signature And the documentary evidence is verified, comprising: the verifying terminal is according to verification public key, to the Hash that can verify that statement Value is verified with signature, if passing through to the cryptographic Hash that can verify that statement with signature verification, according to proving program, to institute Documentary evidence is stated to be verified.
P3, the verification result that the verifying terminal is sent is received.
It is understood that the verifying terminal is according to verification public key, to the cryptographic Hash that can verify that statement and signature It is verified, when passing through to the cryptographic Hash that can verify that statement and signature verification, according to proving program to the proof text After part is verified, proof terminal can be transmitted verification result to, zero-knowledge proof is utilized to realize, to distributed identity Corresponding can verify that statement carries out Information Authentication.
It is understood that the zero knowledge probative agreement of the succinct non-interactive knowledge proof system zk-SNARKs of Zero Knowledge It is current using extensive a set of zero-knowledge proof system, it realizes succinct non-interactive zero-knowledge proof, theoretically can It is enough that zero-knowledge proof is carried out to all the problem of being converted into mathematical logic verifying.The present embodiment is drawn in distributed identity The zero-knowledge proof scheme for entering zk-SNARKs can ask all available mathematical logic expression for the protection of identity information Topic carries out zero-knowledge proof, thus the present embodiment the method has wide applicability;Use zero-knowledge proof, it is possible to reduce The participation of third party's terminal in the verification, third party's terminal only need to carry out preparatory preparation, and subsequent proof procedure is only It needs to prove terminal and verifying terminal to complete, realizes the secret protection of distributed identity;Zero-knowledge proof is as distribution Formula identity can verify that statement uses, and exposed information can be reduced to most when verification information or data It is small, substantially increase the secret protection to user data and information.
Zero-knowledge proof method provided in this embodiment based on distributed identity, by proving that terminal receives verifying The checking request that terminal is sent is based on the checking request, can verify that statement to verifying terminal transmission, documentary evidence, can verify that The cryptographic Hash and signature of statement, so that verifying terminal tests the cryptographic Hash that can verify that statement with signature and documentary evidence Card, the cryptographic Hash that can verify that statement and signature are obtained from the credible third party terminal, and the documentary evidence is It can verify that statement according to disclosed in the credible third party terminal and prove key and generate, receive what verifying terminal was sent Verification result is stated to carry out information thus, it can be achieved that using zero-knowledge proof to can verify that corresponding to distributed identity Exposed information, can be reduced to minimum, substantially increased to user data by verifying when verification information or data With the secret protection of information.
Fig. 4 shows a kind of structural schematic diagram of verifying terminal of one embodiment of the invention offer, as shown in figure 4, this reality Apply the verifying terminal of example, comprising: the first sending module 41, the first receiving module 42, the first authentication module 43 and the second verifying mould Block 44;Wherein:
First sending module 41, for sending checking request to proof terminal;
First receiving module 42 can verify that sound based on what the checking request returned for receiving the proof terminal Bright, documentary evidence, the cryptographic Hash and signature that can verify that statement, the cryptographic Hash that can verify that statement and signature are trusted thirds It is described proving terminal that square terminal is sent to, and the documentary evidence is the proof terminal according to the credible third party terminal It is disclosed to can verify that statement and prove key and generate;
First authentication module 43, for according to verification public key, to the cryptographic Hash that can verify that statement and sign into Row verifying, the verification public key is obtained from the credible third party terminal;
Second authentication module 44, if for passing through to the cryptographic Hash that can verify that statement with signature verification, root According to proving program, the documentary evidence is verified, transmits verification result to proof terminal, the proving program is basis It is generated from the authentication secret that the credible third party terminal obtains;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective point Cloth identity.
Specifically, first sending module 41 sends checking request to proof terminal;First receiving module 42 connects Receive it is described proof terminal based on the checking request returns can verify that statement, documentary evidence, can verify that statement cryptographic Hash and Signature, the cryptographic Hash that can verify that statement and signature are that credible third party terminal is sent to the proof terminal, described Documentary evidence is that the proof terminal can verify that statement according to disclosed in the credible third party terminal and prove key and give birth to At;First authentication module 43 is verified according to verification public key, to the cryptographic Hash that can verify that statement with signature, institute Stating verification public key is obtained from the credible third party terminal;If second authentication module 44 can verify that statement to described Cryptographic Hash pass through with signature verification, then according to proving program, the documentary evidence is verified, is transmitted verification result to Prove terminal, the proving program is generated according to the authentication secret obtained from the credible third party terminal;Wherein, The verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distributed identity.
It is understood that the terminal being related in the present embodiment includes: verifying terminal, proves terminal and trusted third Square terminal, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distributed body Part mark (Distributed identity, abbreviation DID), the verifying terminal, the proof terminal and the trusted the When communicating between tripartite terminal three, information/request of transmission carries respective distributed identity.
It is understood that distributed identity is a kind of digital identity form that can verify that, in block catenary system, DID is the address that the public and private key key pair that one group of cryptography generates derives, it has mapped the digital identity document of a user, Containing user customized visible personal information in document and obtaining third party's terminal authentication can verify that statement, entire literary Shelves are signed by user oneself and are endorsed, it was demonstrated that and it is all for some specific DID, thus can be used as the identity of user.
It is understood that can refer to the verifying terminal of zero-knowledge proof in the present embodiment shown in Fig. 2, proving terminal and can The tripartite relationship figure for trusting third party's terminal, before executing first receiving module 42, the credible third party terminal It generates and proves key, can verify that statement and can verify that the cryptographic Hash and signature of statement;The proof terminal is from trusted Tripartite's terminal, which obtains, to be proved key, can verify that statement and can verify that the cryptographic Hash and signature of statement, and is tested according to described Card statement and proof key generate documentary evidence.
