CN110351297B - Verification method and device applied to block chain - Google Patents
Verification method and device applied to block chain Download PDFInfo
- Publication number
- CN110351297B CN110351297B CN201910668695.3A CN201910668695A CN110351297B CN 110351297 B CN110351297 B CN 110351297B CN 201910668695 A CN201910668695 A CN 201910668695A CN 110351297 B CN110351297 B CN 110351297B
- Authority
- CN
- China
- Prior art keywords
- verified
- node
- operation tree
- bit operation
- registered
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Abstract
The invention discloses a verification method and a verification device applied to a block chain, wherein the method comprises the following steps: determining a root node of a first bit operation tree of a user to be verified; the root node of the first operation tree is determined according to the node information of the first operation tree and the first salt value of at least one device to be verified of the user to be verified; if the root node of the first bit operation tree is the same as the root node of the second bit operation tree, determining that the user to be verified holds at least one device to be verified; the second salt values of any two registered devices are different, the first bit operation tree considers the first salt value of at least one device to be verified, so that multiple devices to be verified of a user to be verified can be verified at one time, bit operation is basic operation of a computer, time consumed for obtaining the first bit operation tree is short, and verification efficiency is remarkably improved. The method can be applied to the fields of financial technology (Fintech) and block chain (Blockchain).
Description
Technical Field
The invention relates to the field of financial technology (Fintech), the field of blockchains (Blockchain) and the field of data security, in particular to a verification method and a verification device applied to blockchains.
Background
With the development of computer technology, more and more technologies (big data, distributed, Blockchain (Blockchain), artificial intelligence, etc.) are applied in the financial field, and the traditional financial industry is gradually changing to financial technology (Fintech). Currently, in the field of financial technology, the requirement for transaction security is extremely high, and users often have a need to verify their ownership of own device identity.
In the verification mode in the prior art, a section of data is encrypted by a system through a public key of a verifier and is sent to the verifier, the verifier decrypts and compares the data through a private key of the verifier, or the verifier actively signs a section of data through a private key of the verifier, and the system verifies and compares the data through the public key of the verifier.
Disclosure of Invention
The embodiment of the application provides a verification method and a verification device applied to a block chain, and solves the problems that in the prior art, a verification mode is long in time consumption and low in efficiency.
In a first aspect, an embodiment of the present application provides a verification method applied to a block chain: determining a root node of a first bit operation tree of a user to be verified; the root node of the first operation tree is determined according to the node information of the first operation tree and the first salt value of at least one device to be verified of the user to be verified; a leaf node of the first bit operation tree has a first mapping relation with a first salt value of the at least one device to be verified; if the root node of the first bit operation tree is the same as the root node of the second bit operation tree, determining that the user to be verified holds the at least one device to be verified; the root node of the second bit operation tree is pre-generated according to a second salt value of at least one registered device of a registered user corresponding to the user to be verified; a second mapping relationship exists between a leaf node of the second bit operation tree and a second threshold value of the at least one registered device; each registered device corresponds to a device to be verified, and the second thresholds of any two registered devices are different.
In the method, a root node of a first operation tree of a user to be verified is determined, because the root node of the first operation tree is determined according to node information of the first operation tree and a first salt value of at least one device to be verified, and a leaf node of the first operation tree and the first salt value of the at least one device to be verified of the user to be verified have a first mapping relation, the root node of the first operation tree is obtained only by considering the first salt value of the at least one device to be verified, if the root node of the first operation tree determined according to the node information of the first operation tree is the same as the root node of the second operation tree, the first salt value and the second salt value of each device to be verified of the at least one device to be verified can be determined to be the same with a probability close to 1, so that a complex asymmetric encryption algorithm can be avoided, and only through simple bit operation, the verification of the user to be verified can be determined to be successful, bit operation is basic operation of a computer, the time consumed for obtaining the first bit operation tree is short, and the first bit operation tree considers the first salt value of at least one device to be verified, so that the method can verify a plurality of devices to be verified of the user to be verified at one time, and the verification efficiency is remarkably improved.
In an alternative embodiment, the determining a root node of a first bit operation tree of a user to be authenticated includes: acquiring node information of the first bit operation tree and a first salt value of the at least one device to be verified; determining a root node of the first operation tree according to the node information of the first operation tree and the first salt value of the at least one device to be verified; before determining that the user to be authenticated holds the at least one device to be authenticated, the method further includes: generating a first hash value of each device to be verified according to the first salt value of each device to be verified in the at least one device to be verified and the public key of the device to be verified; and determining whether the first hash value of each device to be verified in the at least one device to be verified is consistent with a second hash value of a corresponding registered device in the at least one registered device, wherein the second hash value of the registered device is generated according to a second salt value of the registered device and a public key of the registered device.
In the above manner, the root node of the first operation tree is obtained according to the obtained node information of the first operation tree and the first salt value of the at least one device to be verified, the first hash value of the device to be verified is generated according to the obtained first salt value of each device to be verified in the at least one device to be verified and the public key of the device to be verified, and then whether the first hash value of each device to be verified in the at least one device to be verified is consistent with the corresponding second hash value is verified, so that the verification reliability is further increased.
In an optional implementation, the determining a root node of the first operation tree according to the node information of the first operation tree and the first salt value of the at least one device to be verified includes: determining at least one node of the first bit operation tree according to the node information of the first bit operation tree and the first salt value of the at least one device to be verified; and determining a father node of the node according to preset XOR bit operation and each node in the at least one node and the brother node of the node until determining the root node of the first bit operation tree.
In the above manner, since the first salt value of the at least one device to be verified has a mapping relationship with the leaf node of the first operation tree, and in combination with the node information of the first operation tree, at least one node of the first operation tree can be flexibly determined therefrom, and then according to the preset xor bit operation, the parent node of the node is determined according to each node of the at least one node and the sibling node of the node until the root node of the first operation tree is determined, thereby providing a manner for flexibly determining the root node of the first operation tree, and the xor bit operation is a bit operation with higher efficiency in bit operation, and therefore, the manner can further improve verification efficiency and flexibility.
