Disclosure of Invention
In order to solve the foregoing technical problems, embodiments of the present application provide an IBE key updating method and apparatus based on a UTXO model, so as to achieve the purpose of updating a key of a target user, and the technical solution is as follows:
an IBE key updating method based on a UTXO model comprises the following steps:
under the condition that a key of a target user needs to be updated, acquiring UTXO transaction information which is updated latest for the target user from a block chain;
acquiring the identity identification information of the target user from the output information in the UTXO transaction information;
if the target user is a non-supervised user, changing the main private key and the main public key of the target user, and updating the private key of the target user by using the identity information of the target user and the changed main private key and the changed main public key;
or if the target user is a non-supervised user, changing the identity identification information of the target user, and updating the private key of the target user by using the master public key of the target user and the changed identity identification information.
Preferably, the method further comprises:
and if the target user is a supervised user, changing the identity identification information of the target user, and updating the private key of the target user by using the main private key and the main public key of the supervision mechanism and the changed identity identification information.
Preferably, the method further comprises:
taking an index pointing to the position of the output information in the UTXO transaction information in the block chain and the hash value of the UTXO transaction information as target input information;
taking the public parameters containing the changed main public key and the identity identification information of the target user as target output information; or, the public parameter containing the main public key of the target user and the changed identity information are used as target output information;
and issuing target UTXO transaction information comprising the target input information and the target output information into the block chain.
Preferably, the target output information further includes: the updated key use validity period of the target user;
the target UTXO transaction information further includes: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
Preferably, the method further comprises:
and under the condition that the key of the target user needs to be logged off, setting output information in the UTXO transaction information which is updated for the target user newly to be null, and issuing the UTXO transaction information of which the output information is set to be null to the block chain.
An IBE key updating apparatus based on a UTXO model, comprising:
the system comprises a first acquisition module, a first updating module and a second acquisition module, wherein the first acquisition module is used for acquiring the UTXO transaction information which is updated latest aiming at a target user from a block chain under the condition that a key of the target user needs to be updated;
the second acquisition module is used for acquiring the identification information of the target user from the output information in the UTXO transaction information;
the first updating module is used for changing the main private key and the main public key of the target user if the target user is a non-supervised user, and updating the private key of the target user by using the identity information of the target user and the changed main private key and main public key;
or, the second updating module is configured to, if the target user is an unsupervised user, change the identification information of the target user, and update the private key of the target user by using the master private key and the master public key of the target user and the changed identification information.
Preferably, the apparatus further comprises:
and the third updating module is used for changing the identity identification information of the target user if the target user is a supervised user, and updating the private key of the target user by using the master private key and the master public key of the supervision mechanism and the changed identity identification information.
Preferably, the apparatus further comprises:
a first determining module, configured to use an index pointing to a position of output information in the UTXO transaction information in the block chain and a hash value of the UTXO transaction information as target input information;
a second determining module, configured to use the public parameter including the changed master public key and the identity information of the target user as target output information; or, the public parameter containing the main public key of the target user and the changed identity information are used as target output information;
a first publishing module for publishing target UTXO transaction information including the target input information and the target output information into the block chain.
Preferably, the target output information further includes: the updated key use validity period of the target user;
the target UTXO transaction information further includes: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
Preferably, the apparatus further comprises:
and the second issuing module is used for setting output information in the UTXO transaction information which is updated aiming at the target user newly to be null under the condition that the key of the target user needs to be cancelled, and issuing the UTXO transaction information of which the output information is set to be null to the block chain.