It is understood that can verify that statement is the user information endorsed of being signed by third party's terminal, by user Information field carries out Hash hash conversion, obtained hash value is carried out signature endorsement by third party's terminal, in daily life Many information can be converted to such work experience letter that can verify that statement, endorse such as the identity information of public security bureau's endorsement, company Breath, the academic information of school's endorsement, credit evaluation information of bank stamp etc..These can verify that statement can with self assemble at Different identity documents, for the verifying of user identity and the inspection of relevant information, it is mentioned that third party's terminal be distributed It is also to be identified in a manner of DID in formula system.
It is understood that can refer to the verifying terminal of zero-knowledge proof in the present embodiment shown in Fig. 2, proving terminal and can The tripartite relationship figure for trusting third party's terminal, before executing first authentication module 43, the credible third party terminal Verification public key is disclosed, terminal is verified according to the verification public key obtained from the credible third party terminal, can verify that described The cryptographic Hash of statement is verified with signature.
It is understood that can refer to the verifying terminal of zero-knowledge proof in the present embodiment shown in Fig. 2, proving terminal and can The tripartite relationship figure for trusting third party's terminal, before executing second authentication module 44, the credible third party Terminal generates authentication secret;Verifying terminal generates verifying journey according to the authentication secret obtained from the credible third party terminal Sequence verifies terminal according to the proving program, to described when passing through to the cryptographic Hash that can verify that statement and signature verification Documentary evidence is verified, and proof terminal is transmitted verification result to, and zero-knowledge proof is utilized to realize, to distributed identity mark Knowing corresponding can verify that, statement carries out Information Authentication.
It is understood that the zero knowledge probative agreement of the succinct non-interactive knowledge proof system zk-SNARKs of Zero Knowledge It is current using extensive a set of zero-knowledge proof system, it realizes succinct non-interactive zero-knowledge proof, theoretically can It is enough that zero-knowledge proof is carried out to all the problem of being converted into mathematical logic verifying.The present embodiment is drawn in distributed identity The zero-knowledge proof scheme for entering zk-SNARKs can ask all available mathematical logic expression for the protection of identity information Topic carries out zero-knowledge proof, thus the present embodiment the method has wide applicability;Use zero-knowledge proof, it is possible to reduce The participation of third party's terminal in the verification, third party's terminal only need to carry out preparatory preparation, and subsequent proof procedure is only It needs to prove terminal and verifying terminal to complete, realizes the secret protection of distributed identity;Zero-knowledge proof is as distribution Formula identity can verify that statement uses, and exposed information can be reduced to most when verification information or data It is small, substantially increase the secret protection to user data and information.
Verifying terminal provided in this embodiment is, it can be achieved that using zero-knowledge proof, to corresponding to distributed identity It can verify that statement carries out Information Authentication, exposed information can be reduced to minimum, greatly when verification information or data The secret protection to user data and information is improved greatly.
Further, on the basis of the above embodiments, " right according to proving program in second authentication module 44 The documentary evidence is verified ", may include:
According to proving program, Information hiding verifying is carried out to the documentary evidence;
Alternatively,
According to proving program, information condition verifying is carried out to the documentary evidence.
Specifically, described according to proving program, Information hiding verifying is carried out to the documentary evidence, may include:
According to proving program, by verifying the first formula, Information hiding verifying is carried out to the documentary evidence;
Wherein, first formula are as follows:
Hash (X+D)==H;
Wherein, H is the cryptographic Hash that can verify that the binary data calculating after statement conversion, is open reliable information;D Be it is described proof terminal in the documentary evidence to be converted into binary data can verify that statement disclosed in information, X is institute Stating proves terminal in the documentary evidence to the privacy information that can verify that statement is hiding for being converted into binary data.
As an example it is assumed that A is the credible third party terminal, the distributed identity of A is DID_A, and B is to prove Terminal, the cloth identity of B are DID_B, and C is verifying terminal, and the distributed identity of C is DID_C.A has promulgated one to B A to can verify that statement: { " Name ": " Alice ", " Age ": " 024 ", " Sex ": " Male ", " ID ": " 123456 " } utilizes this reality Apply example according to proving program, by verifying the first formula, to the documentary evidence carry out Information hiding verifying, it can be achieved that as follows Verifying: the Name that C verifies B is Alice, without obtaining other privacy informations of B.
Assuming that the binary data that can verify that after stating conversion that A is promulgated to B are as follows: 10110110100010101011, it should The cryptographic Hash that binary data calculates is H, carries out row as defined in each field of binary data when Information hiding verifying Column sequence can be found in the table 1 in embodiment illustrated in fig. 1.In table 1, V be converted into binary data can verify that the complete of statement Information;X is for the proof terminal to the privacy that can verify that statement is hiding for being converted into binary data in the documentary evidence Information is by other hiding informations after Name field zero setting here;D be the proof terminal in the documentary evidence to turn Turn to binary data can verify that the disclosed information of statement, be that can verify that sound after retaining other field zero setting of Name field here Bright disclosed information.Obvious V=X+D, therefore the Name for verifying B is Alice, does not expose other information in addition to Name, can be with It is converted into verifying first formula.
It is understood that being verified since H can sign according to cryptographic Hash, for open reliable information;It is described Documentary evidence, which is equivalent to, proves that oneself known X and possessing met first formula can verify that statement (namely X+D), thus Demonstrate D can verify that in statement what the proof terminal was sent, and without can verify that the privacy hidden in statement described in exposure Information.
In this way, verifying terminal described in the present embodiment can utilize zero-knowledge proof, realizes and pass through third party's terminal in verifying When the identity information of signature endorsement, only exposure needs the information verified, and without exposing other privacy informations, and realizes that information is effective The proof of property is, it can be achieved that the Information hiding of identity information is verified.
Specifically, described according to proving program, Information hiding verifying is carried out to the documentary evidence, may include:
According to proving program, by verifying the second formula, information condition verifying is carried out to the documentary evidence;
Wherein, second formula are as follows:
Hash (V)==Hand S
Wherein, H is the cryptographic Hash that can verify that the binary data calculating after statement conversion, is open reliable information;V It is the complete information that can verify that statement for being converted into binary data, is hidden in the documentary evidence for the proof terminal Privacy information;S be the information X ' to be verified that is extracted from V in the documentary evidence of proof terminal to be verified meet item Part.