In an optional implementation manner, before determining a root node of a first bit operation tree of a user to be authenticated, the method further includes: receiving a first uplink request sent by the registered user, wherein the first uplink request is used for storing a public key of the at least one registered device and a public key of the registered user to a block chain; receiving a second uplink request sent by the registered user, wherein the second uplink request comprises a second hash value encrypted by using a private key of the at least one registered device; obtaining a public key of the at least one registered device from the blockchain and decrypting the encrypted second hash value; when the decryption is successful, storing the second hash value into the block chain; receiving a third uplink request sent by the registered user, wherein the third uplink request comprises a root node of the second bit operation tree encrypted by using a private key of the registered user; obtaining the public key of the registered user from the blockchain and decrypting the encrypted root node of the second bit operation tree; and when the decryption is successful, storing the root node of the second bit operation tree into the block chain.
The first uplink request is used for storing a public key of the at least one registered device and a public key of a registered user to the blockchain, so that the second uplink request and the third uplink request can be subsequently processed, and the storage security of the second hash value and the second bit operation tree is enhanced due to the fact that the blockchain is not usuable to be tampered.
In an optional implementation mode, an updating request sent by the registered user is received; the update request is used to instruct regeneration of the second hash value of the at least one registered device and/or the root node of the second bit operation tree, and is stored to the block chain again.
The second hash value of the at least one registered device and the root node of the second bit operation tree may need to be changed, which provides a way to regenerate the second hash value of the registered device and/or the root node of the second bit operation tree in the blockchain.
In an optional embodiment, the second threshold of the at least one registered device is an N-ary positive integer; n is an integer greater than 1; acquiring at least one binary integer according to the second salt value of the at least one registered device; obtaining a binary integer corresponding to the second salt value of each registered device; determining leaf nodes of the second bit operation tree according to the at least one binary integer and the second mapping relation; the leaf nodes of the second bit operation tree comprise a first leaf node combination and a second leaf node combination; the first leaf node combination is a combination of leaf nodes in the second bit operation tree having the second mapping relation with the second threshold value of the at least one registered device; the second leaf node combination is a combination of leaf nodes in the second bit operation tree for which the second mapping relationship does not exist with the second threshold value of the at least one registered device; the leaf node values in the second leaf node combination are all 0; and generating a root node of the second bit operation tree according to the leaf node of the second bit operation tree.
In the above manner, no matter whether the leaf node of the second operation tree has the second mapping relationship with the second threshold of the at least one registered device, the leaf node of the second operation tree can be assigned, thereby providing a manner in which the root node of the second bit operation tree can be generated inevitably.
In a second aspect, the present application provides an authentication apparatus comprising: the determining module is used for determining a root node of a first bit operation tree of a user to be verified; the root node of the first operation tree is determined according to the node information of the first operation tree and the first salt value of at least one device to be verified of the user to be verified; a leaf node of the first bit operation tree has a first mapping relation with a first salt value of the at least one device to be verified; the processing module is used for determining that the user to be verified holds the at least one device to be verified if the root node of the first bit operation tree is the same as the root node of the second bit operation tree; the root node of the second bit operation tree is pre-generated according to a second salt value of at least one registered device of a registered user corresponding to the user to be verified; a second mapping relationship exists between a leaf node of the second bit operation tree and a second threshold value of the at least one registered device; each registered device corresponds to a device to be verified, and the second thresholds of any two registered devices are different.
In an optional embodiment, the determining module is further configured to: acquiring node information of the first bit operation tree and a first salt value of the at least one device to be verified; determining a root node of the first operation tree according to the node information of the first operation tree and the first salt value of the at least one device to be verified; generating a first hash value of each device to be verified according to the first salt value of each device to be verified in the at least one device to be verified and the public key of the device to be verified; and determining whether the first hash value of each device to be verified in the at least one device to be verified is consistent with a second hash value of a corresponding registered device in the at least one registered device, wherein the second hash value of the registered device is generated according to a second salt value of the registered device and a public key of the registered device.
In an optional implementation manner, the determining module is specifically configured to: determining at least one node of the first bit operation tree according to the node information of the first bit operation tree and the first salt value of the at least one device to be verified; and determining a father node of the node according to preset XOR bit operation and each node in the at least one node and the brother node of the node until determining the root node of the first bit operation tree.
In an optional implementation manner, the determining module is specifically configured to: receiving a first uplink request sent by the registered user, wherein the first uplink request is used for storing a public key of the at least one registered device and a public key of the registered user to a block chain; receiving a second uplink request sent by the registered user, wherein the second uplink request comprises the second hash value encrypted by using a private key of the registered equipment; obtaining a public key of the registered device from the blockchain and decrypting the encrypted second hash value; when the decryption is successful, storing the second hash value into the block chain; receiving a third uplink request sent by the registered user, wherein the third uplink request comprises a root node of the second bit operation tree encrypted by using a private key of the registered user; obtaining the public key of the registered user from the blockchain and decrypting the encrypted second bit operation tree; and when the decryption is successful, storing the root node of the second bit operation tree into the block chain.
In an optional embodiment, the processing module is further configured to: receiving an updating request sent by the registered user; the update request is used to instruct regeneration of the second hash value of the at least one registered device and/or the root node of the second bit operation tree, and is stored to the block chain again.
In an optional embodiment, the second threshold of the at least one registered device is an N-ary positive integer; n is an integer greater than 1; the processing module is further configured to: determining a root node of the second bit operation tree by: acquiring at least one binary integer according to the second salt value of the at least one registered device; obtaining a binary integer corresponding to the second salt value of each registered device; determining leaf nodes of the second bit operation tree according to the at least one binary integer and the second mapping relation; the leaf nodes of the second bit operation tree comprise a first leaf node combination and a second leaf node combination; the first leaf node combination is a combination of leaf nodes in the second bit operation tree having the second mapping relation with the second threshold value of the at least one registered device; the second leaf node combination is a combination of leaf nodes in the second bit operation tree for which the second mapping relationship does not exist with the second threshold value of the at least one registered device; the leaf node values in the second leaf node combination are all 0; and generating a root node of the second bit operation tree according to the leaf node of the second bit operation tree.