Compared with the prior art, the beneficial effect of this application is:
in the application, under the condition that the key of the target user needs to be updated, if the target user is an unsupervised user, the identity information of the target user is obtained from the output information in the UTXO transaction information, the master private key and the master public key of the target user are changed, and the private key of the target user is updated by using the identity information of the target user and the changed master private key and master public key, or the identity information of the target user is changed, and the private key of the target user is updated by using the master private key and the master public key of the target user and the changed identity information, so that the key of the target user is updated.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The embodiment of the application discloses an IBE key updating method based on a UTXO model, which comprises the following steps: under the condition that a key of a target user needs to be updated, acquiring UTXO transaction information which is updated latest for the target user from a block chain; if the target user is a non-supervised user, acquiring the identity identification information of the target user from the output information in the UTXO transaction information; changing the main private key and the main public key of the target user, and updating the private key of the target user by using the identity information of the target user and the changed main private key and the changed main public key; or changing the identity identification information of the target user, and updating the private key of the target user by using the main private key and the main public key of the target user and the changed identity information. In the application, the key of the target user can be updated.
As shown in fig. 1, a flowchart of an embodiment 1 of an IBE key updating method based on a UTXO model provided by the present application includes the following steps:
step S11, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
In this embodiment, the structure of the block chain may refer to fig. 2, as shown in fig. 2, the block chain is composed of a plurality of full nodes and a supervisory node, and each of the full nodes and the supervisory node stores the same data, such as the public key of the user (i.e., the identity information of the user) and the master public key generated by the KGC. The supervision node has higher authority relative to the whole node, is responsible for registering the initial identity information of the user, and updates the key of the user in a supervision mode. And users (representatives or various Internet of things terminal devices) realize mutual identity authentication and network information interaction through the block chain network connected with all nodes.
Blockchains can be understood as: a public chain or a federation chain.
It should be noted that the private key of the user and the master private key generated by the KGC are kept by the user and are not stored in the block chain, so that the private key and the master private key are prevented from being leaked.
And registering the identity information of the user and storing the registered identity information into the block chain.
It can be understood that registering the identity information of the user realizes the initial authentication of the identity of the user.
In this embodiment, each secret key update of the user is stored as a transaction record in the blockchain. The structure of the redefined UTXO transaction information is shown in table 1 with reference to the UTXO transaction form of the bitcoin. Each UTXO transaction information has only one input and one output, and the input information may be understood as information related to the user key before updating and the output information may be information related to the user key after updating.
TABLE 1
As shown in table 1, the identity information of the transaction issuer can be understood as: information that can indicate the identity of the transaction issuer.
The index in the input is used for indicating the position where the index is output in the last UTXO transaction information, namely indicating the identity information and the public parameters (such as the main public key, the IBE-based password parameters and other information) before the user key is updated; the Hash value in the input is the result of Hash operation on the last UTXO transaction information so as to verify the integrity of the UTXO transaction information.
The output includes: and updating the corresponding identity information, the public parameter and the validity period after the user key is updated. The identity identification information consists of fixed identity identification information and variable identity identification information, the fixed identity identification information is an identity identification of user initial authentication, and the identity identification information is kept unchanged all the time in the subsequent updating process, so that the self-identity-identifying property of the identity identification can be improved. The public parameters mainly comprise a main public key, IBE-based password parameters and other information; the validity period represents a valid service life after the user key is updated, and may be one week, one month, one year, or the like.
The signature information indicates that the entire UTXO transaction information (i.e., input and output) is signed using the user key before update to ensure validity of the entire UTXO transaction information.
It should be noted that the identification information of the user is the public key of the user.
It is understood that the structure of the UTXO transaction information that is updated for the target user last may refer to the structure of the transaction information shown in table 1, and will not be described herein again.
The UTXO transaction information that is updated most recently for the target user may be understood as: UTXO transaction information newly published into the blockchain for the target user.
Of course, the validity period and signature information in table 1 are not required, and whether the validity period or signature information is included in the UTXO transaction information may be selected as desired.
And step S12, obtaining the identification information of the target user from the output information in the UTXO transaction information.
In this embodiment, the identification information of the target user is directly obtained from the output information in the UTXO transaction information, and the master public key of the target user is obtained from the public parameter in the output information.
The identification information of the target user comprises: fixed identification information and variable identification information.
