CN110289962B - UTXO model-based IBE key updating method and device - Google Patents

UTXO model-based IBE key updating method and device Download PDF

Info

Publication number
CN110289962B
CN110289962B CN201910661438.7A CN201910661438A CN110289962B CN 110289962 B CN110289962 B CN 110289962B CN 201910661438 A CN201910661438 A CN 201910661438A CN 110289962 B CN110289962 B CN 110289962B
Authority
CN
China
Prior art keywords
target user
information
key
target
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910661438.7A
Other languages
Chinese (zh)
Other versions
CN110289962A (en
Inventor
孙涛
王栋
甄平
玄佳兴
廖会敏
赵丽花
王俊生
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guowang Xiongan Finance Technology Group Co ltd
State Grid Digital Technology Holdings Co ltd
State Grid Corp of China SGCC
Original Assignee
Guowang Xiongan Finance Technology Group Co ltd
State Grid Corp of China SGCC
State Grid E Commerce Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guowang Xiongan Finance Technology Group Co ltd, State Grid Corp of China SGCC, State Grid E Commerce Co Ltd filed Critical Guowang Xiongan Finance Technology Group Co ltd
Priority to CN201910661438.7A priority Critical patent/CN110289962B/en
Publication of CN110289962A publication Critical patent/CN110289962A/en
Application granted granted Critical
Publication of CN110289962B publication Critical patent/CN110289962B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides an IBE key updating method and device based on a UTXO model, comprising the following steps: under the condition that the key of the target user needs to be updated, acquiring the latest updated UTXO transaction information aiming at the target user from the block chain; acquiring the identity identification information of a target user from the output information in the UTXO transaction information; if the target user is a non-supervised user, changing the main private key and the main public key of the target user, and updating the private key of the target user by using the identity identification information of the target user and the changed main public key; or if the target user is a non-supervised user, the identity identification information of the target user is changed, and the private key of the target user is updated by using the master public key of the target user and the changed identity identification information. In the application, the key of the target user can be updated in the above manner.

