Summary of the invention
The main purpose of the present invention is to provide a kind of zero-knowledge proof methods of personal information, system and computer-readable
Storage medium, it is intended to solve the technical issues of existing personal information verifying causes privacy information to be exposed.
To achieve the above object, the application provides a kind of zero-knowledge proof method of personal information, comprising steps of
The personal information to be verified of at least one of third-party authentication server reception user terminal transmission, information to be verified are recognized
The authoritative institution ID and Merkel's verification information of card, wherein Merkel's verification information includes removing the personal information to be verified
The cryptographic Hash of at least one other node outside corresponding Merkel's node is corresponding including removing the personal information to be verified
The cryptographic Hash of at least one other node outside Merkel's node and corresponding affiliated layer;
The third-party authentication server obtains information to be verified according to the authoritative institution ID of the authentification of message to be verified
The corresponding hash algorithm of authoritative institution ID of certification and orderly Merkel tree building rule;
The third-party authentication server according to the hash algorithm, orderly Merkel tree building rule, it is described extremely
A few personal information to be verified, Merkel's verification information calculate, and obtain Merkel's root to be verified, and will be to
Merkel's root of verifying and the authoritative institution ID of authentification of message to be verified are sent to block platform chain;
The block platform chain is according to the power of the Merkel's root and authentification of message to be verified to be verified that receive
Prestige mechanism ID, obtain authentification of message to be verified authoritative institution ID it is corresponding at least one with Merkel's root to be verified
Identical Merkel's root, and each Merkel's root, corresponding digital signature and corresponding storage time of acquisition are sent out
It send to the third-party authentication server;
The third-party authentication server receives each Merkel's root, the corresponding number that the block platform chain is sent
Word signature and corresponding storage time, and according to the authoritative institution ID of authentification of message to be verified, each Merkel received
Root, corresponding digital signature and corresponding storage time, each personal information to be verified sent to user terminal are verified.
Optionally, Merkel's verification information further includes at least one non-personal information to be verified;
The third-party authentication server is according to the hash algorithm, the orderly Merkel tree building rule, institute
It states at least one personal information to be verified and Merkel's verification information calculates, obtain Merkel's root to be verified
Step includes:
The third-party authentication server according to the hash algorithm, orderly Merkel tree building rule, it is described extremely
Few personal information, at least one non-personal information to be verified and Merkel's verification information to be verified are counted
It calculates, obtains Merkel's root to be verified, wherein Merkel's verification information includes at least one non-personal letter to be verified
It ceases with the cryptographic Hash of at least one other node in addition to the corresponding Merkel's node of the personal information to be verified or including extremely
It is a few non-personal information to be verified, at least one other in addition to the corresponding Merkel's node of the personal information to be verified
The cryptographic Hash of node and corresponding affiliated layer.
Optionally, the third-party authentication server according to the authoritative institution ID of authentification of message to be verified, receive
Each Merkel's root, corresponding digital signature and corresponding storage time, user terminal is sent each to be verified
The step of people's information is verified include:
The third-party authentication server is according to the corresponding storage time of each Merkel's root, from each Merkel
The Merkel's root for selecting storage time nearest in root;
The third-party authentication server obtains the letter to be verified according to the authoritative institution ID in the information to be verified
First public key of the corresponding authoritative institution of Xi Zhong authoritative institution ID, and it is nearest to the storage time of selection using first public key
The corresponding digital signature of Merkel's root verify;
If being verified, each personal information to be verified that the third-party authentication server determines that user terminal is sent is true
It is real;
If verifying does not pass through, the third-party authentication server determines each personal information to be verified of user terminal transmission not
Really.
Optionally, the block platform chain is recognized according to the Merkel's root to be verified received and information to be verified
The authoritative institution ID of card, obtain authentification of message to be verified authoritative institution ID it is corresponding at least one with the Merck to be verified
The identical Merkel's root of your root, and by each Merkel's root, corresponding digital signature and the corresponding storage of acquisition
Time was sent to before the step of third-party authentication server
Authoritative institution's server receives at least two personal information that user terminal is sent, and according to receiving user terminal
Send at least two personal information, create a file number and the file number it is corresponding include user terminal send at least
The news file of two personal information;
Authoritative institution's server is regular and described using preset hash algorithm, preset orderly Merkel tree building
Each personal information in news file, constructs the corresponding first Merkel tree of the file number, and by authoritative institution ID, the shelves
Reference Number and the news file are sent to the user terminal;
Authoritative institution's server is signed according to Merkel's root of first private key to the first Merkel tree, is generated
Corresponding first digital signature of Merkel's root of the first Merkel tree;
Authoritative institution's server will include Merkel's root of the first Merkel tree, the first Merkel tree
Corresponding first digital signature of Merkel's root and the information of authoritative institution ID store to the block platform chain.
Optionally, authoritative institution server by include the first Merkel tree Merkel's root, described
Corresponding first digital signature of Merkel's root of first Merkel tree and the information of authoritative institution ID are stored to the block chain
The step of platform includes:
Intelligent contract on block platform chain described in authoritative institution's server calls, creation one includes described first
Merkel's root of Merkel tree, corresponding first digital signature of Merkel's root of the first Merkel tree and authoritative institution
The first transaction record of ID;
Authoritative institution's server stores first transaction record to the block platform chain.
Optionally, authoritative institution server by include the first Merkel tree Merkel's root, described
Corresponding first digital signature of Merkel's root of first Merkel tree and the information of authoritative institution ID are stored to the block chain
After platform further include:
Authoritative institution's server receives the update request that user terminal is sent, wherein update request includes archives
Number and at least one personal information;
Authoritative institution's server is according to the corresponding news file of file number updated in request and updates in request
At least one personal information generates the corresponding new information archives of file number updated in request;
Authoritative institution's server is regular and described using preset hash algorithm, preset orderly Merkel tree building
Each personal information in new information archives, building update the corresponding second Merkel tree of file number in request, and by authoritative machine
Structure ID, the file number in update request and the new information archives are sent to the user terminal;
Authoritative institution's server is signed using Merkel's root of first private key to the second Merkel tree, generates second
Digital signature;
The authoritative institution will include Merkel's root of the second Merkel tree, the second digital signature and authoritative institution ID
Information is stored to the block platform chain.