As an example it is assumed that A is the credible third party terminal, the distributed identity of A is DID_A, and B is to prove Terminal, the cloth identity of B are DID_B, and C is verifying terminal, and the distributed identity of C is DID_C.A has promulgated one to B A to can verify that statement: { " Name ": " Alice ", " Age ": " 024 ", " Sex ": " Male ", " ID ": " 123456 " } utilizes this reality Apply example according to proving program, by verifying the second formula, to the documentary evidence carry out information condition verifying, it can be achieved that as follows Verifying: the Age that C verifies B is greater than 18, and do not obtain B can verify that statement all information.
Assuming that the binary data that can verify that after stating conversion that A is promulgated to B are as follows: 10110110100010101011, it should The cryptographic Hash that binary data calculates is H, carries out row as defined in each field of binary data when information condition verifying Column sequence can be found in the table 2 in embodiment illustrated in fig. 1.In table 2, V be converted into binary data can verify that the complete of statement Information, the privacy information hidden in the documentary evidence for the proof terminal;S is the proof terminal in the proof text What the information X ' to be verified extracted from V in part to be verified meets condition, i.e. S indicates this condition of X ' > D ', wherein X ' is institute The information to be verified for proving that terminal is extracted from V in the documentary evidence is stated, is the Age field information extracted from V here, That is: " Age ": " 024 ";What D ' expression to be verified meets conditional information, it may be assumed that " Age ": " 018 ";The Age for verifying B is greater than 18, no Exposure Age and other information can be converted into verifying second formula.
It is understood that being verified since H can sign according to cryptographic Hash, for open reliable information;It is described The information X ' for proving that terminal will hide V in the documentary evidence be the Age information extracted from V, S expression X ' > D ' this Part, it was demonstrated that the documentary evidence that terminal B is generated is equivalent to the known V of proof oneself and meets comprising X ' in cryptographic Hash verifying and V, and X ' is full Foot is greater than D ', and the Age for also having turned out B is greater than 18, while without exposure Age and other information.
In this way, verifying terminal described in the present embodiment, zero-knowledge proof can be utilized, realizes and passes through third party's terminal in verifying When whether the identity information of signature endorsement meets a certain condition, any information that can verify that in statement is not exposed, realizes that condition is full The proof of foot is, it can be achieved that the information condition of identity information is verified.
Verifying terminal provided in this embodiment can utilize zero-knowledge proof, realize to corresponding to distributed identity Can verify that statement carry out Information Authentication, it can be achieved that identity information information condition verifying and realize identity information information bar Part verifying;The problem of capable of expressing all available mathematical logics, carries out zero-knowledge proof, has wide applicability, Ke Yikuo Exhibition is the Information hiding scheme in character information;Use zero-knowledge proof, it is possible to reduce the participation of third party's terminal in the verification, Third party's terminal only needs to carry out preparatory preparation, and subsequent proof procedure only needs to prove that terminal and verifying terminal have been come At the secret protection of the distributed identity of realization;Zero-knowledge proof can verify that statement uses as distributed identity, Exposed information can be reduced to minimum, substantially increased to user data and letter when verification information or data The secret protection of breath.
Verifying terminal provided in an embodiment of the present invention, can be used for executing the technical side of embodiment of the method shown in earlier figures 1 Case, it is similar that the realization principle and technical effect are similar, and details are not described herein again.
Fig. 5 shows a kind of structural schematic diagram of proof terminal of one embodiment of the invention offer, as shown in figure 5, this reality Apply the proof terminal of example, comprising: the second receiving module 51, the second sending module 52 and third receiving module 53;Wherein:
Second receiving module 51, the checking request sent for receiving verifying terminal;
Second sending module 52, for be based on the checking request, to the verifying terminal send can verify that statement, Documentary evidence, the cryptographic Hash and signature that can verify that statement so that the verifying terminal to the cryptographic Hash that can verify that statement with Signature and the documentary evidence are verified, and the cryptographic Hash that can verify that statement and signature are from the credible third party Terminal obtain, the documentary evidence be can verify that according to disclosed in the credible third party terminal statement and prove key and It generates;
The third receiving module 53, the verification result sent for receiving the verifying terminal;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective point Cloth identity.
Second receiving module 51 receives the checking request that verifying terminal is sent;Second sending module 52 is based on institute Checking request is stated, can verify that statement, documentary evidence, the cryptographic Hash and signature that can verify that statement to verifying terminal transmission, with Verify that the verifying terminal cryptographic Hash that can verify that statement with signature and the documentary evidence, it is described to test The cryptographic Hash and signature for demonstrate,proving statement are obtained from the credible third party terminal, and the documentary evidence is according to described credible Appointing can verify that statement and proves key and generate disclosed in third party's terminal;The third receiving module 53 receives the verifying The verification result that terminal is sent;Wherein, the verifying terminal, the proof terminal and the credible third party terminal have respectively There is respective distributed identity.
It is understood that the terminal being related in the present embodiment includes: verifying terminal, proves terminal and trusted third Square terminal, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distributed body Part mark (Distributed identity, abbreviation DID), the verifying terminal, the proof terminal and the trusted the When communicating between tripartite terminal three, information/request of transmission carries respective distributed identity.
It is understood that distributed identity is a kind of digital identity form that can verify that, in block catenary system, DID is the address that the public and private key key pair that one group of cryptography generates derives, it has mapped the digital identity document of a user, Containing user customized visible personal information in document and obtaining third party's terminal authentication can verify that statement, entire literary Shelves are signed by user oneself and are endorsed, it was demonstrated that and it is all for some specific DID, thus can be used as the identity of user.
It is understood that can refer to the verifying terminal of zero-knowledge proof in the present embodiment shown in Fig. 2, proving terminal and can The tripartite relationship figure for trusting third party's terminal, before executing second sending module 52, the credible third party terminal It discloses verification public key and generates authentication secret, proves key, can verify that statement and can verify that the cryptographic Hash and label of statement Name;It is described to prove that terminal obtains proof key, can verify that statement and can verify that the Hash of statement from credible third party terminal It is worth and signs, and can verify that statement and proof key generate documentary evidence according to described, then can verify that statement, proof for described File can verify that the cryptographic Hash of statement and signature are sent to the verifying terminal, so that the verifying terminal can verify that described The cryptographic Hash of statement is verified with signature and the documentary evidence, comprising: the verifying terminal is according to verification public key, to institute It states and can verify that the cryptographic Hash of statement is verified with signature, if passing through to the cryptographic Hash that can verify that statement with signature verification, Then according to proving program, the documentary evidence is verified.