Description

UTXO model-based IBE key updating method and device
Technical Field
The present application relates to the field of computer technologies, and in particular, to an IBE key updating method and apparatus based on a UTXO model.
Background
At present, in an Identity Based Encryption (IBE) scheme, a KGC (key generation center) generates a main public key and a main private key, and the KGC generates a private key for a user by using the main public key, the main private key, and user Identity information (such as name, e-mail, Identity number, and the like), where the user Identity information is a public key, and digital certificate binding is not required, so that a problem of complex digital certificate management in a PKI scheme can be avoided.
However, how to update the user key in the IBE scheme becomes a problem.
Disclosure of Invention
In order to solve the foregoing technical problems, embodiments of the present application provide an IBE key updating method and apparatus based on a UTXO model, so as to achieve the purpose of updating a key of a target user, and the technical solution is as follows:
an IBE key updating method based on a UTXO model comprises the following steps:
under the condition that a key of a target user needs to be updated, acquiring UTXO transaction information which is updated latest for the target user from a block chain;
acquiring the identity identification information of the target user from the output information in the UTXO transaction information;
if the target user is a non-supervised user, changing the main private key and the main public key of the target user, and updating the private key of the target user by using the identity information of the target user and the changed main private key and the changed main public key;
or if the target user is a non-supervised user, changing the identity identification information of the target user, and updating the private key of the target user by using the master public key of the target user and the changed identity identification information.
Preferably, the method further comprises:
and if the target user is a supervised user, changing the identity identification information of the target user, and updating the private key of the target user by using the main private key and the main public key of the supervision mechanism and the changed identity identification information.
Preferably, the method further comprises:
taking an index pointing to the position of the output information in the UTXO transaction information in the block chain and the hash value of the UTXO transaction information as target input information;
taking the public parameters containing the changed main public key and the identity identification information of the target user as target output information; or, the public parameter containing the main public key of the target user and the changed identity information are used as target output information;
and issuing target UTXO transaction information comprising the target input information and the target output information into the block chain.
Preferably, the target output information further includes: the updated key use validity period of the target user;
the target UTXO transaction information further includes: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
Preferably, the method further comprises:
and under the condition that the key of the target user needs to be logged off, setting output information in the UTXO transaction information which is updated for the target user newly to be null, and issuing the UTXO transaction information of which the output information is set to be null to the block chain.
An IBE key updating apparatus based on a UTXO model, comprising:
the system comprises a first acquisition module, a first updating module and a second acquisition module, wherein the first acquisition module is used for acquiring the UTXO transaction information which is updated latest aiming at a target user from a block chain under the condition that a key of the target user needs to be updated;
the second acquisition module is used for acquiring the identification information of the target user from the output information in the UTXO transaction information;
the first updating module is used for changing the main private key and the main public key of the target user if the target user is a non-supervised user, and updating the private key of the target user by using the identity information of the target user and the changed main private key and main public key;
or, the second updating module is configured to, if the target user is an unsupervised user, change the identification information of the target user, and update the private key of the target user by using the master private key and the master public key of the target user and the changed identification information.
Preferably, the apparatus further comprises:
and the third updating module is used for changing the identity identification information of the target user if the target user is a supervised user, and updating the private key of the target user by using the master private key and the master public key of the supervision mechanism and the changed identity identification information.
Preferably, the apparatus further comprises:
a first determining module, configured to use an index pointing to a position of output information in the UTXO transaction information in the block chain and a hash value of the UTXO transaction information as target input information;
a second determining module, configured to use the public parameter including the changed master public key and the identity information of the target user as target output information; or, the public parameter containing the main public key of the target user and the changed identity information are used as target output information;
a first publishing module for publishing target UTXO transaction information including the target input information and the target output information into the block chain.
Preferably, the target output information further includes: the updated key use validity period of the target user;
the target UTXO transaction information further includes: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
Preferably, the apparatus further comprises:
and the second issuing module is used for setting output information in the UTXO transaction information which is updated aiming at the target user newly to be null under the condition that the key of the target user needs to be cancelled, and issuing the UTXO transaction information of which the output information is set to be null to the block chain.
Compared with the prior art, the beneficial effect of this application is:
in the application, under the condition that the key of the target user needs to be updated, if the target user is an unsupervised user, the identity information of the target user is obtained from the output information in the UTXO transaction information, the master private key and the master public key of the target user are changed, and the private key of the target user is updated by using the identity information of the target user and the changed master private key and master public key, or the identity information of the target user is changed, and the private key of the target user is updated by using the master private key and the master public key of the target user and the changed identity information, so that the key of the target user is updated.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive labor.
Fig. 1 is a flowchart of an embodiment 1 of an IBE key updating method based on a UTXO model provided in the present application;
FIG. 2 is a block chain architecture of the present application;
fig. 3 is a flowchart of an embodiment 2 of an IBE key updating method based on a UTXO model provided in the present application;
fig. 4 is a flowchart of an embodiment 3 of an IBE key updating method based on a UTXO model provided in the present application;
fig. 5 is a flowchart of an embodiment 4 of an IBE key updating method based on an UTXO model provided in the present application;
fig. 6 is a flowchart of an embodiment 5 of an IBE key updating method based on an UTXO model provided in the present application;