In this embodiment, the user key updating modes are divided into two types: a supervised mode and an unsupervised mode. The supervision mode is that the supervision mechanism is used as KGC to generate a main public key and a main private key, the main public key and the main private key are used to generate a private key of a user, relevant encrypted information of the user is monitored, and the supervision mechanism is used as a UTXO transaction information publisher.
The non-supervision mode indicates that the supervision mechanism cannot acquire the private key, the related encryption information and the like of the user, the user is used as the KGC to generate the main public key and the main private key, and the private key of the user is generated by utilizing the main public key and the main private key.
Step S13, if the target user is a non-supervised user, changing the master private key and the master public key of the target user, and updating the private key of the target user by using the identification information of the target user and the changed master private key and master public key.
The target user is an unsupervised user, and can be understood as follows: the current key update mode is the unsupervised mode.
In this embodiment, the master private key and the master public key of the target user are changed, the identification information of the target user is not changed, and the private key of the target user is updated by changing the master private key and the master public key of the target user. When the private key of the target user is updated, the identity self-identity of the target user can be improved,
in the application, under the condition that the key of the target user needs to be updated, if the target user is an unsupervised user, the identity information of the target user and the main private key and the main public key of the target user are obtained from the output information in the UTXO transaction information, the main private key and the main public key of the target user are changed, the private key of the target user is updated by using the identity information of the target user and the changed main private key and main public key, and the key of the target user is updated.
Moreover, the block chain is utilized to realize the inquiring, traceable and non-falsification of the key updating process, and the method has higher practical value.
As shown in fig. 3, a flowchart of an embodiment 2 of an IBE key updating method based on a UTXO model provided by the present application includes the following steps:
step S21, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S22, obtaining the identification information of the target user from the output information in the UTXO transaction information.
The detailed procedures of steps S21-S22 can be referred to the related descriptions of steps S11-S12 in embodiment 1, and are not described herein again.
Step S23, if the target user is a non-supervised user, changing the identification information of the target user, and updating the private key of the target user by using the master private key and the master public key of the target user and the changed identification information.
In this embodiment, the identification information of the target user is changed, the master private key and the master public key of the target user are kept unchanged, and the private key of the target user is updated by using the master private key and the master public key of the target user and the changed identification information.
Certainly, when the target user is an unsupervised user and the private key of the target user is leaked, it is indicated that the identification information of the target user may be leaked, and therefore the identification information of the target user needs to be changed. Therefore, the identity identification information of the target user is also changed, and the private key of the target user is updated by using the main private key and the main public key of the target user and the changed identity information.
In the application, under the condition that the key of the target user needs to be updated, if the target user is an unsupervised user, the identity identification information of the target user, the main private key and the main public key of the target user are obtained from the output information in the UTXO transaction information, the identity identification information of the target user is changed, the private key of the target user is updated by using the main private key and the main public key of the target user and the changed identity identification information, and the key of the target user is updated, so that the key of the target user is updated.
As shown in fig. 4, a flowchart of embodiment 3 of an IBE key updating method based on a UTXO model provided by the present application includes the following steps:
step S31, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S32, obtaining the identification information of the target user from the output information in the UTXO transaction information.
The detailed procedures of steps S31-S32 can be referred to the related descriptions of steps S11-S12 in embodiment 1, and are not described herein again.
Step S33, if the target user is a supervised user, changing the identification information of the target user, and updating the private key of the target user by using the master private key and the master public key of the supervising authority and the changed identification information.
If the target user is a supervised user, the following can be understood: the current key update mode is the supervisory mode. In the supervision mode, the generation of the master private key and the master public key is managed by a supervision authority.
If the target user is a supervised user, in the supervision mode, if the master public key is changed, the private keys of all users supervised by the supervision node are changed, and in order to simplify workload, the identity identification information of the target user is selected to be changed, and the master private key and the master public key of the supervision mechanism are kept unchanged.