Optionally, authoritative institution server is using the first private key to Merkel's root label of the second Merkel tree
Before the step of name, the second digital signature of generation further include:
Authoritative institution's server is using the second private key to the corresponding first Merkel tree of file number in update request
Merkel's root is signed, and third digital signature, and Merkel's root, the third number that will include the first Merkel tree are generated
The information of signature and authoritative institution ID are stored to the block platform chain.
Optionally, the authoritative institution will include Merkel's root of the second Merkel tree, the second digital signature and
The information of authoritative institution ID was stored to the step of block platform chain
Intelligent contract on block platform chain described in authoritative institution's server calls, creation one includes described second
Second transaction record of Merkel's root of Merkel tree, second digital signature and authoritative institution ID;
Authoritative institution's server sends second transaction record and stores to the block platform chain.
In addition, to achieve the above object, the present invention also provides a kind of zero-knowledge proof system of personal information, the systems
Include:
Third-party authentication server, for receiving at least one personal information to be verified, to be verified of user terminal transmission
The authoritative institution ID and Merkel's verification information of authentification of message, wherein Merkel's verification information includes except described to be verified
The cryptographic Hash of at least one other node outside the corresponding Merkel's node of people's information or including remove the personal information to be verified
The cryptographic Hash of at least one other node outside corresponding Merkel's node and corresponding affiliated layer;
The third-party authentication server, is also used to the authoritative institution ID according to the authentification of message to be verified, obtain to
The corresponding hash algorithm of authoritative institution ID and orderly Merkel tree building rule of verification information certification, and calculated according to the Hash
Method, orderly Merkel tree building rule, at least one personal information to be verified and Merkel's verification information into
Row calculates, and obtains Merkel's root to be verified, and by the authoritative machine of Merkel's root and authentification of message to be verified to be verified
Structure ID is sent to block platform chain;
Block platform chain, for the power according to the Merkel's root and authentification of message to be verified to be verified received
Prestige mechanism ID, obtain authentification of message to be verified authoritative institution ID it is corresponding at least one with Merkel's root to be verified
Identical Merkel's root, and each Merkel's root, corresponding digital signature and corresponding storage time of acquisition are sent out
It send to the third-party authentication server;
The third-party authentication server, be also used to receive each Merkel's root that the block platform chain sends,
Corresponding digital signature and corresponding storage time, and according to the authoritative institution ID of authentification of message to be verified, receive described in
Each Merkel's root, corresponding digital signature and corresponding storage time, each personal information to be verified that user terminal is sent
It is verified.
In addition, to achieve the above object, it is described computer-readable the present invention also provides a kind of computer readable storage medium
Computer program is stored on storage medium, the computer program realizes personal information as described above when being executed by processor
Zero-knowledge proof method the step of.
Zero-knowledge proof method, system and the computer-readable storage medium for a kind of personal information that the embodiment of the present invention proposes
Matter receives at least one personal information to be verified, information to be verified that user terminal is sent by third-party authentication server and recognizes
The authoritative institution ID and Merkel's verification information of card, wherein Merkel's verification information includes removing the personal information to be verified
The cryptographic Hash of at least one other node outside corresponding Merkel's node is corresponding including removing the personal information to be verified
The cryptographic Hash of at least one other node outside Merkel's node and corresponding affiliated layer;The third-party authentication server according to
The authoritative institution ID of the authentification of message to be verified, obtain authentification of message to be verified the corresponding hash algorithm of authoritative institution ID and
Orderly Merkel tree building rule;The third-party authentication server is according to the hash algorithm, the orderly Merkel tree structure
It builds rule, at least one personal information to be verified, Merkel's verification information to calculate, obtains Merck to be verified
That root, and the authoritative institution ID of Merkel's root and authentification of message to be verified to be verified is sent to block platform chain;Institute
Block platform chain is stated according to the authoritative institution ID of the Merkel's root and authentification of message to be verified to be verified that receive, is obtained
Take at least one corresponding Merck identical with Merkel's root to be verified of the authoritative institution ID of authentification of message to be verified
Your root, and each Merkel's root, corresponding digital signature and the corresponding storage time of acquisition are sent to described the
Tripartite's authentication server;The third-party authentication server receive each Merkel's root that the block platform chain sends,
Corresponding digital signature and corresponding storage time, and according to the authoritative institution ID of authentification of message to be verified, receive described in
Each Merkel's root, corresponding digital signature and corresponding storage time, each personal information to be verified that user terminal is sent
It is verified.Other institutes including privacy information are provided to during needing to verify certain personal information, not need user
There is personal information, it is only necessary to which selection provides personal information to be verified and carries out to the third-party institution.
Specific embodiment
It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.
Fig. 1 is please referred to, Fig. 1 is third-party authentication server, user terminal, power provided in each embodiment of the present invention
The hardware structural diagram of prestige authority server or block platform chain, the third-party authentication server, user terminal, Quan Weiji
Structure server or block platform chain include the components such as communication module 10, memory 20 and processor 30.Those skilled in the art can
To understand, third-party authentication server, user terminal, authoritative institution's server or block platform chain shown in Fig. 1 may be used also
To include perhaps combining certain components or different component layouts than illustrating more or fewer components.Wherein, the place
Reason device 30 is connect with the memory 20 and the communication module 10 respectively, is stored with computer program on the memory 20,
The computer program is executed by processor 30 simultaneously.
Communication module 10 can be connect by network with external equipment.Communication module 10 can receive external equipment sending
Data, also transmittable data, instruction and information to the external equipment.The external equipment can be user terminal, third party
Authentication server, user terminal, authoritative institution's server or block platform chain.