It is understood that the verifying terminal is according to verification public key, to the cryptographic Hash that can verify that statement and signature It is verified, when passing through to the cryptographic Hash that can verify that statement and signature verification, according to proving program to the proof text After part is verified, proof terminal can be transmitted verification result to, zero-knowledge proof is utilized to realize, to distributed identity Corresponding can verify that statement carries out Information Authentication.
It is understood that the zero knowledge probative agreement of the succinct non-interactive knowledge proof system zk-SNARKs of Zero Knowledge It is current using extensive a set of zero-knowledge proof system, it realizes succinct non-interactive zero-knowledge proof, theoretically can It is enough that zero-knowledge proof is carried out to all the problem of being converted into mathematical logic verifying.The present embodiment is drawn in distributed identity The zero-knowledge proof scheme for entering zk-SNARKs can ask all available mathematical logic expression for the protection of identity information Topic carries out zero-knowledge proof, thus the present embodiment the method has wide applicability;Use zero-knowledge proof, it is possible to reduce The participation of third party's terminal in the verification, third party's terminal only need to carry out preparatory preparation, and subsequent proof procedure is only It needs to prove terminal and verifying terminal to complete, realizes the secret protection of distributed identity;Zero-knowledge proof is as distribution Formula identity can verify that statement uses, and exposed information can be reduced to most when verification information or data It is small, substantially increase the secret protection to user data and information.
Proof terminal provided in this embodiment is, it can be achieved that using zero-knowledge proof, to corresponding to distributed identity It can verify that statement carries out Information Authentication, exposed information can be reduced to minimum, greatly when verification information or data The secret protection to user data and information is improved greatly.
Proof terminal provided in an embodiment of the present invention, can be used for executing the technical side of embodiment of the method shown in earlier figures 3 Case, it is similar that the realization principle and technical effect are similar, and details are not described herein again.
Fig. 6 shows the entity structure schematic diagram of a kind of electronic equipment of one embodiment of the invention offer, as shown in fig. 6, The electronic equipment may include memory 602, processor 601 and be stored on memory 602 and can run on processor 601 Computer program, the step of processor 601 realizes the above method when executing described program, for example, verifying terminal Checking request is sent to proof terminal;It receives the proof terminal and can verify that statement, proof based on what the checking request returned File, the cryptographic Hash and signature that can verify that statement, the cryptographic Hash that can verify that statement and signature are credible third party terminals It is described proving terminal to be sent to, and the documentary evidence is the proof terminal according to disclosed in the credible third party terminal It can verify that statement and prove key and generate;According to verification public key, the cryptographic Hash that can verify that statement and signature are carried out Verifying, the verification public key is obtained from the credible third party terminal;If to the cryptographic Hash that can verify that statement with Signature verification passes through, then according to proving program, verifies to the documentary evidence, transmit verification result to proof terminal, The proving program is generated according to the authentication secret obtained from the credible third party terminal;Wherein, the verifying Terminal, the proof terminal and the credible third party terminal are respectively provided with respective distributed identity;Alternatively, packet It includes: proving that terminal receives the checking request that verifying terminal is sent;Based on the checking request, can be tested to verifying terminal transmission Statement, documentary evidence, the cryptographic Hash and signature that can verify that statement are demonstrate,proved, so that the verifying terminal is to the Kazakhstan that can verify that statement Uncommon value is verified with signature and the documentary evidence, and the cryptographic Hash that can verify that statement and signature are from the trusted What third party's terminal obtained, the documentary evidence is to can verify that statement and proof according to disclosed in the credible third party terminal Key and generate;Receive the verification result that the verifying terminal is sent;Wherein, the verifying terminal, the proof terminal and The credible third party terminal is respectively provided with respective distributed identity.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium, is stored thereon with computer program, should The step of above method is realized when computer program is executed by processor, for example, verifying terminal is tested to proof terminal transmission Card request;Receive the proof terminal can verify that statement, documentary evidence, can verify that statement based on what the checking request returned Cryptographic Hash and signature, the cryptographic Hash that can verify that statement and signature are that credible third party terminal is sent to the proof terminal , the documentary evidence is that the proof terminal can verify that statement according to disclosed in the credible third party terminal and prove close Key and generate;According to verification public key, the cryptographic Hash that can verify that statement is verified with signature, the verification public key is It is obtained from the credible third party terminal;If passing through to the cryptographic Hash that can verify that statement with signature verification, basis Proving program verifies the documentary evidence, transmits verification result to proof terminal, the proving program be according to from Authentication secret that the credible third party terminal obtains and generate;Wherein, the verifying terminal, the proof terminal and institute It states credible third party terminal and is respectively provided with respective distributed identity;Or, comprising: prove that terminal receives verifying terminal The checking request of transmission;Based on the checking request, it can verify that statement to verifying terminal transmission, documentary evidence, can verify that The cryptographic Hash and signature of statement, so that the verifying terminal is to the cryptographic Hash that can verify that statement and signature and the proof File is verified, and the cryptographic Hash that can verify that statement and signature are obtained from the credible third party terminal, described Documentary evidence is to can verify that statement according to disclosed in the credible third party terminal and prove key and generate;Described in reception Verify the verification result that terminal is sent;Wherein, the verifying terminal, the proof terminal and the credible third party terminal point It Ju You not respective distributed identity.
The apparatus embodiments described above are merely exemplary, wherein described, unit can as illustrated by the separation member It is physically separated with being or may not be, component shown as a unit may or may not be physics list Member, it can it is in one place, or may be distributed over multiple network units.It can be selected according to the actual needs In some or all of the modules achieve the purpose of the solution of this embodiment.Those of ordinary skill in the art are not paying creativeness Labour in the case where, it can understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should Computer software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including several fingers It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation Method described in certain parts of example or embodiment.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features; And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and Range.