As another alternative embodiment of the present application, referring to fig. 5, a flowchart of an embodiment 4 of an IBE key updating method based on a UTXO model provided by the present application is shown, where this embodiment is mainly an extension of the UTXO model based IBE key updating method described in the foregoing embodiment 1, and as shown in fig. 5, the method may include, but is not limited to, the following steps:
step S41, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S42, obtaining the identification information of the target user from the output information in the UTXO transaction information.
Step S43, if the target user is a non-supervised user, changing the master private key and the master public key of the target user, and updating the private key of the target user by using the identification information of the target user and the changed master private key and master public key.
The detailed procedures of steps S41-S43 can be referred to the related descriptions of steps S11-S13 in embodiment 1, and are not described herein again.
And step S44, taking the index pointing to the position of the output information in the UTXO transaction information in the block chain and the hash value of the UTXO transaction information as target input information.
Step S45, using the public parameter including the changed master public key and the identification information of the target user as target output information.
And step S46, issuing the target UTXO transaction information containing the target input information and the target output information to the block chain.
And issuing target UTXO transaction information containing the target input information and the target output information to the block chain so that the related information of the updated user key can be inquired in the block chain.
Of course, the target output information may also include: and the updated key use validity period of the target user.
The target UTXO transaction information may further include: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
As another optional embodiment of the present application, referring to fig. 6, a flowchart of an embodiment 5 of an IBE key updating method based on a UTXO model provided by the present application is shown, where this embodiment is mainly an extension of the UTXO model based IBE key updating method described in the foregoing embodiment 2, and as shown in fig. 6, the method may include, but is not limited to, the following steps:
step S51, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S52, obtaining the identification information of the target user from the output information in the UTXO transaction information.
Step S53, if the target user is a non-supervised user, changing the identification information of the target user, and updating the private key of the target user by using the master private key and the master public key of the target user and the changed identification information.
The detailed procedures of steps S51-S53 can be referred to the related descriptions of steps S21-S23 in embodiment 2, and are not described herein again.
And step S54, taking the index pointing to the position of the output information in the UTXO transaction information in the block chain and the hash value of the UTXO transaction information as target input information.
Step S55, using the public parameter including the master public key of the target user and the changed id information as target output information.
And step S56, issuing the target UTXO transaction information containing the target input information and the target output information to the block chain.
And issuing target UTXO transaction information containing the target input information and the target output information to the block chain so that the related information of the updated user key can be inquired in the block chain.
Of course, the target output information may also include: and the updated key use validity period of the target user.
The target UTXO transaction information may further include: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
As another alternative embodiment of the present application, referring to fig. 7, a flowchart of an embodiment 6 of an IBE key updating method based on a UTXO model provided by the present application is shown, where this embodiment is mainly an extension of the UTXO model based IBE key updating method described in the foregoing embodiment 1, and as shown in fig. 7, the method may include, but is not limited to, the following steps:
step S61, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S62, obtaining the identification information of the target user from the output information in the UTXO transaction information.
Step S63, if the target user is a non-supervised user, changing the master private key and the master public key of the target user, and updating the private key of the target user by using the identification information of the target user and the changed master private key and master public key.
The detailed procedures of steps S61-S63 can be found in the related descriptions of steps S11-S13 in embodiment 1, and are not repeated herein.
Step S64, when the key of the target user needs to be logged off, setting the output information in the UTXO transaction information that is updated for the target user most recently to be null, and issuing the UTXO transaction information whose output information is set to be null to the block chain.
And setting output information in the UTXO transaction information which is updated aiming at the target user newly as null, and issuing the UTXO transaction information of which the output information is set as null to the block chain, so that the information related to the key of the target user cannot be inquired in the block chain, and the aim of logout is fulfilled.
As another alternative embodiment of the present application, referring to fig. 8, a flowchart of an embodiment 7 of an IBE key updating method based on a UTXO model provided by the present application is shown, where this embodiment is mainly an extension of the UTXO model based IBE key updating method described in the foregoing embodiment 2, and as shown in fig. 8, the method may include, but is not limited to, the following steps:
step S71, when the key of the target user needs to be updated, the UTXO transaction information that is updated for the target user most recently is acquired from the block chain.
And step S72, obtaining the identification information of the target user from the output information in the UTXO transaction information.
Step S73, if the target user is a non-supervised user, changing the identification information of the target user, and updating the private key of the target user by using the master private key and the master public key of the target user and the changed identification information.
The detailed procedures of steps S71-S73 can be referred to the related descriptions of steps S21-S23 in embodiment 2, and are not described herein again.
Step S74, when the key of the target user needs to be logged off, setting the output information in the UTXO transaction information that is updated for the target user most recently to be null, and issuing the UTXO transaction information whose output information is set to be null to the block chain.
The detailed process of step S74 can be referred to the related description of step S64 in embodiment 6, and is not repeated here.
Next, the UTXO model based IBE key updating apparatus provided in the present application will be described, and the UTXO model based IBE key updating apparatus described below and the UTXO model based IBE key updating method described above may be referred to in correspondence.
Referring to fig. 9, the UTXO model-based IBE key updating apparatus includes: a first obtaining module 11, a second obtaining module 12 and a first updating module 13.
A first obtaining module 11, configured to obtain, from a block chain, UTXO transaction information that is updated latest for a target user when a key of the target user needs to be updated;
a second obtaining module 12, configured to obtain the identification information of the target user from the output information in the UTXO transaction information;
and a first updating module 13, configured to change the master private key and the master public key of the target user if the target user is an unsupervised user, and update the private key of the target user by using the identity information of the target user and the changed master private key and master public key.
In this embodiment, another UTXO model-based IBE key updating apparatus is introduced, and referring to fig. 10, the UTXO model-based IBE key updating apparatus includes: a first obtaining module 11, a second obtaining module 12 and a second updating module 14.
A first obtaining module 11, configured to obtain, from a block chain, UTXO transaction information that is updated latest for a target user when a key of the target user needs to be updated;
a second obtaining module 12, configured to obtain the identification information of the target user from the output information in the UTXO transaction information;
and a second updating module 14, configured to change the identity information of the target user if the target user is an unsupervised user, and update the private key of the target user by using the master private key and the master public key of the target user and the changed identity information.
In this embodiment, the IBE key updating apparatus based on the UTXO model may further include:
and the third updating module is used for changing the identity identification information of the target user if the target user is a supervised user, and updating the private key of the target user by using the master private key and the master public key of the supervision mechanism and the changed identity identification information.
In this embodiment, the IBE key updating apparatus based on the UTXO model may further include:
a first determining module, configured to use an index pointing to a position of output information in the UTXO transaction information in the block chain and a hash value of the UTXO transaction information as target input information;
a second determining module, configured to use the public parameter including the changed master public key and the identity information of the target user as target output information; or, the public parameter containing the main public key of the target user and the changed identity information are used as target output information;
a first publishing module for publishing target UTXO transaction information including the target input information and the target output information into the block chain.
In this embodiment, the target output information may further include: the updated key use validity period of the target user;
the target UTXO transaction information may further include: identity information of a transaction issuer and/or information for signing the target input information and the target output information using the private key of the target user before updating.
In this embodiment, the IBE key updating apparatus based on the UTXO model may further include:
and the second issuing module is used for setting output information in the UTXO transaction information which is updated aiming at the target user newly to be null under the condition that the key of the target user needs to be cancelled, and issuing the UTXO transaction information of which the output information is set to be null to the block chain.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
From the above description of the embodiments, it is clear to those skilled in the art that the present application can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present application may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments of the present application.
The foregoing introduces details of an IBE key updating method and apparatus based on the UTXO model, and specific examples are applied herein to illustrate the principles and embodiments of the present application, and the descriptions of the foregoing embodiments are only used to help understand the method and core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.