Memory 20 can be used for storing software program and various data.Memory 20 can mainly include storing program area
The storage data area and, wherein storing program area can application program needed for storage program area, at least one function (based on using
Family information architecture Merkel tree) etc.;Storage data area can be stored according to third-party authentication server, user terminal, authoritative institution
Server or block platform chain use created data or information etc..In addition, memory 20 may include that high speed is deposited at random
Access to memory, can also include nonvolatile memory, a for example, at least disk memory, flush memory device or other easily
The property lost solid-state memory.
Processor 30 is the control of third-party authentication server, user terminal, authoritative institution's server or block platform chain
Center utilizes various interfaces and the entire third-party authentication server of connection, user terminal, authoritative institution's server or block
The various pieces of platform chain by running or execute the software program and/or module that are stored in memory 20, and are called and are deposited
The data in memory 20 are stored up, third-party authentication server, user terminal, authoritative institution's server or block platform chain are executed
Various functions and processing data, thus flat to third-party authentication server, user terminal, authoritative institution's server or block chain
Platform carries out integral monitoring.Processor 30 may include one or more processing units;Preferably, processor 30 can be integrated using processing
Device and modem processor, wherein the main processing operation system of application processor, user interface and application program etc., modulation
Demodulation processor mainly handles wireless communication.It is understood that above-mentioned modem processor can not also be integrated into processing
In device 30.
Although Fig. 1 is not shown, above-mentioned third-party authentication server, user terminal, authoritative institution's server or block chain
Platform can also include circuit control module, for being electrically connected with city, realize power supply control, guarantee the normal work of other component
Make.
It will be understood by those skilled in the art that third-party authentication server, user terminal, authoritative institution shown in Fig. 1
Server or block platform chain structure are not constituted to third-party authentication server, user terminal, authoritative institution's server or area
The restriction of block platform chain may include perhaps combining certain components or different components than illustrating more or fewer components
Arrangement.
According to above-mentioned hardware configuration, each embodiment of the method for the present invention is proposed.
Referring to Fig. 2, in the first embodiment of the zero-knowledge proof method of personal information of the present invention, the personal information
Zero-knowledge proof method comprising steps of
Step S10, third-party authentication server receive at least one personal information to be verified that user terminal sends, to be tested
The authoritative institution ID and Merkel's verification information of authentification of message are demonstrate,proved, wherein Merkel's verification information includes except described to be verified
The cryptographic Hash of at least one other node outside the corresponding Merkel's node of personal information is believed including removing the individual to be verified
Cease at least one other node outside corresponding Merkel's node cryptographic Hash and corresponding affiliated layer;
In the present solution, zero-knowledge proof refers to that a side (certifier) can prove a statement to another party (verifier)
Be correctly, without reveal the statement be correctly except other useful informations.In in the present invention, " statement " is referred to
Personal information to be verified.Merkel tree (Merkle Tree) is exactly a kind of binary tree data structure for storing cryptographic Hash, Merck
The leaf of your tree is the cryptographic Hash of data block (for example, set that data block can be information, file or file), nonleaf node
It is its cryptographic Hash for corresponding to child node series strings.Orderly Merkel tree building rule refers to constructing effective Merkel tree
When, to the rule that position of all nodes in respective layer is ranked up in each layer, which can foundation
In every layer in the size of 16 binary values of the cryptographic Hash of each node or every layer the cryptographic Hash of each node character ASCII character number
Sequentially, each node is successively arranged into each node location from left to right from small to large or from big to small.
When user needs to be verified personal information, user can by user terminal by least one information to be verified,
The authoritative institution ID and Merkel's verification information of authentification of message to be verified are sent to business audit end by wirelessly or non-wirelessly network
End, can also be directly by least one information to be verified, the authoritative institution ID and Merkel's verification information of authentification of message to be verified
It is input in the terminal of third-party authentication mechanism, retransmits to third-party authentication server, wherein Merkel's verification information
The cryptographic Hash of other nodes including at least one in addition to the corresponding Merkel's node of the personal information to be verified or including removing
The cryptographic Hash of at least one other node outside the corresponding Merkel's node of the personal information to be verified and corresponding affiliated layer.
When at least one personal information of the third-party authentication server to user is verified, user terminal is in addition to sending
Outside the personal information to be verified of above-mentioned at least one, the authoritative institution ID of authentification of message to be verified and Merkel's verification information, also
Hash algorithm and orderly Merkel tree building rule can be sent.
It should be noted that prevent at least one personal information, Merkel's verification information and the authority to be verified sent
These information of mechanism ID are intercepted and captured by other people, can be using the public key of third-party authentication server at least one to be verified
These information of people's information, Merkel's verification information and authoritative institution ID encrypt, then encrypted information is sent to
Tripartite's authentication server, third-party authentication server can use the private key of third-party authentication server oneself to the letter of the encryption
Breath is decrypted, to obtain the hash algorithm of user terminal transmission, at least one personal information to be verified and Merkel's verifying
Information.
The cryptographic Hash of each node in Merkel's verification information be generated by Hash mapping function unidirectional as a result, itself simultaneously
It cannot be used for extrapolating any useful information.These nodes in Merkel's verification information are corresponding from personal information to be verified
Except the corresponding Merkel's section of personal information to be verified necessary on Merkel's node to the Hash calculation path of Merkel's root
The cryptographic Hash of all nodes outside point, or all node cryptographic Hash in addition to the corresponding Merkel's node of personal information to be verified and
Layer belonging to corresponding, according to most fast Hash calculation path, can only include one group in Merkel's verification information for providing has
The node cryptographic Hash array of sequence arrangement, it is the sequencing using nodal value that this, which puts in order to calculate Merkel's root process,.