Claims (10)

1. a kind of zero-knowledge proof method based on distributed identity characterized by comprising
It verifies terminal and sends checking request to proof terminal;
It receives the proof terminal and can verify that statement, documentary evidence, the Kazakhstan that can verify that statement based on what the checking request returned Uncommon value and signature, the cryptographic Hash that can verify that statement and signature are that credible third party terminal is sent to the proof terminal , the documentary evidence is that the proof terminal can verify that statement according to disclosed in the credible third party terminal and prove close Key and generate;
According to verification public key, the cryptographic Hash that can verify that statement is verified with signature, the verification public key is from described What credible third party terminal obtained;
If passing through to the cryptographic Hash that can verify that statement with signature verification, according to proving program, to the documentary evidence into Row verifying, transmits verification result to proof terminal, and the proving program is obtained according to from the credible third party terminal Authentication secret and generate;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distribution Identity.
2. the zero-knowledge proof method according to claim 1 based on distributed identity, which is characterized in that described According to proving program, the documentary evidence is verified, comprising:
According to proving program, Information hiding verifying is carried out to the documentary evidence;
Alternatively,
According to proving program, information condition verifying is carried out to the documentary evidence.
3. the zero-knowledge proof method according to claim 2 based on distributed identity, which is characterized in that described According to proving program, Information hiding verifying is carried out to the documentary evidence, comprising:
According to proving program, by verifying the first formula, Information hiding verifying is carried out to the documentary evidence;
Wherein, first formula are as follows:
Hash (X+D)==H;
Wherein, H is the cryptographic Hash that can verify that the binary data calculating after statement conversion, is open reliable information;D is institute Proof terminal is stated in the documentary evidence to the information disclosed in can verify that statement for being converted into binary data, X is the card Bright terminal is in the documentary evidence to the privacy information that can verify that statement is hiding for being converted into binary data.
4. the zero-knowledge proof method according to claim 2 based on distributed identity, which is characterized in that described According to proving program, information condition verifying is carried out to the documentary evidence, comprising:
According to proving program, by verifying the second formula, information condition verifying is carried out to the documentary evidence;
Wherein, second formula are as follows:
Hash (V)==Hand S
Wherein, H is the cryptographic Hash that can verify that the binary data calculating after statement conversion, is open reliable information;V is to turn The complete information that can verify that statement of binary data is turned to, the privacy hidden in the documentary evidence for the proof terminal Information;S be the information X ' to be verified that is extracted from V in the documentary evidence of proof terminal to be verified meet condition.
5. a kind of zero-knowledge proof method based on distributed identity characterized by comprising
Prove that terminal receives the checking request that verifying terminal is sent;
Based on the checking request, statement, documentary evidence, the cryptographic Hash that can verify that statement can verify that verifying terminal transmission With signature so that the verifying terminal tests the cryptographic Hash that can verify that statement with signature and the documentary evidence Card, the cryptographic Hash that can verify that statement and signature are obtained from the credible third party terminal, and the documentary evidence is It can verify that statement according to disclosed in the credible third party terminal and prove key and generate;
Receive the verification result that the verifying terminal is sent;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distribution Identity.
6. the zero-knowledge proof method according to claim 5 based on distributed identity, which is characterized in that described Based on the checking request, statement, documentary evidence, the cryptographic Hash and label that can verify that statement can verify that verifying terminal transmission Before name, the method also includes:
It obtained from the credible third party terminal and can verify that statement, can verify that the cryptographic Hash of statement and sign and prove key;
It can verify that statement and proof key according to described, generate documentary evidence.
7. a kind of verifying terminal characterized by comprising
First sending module, for sending checking request to proof terminal;
First receiving module can verify that statement, proof text based on what the checking request returned for receiving the proof terminal Part, the cryptographic Hash and signature that can verify that statement, the cryptographic Hash that can verify that statement and signature are credible third party terminal hairs It is described proving terminal to give, and the documentary evidence is that the proof terminal can according to disclosed in the credible third party terminal Verifying is stated and proves key and generate;
First authentication module, it is described for being verified with signature to the cryptographic Hash that can verify that statement according to verification public key Verification public key is obtained from the credible third party terminal;
Second authentication module, if for passing through to the cryptographic Hash that can verify that statement with signature verification, according to proving program, The documentary evidence is verified, transmits verification result to proof terminal, the proving program is according to from described credible Appoint the authentication secret of third party's terminal acquisition and generates;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distribution Identity.
8. a kind of proof terminal characterized by comprising
Second receiving module, the checking request sent for receiving verifying terminal;
Second sending module, for be based on the checking request, to the verifying terminal send can verify that statement, documentary evidence, It can verify that the cryptographic Hash and signature of statement, so that the verifying terminal is to the cryptographic Hash that can verify that statement and signature and institute It states documentary evidence to be verified, the cryptographic Hash that can verify that statement and signature are obtained from the credible third party terminal , the documentary evidence is to can verify that statement according to disclosed in the credible third party terminal and prove key and generate;
Third receiving module, the verification result sent for receiving the verifying terminal;
Wherein, the verifying terminal, the proof terminal and the credible third party terminal are respectively provided with respective distribution Identity.
9. a kind of electronic equipment including memory, processor and stores the calculating that can be run on a memory and on a processor Machine program, which is characterized in that the processor is realized when executing described program such as any one of claim 1 to 6 the method Step.
10. a kind of non-transient computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer It is realized when program is executed by processor such as the step of any one of claim 1 to 6 the method.
CN201910493263.3A 2019-06-06 2019-06-06 Zero-knowledge proof method and terminal based on distributed identity Active CN110224837B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910493263.3A CN110224837B (en) 2019-06-06 2019-06-06 Zero-knowledge proof method and terminal based on distributed identity