For the advantages of the second aspect and the embodiments of the second aspect, reference may be made to the advantages of the first aspect and the embodiments of the first aspect, which are not described herein again.
In a third aspect, an embodiment of the present application provides a computer device, which includes a program or instructions, and when the program or instructions are executed, the computer device is configured to perform the method of each embodiment of the first aspect and the first aspect.
In a fourth aspect, an embodiment of the present application provides a storage medium, which includes a program or instructions, and when the program or instructions are executed, the program or instructions are configured to perform the method of the first aspect and the embodiments of the first aspect.
Drawings
Fig. 1 is a schematic flowchart illustrating steps of a verification method applied to a blockchain according to an embodiment of the present disclosure;
FIG. 2 is a schematic diagram of user initialization provided by an embodiment of the present application;
FIG. 3 is a diagram illustrating a second bit operation tree according to an embodiment of the present application;
FIG. 4 is a schematic diagram illustrating a generation process of a root node of a first bit operation tree according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of an authentication apparatus according to an embodiment of the present application.
Detailed Description
In order to better understand the technical solutions, the technical solutions will be described in detail below with reference to the drawings and the specific embodiments of the specification, and it should be understood that the specific features in the embodiments and examples of the present application are detailed descriptions of the technical solutions of the present application, but not limitations of the technical solutions of the present application, and the technical features in the embodiments and examples of the present application may be combined with each other without conflict.
In the financial technology field, during the operation of financial institutions (banking institutions, insurance institutions or security institutions), such as loan businesses and deposit businesses of banks, the requirements for transaction security are extremely high, and users often have a need to verify the ownership of own equipment.
In the prior art, a system encrypts a section of data by using a public key of a verifier and sends the encrypted section of data to the verifier, the verifier decrypts and compares the data by using a private key of the verifier, or the verifier actively signs a section of data by using the private key of the verifier, and the system verifies and compares the data by using the public key of the verifier.
Therefore, the present application provides a verification method applied to a blockchain, and as shown in fig. 1, the method is a schematic flow chart of steps of the verification method applied to a blockchain according to an embodiment of the present application.
Step 101: and determining a root node of a first bit operation tree of the user to be verified.
The root node of a first operation tree is determined according to the node information of the first operation tree and a first salt value of at least one device to be verified of the user to be verified; and a leaf node of the first bit operation tree has a first mapping relation with a first salt value of the at least one device to be verified.
Step 102: and if the root node of the first bit operation tree is the same as the root node of the second bit operation tree, determining that the user to be verified holds the at least one device to be verified.
The root node of the second bit operation tree is pre-generated according to a second salt value of at least one registered device of a registered user corresponding to the user to be verified; a second mapping relationship exists between a leaf node of the second bit operation tree and a second threshold value of the at least one registered device; each registered device corresponds to a device to be verified, and the second thresholds of any two registered devices are different.
The steps 101 to 102 will be described in detail through a complete flow. The whole process comprises an initialization process, a device registration process, a user registration process and a device verification process. Steps 101 to 102 occur during device registration.
In the whole completion process, the system participants include three types: the authentication party, the user and the equipment. And (3) identity authentication: the authentication party may specifically be an authentication machine, and this role is to authenticate the device held by the user. The user: this role holds multiple devices while requiring verification of device ownership. Users may be classified according to the current flow of steps, users who have registered the device holder at the authentication party are referred to as registered users, and users may be referred to as users to be authenticated before passing authentication because the users may need to re-authenticate the device holder later. Equipment: i.e. the various (internet of things) devices held by the user. The devices may also be classified according to the current flow of steps, such as registered devices and devices to be verified.
The initialization process is specifically as follows:
first, a Public Key (Public Key) and a Private Key (Private Key) are introduced. The public key and the private key are a key pair (i.e. a public key and a private key) obtained through an algorithm, the public key is a public part of the key pair, and the private key is a non-public part. The public key is typically used to encrypt session keys, verify digital signatures, or encrypt data that can be decrypted with a corresponding private key. The key pair derived by such an algorithm is guaranteed to be unique worldwide. When using this key pair, if one of the keys is used to encrypt a piece of data, the other key must be used to decrypt the piece of data. For example, encrypting data with a public key necessitates decryption with the private key, and if encrypting with the private key, also must decrypt with the public key, otherwise decryption will not succeed.
Fig. 2 is a schematic diagram of user initialization provided in the embodiment of the present application.
The user generates a public key and a private key of the user and a held device public key and a held device private key of a device held by the user using an agreed asymmetric encryption algorithm, such as an Elliptic Curve Digital Signature Algorithm (ECDSA). For example, after the device a generates the private key a and the device B generates the private key B, the private key a and the private key B may be stored in a local database of the user, and then the public key a corresponding to the private key a and the public key B corresponding to the private key B may be stored in the block chain.
The device registration process is specifically as follows:
(1) and randomly generating a random integer with unspecified length for each device, wherein the random integer is called the second salinity of the device, and the second salinity of the device generated for each device cannot be the same. In addition, the salt value of the device to be verified presented by the user to be verified is referred to as the first salt value of this device. The second threshold may be used as an input parameter to a Hash algorithm to generate a Hash-mapped value. This provides the Hash with resistance to reverse attack. Wherein the second salt value of the device is not limited to an integer in decimal notation, for example, a decimal integer. Specifically, the second salt value of the apparatus is 657.
(2) And taking the public key of the equipment as an original text, and generating a Hash value of the equipment salt value by using an agreed Hash algorithm through the second salt value of the equipment, wherein the Hash value is called the second Hash value of the equipment (the first Hash value is a first salt value of the equipment to be verified and a Hash value temporarily generated by the public key of the equipment). The hash algorithm is an algorithm for generating a hash map value for a certain character string, such as sha 3. Example (c): hash (public key, 657) ═ 8e00acc4cdea7eb98c1d81864abd7ebc793decc47b54ff2a843513ee7a62666 e.
(3) The hash value for each device is stored into the blockchain using the device's private key.