fig. 7 is a flowchart of an embodiment 6 of an IBE key updating method based on an UTXO model provided in the present application;
fig. 8 is a flowchart of embodiment 7 of an IBE key updating method based on the UTXO model provided in the present application;
fig. 9 is a schematic diagram of a logical structure of an IBE key updating apparatus based on a UTXO model according to the present application;
fig. 10 is a schematic diagram of a logic structure of another UTXO model-based IBE key updating apparatus provided in the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The embodiment of the application discloses an IBE key updating method based on a UTXO model, which comprises the following steps: under the condition that a key of a target user needs to be updated, acquiring UTXO transaction information which is updated latest for the target user from a block chain; if the target user is a non-supervised user, acquiring the identity identification information of the target user from the output information in the UTXO transaction information; changing the main private key and the main public key of the target user, and updating the private key of the target user by using the identity information of the target user and the changed main private key and the changed main public key; or changing the identity identification information of the target user, and updating the private key of the target user by using the main private key and the main public key of the target user and the changed identity information. In the application, the key of the target user can be updated.
As shown in fig. 1, a flowchart of an embodiment 1 of an IBE key updating method based on a UTXO model provided by the present application includes the following steps:
step S11, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
In this embodiment, the structure of the block chain may refer to fig. 2, as shown in fig. 2, the block chain is composed of a plurality of full nodes and a supervisory node, and each of the full nodes and the supervisory node stores the same data, such as the public key of the user (i.e., the identity information of the user) and the master public key generated by the KGC. The supervision node has higher authority relative to the whole node, is responsible for registering the initial identity information of the user, and updates the key of the user in a supervision mode. And users (representatives or various Internet of things terminal devices) realize mutual identity authentication and network information interaction through the block chain network connected with all nodes.
Blockchains can be understood as: a public chain or a federation chain.
It should be noted that the private key of the user and the master private key generated by the KGC are kept by the user and are not stored in the block chain, so that the private key and the master private key are prevented from being leaked.
And registering the identity information of the user and storing the registered identity information into the block chain.
It can be understood that registering the identity information of the user realizes the initial authentication of the identity of the user.
In this embodiment, each secret key update of the user is stored as a transaction record in the blockchain. The structure of the redefined UTXO transaction information is shown in table 1 with reference to the UTXO transaction form of the bitcoin. Each UTXO transaction information has only one input and one output, and the input information may be understood as information related to the user key before updating and the output information may be information related to the user key after updating.
TABLE 1
Figure GDA0002486545490000061
As shown in table 1, the identity information of the transaction issuer can be understood as: information that can indicate the identity of the transaction issuer.
The index in the input is used for indicating the position where the index is output in the last UTXO transaction information, namely indicating the identity information and the public parameters (such as the main public key, the IBE-based password parameters and other information) before the user key is updated; the Hash value in the input is the result of Hash operation on the last UTXO transaction information so as to verify the integrity of the UTXO transaction information.
The output includes: and updating the corresponding identity information, the public parameter and the validity period after the user key is updated. The identity identification information consists of fixed identity identification information and variable identity identification information, the fixed identity identification information is an identity identification of user initial authentication, and the identity identification information is kept unchanged all the time in the subsequent updating process, so that the self-identity-identifying property of the identity identification can be improved. The public parameters mainly comprise a main public key, IBE-based password parameters and other information; the validity period represents a valid service life after the user key is updated, and may be one week, one month, one year, or the like.
The signature information indicates that the entire UTXO transaction information (i.e., input and output) is signed using the user key before update to ensure validity of the entire UTXO transaction information.
It should be noted that the identification information of the user is the public key of the user.
It is understood that the structure of the UTXO transaction information that is updated for the target user last may refer to the structure of the transaction information shown in table 1, and will not be described herein again.
The UTXO transaction information that is updated most recently for the target user may be understood as: UTXO transaction information newly published into the blockchain for the target user.
Of course, the validity period and signature information in table 1 are not required, and whether the validity period or signature information is included in the UTXO transaction information may be selected as desired.
And step S12, obtaining the identification information of the target user from the output information in the UTXO transaction information.
In this embodiment, the identification information of the target user is directly obtained from the output information in the UTXO transaction information, and the master public key of the target user is obtained from the public parameter in the output information.
The identification information of the target user comprises: fixed identification information and variable identification information.
In this embodiment, the user key updating modes are divided into two types: a supervised mode and an unsupervised mode. The supervision mode is that the supervision mechanism is used as KGC to generate a main public key and a main private key, the main public key and the main private key are used to generate a private key of a user, relevant encrypted information of the user is monitored, and the supervision mechanism is used as a UTXO transaction information publisher.
The non-supervision mode indicates that the supervision mechanism cannot acquire the private key, the related encryption information and the like of the user, the user is used as the KGC to generate the main public key and the main private key, and the private key of the user is generated by utilizing the main public key and the main private key.
Step S13, if the target user is a non-supervised user, changing the master private key and the master public key of the target user, and updating the private key of the target user by using the identification information of the target user and the changed master private key and master public key.
The target user is an unsupervised user, and can be understood as follows: the current key update mode is the unsupervised mode.
In this embodiment, the master private key and the master public key of the target user are changed, the identification information of the target user is not changed, and the private key of the target user is updated by changing the master private key and the master public key of the target user. When the private key of the target user is updated, the identity self-identity of the target user can be improved,
in the application, under the condition that the key of the target user needs to be updated, if the target user is an unsupervised user, the identity information of the target user and the main private key and the main public key of the target user are obtained from the output information in the UTXO transaction information, the main private key and the main public key of the target user are changed, the private key of the target user is updated by using the identity information of the target user and the changed main private key and main public key, and the key of the target user is updated.
Moreover, the block chain is utilized to realize the inquiring, traceable and non-falsification of the key updating process, and the method has higher practical value.
As shown in fig. 3, a flowchart of an embodiment 2 of an IBE key updating method based on a UTXO model provided by the present application includes the following steps:
step S21, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S22, obtaining the identification information of the target user from the output information in the UTXO transaction information.
The detailed procedures of steps S21-S22 can be referred to the related descriptions of steps S11-S12 in embodiment 1, and are not described herein again.
Step S23, if the target user is a non-supervised user, changing the identification information of the target user, and updating the private key of the target user by using the master private key and the master public key of the target user and the changed identification information.
In this embodiment, the identification information of the target user is changed, the master private key and the master public key of the target user are kept unchanged, and the private key of the target user is updated by using the master private key and the master public key of the target user and the changed identification information.
Certainly, when the target user is an unsupervised user and the private key of the target user is leaked, it is indicated that the identification information of the target user may be leaked, and therefore the identification information of the target user needs to be changed. Therefore, the identity identification information of the target user is also changed, and the private key of the target user is updated by using the main private key and the main public key of the target user and the changed identity information.
In the application, under the condition that the key of the target user needs to be updated, if the target user is an unsupervised user, the identity identification information of the target user, the main private key and the main public key of the target user are obtained from the output information in the UTXO transaction information, the identity identification information of the target user is changed, the private key of the target user is updated by using the main private key and the main public key of the target user and the changed identity identification information, and the key of the target user is updated, so that the key of the target user is updated.
As shown in fig. 4, a flowchart of embodiment 3 of an IBE key updating method based on a UTXO model provided by the present application includes the following steps:
step S31, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S32, obtaining the identification information of the target user from the output information in the UTXO transaction information.
The detailed procedures of steps S31-S32 can be referred to the related descriptions of steps S11-S12 in embodiment 1, and are not described herein again.
Step S33, if the target user is a supervised user, changing the identification information of the target user, and updating the private key of the target user by using the master private key and the master public key of the supervising authority and the changed identification information.
If the target user is a supervised user, the following can be understood: the current key update mode is the supervisory mode. In the supervision mode, the generation of the master private key and the master public key is managed by a supervision authority.
If the target user is a supervised user, in the supervision mode, if the master public key is changed, the private keys of all users supervised by the supervision node are changed, and in order to simplify workload, the identity identification information of the target user is selected to be changed, and the master private key and the master public key of the supervision mechanism are kept unchanged.
As another alternative embodiment of the present application, referring to fig. 5, a flowchart of an embodiment 4 of an IBE key updating method based on a UTXO model provided by the present application is shown, where this embodiment is mainly an extension of the UTXO model based IBE key updating method described in the foregoing embodiment 1, and as shown in fig. 5, the method may include, but is not limited to, the following steps:
step S41, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S42, obtaining the identification information of the target user from the output information in the UTXO transaction information.
Step S43, if the target user is a non-supervised user, changing the master private key and the master public key of the target user, and updating the private key of the target user by using the identification information of the target user and the changed master private key and master public key.
The detailed procedures of steps S41-S43 can be referred to the related descriptions of steps S11-S13 in embodiment 1, and are not described herein again.
And step S44, taking the index pointing to the position of the output information in the UTXO transaction information in the block chain and the hash value of the UTXO transaction information as target input information.
Step S45, using the public parameter including the changed master public key and the identification information of the target user as target output information.
And step S46, issuing the target UTXO transaction information containing the target input information and the target output information to the block chain.
And issuing target UTXO transaction information containing the target input information and the target output information to the block chain so that the related information of the updated user key can be inquired in the block chain.
Of course, the target output information may also include: and the updated key use validity period of the target user.
The target UTXO transaction information may further include: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
As another optional embodiment of the present application, referring to fig. 6, a flowchart of an embodiment 5 of an IBE key updating method based on a UTXO model provided by the present application is shown, where this embodiment is mainly an extension of the UTXO model based IBE key updating method described in the foregoing embodiment 2, and as shown in fig. 6, the method may include, but is not limited to, the following steps:
step S51, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S52, obtaining the identification information of the target user from the output information in the UTXO transaction information.
Step S53, if the target user is a non-supervised user, changing the identification information of the target user, and updating the private key of the target user by using the master private key and the master public key of the target user and the changed identification information.
The detailed procedures of steps S51-S53 can be referred to the related descriptions of steps S21-S23 in embodiment 2, and are not described herein again.
And step S54, taking the index pointing to the position of the output information in the UTXO transaction information in the block chain and the hash value of the UTXO transaction information as target input information.
Step S55, using the public parameter including the master public key of the target user and the changed id information as target output information.