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910493263.3A CN110224837B (en) 2019-06-06 2019-06-06 Zero-knowledge proof method and terminal based on distributed identity

Publications (2)

Publication Number Publication Date
CN110224837A true CN110224837A (en) 2019-09-10
CN110224837B CN110224837B (en) 2021-11-19

Family

ID=67816111

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910493263.3A Active CN110224837B (en) 2019-06-06 2019-06-06 Zero-knowledge proof method and terminal based on distributed identity

Country Status (1)

Country Link
CN (1) CN110224837B (en)

Cited By (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768791A (en) * 2019-09-24 2020-02-07 北京八分量信息科技有限公司 Zero-knowledge proof data interaction method, node and equipment
CN110851857A (en) * 2019-10-14 2020-02-28 上海唯链信息科技有限公司 Method and device for realizing identity endorsement on block chain
CN110933117A (en) * 2020-02-18 2020-03-27 支付宝(杭州)信息技术有限公司 Derivation and verification method, device and equipment of digital identity information
CN111125741A (en) * 2019-12-31 2020-05-08 广东卓启投资有限责任公司 Zero knowledge verification method based on block chain
CN111125731A (en) * 2019-12-11 2020-05-08 支付宝(杭州)信息技术有限公司 Business processing method, device and equipment based on verifiable statement
CN111190974A (en) * 2020-04-10 2020-05-22 支付宝(杭州)信息技术有限公司 Method, device and equipment for forwarding and acquiring verifiable statement
CN111245626A (en) * 2020-01-19 2020-06-05 平安科技(深圳)有限公司 Zero knowledge proving method, device and storage medium
CN111447073A (en) * 2020-03-31 2020-07-24 河北大学 Identity management and authentication system and method based on block chain and zero-knowledge proof
CN111600844A (en) * 2020-04-17 2020-08-28 丝链(常州)控股有限公司 Identity distribution and authentication method based on zero-knowledge proof
CN111814195A (en) * 2020-09-04 2020-10-23 支付宝(杭州)信息技术有限公司 Data management method, device and equipment based on trusted hardware
CN111882743A (en) * 2020-07-23 2020-11-03 浙江永旗区块链科技有限公司 Anonymous voting statistical method and system
CN112199714A (en) * 2020-12-04 2021-01-08 支付宝(杭州)信息技术有限公司 Privacy protection method and device based on block chain and electronic equipment
CN112235114A (en) * 2020-09-25 2021-01-15 西安纸贵互联网科技有限公司 Service processing system based on block chain
CN112380287A (en) * 2020-11-13 2021-02-19 浙江数秦科技有限公司 Distributed credible statement generation method, system, equipment and storage medium
CN112580102A (en) * 2020-12-29 2021-03-30 郑州大学 Multi-dimensional digital identity authentication system based on block chain
CN112636922A (en) * 2020-12-21 2021-04-09 电子科技大学 IOT identity authentication method based on non-interactive zero-knowledge proof
CN112732832A (en) * 2021-01-06 2021-04-30 上海泰砥科技有限公司 DID and zero knowledge proof based block chain supply chain financial supply method and system
CN112738177A (en) * 2020-12-22 2021-04-30 网易(杭州)网络有限公司 Block chain-based attestation system, method, apparatus, electronic device, and medium
CN113037493A (en) * 2021-02-27 2021-06-25 上海泰砥科技有限公司 Block chain zero-knowledge proof anonymous credential verification method and system based on DID identity
WO2021139605A1 (en) * 2020-01-09 2021-07-15 Alipay Labs (singapore) Pte. Ltd. Methods and devices for providing decentralized identity verification
CN113221148A (en) * 2021-05-27 2021-08-06 中国人民银行数字货币研究所 Information verification method and device
CN113221089A (en) * 2021-03-15 2021-08-06 东北大学 Privacy protection attribute authentication system and method based on verifiable statement
CN113282956A (en) * 2021-06-03 2021-08-20 网易(杭州)网络有限公司 House purchasing data processing method, device and system and electronic equipment
CN113452704A (en) * 2021-06-28 2021-09-28 湖南天河国云科技有限公司 Distributed identity identification-based credible interconnection method and device for heterogeneous industrial equipment
CN113806809A (en) * 2021-11-17 2021-12-17 北京溪塔科技有限公司 Job seeker information disclosure method and system based on block chain
CN114389810A (en) * 2022-02-25 2022-04-22 蚂蚁区块链科技(上海)有限公司 Certificate generation method and device, electronic device and storage medium
US11354448B2 (en) 2020-09-04 2022-06-07 Alipay (Hangzhou) Information Technology Co., Ltd. Demand trusted device-based data acquisition methods, apparatuses, and devices
US11354447B2 (en) 2020-08-28 2022-06-07 Alipay (Hangzhou) Information Technology Co., Ltd. Data authorization information acquisition methods, apparatuses, and devices
US11362815B2 (en) 2020-08-28 2022-06-14 Alipay (Hangzhou) Information Technology Co., Ltd. Trusted data transmission methods, apparatuses, and devices
US11386191B2 (en) 2020-09-15 2022-07-12 Alipay (Hangzhou) Information Technology Co., Ltd. Trusted hardware-based identity management methods, apparatuses, and devices
CN114785511A (en) * 2022-02-25 2022-07-22 蚂蚁区块链科技(上海)有限公司 Certificate generation method and device, electronic device and storage medium
CN114900354A (en) * 2022-05-05 2022-08-12 国网山东省电力公司德州供电公司 Distributed identity authentication and management method and system for energy data
US11455417B2 (en) 2020-09-04 2022-09-27 Alipay (Hangzhou) Information Technology Co., Ltd. Data processing methods, apparatuses, and devices
US11494511B2 (en) 2020-09-15 2022-11-08 Alipay (Hangzhou) Information Technology Co., Ltd. Data processing methods, apparatuses, and devices
US11604894B2 (en) 2020-07-24 2023-03-14 Alipay (Hangzhou) Information Technology Co., Ltd. Data processing methods, apparatuses, devices, and media
US11614929B2 (en) 2020-08-28 2023-03-28 Alipay (Hangzhou) Information Technology Co., Ltd. Identity registration methods, apparatuses, and devices
US11652879B2 (en) 2020-08-28 2023-05-16 Alipay (Hangzhou) Information Technology Co., Ltd. Matching methods, apparatuses, and devices based on trusted asset data
US11726968B2 (en) 2020-09-15 2023-08-15 Alipay (Hangzhou) Information Technology Co., Ltd. Methods, apparatuses, and devices for transferring data assets based on blockchain