It further include each section in the Merkel's verification information provided other than node cryptographic Hash according to non-most fast Hash calculation path
Layer belonging to point cryptographic Hash is corresponding.Such as information to be verified is the P1 name in Fig. 6, from the corresponding node location of name to Fig. 6
The Hash calculation path of Merkel's root of middle Merkel tree can be B+CD+EF, or B+C+D+EF can also be B+C+
D+E+F, wherein the Hash calculation path of B+CD+EF is most fast Hash calculation path for A, and the Hash of B+C+D+E+F
Path is calculated for A, is most slow Hash calculation path, according to most fast Hash calculation path, then Merkel verifies
Information is the node cryptographic Hash array { hash (P2), hash (C+D), hash (E+F) } of one group of ordered arrangement.If the calculating path
For B+C+D+EF, then Merkel's verification information be include node B cryptographic Hash and node B belonging to layer be first layer, node C
Layer belonging to cryptographic Hash and node C is first layer, the cryptographic Hash that layer belonging to the cryptographic Hash of node D and node D is first layer, node EF
It is third layer with layer belonging to node EF.In another example information to be verified is P1 name and the birthplace P3 in Fig. 6, from name and birth
The Hash calculation path of the corresponding node location in ground Merkel's root of Merkel tree into Fig. 6 can be B+D+EF (most fast Hash
Calculate path) or B+D+E+F.Other sections in Merkel's verification information in addition to the corresponding Merkel's node of personal information to be verified
The quantity of point is determined by the complexity of Merkel tree, and Merkel tree is simpler, and level is fewer, then needs other nodes provided
Quantity is fewer, such as only there are two the simplest Merkel trees that leaf node and Merkel's root node form, then user terminal
The nodal value of a leaf node in addition to the corresponding Merkel's node of the personal information to be verified need to be only provided.
It should be noted that Merkel's verification information that user terminal is sent, in addition at least one is except described to be verified
The cryptographic Hash of other nodes outside the corresponding Merkel's node of people's information can also include at least one non-personal letter to be verified
Breath.Such as authenticatee provides the cleartext information in " birthplace: Shandong Yantai " in hum pattern 6 to be verified, it should for verifying
Cleartext information, Merkel's verification information that authenticatee provides may include node cryptographic Hash AB and third layer in the second layer
The cleartext information of " address: Guangzhou " in interior joint cryptographic Hash EF and Fig. 6.
Step S20, the third-party authentication server according to the authoritative institution ID of the authentification of message to be verified, obtain to
The corresponding hash algorithm of authoritative institution ID and orderly Merkel tree building rule of verification information certification;
Third-party authentication server, can be ID pairs to the authoritative institution according to the authoritative institution ID of authentification of message to be verified
The authoritative institution's server answered sends the request for obtaining hash algorithm and orderly Merkel tree building rule, the authoritative institution ID
After corresponding authoritative institution's server receives the request of third-party authentication server transmission, authoritative institution is constructed into Merck
The hash algorithm and orderly Merkel tree building rule that your tree uses are sent to third-party authentication server.
When having stored hash algorithm and orderly Merkel including each authoritative institution ID in third-party authentication server
The authoritative institution ID of tree building rule and hash algorithm, orderly Merkel tree construct regular mapping table, third-party authentication clothes
Being engaged in device can be according to the authoritative institution ID of authentification of message to be verified, and inquiry obtains the corresponding Kazakhstan the authoritative institution ID from the mark
Uncommon algorithm and orderly Merkel tree building rule.
Hash algorithm can be MD4 algorithm, MD5 algorithm, SHA-1, SHA-256, SHA-512, national secret algorithm or other Kazakhstan
Uncommon algorithm.
Step S30, the third-party authentication server is according to the hash algorithm, the orderly Merkel tree building rule
Then, described at least one personal information to be verified and Merkel's verification information calculate, and obtain Merkel to be verified
Root, and the authoritative institution ID of Merkel's root and authentification of message to be verified to be verified is sent to block platform chain;
Third-party authentication server can according to receive at least one personal information to be verified and it is described at least one except institute
State other nodes outside the corresponding Merkel's node of personal information to be verified cryptographic Hash and affiliated layer, use the Hash got
Algorithm and orderly Merkel tree building rule successively calculate cryptographic Hash, finally obtain Merkel's root to be verified.Such as it is tested
Card person provides the cleartext information and Merkel's verification information that information to be verified is " birthplace: Shandong Yantai " in Fig. 6, wherein
Merkel's verification information is the cryptographic Hash hash (A+B) of the cryptographic Hash hash (P4) of the node D of Merkel tree, node AB in Fig. 6
With the cryptographic Hash hash (E+F) of node EF, the orderly Merkel tree building rule that third-party authentication server is got is from small
To each node of same layer is successively arranged each node location from left to right greatly.Third-party authentication server can use hash algorithm
It treats verification information and carries out the cryptographic Hash hash (P3) that node C is calculated, and hash (P3) is less than hash (P4) size;Then
The cryptographic Hash hash (C+D) of the second node layer CD is calculated according to the cryptographic Hash of the cryptographic Hash of node C and node D, further
Compare hash (A+B) and hash (C+D) size to obtain after hash (A+B) be less than hash (C+D), according to hash (A+B) and hash
(C+D) cryptographic Hash that third node layer ABCD is calculated is hash (AB+CD), finally compares hash (AB+CD) and hash (E+
F) size knows that hash (AB+CD) is less than hash (E+F), is calculated according to hash (AB+CD) and hash (E+F) to be verified
Merkel's root hash (ABCD+EF).
After Merkel's root to be verified is calculated, third-party authentication server can be by Merkel's root to be verified
Block platform chain is sent to by wired or wireless network with the authoritative institution ID of authentification of message to be verified.Such as third-party authentication
Server passes through the api interface of block platform chain, by the authoritative institution of Merkel's root and authentification of message to be verified to be verified
ID is sent to block platform.
Step S40, the block platform chain is according to the Merkel's root and information to be verified to be verified received
The authoritative institution ID of certification, obtain authentification of message to be verified authoritative institution ID it is corresponding at least one with it is described to be verified silent
The identical Merkel's root of Ke Er root, and by each Merkel's root of acquisition, corresponding digital signature and corresponding deposit
The storage time is sent to the third-party authentication server;
Since multiple Merkel's roots identical with Merkel's root to be verified may be stored on block platform chain, this
Some in a little Merkel's roots are sent by the corresponding authoritative institution's server of authoritative institution ID of authentification of message to be verified, are had
It is to be sent by other authoritative institution's servers a bit, also some are sent by inauthoritativeness authority server.