The user registration process is specifically as follows:
when the user registers, a second bit operation tree as shown in fig. 3 is generated according to the second salt value of each device. It should be noted that the first operation tree is an operation tree temporarily generated when the user to be verified is verified.
The bit operation tree (whether the first bit operation tree or the second bit operation tree) is a complete binary tree. Each node of the non-leaf node (i.e., the node having a child node) in the bit operation tree is generated according to a preset bit operation according to two child nodes of the node. For example, the predetermined bit operation is an exclusive-or (XOR) bit operation, and the generated bit operation tree is an XOR bit operation. The XOR bit operation is: an algorithm for bitwise arithmetic, 0XOR 0-0, 0XOR 1-1, and 1XOR 1-0. Exclusive or satisfies commutative, associative, and reflexive laws. The verification mode based on bit operation can replace the requirement that a user frequently uses the private key of each device, salt values only use exclusive-or operation, and the efficiency is extremely high.
(1) And assigning the second salt value of the registered device held by the user (namely the rectangular box shown in fig. 3) according to a second mapping relation with the second operation tree.
For example, the second thresholds of the registered devices held by the user may be arranged in descending order, may be sorted in alphabetical order of the public keys of each registered device, and so on. And converting the positive integer of the second salt value of each device in the sequence from decimal to binary, and then using the positive integer as a leaf node of the bit operation tree according to a second mapping relation.
One situation is: if the total number of leaf nodes is not the nth power of 2 (e.g., 4, 8, 16, 32), that is, there are leaf nodes in the second bit operation tree that have no corresponding second salt value of the registered device, the remaining leaf nodes that have not reached the nth power of 2 are filled with preset values, that is, the leaf nodes that have the second salt value of the registered device that have no corresponding second salt value are assigned with preset values. Wherein the preset values may all be 0.
(2) And starting from the leaf nodes of the second operation tree, executing bit operation according to layers to generate bit operation values until reaching the root node. Wherein each non-leaf node of the second bit operation tree (e.g., the root node and nodes 1-6 shown in FIG. 3) is generated by a child node of the node.
(3) And storing the root node of the second operation tree into the block chain by using the private key of the user to be registered.
Thus, an alternative implementation in the user registration process is as follows:
the second threshold value of at least one registered device is an N-system positive integer; n is an integer greater than 1; the root node of the second bit operation tree is determined by the following method, including: acquiring at least one binary integer according to the second salt value of the at least one registered device; obtaining a binary integer corresponding to the second salt value of each registered device; determining leaf nodes of the second bit operation tree according to the at least one binary integer and the second mapping relation; the leaf nodes of the second bit operation tree comprise a first leaf node combination and a second leaf node combination; the first leaf node combination is a combination of leaf nodes in the second bit operation tree having the second mapping relation with the second threshold value of the at least one registered device; the second leaf node combination is a combination of leaf nodes in the second bit operation tree for which the second mapping relationship does not exist with the second threshold value of the at least one registered device; the leaf node values in the second leaf node combination are all 0; and generating a root node of the second bit operation tree according to the leaf node of the second bit operation tree.
It should be noted that, in the above method, the specific value of N in the N system needs to be agreed in advance by all parties (user, authentication party, device). There are multiple ways to obtain at least one binary integer according to the second salt value of the at least one registered device. For example, if the second salt of the registered device D is a binary integer, the second salt of the registered device D is directly used as the value of the corresponding leaf node in the second bit operation tree; if the second salt value of the registered device D is not a binary integer and the second salt value of the registered device D is a decimal integer, the second salt value of the registered device D is converted into a binary integer, and then the converted binary integer is used as the value of the corresponding leaf node in the second bit operation tree.
In the above manner, no matter whether the leaf node of the second operation tree has the second mapping relationship with the second threshold of the at least one registered device, the leaf node of the second operation tree can be assigned, thereby providing a manner in which the root node of the second bit operation tree can be generated inevitably.
In conjunction with the device registration procedure and the user registration procedure, step 101 may be preceded by the following optional embodiments:
receiving a first uplink request sent by the registered user, wherein the first uplink request is used for storing a public key of the at least one registered device and a public key of the registered user to a block chain.
Receiving a second uplink request sent by the registered user, wherein the second uplink request comprises a second hash value encrypted by using a private key of the at least one registered device; obtaining a public key of the at least one registered device from the blockchain and decrypting the encrypted second hash value; and when the decryption is successful, storing the second hash value into the block chain.
Receiving a third uplink request sent by the registered user, wherein the third uplink request comprises a root node of the second bit operation tree encrypted by using a private key of the registered user; obtaining the public key of the registered user from the blockchain and decrypting the encrypted root node of the second bit operation tree; and when the decryption is successful, storing the root node of the second bit operation tree into the block chain.
The first uplink request is used for storing a public key of the at least one registered device and a public key of a registered user to the blockchain, so that the second uplink request and the third uplink request can be subsequently processed, and the storage security of the second hash value and the second bit operation tree is enhanced due to the fact that the blockchain is not usuable to be tampered.
In an alternative embodiment of the present application, the authentication party, the user and the device all have direct read-write capability of the blockchain. If there is no direct blockchain access (i.e., a proxy interface is required), then there is a potential for a man-in-the-middle attack. The user needs to access the blockchain through a trusted data channel.
The equipment verification process is as follows:
this process is illustrated with reference to fig. 4.
(1) The node information of a first bit operation tree shown by a user and a first salt value of at least one device to be verified are obtained. The node information of the first bit operation tree is all necessary XOR tree information from which the XOR root node can be derived. As the underlined nodes in fig. 4, this includes: several xor values (underlined in the figure) and their corresponding positions in the xor tree, together with the tree height.
(2) And (3) the identity authentication party accesses the block chain, firstly, whether the first salt value of each device to be authenticated and the first Hash value obtained by the public key of the device to be authenticated through a Hash algorithm are the same as the second Hash value of the device on the block chain or not is judged, and if the first salt value and the first Hash value are the same as the second Hash value of the device on the block chain, the step (3) is carried out.