And step S56, issuing the target UTXO transaction information containing the target input information and the target output information to the block chain.
And issuing target UTXO transaction information containing the target input information and the target output information to the block chain so that the related information of the updated user key can be inquired in the block chain.
Of course, the target output information may also include: and the updated key use validity period of the target user.
The target UTXO transaction information may further include: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
As another alternative embodiment of the present application, referring to fig. 7, a flowchart of an embodiment 6 of an IBE key updating method based on a UTXO model provided by the present application is shown, where this embodiment is mainly an extension of the UTXO model based IBE key updating method described in the foregoing embodiment 1, and as shown in fig. 7, the method may include, but is not limited to, the following steps:
step S61, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S62, obtaining the identification information of the target user from the output information in the UTXO transaction information.
Step S63, if the target user is a non-supervised user, changing the master private key and the master public key of the target user, and updating the private key of the target user by using the identification information of the target user and the changed master private key and master public key.
The detailed procedures of steps S61-S63 can be found in the related descriptions of steps S11-S13 in embodiment 1, and are not repeated herein.
Step S64, when the key of the target user needs to be logged off, setting the output information in the UTXO transaction information that is updated for the target user most recently to be null, and issuing the UTXO transaction information whose output information is set to be null to the block chain.
And setting output information in the UTXO transaction information which is updated aiming at the target user newly as null, and issuing the UTXO transaction information of which the output information is set as null to the block chain, so that the information related to the key of the target user cannot be inquired in the block chain, and the aim of logout is fulfilled.
As another alternative embodiment of the present application, referring to fig. 8, a flowchart of an embodiment 7 of an IBE key updating method based on a UTXO model provided by the present application is shown, where this embodiment is mainly an extension of the UTXO model based IBE key updating method described in the foregoing embodiment 2, and as shown in fig. 8, the method may include, but is not limited to, the following steps:
step S71, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S72, obtaining the identification information of the target user from the output information in the UTXO transaction information.
Step S73, if the target user is a non-supervised user, changing the identification information of the target user, and updating the private key of the target user by using the master private key and the master public key of the target user and the changed identification information.
The detailed procedures of steps S71-S73 can be referred to the related descriptions of steps S21-S23 in embodiment 2, and are not described herein again.
Step S74, when the key of the target user needs to be logged off, setting the output information in the UTXO transaction information that is updated for the target user most recently to be null, and issuing the UTXO transaction information whose output information is set to be null to the block chain.
The detailed process of step S74 can be referred to the related description of step S64 in embodiment 6, and is not repeated here.
Next, the UTXO model based IBE key updating apparatus provided in the present application will be described, and the UTXO model based IBE key updating apparatus described below and the UTXO model based IBE key updating method described above may be referred to in correspondence.
Referring to fig. 9, the UTXO model-based IBE key updating apparatus includes: a first obtaining module 11, a second obtaining module 12 and a first updating module 13.
A first obtaining module 11, configured to obtain, from a block chain, UTXO transaction information that is updated latest for a target user when a key of the target user needs to be updated;
a second obtaining module 12, configured to obtain the identification information of the target user from the output information in the UTXO transaction information;
and a first updating module 13, configured to change the master private key and the master public key of the target user if the target user is an unsupervised user, and update the private key of the target user by using the identity information of the target user and the changed master private key and master public key.
In this embodiment, another UTXO model-based IBE key updating apparatus is introduced, and referring to fig. 10, the UTXO model-based IBE key updating apparatus includes: a first obtaining module 11, a second obtaining module 12 and a second updating module 14.
A first obtaining module 11, configured to obtain, from a block chain, UTXO transaction information that is updated latest for a target user when a key of the target user needs to be updated;
a second obtaining module 12, configured to obtain the identification information of the target user from the output information in the UTXO transaction information;
and a second updating module 14, configured to change the identity information of the target user if the target user is an unsupervised user, and update the private key of the target user by using the master private key and the master public key of the target user and the changed identity information.
In this embodiment, the IBE key updating apparatus based on the UTXO model may further include:
and the third updating module is used for changing the identity identification information of the target user if the target user is a supervised user, and updating the private key of the target user by using the master private key and the master public key of the supervision mechanism and the changed identity identification information.
In this embodiment, the IBE key updating apparatus based on the UTXO model may further include:
a first determining module, configured to use an index pointing to a position of output information in the UTXO transaction information in the block chain and a hash value of the UTXO transaction information as target input information;
a second determining module, configured to use the public parameter including the changed master public key and the identity information of the target user as target output information; or, the public parameter containing the main public key of the target user and the changed identity information are used as target output information;
a first publishing module for publishing target UTXO transaction information including the target input information and the target output information into the block chain.
In this embodiment, the target output information may further include: the updated key use validity period of the target user;
the target UTXO transaction information may further include: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
In this embodiment, the IBE key updating apparatus based on the UTXO model may further include:
and the second issuing module is used for setting output information in the UTXO transaction information which is updated aiming at the target user newly to be null under the condition that the key of the target user needs to be cancelled, and issuing the UTXO transaction information of which the output information is set to be null to the block chain.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
The foregoing introduces details of an IBE key updating method and apparatus based on the UTXO model, and specific examples are applied herein to illustrate the principles and embodiments of the present application, and the descriptions of the foregoing embodiments are only used to help understand the method and core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (6)