When block platform chain can be according to the authoritative institution ID of Merkel's root and authentification of message to be verified to be verified, from depositing
The database for storing up Merkel's root or storage obtain authentification of message to be verified including inquiring in the transaction record of Merkel's root
At least one Merkel's root identical with Merkel's root to be verified that the corresponding authoritative institution of authoritative institution ID sends over
Value, and the Merkel's root and corresponding digital signature and storage time that inquiry obtains are sent to third-party authentication service
Device.
It should be noted that when block platform chain does not inquire the corresponding authority of authoritative institution ID of authentification of message to be verified
When Merkel's root identical with Merkel's root to be verified that mechanism sends over, block platform chain can feed back there is no to
For the information of Merkel's root of verifying to third-party authentication server, third-party authentication server can be according to this information, directly
Each personal information to be verified for determining that user terminal is sent is incorrect.
Step S50, the third-party authentication server receive each Merkel's root that the block platform chain sends,
Corresponding digital signature and corresponding storage time, and according to the authoritative institution ID of authentification of message to be verified, receive described in
Each Merkel's root, corresponding digital signature and corresponding storage time, each personal information to be verified that user terminal is sent
It is verified.
Third-party authentication server selects from these Merkel's roots storage time nearest first according to storage time
Merkel's root, and according to the authoritative institution ID of authentification of message to be verified, obtain the authoritative institution ID's of authentification of message to be verified
First public key is verified using the first public key corresponding digital signature of Merkel's root nearest to storage time, if verifying
Pass through, it is determined that each personal information to be verified that user terminal is sent is true, and it is whole to user to send the information being verified
End;If verifying does not pass through, it is determined that each personal information to be verified that user terminal is sent is untrue, and it is unacceptable to send verifying
Information is to user terminal.Each Merkel's root that third authentication server can also directly be fed back according to block platform chain
Quantity, when if odd number, it is determined that each personal information to be verified that user terminal is sent is true;When if even number, it is determined that
Each personal information to be verified that user terminal is sent is untrue.
It should be noted that the corresponding power of authoritative institution ID of authentification of message to be verified can be got with block chain query
After at least one Merkel's root identical with Merkel's root to be verified that prestige mechanism sends over, from these Merkel's roots
The Merkel's root for selecting storage time nearest in value, and using the corresponding authoritative machine of the authoritative institution ID of authentification of message to be verified
First public key of the structure Merkel root nearest to storage time is verified, if being verified, there are to be verified for feedback
The information of Merkel's root to third-party authentication server, third-party authentication server so that it is determined that user terminal send respectively to
Testing personal information is true;If verifying does not pass through, there is no the information of Merkel's root to be verified and test to third party in feedback
Server is demonstrate,proved, so that each personal information to be verified that third-party authentication server determines that user terminal is sent is incorrect.
For example, when whether need to check certain customer is to order to arrest runaway convict, it is only necessary to which the customer, which shows, to be based on including whether
Certain nodal informations (nodal value or nodal value and affiliated layer) in the Merkel tree for a plurality of personal information building escaped, according to
The Hash that above- mentioned information, the not fugitive information to be verified of the customer and the building Merkel tree that the customer provides use is calculated
Method, Merkel's tree node ordering rule calculate Merkel's root to be verified.Then to be verified according to this by block chain
Merkel's root inquire, and at least one the Merkel's root inquired is fed back into authentication server, the service for checking credentials
Device carries out judging whether the not fugitive information to be verified of the customer is really, if really according to each Merkel's root received
Then determining the customer not is to order to arrest runaway convict, on the contrary, it is determined that the customer is fugitive wanted criminal.If it is determined that the name that user provides is
No true calculating only needs user to show whether previous conviction.
The present embodiment received by third-party authentication server at least one personal information to be verified that user terminal sends,
The authoritative institution ID and Merkel's verification information of authentification of message to be verified, wherein Merkel's verification information include except it is described to
The cryptographic Hash of at least one other node outside the corresponding Merkel's node of testing personal information is described to be verified a including removing
The cryptographic Hash of at least one other node outside the corresponding Merkel's node of people's information and corresponding affiliated layer;The third party tests
Server is demonstrate,proved according to the authoritative institution ID of the authentification of message to be verified, the authoritative institution ID for obtaining authentification of message to be verified is corresponding
Hash algorithm and orderly Merkel tree building rule;The third-party authentication server according to the hash algorithm, described have
Sequence Merkel tree building rule, at least one personal information to be verified, Merkel's verification information calculate, and obtain
Merkel's root to be verified, and the authoritative institution ID of Merkel's root and authentification of message to be verified to be verified is sent to area
Block platform chain;The block platform chain is according to the power of the Merkel's root and authentification of message to be verified to be verified that receive
Prestige mechanism ID, obtain authentification of message to be verified authoritative institution ID it is corresponding at least one with Merkel's root to be verified
Identical Merkel's root, and each Merkel's root, corresponding digital signature and corresponding storage time of acquisition are sent out
It send to the third-party authentication server;The third-party authentication server receives the described each silent of the block platform chain transmission
Ke Er root, corresponding digital signature and corresponding storage time, and according to the authoritative institution ID of authentification of message to be verified, reception
Each Merkel's root, corresponding digital signature and the corresponding storage time arrived sends user terminal each to be verified
Personal information is verified.To during needing to verify certain personal information, not need user to provide to include privacy information
Other all personal information, it is only necessary to selection provides personal information to be verified and carries out to the third-party institution.
Further, it referring to Fig. 3, is mentioned according to the first embodiment of the zero-knowledge proof method of the application personal information
The second embodiment of the zero-knowledge proof method of the application personal information out, in the present embodiment, the step S50 includes:
Step S51, the third-party authentication server is according to the corresponding storage time of each Merkel's root, from described
The Merkel's root for selecting storage time nearest in each Merkel's root;
Step S52, the third-party authentication server is according to the authoritative institution ID in the information to be verified, described in acquisition
First public key of the corresponding authoritative institution of authoritative institution ID in information to be verified, and the storage using first public key to selection
The time nearest corresponding digital signature of Merkel's root is verified;
Step S53, if being verified, the third-party authentication server determines each individual to be verified that user terminal is sent
Information is true;
Step S54, if verifying does not pass through, the third-party authentication server determines each to be verified that user terminal is sent
People's information is untrue.
In the present solution, certain information due to individual subscriber may have variation, such as user residence, marriage shape
Condition etc..When so authoritative institution's server gets userspersonal information's variation, it can be created again according to updated personal information
A Merkel root b is built, but due to Merkel's root a of the Merkel tree based on userspersonal information's building before update
Stored Merkel's root a cannot be deleted and be modified to it on block platform chain, be not prevented from user using more
New and old personal information go to be verified this happen, authoritative institution's server can be using the second private key to the Merkel
Root a sign again generate the second digital signature, then will include Merkel's root a, corresponding second digital signature and
The information of authoritative institution ID is stored to block platform chain.This results in that two can be stored on block platform chain to include Merkel's root
The information of a.
The authoritative institution ID that third-party authentication server receives the authentification of message to be verified of block platform chain transmission is corresponding
At least one Merkel's root identical with Merkel's root to be verified after, can first according to storage time, from this
The nearest Merkel's root of selection storage time in a little Merkel's roots, and according to the authoritative institution ID of authentification of message to be verified,
The first public key for obtaining the authoritative institution ID of authentification of message to be verified, using the first public key Merkel root nearest to storage time
It is worth corresponding digital signature to be verified, if being verified, it is determined that each personal information to be verified that user terminal is sent is true
It is real, and the information that is verified is sent to user terminal;If verifying does not pass through, it is determined that user terminal is sent each to be verified a
People's information is untrue, and sends the unacceptable information of verifying to user terminal.
It should be noted that authoritative institution's server may only exist a private key.Since userspersonal information's variation is led
When the effective or failure state of Merkel's root being caused to change, authoritative institution's server can be again with the same private key to Merck
You sign at root, and again store Merkel's root and corresponding digital signature to block platform chain.This just leads
Causing block platform chain, there are multiple identical Merkel's roots, and these corresponding digital signature of Merkel's root are also identical
's.The quantity for each Merkel's root that the third service for checking credentials can also directly be fed back according to block platform chain, if odd number
When, it is determined that each personal information to be verified that user terminal is sent is true;When if even number, it is determined that user terminal was sent
Each personal information to be verified is untrue.
It present embodiments provides a kind of block platform chain and carries out verifying by using the first public key and determine effective Merkel's root
The strategy of value, to prevent after personal information updates, user still passes through verifying using the real information before updating.
Further, the application individual is proposed according to the first embodiment of the zero-knowledge proof method of the application personal information
The 3rd embodiment of the zero-knowledge proof method of information, in the present embodiment, before the step S40 further include:
Step S60, authoritative institution's server receive at least two personal information that user terminal is sent, and according to receiving
At least two personal information that user terminal is sent, create a file number and the file number is corresponding including user terminal hair
The news file at least two personal information sent;
Step S70, authoritative institution's server is using preset hash algorithm, preset orderly Merkel tree building rule
Then with each personal information in the news file, the corresponding first Merkel tree of the file number is constructed, and by authoritative institution
ID, the file number and the news file are sent to the user terminal;
Step S80, authoritative institution's server is according to the first private key to Merkel's root of the first Merkel tree
Signature generates corresponding first digital signature of Merkel's root of the first Merkel tree;
Step S90, authoritative institution's server by include the first Merkel tree Merkel's root, described first
Corresponding first digital signature of Merkel's root of Merkel tree and the information of authoritative institution ID are stored to the block platform chain.
In the present solution, at least two personal information that authoritative institution's server reception user terminal is sent, will create one
A unique file number and the file number corresponding news file include each item that user terminal is sent in the news file
People's information.
It should be noted that after authoritative institution's server receives at least two personal information that user terminal is sent, meeting
The authenticity for each personal information that first audit user terminal is sent, such as the ID card No. that user terminal is sent, by sentencing
The disconnected length for whether meeting ID card No. defined or judge ID card No. and user terminal transmission name whether be
Corresponding relationship.When a plurality of personal information for determining that user terminal is sent is all true, a unique file number is just created
News file corresponding with the file number includes each personal information that user terminal is sent in the news file.
Authoritative institution's server is regular and described using preset hash algorithm, preset orderly Merkel tree building
Each personal information in news file constructs the corresponding first Merkel tree of the file number.Such as the Merkel tree in Fig. 6
The detailed process of building is as follows: the first step, obtains the corresponding cryptographic Hash hash of each personal information using preset hash algorithm
(P1), hash (P2), hash (P3), hash (P4), hash (P5) and hash (P6), more each cryptographic Hash, know hash (P1)
< hash (P2) < hash (P3) < hash (P4) < hash (P5) < hash (P6) is constructed according to preset orderly Merkel tree
Rule (successively sorts) from left to right from as low as big, and successively sort first layer leaf node;Second step is according to each leaf to have sorted
The cryptographic Hash of node obtains the cryptographic Hash hash (A+B) of the second node layer AB, the cryptographic Hash of node CD using hash algorithm
Hash (C+D) and node EF cryptographic Hash hash (E+F), and hash (A+B) < hash (C+D) < hash (E+F) are advised according to sequence
Then, the node AB with hash (A+B) is first position of the second layer, and the node CD with hash (C+D) is the second layer second
A position, and the node EF of hash (E+F) rises to third node layer automatically;Third step is according to hash (A+B) and hash (C+
D), the cryptographic Hash of third node layer ABCD is calculated as hash (AB+CD), and hash (AB+CD) < hash (E+F), according to
Node ABCD is placed on first position of third layer by ordering rule, and node EF is placed on second position of third layer;4th step, root
It is hash (ABCD+EF) according to the cryptographic Hash that hash (AB+CD) and hash (E+F) calculates Merkel's root node.
It should be noted that during above-mentioned cleartext information and Merkel's verification information are transmitted and third party tests
During card server verifies information, even if using secrecy transmission mechanism, it is also possible to cause part for Merck
The cryptographic Hash leakage of your verifying.Such as ask for diversified personal letter repeatedly by the certifying organization of network monitoring or malice
Breath, the data that all may result in all or part of Merkel tree are obtained by illegal person.Because identity is many with privacy information
Belong to the Discrete Finite set an of fixed size, such as gender { male, female }, marital status { unmarried, married, divorced, funeral
It is even } etc..Attacker can repeatedly construct leaf node by the method for exhaustion, and combine the information of known ordered numbers abstract layer, calculate
Final Merkel's root out.If be consistent with personal true Merkel's root, attacker just obtains a certain personal letter
The clear content of breath.It can be every when constructing leaf node to prevent the mode of malicious attacker exhaustion from inferring personal information
Personal information distributes a special value, carries out calculating acquisition to personal information and corresponding special value using hash algorithm
The corresponding cryptographic Hash of this personal information.The special value can be the numerical value that authoritative institution is randomly generated, or user
The cryptographic Hash of the personal identification number of upload, and individual periodically can also replace personal identification number by certified authority.In this way, i.e.
Allow the cleartext information in the exhaustive finite discrete set of attacker, also middle special value impossible to exhaust, also with regard to calculation impossible to exhaust
The corresponding cryptographic Hash of the cleartext information out also can not just extrapolate Merkel's root.
It, can be by authoritative institution ID, the file number, the information shelves after authoritative institution's server construction the first Merkel tree
Case is sent to the user terminal, user terminal according to authoritative institution ID, obtain the corresponding hash algorithm of authoritative institution ID and orderly
Then Merkel tree building rule constructs rule according to the news file, the hash algorithm and the orderly Merkel tree,
Oneself the first Merkel tree of building, to obtain the data in the first Merkel tree.
After authoritative institution's server construction the first Merkel tree, in addition to by authoritative institution ID, the file number, the information
Archives are sent to the user terminal, and the corresponding first Merkel tree of the file number can also be also sent to user terminal.
It should be noted that authoritative institution's server can by generate one include authoritative institution ID, the file number,
The corresponding digital certificate of the news file, the digital certificate can also include the corresponding first Merkel tree of the file number
Digital certificate, the digital certificate is sent to the user terminal.
Authoritative institution's server can sign to Merkel's root of the first Merkel tree of building using the first private key,
Corresponding first digital signature of Merkel's root for generating the first Merkel tree (carries out signature using the first private key and represents this
Merkel's root is effective).Later, authoritative institution's server can by include the first Merkel tree Merkel's root,
First digital signature and the information of authoritative institution ID are sent to block platform chain, and block platform chain can store the institute received
State Merkel's root, the information of first digital signature and authoritative institution ID including the first Merkel tree.
It should be noted that for some reason, such as userspersonal information updates, when authoritative authority server thinks
Merkel's root through creating fails, and authoritative institution's server will use the second private key and sign to Merkel's root
Generate digital signature (signed using the second private key, represent Merkel's root failure), and will include Merkel's root,
The information storage value block platform chain of digital signature and authoritative institution ID.
The present embodiment is based on user terminal by using preset hash algorithm and the building rule building of orderly Merkel tree
The Merkel tree of the personal information of offer, and Merkel's root of the Merkel tree is stored in block platform chain.Due to breathing out
Uncommon digest algorithm is unidirectional mapping algorithm, can not reversely extrapolate cleartext information by cryptographic Hash, and the root of Merkel tree and
The content of any leaf node and position are all directly related, and the change of the interior perhaps position of any leaf node can all cause changing for root
The data stored in change and block platform chain cannot be modified and be deleted, to ensure that the identity content letter of user
The safety of breath, and ensure that Merkel's root of the Merkel tree based on user information creation is not easily modified.
Further, referring to Fig. 4, this is proposed according to the first embodiment of the zero-knowledge proof method of the application personal information
Apply for the fourth embodiment of the zero-knowledge proof method of personal information, in the present embodiment, the step S90 includes:
Step S91, the intelligent contract on block platform chain described in authoritative institution's server calls, creation one include
Merkel's root of the first Merkel tree, corresponding first digital signature of Merkel's root of the first Merkel tree and
The first transaction record of authoritative institution ID;
Step S92, authoritative institution's server store first transaction record to the block platform chain.
In the present solution, authoritative institution's server can generate a transaction by the intelligent contract on calling block platform chain,
Authoritative institution's server can be by Merkel's root, first digital signature and authoritative institution including the first Merkel tree
Information write-in transaction record in.Then the intelligent contract called the transaction record being stored on block platform chain
In.Fig. 7 is a kind of transaction record for storing Merkel's root, is ended up in the Input Data of the transaction record with aecb88
That string character string be just the information for including Merkel's root and corresponding digital signature, the information in From is then authoritative institution
ID。
The present embodiment is by being written transaction record for Merkel's root and being stored on block platform chain, so that it is guaranteed that Merck
Your root is not easily modified.
Further, the application individual is proposed according to the first embodiment of the zero-knowledge proof method of the application personal information
5th embodiment of the zero-knowledge proof method of information, in the present embodiment, after the step S90 further include:
Step S100, authoritative institution's server receives the update request that user terminal is sent, wherein the update is asked
It asks including file number and at least one personal information;
Step S110, authoritative institution's server is according to the corresponding news file of file number and update updated in request
At least one personal information in request generates the corresponding new information archives of file number updated in request;
Step S120, authoritative institution's server is using preset hash algorithm, preset orderly Merkel tree building
Each personal information in the regular and described new information archives, building update the corresponding second Merkel tree of file number in request,
And by authoritative institution ID, update request in file number and the new information archives be sent to the user terminal;
Step S130, authoritative institution's server is using the first private key to Merkel's root label of the second Merkel tree
Name generates the second digital signature;
Step S140, the authoritative institution is by Merkel's root, the second digital signature and power including the second Merkel tree
The information of prestige mechanism ID is stored to the block platform chain.
In the present solution, it includes file number and at least one personal information that authoritative institution's server, which receives user terminal, which to be sent,
Update request after, can according to update request in file number, the corresponding news file of the file number is recalled, then according to update
The a plurality of personal information at least one personal information and the corresponding news file of file number in request, updates the file number
Corresponding news file, and by authoritative institution ID, update request in file number and the new information archives be sent to user end
End, or the file number in file number, the new information archives and the update request in authoritative institution ID, update request is corresponding
The second Merkel tree be sent to the user terminal.
It should be noted that the personal information updated in request may be certain information content in original information archives
Update, for example, in original archives there are certain personal information be " residence is Guangdong ", update request in personal information be " occupy
Residence is Shenzhen ", this personal information of original " residence is Guangdong " can be deleted in this case, by " residence is
The personal information storage in Shenzhen " generates new news file in original information archives.The personal information updated in request may
It is the information being not present in original information archives, the personal information updated in request can be added to original information in this case
In archives, the new information archives of generation.
After news file updates, authoritative institution's server can be generated according to preset hash algorithm and new news file
The corresponding second Merkel tree of the new news file.It is carried out using Merkel root of first private key to the second Merkel tree
Signature generates the second digital signature, and by Merkel's root, the second digital signature and authoritative institution including the second Merkel tree
The information of ID is stored to block platform chain
It should be noted that the authoritative institution is by Merkel's root, the second digital signature including the second Merkel tree
It stores with the information of authoritative institution ID to before the block platform chain step further include:
Authoritative institution's server is using the second private key to the corresponding first Merkel tree of file number in update request
Merkel's root is signed, and third digital signature, and Merkel's root, the third number that will include the first Merkel tree are generated
The information of signature and authoritative institution ID are stored to the block platform chain.
When certain information of individual subscriber change, due to the corresponding Merkel's root of userspersonal information before updating
Value has stored on block platform chain, which cannot delete and modify to it, is not prevented from user's benefit
It is happened with this that old personal information goes to be verified.There are the first private keys and the second private key two for authoritative institution's server
Private key (the first private key, which carries out signature, indicates that Merkel's root is effective, and the second private key, which carries out signature, indicates the failure of Merkel's root), letter
After ceasing archives update, authoritative institution's server can be using the second private key to the corresponding Merck of news file before stored update
You sign at root, generate third digital signature;It will include the corresponding Merkel's root of news file and third before updating
The information of digital signature is stored to block platform chain.
The present embodiment is requested by being updated according to the personal information of user terminal, is updated to news file and is updated
News file creates new Merkel tree and new Merkel's tree root value is stored in block platform chain, thus a few in user
After people's information update, it is ensured that updated real information can pass through verifying.
The invention also provides a kind of zero-knowledge proof method systems of personal information.
Referring to Fig. 5, in one embodiment, the system comprises: third-party authentication server 100,200 and of block platform chain
User terminal 300.
Third-party authentication server 100, for receive the transmission of user terminal 300 at least one personal information to be verified,
The authoritative institution ID and Merkel's verification information of authentification of message to be verified, wherein Merkel's verification information include except it is described to
The cryptographic Hash of at least one other node outside the corresponding Merkel's node of testing personal information is described to be verified a including removing
The cryptographic Hash of at least one other node outside the corresponding Merkel's node of people's information and corresponding affiliated layer;
The third-party authentication server 100 is also used to the authoritative institution ID according to the authentification of message to be verified, obtains
The corresponding hash algorithm of authoritative institution ID of authentification of message to be verified and orderly Merkel tree building rule, and according to the Hash
Algorithm, the orderly Merkel tree building rule, at least one personal information to be verified and Merkel's verification information
It is calculated, obtains Merkel's root to be verified, and by the authority of Merkel's root and authentification of message to be verified to be verified
Mechanism ID is sent to block platform chain 200;
Block platform chain 200, for according to the Merkel's root to be verified and authentification of message to be verified received
Authoritative institution ID, obtain authentification of message to be verified authoritative institution ID it is corresponding at least one with the Merkel to be verified
The identical Merkel's root of root, and when by each Merkel's root, corresponding digital signature and corresponding storage of acquisition
Between be sent to the third-party authentication server 100;
The third-party authentication server 100 is also used to receive each Merkel that the block platform chain 200 is sent
Root, corresponding digital signature and corresponding storage time, and according to the authoritative institution ID of authentification of message to be verified, receive
Each Merkel's root, corresponding digital signature and corresponding storage time, each to be verified that user terminal 300 is sent
People's information is verified.
It should be noted that above system has whole skills of the first embodiment of the zero-knowledge proof method of personal information
Art feature, the whole embodiments that specific interactive process is referred to preceding method execute, accordingly also with the reality of preceding method
Apply whole technical effects of example.
The present invention also proposes a kind of computer readable storage medium, is stored thereon with computer program.The computer can
Reading storage medium can be the memory 20 in the server of Fig. 1, be also possible to as ROM (Read-Only Memory, it is read-only to deposit
Reservoir)/RAM (Random Access Memory, random access memory), magnetic disk, at least one of CD, the calculating
Machine readable storage medium storing program for executing include several information use so that third-party authentication server, user terminal, authoritative institution's server and/
Or block platform chain executes method described in each embodiment of the present invention.
It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row
His property includes, so that the process, method, article or the system that include a series of elements not only include those elements, and
And further include other elements that are not explicitly listed, or further include for this process, method, article or system institute it is intrinsic
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do
There is also other identical elements in the process, method of element, article or system.
The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.
The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair
Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills
Art field, is included within the scope of the present invention.