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108805582A (en) * 2017-04-28 2018-11-13 国际商业机器公司 Zero Knowledge third party's service in the computing platform of decentralization ensures
US20180365691A1 (en) * 2017-06-15 2018-12-20 KoopaCoin LLC Identity ledger in crypto currency transactions
CN109245897A (en) * 2018-08-23 2019-01-18 北京邮电大学 A kind of node authentication method and device based on noninteractive zero-knowledge proof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108805582A (en) * 2017-04-28 2018-11-13 国际商业机器公司 Zero Knowledge third party's service in the computing platform of decentralization ensures
US20180365691A1 (en) * 2017-06-15 2018-12-20 KoopaCoin LLC Identity ledger in crypto currency transactions
CN109245897A (en) * 2018-08-23 2019-01-18 北京邮电大学 A kind of node authentication method and device based on noninteractive zero-knowledge proof

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
刘明达 等: "基于区块链的分布式可信网络连接架构", 《软件学报》 *

Cited By (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768791B (en) * 2019-09-24 2022-11-04 北京八分量信息科技有限公司 Data interaction method, node and equipment with zero knowledge proof
CN110768791A (en) * 2019-09-24 2020-02-07 北京八分量信息科技有限公司 Zero-knowledge proof data interaction method, node and equipment
CN110851857A (en) * 2019-10-14 2020-02-28 上海唯链信息科技有限公司 Method and device for realizing identity endorsement on block chain
CN110851857B (en) * 2019-10-14 2022-07-01 上海唯链信息科技有限公司 Method and device for realizing identity endorsement on block chain
CN111125731A (en) * 2019-12-11 2020-05-08 支付宝(杭州)信息技术有限公司 Business processing method, device and equipment based on verifiable statement
WO2021114872A1 (en) * 2019-12-11 2021-06-17 支付宝(杭州)信息技术有限公司 Verifiable claim-based service processing method, apparatus, and device
CN111125741B (en) * 2019-12-31 2022-07-01 广东卓启投资有限责任公司 Zero knowledge verification method based on block chain
CN111125741A (en) * 2019-12-31 2020-05-08 广东卓启投资有限责任公司 Zero knowledge verification method based on block chain
CN114846765A (en) * 2020-01-09 2022-08-02 支付宝实验室(新加坡)有限公司 Method and apparatus for providing decentralized identity verification
CN114846765B (en) * 2020-01-09 2024-01-09 支付宝实验室(新加坡)有限公司 Method and apparatus for providing decentralised identity verification
WO2021139605A1 (en) * 2020-01-09 2021-07-15 Alipay Labs (singapore) Pte. Ltd. Methods and devices for providing decentralized identity verification
CN111245626A (en) * 2020-01-19 2020-06-05 平安科技(深圳)有限公司 Zero knowledge proving method, device and storage medium
CN111245626B (en) * 2020-01-19 2021-05-18 平安科技(深圳)有限公司 Zero knowledge proving method, device and storage medium
CN110933117A (en) * 2020-02-18 2020-03-27 支付宝(杭州)信息技术有限公司 Derivation and verification method, device and equipment of digital identity information
CN111447073A (en) * 2020-03-31 2020-07-24 河北大学 Identity management and authentication system and method based on block chain and zero-knowledge proof
CN111447073B (en) * 2020-03-31 2023-04-18 河北大学 Identity management and authentication system and method based on block chain and zero-knowledge proof
CN111190974A (en) * 2020-04-10 2020-05-22 支付宝(杭州)信息技术有限公司 Method, device and equipment for forwarding and acquiring verifiable statement
CN111600844A (en) * 2020-04-17 2020-08-28 丝链(常州)控股有限公司 Identity distribution and authentication method based on zero-knowledge proof
CN111882743A (en) * 2020-07-23 2020-11-03 浙江永旗区块链科技有限公司 Anonymous voting statistical method and system
US11604894B2 (en) 2020-07-24 2023-03-14 Alipay (Hangzhou) Information Technology Co., Ltd. Data processing methods, apparatuses, devices, and media
US11354447B2 (en) 2020-08-28 2022-06-07 Alipay (Hangzhou) Information Technology Co., Ltd. Data authorization information acquisition methods, apparatuses, and devices
US11614929B2 (en) 2020-08-28 2023-03-28 Alipay (Hangzhou) Information Technology Co., Ltd. Identity registration methods, apparatuses, and devices
US11652879B2 (en) 2020-08-28 2023-05-16 Alipay (Hangzhou) Information Technology Co., Ltd. Matching methods, apparatuses, and devices based on trusted asset data
US11362815B2 (en) 2020-08-28 2022-06-14 Alipay (Hangzhou) Information Technology Co., Ltd. Trusted data transmission methods, apparatuses, and devices
CN111814195B (en) * 2020-09-04 2021-05-25 支付宝(杭州)信息技术有限公司 Data management method, device and equipment based on trusted hardware
US11455417B2 (en) 2020-09-04 2022-09-27 Alipay (Hangzhou) Information Technology Co., Ltd. Data processing methods, apparatuses, and devices
CN111814195A (en) * 2020-09-04 2020-10-23 支付宝(杭州)信息技术有限公司 Data management method, device and equipment based on trusted hardware
US11341284B2 (en) 2020-09-04 2022-05-24 Alipay (Hangzhou) Information Technology Co., Ltd. Trusted hardware-based data management methods, apparatuses, and devices
US11354448B2 (en) 2020-09-04 2022-06-07 Alipay (Hangzhou) Information Technology Co., Ltd. Demand trusted device-based data acquisition methods, apparatuses, and devices
US11726968B2 (en) 2020-09-15 2023-08-15 Alipay (Hangzhou) Information Technology Co., Ltd. Methods, apparatuses, and devices for transferring data assets based on blockchain
US11386191B2 (en) 2020-09-15 2022-07-12 Alipay (Hangzhou) Information Technology Co., Ltd. Trusted hardware-based identity management methods, apparatuses, and devices
US11494511B2 (en) 2020-09-15 2022-11-08 Alipay (Hangzhou) Information Technology Co., Ltd. Data processing methods, apparatuses, and devices
CN112235114A (en) * 2020-09-25 2021-01-15 西安纸贵互联网科技有限公司 Service processing system based on block chain
CN112235114B (en) * 2020-09-25 2023-09-19 西安纸贵互联网科技有限公司 Block chain-based service processing system
CN112380287A (en) * 2020-11-13 2021-02-19 浙江数秦科技有限公司 Distributed credible statement generation method, system, equipment and storage medium
CN112380287B (en) * 2020-11-13 2022-06-10 浙江数秦科技有限公司 Distributed credible statement generation method, system, equipment and storage medium
CN112199714A (en) * 2020-12-04 2021-01-08 支付宝(杭州)信息技术有限公司 Privacy protection method and device based on block chain and electronic equipment
CN112636922A (en) * 2020-12-21 2021-04-09 电子科技大学 IOT identity authentication method based on non-interactive zero-knowledge proof
CN112738177A (en) * 2020-12-22 2021-04-30 网易(杭州)网络有限公司 Block chain-based attestation system, method, apparatus, electronic device, and medium
CN112738177B (en) * 2020-12-22 2022-08-05 网易(杭州)网络有限公司 Block chain-based attestation system, method, apparatus, electronic device, and medium
CN112580102A (en) * 2020-12-29 2021-03-30 郑州大学 Multi-dimensional digital identity authentication system based on block chain
CN112732832B (en) * 2021-01-06 2024-02-13 上海泰砥科技有限公司 Block chain supply chain financial supply method and system based on DID and zero knowledge proof
CN112732832A (en) * 2021-01-06 2021-04-30 上海泰砥科技有限公司 DID and zero knowledge proof based block chain supply chain financial supply method and system
CN113037493A (en) * 2021-02-27 2021-06-25 上海泰砥科技有限公司 Block chain zero-knowledge proof anonymous credential verification method and system based on DID identity
CN113221089A (en) * 2021-03-15 2021-08-06 东北大学 Privacy protection attribute authentication system and method based on verifiable statement
CN113221089B (en) * 2021-03-15 2023-11-07 东北大学 Privacy protection attribute authentication system and method based on verifiable statement
CN113221148A (en) * 2021-05-27 2021-08-06 中国人民银行数字货币研究所 Information verification method and device
CN113282956A (en) * 2021-06-03 2021-08-20 网易(杭州)网络有限公司 House purchasing data processing method, device and system and electronic equipment
CN113282956B (en) * 2021-06-03 2022-04-29 网易(杭州)网络有限公司 House purchasing data processing method, device and system and electronic equipment
CN113452704B (en) * 2021-06-28 2022-08-09 湖南天河国云科技有限公司 Distributed identity identification-based credible interconnection method and device for heterogeneous industrial equipment
CN113452704A (en) * 2021-06-28 2021-09-28 湖南天河国云科技有限公司 Distributed identity identification-based credible interconnection method and device for heterogeneous industrial equipment
CN113806809A (en) * 2021-11-17 2021-12-17 北京溪塔科技有限公司 Job seeker information disclosure method and system based on block chain
WO2023160097A1 (en) * 2022-02-25 2023-08-31 蚂蚁区块链科技(上海)有限公司 Proof generation method and apparatus, electronic device, and storage medium
CN114785511A (en) * 2022-02-25 2022-07-22 蚂蚁区块链科技(上海)有限公司 Certificate generation method and device, electronic device and storage medium
CN114389810A (en) * 2022-02-25 2022-04-22 蚂蚁区块链科技(上海)有限公司 Certificate generation method and device, electronic device and storage medium
CN114900354A (en) * 2022-05-05 2022-08-12 国网山东省电力公司德州供电公司 Distributed identity authentication and management method and system for energy data
CN114900354B (en) * 2022-05-05 2023-08-29 国网山东省电力公司德州供电公司 Distributed identity authentication and management method and system for energy data