1. An IBE key updating method based on a UTXO model is characterized by comprising the following steps:
under the condition that a key of a target user needs to be updated, acquiring UTXO transaction information which is updated latest for the target user from a block chain;
acquiring the identity identification information of the target user from the output information in the UTXO transaction information;
if the target user is a non-supervised user, changing the main private key and the main public key of the target user, and updating the private key of the target user by using the identity information of the target user and the changed main private key and the changed main public key;
or if the target user is a non-supervised user, changing the identity identification information of the target user, and updating the private key of the target user by using the main private key and the main public key of the target user and the changed identity identification information;
taking an index pointing to the position of the output information in the UTXO transaction information in the block chain and the hash value of the UTXO transaction information as target input information;
taking the public parameter containing the changed main public key, the identity information of the target user and the updated key use validity period of the target user as target output information; or, the public parameter containing the main public key of the target user, the changed identity information and the updated key use validity period of the target user are used as target output information;
and issuing target UTXO transaction information containing the target input information, the target output information and the identity information of a transaction issuer and/or information for signing the target input information and the target output information by using the private key of the target user before updating into the block chain.
2. The method of claim 1, further comprising:
and if the target user is a supervised user, changing the identity identification information of the target user, and updating the private key of the target user by using the main private key and the main public key of the supervision mechanism and the changed identity identification information.
3. The method of claim 1, further comprising:
and under the condition that the key of the target user needs to be logged off, setting output information in the UTXO transaction information which is updated for the target user newly to be null, and issuing the UTXO transaction information of which the output information is set to be null to the block chain.
4. An IBE key updating apparatus based on a UTXO model, comprising:
the system comprises a first acquisition module, a first updating module and a second acquisition module, wherein the first acquisition module is used for acquiring the UTXO transaction information which is updated latest aiming at a target user from a block chain under the condition that a key of the target user needs to be updated;
the second acquisition module is used for acquiring the identification information of the target user from the output information in the UTXO transaction information;
the first updating module is used for changing the main private key and the main public key of the target user if the target user is a non-supervised user, and updating the private key of the target user by using the identity information of the target user and the changed main private key and main public key;
or, the second updating module is configured to, if the target user is an unsupervised user, change the identification information of the target user, and update the private key of the target user by using the master private key and the master public key of the target user and the changed identification information;
a first determining module, configured to use an index pointing to a position of output information in the UTXO transaction information in the block chain and a hash value of the UTXO transaction information as target input information;
a second determining module, configured to use the public parameter including the changed master public key, the identification information of the target user, and the updated key usage validity period of the target user as target output information; or, the public parameter containing the main public key of the target user, the changed identity information and the updated key use validity period of the target user are used as target output information;
the first issuing module is used for issuing target UTXO transaction information containing the target input information, the target output information and the identity information of a transaction issuer and/or information for signing the target input information and the target output information by using a private key of the target user before updating into the block chain.
5. The apparatus of claim 4, further comprising:
and the third updating module is used for changing the identity identification information of the target user if the target user is a supervised user, and updating the private key of the target user by using the master private key and the master public key of the supervision mechanism and the changed identity identification information.
6. The apparatus of claim 4, further comprising:
and the second issuing module is used for setting output information in the UTXO transaction information which is updated aiming at the target user newly to be null under the condition that the key of the target user needs to be cancelled, and issuing the UTXO transaction information of which the output information is set to be null to the block chain.
CN201910661438.7A 2019-07-22 2019-07-22 UTXO model-based IBE key updating method and device Active CN110289962B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910661438.7A CN110289962B (en) 2019-07-22 2019-07-22 UTXO model-based IBE key updating method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910661438.7A CN110289962B (en) 2019-07-22 2019-07-22 UTXO model-based IBE key updating method and device

Publications (2)

Publication Number Publication Date
CN110289962A CN110289962A (en) 2019-09-27
CN110289962B true CN110289962B (en) 2020-06-30

Family

ID=68023727

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910661438.7A Active CN110289962B (en) 2019-07-22 2019-07-22 UTXO model-based IBE key updating method and device

Country Status (1)

Country Link
CN (1) CN110289962B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111586049A (en) * 2020-05-08 2020-08-25 国网电子商务有限公司 Lightweight key authentication method and device for mobile internet
CN112037056B (en) * 2020-08-20 2024-04-09 深圳大学 Transaction processing method, device, equipment and storage medium
CN113570370B (en) * 2021-07-29 2023-10-20 成都质数斯达克科技有限公司 UTXO-based blockchain transaction supervision method and device and readable storage medium
CN113592650B (en) * 2021-07-29 2023-10-24 成都质数斯达克科技有限公司 Transaction method, device and equipment based on blockchain intelligent contract

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326853A (en) * 2012-03-22 2013-09-25 中兴通讯股份有限公司 Method and device for upgrading secret key
CN105701372A (en) * 2015-12-18 2016-06-22 布比(北京)网络技术有限公司 Block chain identity construction and verification method
CN108551392A (en) * 2018-04-13 2018-09-18 武汉大学 A kind of Proxy Signature generation method and system based on SM9 digital signature
CN108564692A (en) * 2018-04-10 2018-09-21 周伟 A kind of unlock verification method and system for unlocking based on block chain
CN109829720A (en) * 2019-01-31 2019-05-31 中国—东盟信息港股份有限公司 A kind of identity real name authentication method based on block chain transaction data

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109962777A (en) * 2017-12-26 2019-07-02 航天信息股份有限公司 The key in block catenary system is permitted to generate, obtain the method and apparatus of key
CN109327309A (en) * 2018-11-08 2019-02-12 北京中电华大电子设计有限责任公司 A kind of domain traversal key management method based on IBC Yu PKI mixed system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326853A (en) * 2012-03-22 2013-09-25 中兴通讯股份有限公司 Method and device for upgrading secret key
CN105701372A (en) * 2015-12-18 2016-06-22 布比(北京)网络技术有限公司 Block chain identity construction and verification method
CN108564692A (en) * 2018-04-10 2018-09-21 周伟 A kind of unlock verification method and system for unlocking based on block chain
CN108551392A (en) * 2018-04-13 2018-09-18 武汉大学 A kind of Proxy Signature generation method and system based on SM9 digital signature
CN109829720A (en) * 2019-01-31 2019-05-31 中国—东盟信息港股份有限公司 A kind of identity real name authentication method based on block chain transaction data

Also Published As

Publication number Publication date
CN110289962A (en) 2019-09-27

Similar Documents

Publication Publication Date Title
CN110289962B (en) UTXO model-based IBE key updating method and device
US20200145223A1 (en) System and method for blockchain-based notification
US10965472B2 (en) Secure bootstrap for a blockchain network
CN111291060B (en) Method, device and computer readable medium for managing blockchain nodes
Khovratovich et al. Sovrin: digital identities in the blockchain era
CN110166254B (en) Method and device for realizing identity-based key management by using intelligent contract
US6865674B1 (en) Dynamic trust anchor system and method
CN112187712B (en) Anonymous authentication method and system for trust in de-center mobile crowdsourcing
US20220138730A1 (en) Time-bounded activity chains with multiple authenticated agent participation bound by distributed single-source-of-truth networks that can enforce automated value transfer
CN114465817B (en) Digital certificate system and method based on TEE predictor clusters and blockchain
CN112152778B (en) Node management method and device and electronic equipment
CN112527912A (en) Data processing method and device based on block chain network and computer equipment
CN111586049A (en) Lightweight key authentication method and device for mobile internet
KR102118935B1 (en) Method and server for managing user identity using blockchain network, and method and terminal for verifying user using user identity based on blockchain network
CN113474804A (en) Transaction and account verification method, device and storage medium of digital currency
Riad et al. A blockchain‐based key‐revocation access control for open banking
JP6685968B2 (en) Data management system, data management method, and data management program
CN110493008B (en) Block chain authentication method, device, equipment and medium
CN112737793B (en) Method and device for updating block chain domain name configuration
KR20200083178A (en) Method and server for managing user identity using blockchain network, and method and terminal for verifying user using user identity based on blockchain network
CN112163917B (en) Bill processing method and device based on blockchain, medium and electronic equipment
KR20200130191A (en) Method and server for managing user identity using blockchain network, and method and terminal for verifying user using user identity based on blockchain network
CN112465504A (en) Block chain based order settlement method, system and storage medium
KR20200110121A (en) Method and server for managing user identity using blockchain network, and method and terminal for verifying user using user identity based on blockchain network
KR20200062099A (en) Method for sso service through blockchain, and terminal and server using the same

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address
CP03 Change of name, title or address

Address after: 100032 room 8018, 8 / F, building 7, Guangyi street, Xicheng District, Beijing

Patentee after: State Grid Digital Technology Holdings Co.,Ltd.

Patentee after: Guowang Xiongan Finance Technology Group Co.,Ltd.

Patentee after: STATE GRID CORPORATION OF CHINA

Address before: 100053 8th floor, Xianglong business building, 311 guanganmennei street, Xicheng District, Beijing

Patentee before: STATE GRID ELECTRONIC COMMERCE Co.,Ltd.

Patentee before: Guowang Xiongan Finance Technology Group Co.,Ltd.

Patentee before: STATE GRID CORPORATION OF CHINA