(3) The identity authentication party constructs a first-bit operation tree according to the node information of the first-bit operation tree and by combining the first salt values of the equipment to be authenticated (the first salt value of the equipment to be authenticated A and the first salt value of the equipment to be authenticated B in the figure 4), and calculates the root node of the first operation tree from bottom to top.
(4) And the identity authentication party accesses the block chain, compares the root node of the first operation tree obtained by calculation with the root node of the second operation tree in the block chain, and if the root node of the first operation tree is the same as the root node of the second operation tree in the block chain, the user authentication is successful.
In connection with the device authentication procedure, step 101 may be: acquiring node information of the first bit operation tree and a first salt value of the at least one device to be verified; and determining a root node of the first bit operation tree according to the node information of the first bit operation tree and the first salt value of the at least one device to be verified.
Specifically, according to the node information of the first bit operation tree and the first salt value of the at least one device to be verified, the determining the root node of the first bit operation tree may be:
determining at least one node of the first bit operation tree according to the node information of the first bit operation tree and the first salt value of the at least one device to be verified; and determining a father node of the node according to preset XOR bit operation and each node in the at least one node and the brother node of the node until determining the root node of the first bit operation tree.
In the above manner, since the first salt value of the at least one device to be verified has a mapping relationship with the leaf node of the first operation tree, and in combination with the node information of the first operation tree, at least one node of the first operation tree can be flexibly determined therefrom, and then according to the preset xor bit operation, the parent node of the node is determined according to each node of the at least one node and the sibling node of the node until the root node of the first operation tree is determined, thereby providing a manner for flexibly determining the root node of the first operation tree, and the xor bit operation is a bit operation with higher efficiency in bit operation, and therefore, the manner can further improve verification efficiency and flexibility.
Step 102 may be preceded by the following steps:
generating a first hash value of each device to be verified according to the first salt value of each device to be verified in the at least one device to be verified and the public key of the device to be verified; and determining whether the first hash value of each device to be verified in the at least one device to be verified is consistent with a second hash value of a corresponding registered device in the at least one registered device, wherein the second hash value of the registered device is generated according to a second salt value of the registered device and a public key of the registered device.
In the above manner, the root node of the first operation tree is obtained according to the obtained node information of the first operation tree and the first salt value of the at least one device to be verified, the first hash value of the device to be verified is generated according to the obtained first salt value of each device to be verified in the at least one device to be verified and the public key of the device to be verified, and then whether the first hash value of each device to be verified in the at least one device to be verified is consistent with the corresponding second hash value is verified, so that the verification reliability is further increased.
In some scenarios, a user needs to add, delete, and transfer a held device. At this time, it is necessary to regenerate the second salt value of the device in which the change exists and regenerate the second operation tree. The method comprises the following specific steps: newly adding equipment: a scenario in which the user newly adds a device is described. And newly executing the device registration and user registration processes once when the second salt value of the device needs to be newly added, namely newly adding leaf nodes of the second operation tree, regenerating the second operation tree, and updating the root node of the second operation tree on the block chain. And (3) updating the equipment: a scenario is described in which a user updates the salt value of a device. The user needs to update the device salt value of the device in the chain, and re-executes the device registration and the user registration process, that is, updates the leaf nodes of the second operation tree, regenerates the second operation tree, and updates the root nodes of the second operation tree in the block chain. Equipment deletion: describing a user removing a device from its holding list. The user needs to delete the leaf node, and re-executes the device registration and user registration processes, that is, the leaf node of the second operation tree is updated, the second operation tree is generated, the root node of the second operation tree in the block chain is updated, and the root node of the second operation tree in the block chain is updated.
It can be seen that the leaf nodes of the second operation tree need to be updated and the second operation tree is regenerated no matter the addition, the addition or the deletion is performed. When the number of times that the device in one user's hand is verified exceeds a certain threshold, the user performs a device update to prevent the risk that the authenticator reveals the second threshold of the device presented by the user. Equipment transfer: namely, the equipment is firstly deleted and then added.
Thus, an alternative embodiment is as follows:
receiving an updating request sent by the registered user; the update request is used to instruct regeneration of the second hash value of the at least one registered device and/or the root node of the second bit operation tree, and is stored to the block chain again.
The second hash value of the at least one registered device and the root node of the second bit operation tree may need to be changed, which provides a way to regenerate the second hash value of the registered device and/or the root node of the second bit operation tree in the blockchain.
In the method of steps 101 to 102, a root node of a first operation tree of a user to be verified is determined, because the root node of the first operation tree is determined according to node information of the first operation tree and a first salt value of at least one device to be verified, and a leaf node of the first operation tree and the first salt value of the at least one device to be verified of the user to be verified have a first mapping relationship, the root node of the first operation tree is obtained only by considering the first salt value of the at least one device to be verified, if the root node of the first operation tree determined according to the node information of the first operation tree is the same as the root node of the second operation tree, the first salt value and the second salt value of each device to be verified of the at least one device to be verified can be determined to be the same with a probability close to 1, thereby avoiding a complex asymmetric encryption algorithm, the user to be verified can be determined to be successfully verified only through simple bit operation, the bit operation is basic operation of a computer, the time consumed for obtaining the first bit operation tree is short, and the first bit operation tree considers the first salt value of at least one device to be verified, so that the method can verify a plurality of devices to be verified of the user to be verified at one time, and the verification efficiency is remarkably improved.
The verification method applied to the block chain provided by the embodiment of the application has the following advantages:
(1) the performance advantage is as follows: compared with the traditional mode of relying on a secret key or a public and private key pair, the bit operation efficiency is the function built in a Central Processing Unit (CPU) from decades ago, so when the number of devices is large, the verification efficiency and the XOR tree reconstruction efficiency are far higher than all other schemes, including the Merkle tree-based solution variant.
(2) And (3) cracking prevention: because the value range of the second salt value of the device is the whole positive integer domain, and the hash value is generated by the second salt value of the device and the public key, it is almost impossible to crack the salt value of the device by a reverse attack, and thus, it is not practical that a certain user wants to reversely deduce the second salt value of a certain device of other users. Furthermore, the user can further improve the cracking difficulty by updating the salt value.