Also Published As

Publication number Publication date
CN110224837B (en) 2021-11-19

Similar Documents

Publication Publication Date Title
CN110224837A (en) Zero-knowledge proof method and terminal based on distributed identity
US11212102B2 (en) System and method for an electronic identity brokerage
CN109005036B (en) Block chain member management method and system based on identification cipher algorithm
CN104767613B (en) Signature verification method, apparatus and system
CN108390872B (en) Certificate management method, device, medium and electronic equipment
Leiding et al. Authcoin: validation and authentication in decentralized networks
CN102170356B (en) Authentication system realizing method supporting exclusive control of digital signature key
Bernabe et al. ARIES: Evaluation of a reliable and privacy-preserving European identity management framework
CN112839046B (en) Traceable anonymous crowdsourcing method and system based on block chain
CN110365662B (en) Business approval method and device
CN110532806A (en) Bidding documents management method, system and computer readable storage medium
Bogatov et al. Anonymous transactions with revocation and auditing in hyperledger fabric
Li et al. Privacy‐aware PKI model with strong forward security
CN109104419A (en) A kind of generation method and system of block chain account
CN110365488A (en) Based on the authentication method under untrusted environment, apparatus and system
CN110278082A (en) A kind of the group member dissemination method and equipment of group's digital signature
CN106851635A (en) A kind of distributed signature method and system of identity-based
CN109948370A (en) A kind of method for processing business based on block chain, device and electronic equipment
CN109299333A (en) Block chain network account book member management method, device, equipment and storage medium
CN114944937B (en) Distributed digital identity verification method, system, electronic equipment and storage medium
CN109902508A (en) A kind of method for authenticating entities and system of the anonymity of voucher label originator
CN109034794A (en) Supply chain dynamic management approach, electronic equipment, storage medium and system
CN105871555A (en) Electronic document forgery prevention and tampering prevention method based on asymmetric identity
CN111553443A (en) Training method and device for referee document processing model and electronic equipment
Baniata et al. Prifob: a privacy-aware fog-enhanced blockchain-based system for global accreditation and credential verification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Yang Wentao

Inventor after: Wang Hu

Inventor after: Chen Chang

Inventor after: An Shijie

Inventor before: Li Wei

Inventor before: Wang Hu

Inventor before: Chen Chang

Inventor before: Yang Wentao

GR01 Patent grant
GR01 Patent grant