(3) Bit operation value (e.g., exclusive or value) collision: the result of the bit operation is a binary value, although there is some possibility of collision (the same root is obtained from different leaf nodes). However, when the number of devices is small, since the randomness of the selection of the salt value is high, the collision probability is low, and the number of bits of the second salt value is increased appropriately. And when the number of devices increases, the number of second salt values of the devices increases the entropy of the system. Once the root node is found, the node can not be verified according to the hash value, and the node can not steal the original purpose of other equipment.
Fig. 5 is a schematic structural diagram of an authentication apparatus according to an embodiment of the present application.
The application provides a verification device, includes: a determining module 501, configured to determine a root node of a first bit operation tree of a user to be verified; the root node of the first operation tree is determined according to the node information of the first operation tree and the first salt value of at least one device to be verified of the user to be verified; a leaf node of the first bit operation tree has a first mapping relation with a first salt value of the at least one device to be verified; a processing module 502, configured to determine that the user to be authenticated holds the at least one device to be authenticated if a root node of the first bit operation tree is the same as a root node of a second bit operation tree; the root node of the second bit operation tree is pre-generated according to a second salt value of at least one registered device of a registered user corresponding to the user to be verified; a second mapping relationship exists between a leaf node of the second bit operation tree and a second threshold value of the at least one registered device; each registered device corresponds to a device to be verified, and the second thresholds of any two registered devices are different.
In an optional implementation, the determining module 501 is further configured to: acquiring node information of the first bit operation tree and a first salt value of the at least one device to be verified; determining a root node of the first operation tree according to the node information of the first operation tree and the first salt value of the at least one device to be verified; generating a first hash value of each device to be verified according to the first salt value of each device to be verified in the at least one device to be verified and the public key of the device to be verified; and determining whether the first hash value of each device to be verified in the at least one device to be verified is consistent with a second hash value of a corresponding registered device in the at least one registered device, wherein the second hash value of the registered device is generated according to a second salt value of the registered device and a public key of the registered device.
In an optional implementation manner, the determining module 501 is specifically configured to: determining at least one node of the first bit operation tree according to the node information of the first bit operation tree and the first salt value of the at least one device to be verified; and determining a father node of the node according to preset XOR bit operation and each node in the at least one node and the brother node of the node until determining the root node of the first bit operation tree.
In an optional implementation manner, the determining module 501 is specifically configured to: receiving a first uplink request sent by the registered user, wherein the first uplink request is used for storing a public key of the at least one registered device and a public key of the registered user to a block chain; receiving a second uplink request sent by the registered user, wherein the second uplink request comprises the second hash value encrypted by using a private key of the registered equipment; obtaining a public key of the registered device from the blockchain and decrypting the encrypted second hash value; when the decryption is successful, storing the second hash value into the block chain; receiving a third uplink request sent by the registered user, wherein the third uplink request comprises a root node of the second bit operation tree encrypted by using a private key of the registered user; obtaining the public key of the registered user from the blockchain and decrypting the encrypted second bit operation tree; and when the decryption is successful, storing the root node of the second bit operation tree into the block chain.
In an optional implementation, the processing module 502 is further configured to: receiving an updating request sent by the registered user; the update request is used to instruct regeneration of the second hash value of the at least one registered device and/or the root node of the second bit operation tree, and is stored to the block chain again.
In an optional embodiment, the second threshold of the at least one registered device is an N-ary positive integer; n is an integer greater than 1; the processing module 502 is further configured to: determining a root node of the second bit operation tree by: acquiring at least one binary integer according to the second salt value of the at least one registered device; obtaining a binary integer corresponding to the second salt value of each registered device; determining leaf nodes of the second bit operation tree according to the at least one binary integer and the second mapping relation; the leaf nodes of the second bit operation tree comprise a first leaf node combination and a second leaf node combination; the first leaf node combination is a combination of leaf nodes in the second bit operation tree having the second mapping relation with the second threshold value of the at least one registered device; the second leaf node combination is a combination of leaf nodes in the second bit operation tree for which the second mapping relationship does not exist with the second threshold value of the at least one registered device; the leaf node values in the second leaf node combination are all 0; and generating a root node of the second bit operation tree according to the leaf node of the second bit operation tree.
The embodiment of the present application provides a computer device, which includes a program or an instruction, and when the program or the instruction is executed, the program or the instruction is used to execute the verification method applied to the blockchain and any optional method provided by the embodiment of the present application.
The embodiment of the present application provides a storage medium, which includes a program or an instruction, and when the program or the instruction is executed, the program or the instruction is used to execute a verification method applied to a blockchain and any optional method provided by the embodiment of the present application.
Finally, it should be noted that: as will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (8)
1. A verification method applied to a blockchain is characterized by comprising the following steps:
receiving a first uplink request sent by a registered user, wherein the first uplink request is used for storing a public key of at least one registered device of the registered user and the public key of the registered user to a block chain; receiving a second uplink request sent by the registered user, wherein the second uplink request comprises a second hash value encrypted by using a private key of the at least one registered device;
obtaining a public key of the at least one registered device from the blockchain and decrypting the encrypted second hash value; when the decryption is successful, storing the second hash value into the block chain; receiving a third uplink request sent by the registered user, wherein the third uplink request comprises a root node of a second bit operation tree encrypted by using a private key of the registered user;
obtaining the public key of the registered user from the blockchain and decrypting the encrypted root node of the second bit operation tree; when the decryption is successful, storing a root node of the second bit operation tree into the block chain;
acquiring node information of a first operation tree of a user to be verified and a first salt value of at least one device to be verified of the user to be verified; determining a root node of the first operation tree according to the node information of the first operation tree and the first salt value of the at least one device to be verified; a leaf node of the first bit operation tree has a first mapping relation with a first salt value of the at least one device to be verified;
generating a first hash value of each device to be verified according to the first salt value of each device to be verified in the at least one device to be verified and the public key of the device to be verified; determining whether a first hash value of each device to be verified in the at least one device to be verified is consistent with a second hash value of a corresponding registered device in the at least one registered device, wherein the second hash value of the registered device is generated according to a second salt value of the registered device and a public key of the registered device;
if the root node of the first bit operation tree is the same as the root node of the second bit operation tree, determining that the user to be verified holds the at least one device to be verified, wherein the verified times of any device to be verified do not exceed a threshold value; the root node of the second bit operation tree is pre-generated according to a second salt value of at least one registered device of a registered user corresponding to the user to be verified; a second mapping relationship exists between a leaf node of the second bit operation tree and a second threshold value of the at least one registered device; each registered device corresponds to a device to be verified, and the second thresholds of any two registered devices are different.
2. The method of claim 1, wherein determining a root node of the first bit operation tree based on the node information of the first bit operation tree and the first salt value of the at least one device to be verified comprises:
determining at least one node of the first bit operation tree according to the node information of the first bit operation tree and the first salt value of the at least one device to be verified;
and determining a father node of the node according to preset XOR bit operation and each node in the at least one node and the brother node of the node until determining the root node of the first bit operation tree.
3. The method of claim 1, wherein the method further comprises:
receiving an updating request sent by the registered user; the update request is used to instruct regeneration of the second hash value of the at least one registered device and/or the root node of the second bit operation tree, and is stored to the block chain again.
4. The method as claimed in any one of claims 1 to 3, wherein the second threshold values of the at least one registered device are each N-ary positive integers; n is an integer greater than 1; the root node of the second bit operation tree is determined by the following method, including:
acquiring at least one binary integer according to the second salt value of the at least one registered device; obtaining a binary integer corresponding to the second salt value of each registered device;
determining leaf nodes of the second bit operation tree according to the at least one binary integer and the second mapping relation; the leaf nodes of the second bit operation tree comprise a first leaf node combination and a second leaf node combination; the first leaf node combination is a combination of leaf nodes in the second bit operation tree having the second mapping relation with the second threshold value of the at least one registered device; the second leaf node combination is a combination of leaf nodes in the second bit operation tree for which the second mapping relationship does not exist with the second threshold value of the at least one registered device; the leaf node values in the second leaf node combination are all 0;
and generating a root node of the second bit operation tree according to the leaf node of the second bit operation tree.
5. An authentication apparatus, comprising:
a processing module, configured to receive a first uplink request sent by a registered user, where the first uplink request is used to store a public key of at least one registered device of the registered user and a public key of the registered user in a block chain; receiving a second uplink request sent by the registered user, wherein the second uplink request comprises a second hash value encrypted by using a private key of the at least one registered device;
obtaining a public key of the at least one registered device from the blockchain and decrypting the encrypted second hash value; when the decryption is successful, storing the second hash value into the block chain; receiving a third uplink request sent by the registered user, wherein the third uplink request comprises a root node of a second bit operation tree encrypted by using a private key of the registered user;
obtaining the public key of the registered user from the blockchain and decrypting the encrypted root node of the second bit operation tree; when the decryption is successful, storing a root node of the second bit operation tree into the block chain;
the system comprises a determining module, a judging module and a judging module, wherein the determining module is used for acquiring node information of a first operation tree of a user to be verified and a first salt value of at least one device to be verified of the user to be verified; determining a root node of the first operation tree according to the node information of the first operation tree and the first salt value of the at least one device to be verified; a leaf node of the first bit operation tree has a first mapping relation with a first salt value of the at least one device to be verified;
generating a first hash value of each device to be verified according to the first salt value of each device to be verified in the at least one device to be verified and the public key of the device to be verified; determining whether a first hash value of each device to be verified in the at least one device to be verified is consistent with a second hash value of a corresponding registered device in the at least one registered device, wherein the second hash value of the registered device is generated according to a second salt value of the registered device and a public key of the registered device;
the processing module is further configured to determine that the user to be verified holds the at least one device to be verified if a root node of the first bit operation tree is the same as a root node of the second bit operation tree, where the number of times that any device to be verified is verified does not exceed a threshold; the root node of the second bit operation tree is pre-generated according to a second salt value of at least one registered device of a registered user corresponding to the user to be verified; a second mapping relationship exists between a leaf node of the second bit operation tree and a second threshold value of the at least one registered device; each registered device corresponds to a device to be verified, and the second thresholds of any two registered devices are different.
6. The apparatus of claim 5, wherein the determination module is specifically configured to:
determining at least one node of the first bit operation tree according to the node information of the first bit operation tree and the first salt value of the at least one device to be verified;
and determining a father node of the node according to preset XOR bit operation and each node in the at least one node and the brother node of the node until determining the root node of the first bit operation tree.
7. The apparatus of claim 5, wherein the processing module is further to:
receiving an updating request sent by the registered user; the update request is used to instruct regeneration of the second hash value of the at least one registered device and/or the root node of the second bit operation tree, and is stored to the block chain again.
8. The apparatus as claimed in any one of claims 5-7, wherein the second threshold values of the at least one registered device are all N-ary positive integers; n is an integer greater than 1; the determination module is further to:
determining a root node of the second bit operation tree by:
acquiring at least one binary integer according to the second salt value of the at least one registered device; obtaining a binary integer corresponding to the second salt value of each registered device; determining leaf nodes of the second bit operation tree according to the at least one binary integer and the second mapping relation; the leaf nodes of the second bit operation tree comprise a first leaf node combination and a second leaf node combination; the first leaf node combination is a combination of leaf nodes in the second bit operation tree having the second mapping relation with the second threshold value of the at least one registered device; the second leaf node combination is a combination of leaf nodes in the second bit operation tree for which the second mapping relationship does not exist with the second threshold value of the at least one registered device; the leaf node values in the second leaf node combination are all 0;
and generating a root node of the second bit operation tree according to the leaf node of the second bit operation tree.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910668695.3A CN110351297B (en) | 2019-07-23 | 2019-07-23 | Verification method and device applied to block chain |
| PCT/CN2020/096425 WO2021012841A1 (en) | 2019-07-23 | 2020-06-16 | Verification method and device applied to blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910668695.3A CN110351297B (en) | 2019-07-23 | 2019-07-23 | Verification method and device applied to block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110351297A CN110351297A (en) | 2019-10-18 |
| CN110351297B true CN110351297B (en) | 2022-04-01 |
Family
ID=68179966
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910668695.3A Active CN110351297B (en) | 2019-07-23 | 2019-07-23 | Verification method and device applied to block chain |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN110351297B (en) |
| WO (1) | WO2021012841A1 (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110351297B (en) * | 2019-07-23 | 2022-04-01 | 深圳前海微众银行股份有限公司 | Verification method and device applied to block chain |
| CN113420084B (en) * | 2021-06-07 | 2023-09-26 | 广东辰宜信息科技有限公司 | Block chain system |
| CN113570194A (en) * | 2021-06-28 | 2021-10-29 | 北京电链科技有限公司 | Block chain-based power construction business data processing method and system |
| CN114139206B (en) * | 2021-12-06 | 2024-04-05 | 常州大学 | Multi-user heterogeneous data merging and concurrent evidence method based on blockchain privacy protection |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107682308A (en) * | 2017-08-16 | 2018-02-09 | 北京航空航天大学 | The electronic evidence preservation system for Channel Technology of being dived based on block chain |
| CN109040082A (en) * | 2018-08-10 | 2018-12-18 | 阿里巴巴集团控股有限公司 | Certification, verification method and the device of the identity content information of user |
| CN109064174A (en) * | 2018-08-09 | 2018-12-21 | 肇庆市高新区甜慕新能源技术有限公司 | A method of the registration service of particular certificate is provided on block chain |
| CN109101572A (en) * | 2018-07-17 | 2018-12-28 | 何晓行 | Card method, apparatus and server, storage medium are deposited based on block chain |
| EP3429122A1 (en) * | 2017-07-11 | 2019-01-16 | Panasonic Intellectual Property Corporation of America | Methods and apparatuses for controlling electronic voting |
| CN109903049A (en) * | 2019-03-01 | 2019-06-18 | 长沙理工大学 | A kind of block chain transaction data storage method, device, equipment and storage medium |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106548091A (en) * | 2016-10-14 | 2017-03-29 | 北京爱接力科技发展有限公司 | A kind of data deposit card, the method and device of checking |
| US11316696B2 (en) * | 2017-09-29 | 2022-04-26 | R3 Ltd. | Hash subtrees for grouping components by component type |
| CN108304737A (en) * | 2018-01-26 | 2018-07-20 | 鑫银科技集团股份有限公司 | A kind of data verification method, electronic equipment and data verification system |
| CN108737109A (en) * | 2018-05-11 | 2018-11-02 | 北京奇虎科技有限公司 | Data proof of possession method, apparatus and system |
| CN110351297B (en) * | 2019-07-23 | 2022-04-01 | 深圳前海微众银行股份有限公司 | Verification method and device applied to block chain |
-
2019
- 2019-07-23 CN CN201910668695.3A patent/CN110351297B/en active Active
-
2020
- 2020-06-16 WO PCT/CN2020/096425 patent/WO2021012841A1/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3429122A1 (en) * | 2017-07-11 | 2019-01-16 | Panasonic Intellectual Property Corporation of America | Methods and apparatuses for controlling electronic voting |
| CN107682308A (en) * | 2017-08-16 | 2018-02-09 | 北京航空航天大学 | The electronic evidence preservation system for Channel Technology of being dived based on block chain |
| CN109101572A (en) * | 2018-07-17 | 2018-12-28 | 何晓行 | Card method, apparatus and server, storage medium are deposited based on block chain |
| CN109064174A (en) * | 2018-08-09 | 2018-12-21 | 肇庆市高新区甜慕新能源技术有限公司 | A method of the registration service of particular certificate is provided on block chain |
| CN109040082A (en) * | 2018-08-10 | 2018-12-18 | 阿里巴巴集团控股有限公司 | Certification, verification method and the device of the identity content information of user |
| CN109903049A (en) * | 2019-03-01 | 2019-06-18 | 长沙理工大学 | A kind of block chain transaction data storage method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110351297A (en) | 2019-10-18 |
| WO2021012841A1 (en) | 2021-01-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11620387B2 (en) | Host attestation | |
| US11184157B1 (en) | Cryptographic key generation and deployment | |
| CN108292402B (en) | Determination of a common secret and hierarchical deterministic keys for the secure exchange of information | |
| CN110351297B (en) | Verification method and device applied to block chain | |
| KR101999188B1 (en) | Secure personal devices using elliptic curve cryptography for secret sharing | |
| US10243939B2 (en) | Key distribution in a distributed computing environment | |
| US10129034B2 (en) | Signature delegation | |
| CN111639361A (en) | Block chain key management method, multi-person common signature method and electronic device | |
| EP3375129B1 (en) | Method for re-keying an encrypted data file | |
| US10230525B2 (en) | Public key rollup for merkle tree signature scheme | |
| CN109274503A (en) | Distributed collaboration endorsement method and distributed collaboration signature apparatus, soft shield system | |
| CN109003083A (en) | A kind of ca authentication method, apparatus and electronic equipment based on block chain | |
| CN105162583B (en) | A kind of single, single-stage and multistage key pair dispersing method and its system | |
| WO2015116288A2 (en) | Authenticatable device | |
| US10237249B2 (en) | Key revocation | |
| CN110971411B (en) | SM2 homomorphic signature method for encrypting private key by multiplying based on SOTP technology | |
| TWI597960B (en) | Key splitting | |
| CN116830523A (en) | threshold key exchange | |
| CN110557247B (en) | Identity-based blockchain method and system | |
| JP5511803B2 (en) | Techniques for performing symmetric cryptography | |
| Abo-Alian et al. | Auditing-as-a-service for cloud storage | |
| WO2018119293A1 (en) | Key distribution in a distributed computing environment | |
| Buchovecká et al. | Symmetric and asymmetric schemes for lightweight secure communication | |
| CN113362065A (en) | Online signature transaction implementation method based on distributed private key | |
| CN110969431A (en) | Safe trusteeship method, equipment and system of block chain digital currency private key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |