CN110391904B - Account registration method, client, server and system - Google Patents

Account registration method, client, server and system Download PDF

Info

Publication number
CN110391904B
CN110391904B CN201910677009.9A CN201910677009A CN110391904B CN 110391904 B CN110391904 B CN 110391904B CN 201910677009 A CN201910677009 A CN 201910677009A CN 110391904 B CN110391904 B CN 110391904B
Authority
CN
China
Prior art keywords
character string
client
server
target character
operation result
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910677009.9A
Other languages
Chinese (zh)
Other versions
CN110391904A (en
Inventor
林正显
肖俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Huaduo Network Technology Co Ltd
Original Assignee
Guangzhou Huaduo Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Huaduo Network Technology Co Ltd filed Critical Guangzhou Huaduo Network Technology Co Ltd
Priority to CN201910677009.9A priority Critical patent/CN110391904B/en
Publication of CN110391904A publication Critical patent/CN110391904A/en
Application granted granted Critical
Publication of CN110391904B publication Critical patent/CN110391904B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Information Transfer Between Computers (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention provides an account registration method, a client, a server and a system, wherein the method comprises the following steps: the client generates a UID, a public key and a private key; sending a registration message carrying the UID and the public key to a server; receiving a challenge character string and a target character string fed back by a server; based on the nonce value, the challenge character string, the UID and the public key, performing hash operation to obtain an operation result; if the first n-bit hash value of the operation result is equal to the target character string; sending the nonce value to a server, and enabling the server to carry out hash operation based on the nonce value to obtain a server operation result; and receiving a feedback message fed back by the server and used for indicating the successful registration. In the scheme, when the client registers the account, the client needs to consume own computing resources to perform hash operation, so as to obtain an operation result. Only if the operation result is equal to the target character string, the account can be successfully registered, so that the client cannot register a large number of accounts in a short time.

Description

Account registration method, client, server and system
Technical Field
The invention relates to the technical field of communication, in particular to an account registration method, a client, a server and a system.
Background
With the development of internet technology, more and more communication software is being developed. The user needs to register their account in the communication software and can use the communication software through the account. However, some users usually register a large number of accounts in a short time for some bad purpose, and therefore it is necessary to suppress users from registering a large number of accounts in a short time.
At present, a method for restraining a user from registering a large number of accounts in a short time is as follows: when a user registers an account, the user can complete the registration of the account in the form of short message verification or mailbox verification according to the mobile phone number or mailbox of the user, so that the user is prevented from registering a large number of accounts in a short time. However, when a user registers an account by using a telephone number or a mailbox, personal information such as the telephone number or the mailbox is easily leaked, and privacy is poor.
The current society is a society with high attention to personal privacy, most users are unwilling to provide personal telephone numbers or mailboxes when registering accounts, and the users cannot be restrained from registering mass accounts in a short time under the condition of not using the personal telephone numbers or mailboxes to register the accounts at present.
Disclosure of Invention
In view of this, embodiments of the present invention provide an account registration method, a client, a server, and a system, so as to solve the problem that a user cannot be inhibited from registering a large number of accounts in a short time under the condition that the account is not registered using a personal telephone number or a mailbox at present.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
the first aspect of the embodiments of the present invention discloses an account registration method, which is applicable to a client, and the method includes:
the client generates a user identifier UID, a public key and a private key;
sending a registration message carrying the UID and the public key to a server;
receiving a challenge character string and a target character string fed back by the server;
based on a nonce value, the challenge character string, the UID and a public key, performing hash operation to obtain an operation result, wherein the nonce value is generated by the client;
judging whether the first n-bit hash value of the operation result is equal to the target character string;
if so, sending the nonce value to the server, and enabling the server to perform the hash operation based on the nonce value to obtain a server operation result;
if not, taking the nonce value after increasing m as the adjusted nonce value, and returning to the step of executing the hash operation, wherein m is an integer greater than or equal to 1;
and receiving a feedback message which is fed back by the server and used for indicating successful registration, wherein the feedback message is generated after the server determines that the first n-bit hash value of the operation result of the server is equal to the target character string.
A second aspect of the present invention discloses an account registration method, which is applicable to a server, and includes:
the server receives a registration message which is sent by the client and carries a user identifier UID and a public key;
the server determines the length of a target character string to be generated, and generates a challenge character string and the target character string;
sending the challenge character string and the target character string to the client, enabling the client to carry out hash operation based on a nonce value, the challenge character string, a public key and a UID to obtain an operation result, and comparing a first n-bit hash value of the operation result with the target character string;
receiving a nonce value sent by the client, and performing the hash operation based on the nonce value to obtain a server operation result;
and comparing whether the first n-bit hash value of the server operation result is equal to the target character string, and if so, generating and sending a feedback message for indicating successful registration to the client.
Preferably, the server determines the length of the target character string to be generated, including:
judging whether the number of times of sending the registration message by the client in a first preset time is greater than a first threshold value or not;
if yes, increasing a preset length on the basis of the target character string, and determining the length of the target character string to be generated.
Preferably, the method further comprises:
judging whether the total times of the registration messages sent by all the clients in the second preset time is greater than a second threshold value or not;
if yes, increasing the preset length on the basis of the target character strings needing to be sent to all the clients;
if not, judging whether the length of the target character string sent to the client is greater than the default length or not for each client in all the clients;
and if the length of the target character string sent to the client is larger than the default length, reducing the preset length on the basis of the target character string needing to be sent to the client.
A third aspect of the embodiments of the present invention discloses a client, where the client includes:
the generating unit is used for generating a user identifier UID, a public key and a private key;
the sending unit is used for sending a registration message carrying the UID and the public key to a server;
the first receiving unit is used for receiving the challenge character string and the target character string fed back by the server;
the computing unit is used for carrying out hash operation on the basis of a nonce value, the challenge character string, the UID and a public key to obtain a computing result, wherein the nonce value is generated by the client;
the judging unit is used for judging whether the first n-bit hash value of the operation result is equal to the target character string or not, if so, the uploading unit is executed, and if not, the adjusting unit is executed;
the uploading unit is used for sending the nonce value to the server, so that the server performs the hash operation based on the nonce value to obtain a server operation result;
the adjusting unit is used for taking the nonce value after increasing m as the adjusted nonce value and returning to the execution unit, wherein m is an integer greater than or equal to 1;
and the second receiving unit is used for receiving a feedback message which is fed back by the server and used for indicating successful registration, wherein the feedback message is generated after the server determines that the hash value of the first n bits of the operation result of the server is equal to the target character string.
A fourth aspect of the present invention discloses a server, including:
the receiving unit is used for receiving a registration message which is sent by the client and carries the user identifier UID and the public key;
the system comprises a determining unit, a generating unit and a processing unit, wherein the determining unit is used for determining the length of a target character string to be generated and generating a challenge character string and the target character string;
the issuing unit is used for sending the challenge character string and the target character string to the client, so that the client performs hash operation based on a nonce value, the challenge character string, a public key and a User Identification (UID) to obtain an operation result, and compares the first n-bit hash value of the operation result with the target character string;
the processing unit is used for receiving a nonce value sent by the client and carrying out the hash operation based on the nonce value to obtain a server operation result;
and the feedback unit is used for comparing whether the first n-bit hash value of the server operation result is equal to the target character string or not, and if so, generating and sending a feedback message for indicating successful registration to the client.
Preferably, the determination unit includes:
the judging module is used for judging whether the times of sending the registration message by the client in a first preset time is greater than a first threshold value or not, and if so, the adjusting module is executed;
and the adjusting module is used for increasing a preset length on the basis of the target character string and determining the length of the target character string to be generated.
A fifth aspect of the present invention discloses an account registration system, including: a client disclosed in the third aspect of the embodiment of the present invention and a server disclosed in the fourth aspect of the embodiment of the present invention.
A sixth aspect of the present embodiment of the present invention discloses an electronic device, where the electronic device is configured to run a program, where the program executes an account registration method disclosed in the first aspect of the present embodiment of the present invention when running, or executes an account registration method disclosed in the second aspect of the present embodiment of the present invention when running.
A seventh aspect of the present embodiment discloses a storage medium, where the storage medium includes a stored program, and when the program runs, a device in which the storage medium is located is controlled to execute an account registration method disclosed in the first aspect of the present embodiment, or execute an account registration method disclosed in the second aspect of the present embodiment.
Based on the account registration method, the client, the server and the system provided by the embodiment of the invention, the method comprises the following steps: the client generates a User identification (User ID, UID), a public key and a private key; sending a registration message carrying the UID and the public key to a server; receiving a challenge character string and a target character string fed back by a server; based on the nonce value, the challenge character string, the UID and the public key, carrying out hash (hash) operation to obtain an operation result; judging whether the first n-bit hash value of the operation result is equal to the target character string; if so, sending the nonce value to the server, and enabling the server to carry out hash operation based on the nonce value to obtain a server operation result; if not, taking the nonce value after the increase of m as the adjusted nonce value, and returning to the step of executing the hash operation; and receiving a feedback message fed back by the server and used for indicating the successful registration. In the scheme, when the client registers the account, the client needs to consume own computing resources to perform hash operation, so as to obtain an operation result. And the account can be successfully registered only if the first n bits of the operation result are equal to the target character string. Because the computing resources of the client are limited, part of the computing resources of the client are occupied when the account is registered every time, so that the client cannot register a large number of accounts in a short time.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of an account registration method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of an account registration method according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating a method for adjusting a target string length by a server according to an embodiment of the present invention;
FIG. 4 is another flowchart of the server adjusting the length of the target string according to the embodiment of the present invention;
fig. 5 is a block diagram of a client according to an embodiment of the present invention;
fig. 6 is a block diagram of a server according to an embodiment of the present invention;
fig. 7 is a block diagram of another server according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In this application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
As known from the background art, most users are unwilling to provide a personal phone number or a mailbox when registering an account, and currently, the users cannot be restrained from registering a large amount of accounts in a short time under the condition of not using the personal phone number or the mailbox to register the account.
Therefore, the embodiment of the invention provides an account registration method, a client, a server and a system, wherein when the client registers an account, the client needs to consume own computing resources to perform hash operation to obtain an operation result. And the account can be successfully registered only if the first n bits of the operation result are equal to the target character string, so that the client cannot register a large number of accounts in a short time.
Referring to fig. 1, a flowchart of an account registration method provided in an embodiment of the present invention is shown, where the method includes the following steps:
step S101: the client generates a UID, a public key, and a private key.
In the specific implementation process of step S101, when a user registers an account through a client, the client generates a globally unique UID and public and private key pair. And the public and private key pair is a public key and a private key.
Step S102: and the client sends a registration message carrying the UID and the public key to a server.
In the process of implementing step S102 specifically, when the user registers an account through the client, the client needs to send a registration message to the server. And when the client sends a registration message to the server, carrying the UID and the public key in the registration message and sending the registration message to the server.
Step S103: the server determines the length of a target character string to be generated, and generates a challenge character string and the target character string.
In the process of implementing step S103 specifically, when the server receives the registration message carrying the UID and the public key, the server randomly generates a challenge character string and a target character string, and issues the challenge character string and the target character string to the client. However, since the server adjusts the length of the target character string, the server needs to determine the length of the target character string to be generated before randomly generating the target character string. The server adjusts the length of the target character string in two ways, including but not limited to:
the first method is as follows: and when receiving a registration message carrying the UID and the public key, the server judges whether the number of times of sending the registration message by the client in a first preset time is greater than a first threshold value, namely whether the client registers a large number of account numbers in a short time. If yes, increasing a preset length on the basis of the target character string, and determining the length of the target character string to be generated.
In a specific implementation, the server determines whether the number of times of the registration message sent by the IP address within a first preset time is greater than a first threshold according to the IP address of the client. If yes, increasing a preset length on the basis of the target character string, and determining the length of the target character string to be generated. For example: when a client A sends a registration message to a server, the server judges whether the number of times that the registration message is sent by an IP address corresponding to the client A in 1 minute is more than 10, if not, the server randomly generates a target character string with the length of 10, and if so, the server randomly generates the target character string with the length of 10+ 1-11.
The second method comprises the following steps: and the server judges whether the total times of the registration messages sent by all the clients in the second preset time is greater than a second threshold value. If so, increasing the preset length on the basis of the target character strings needing to be sent to all the clients, and if not, judging whether the length of the target character strings sent to the clients is greater than the default length or not aiming at each client in all the clients; and if the length of the target character string sent to the client is larger than the default length, reducing the preset length on the basis of the target character string needing to be sent to the client.
It should be noted that the server periodically executes the second method.
In a specific implementation, the server monitors the total number of times of the registration messages sent by all the clients in real time, if the total number of times is greater than the second threshold, it is indicated that the clients register a large number of accounts in a short time, and the server needs to adjust the length of the target character string.
Step S104: and the server sends the challenge character string and the target character string to the client.
In the process of implementing step S104 specifically, after the server randomly generates the challenge character string and the target character string, the challenge character string and the target character string need to be sent to the client, so that the client performs a hash operation.
Step S105: and the client performs hash operation based on the nonce value, the challenge character string, the UID and the public key to obtain an operation result.
It should be noted that the nonce value is generated by the client, for example: and the client sets the initial value of the nonce value to 0.
In the process of specifically implementing step S105, the client merges the nonce value, the challenge string, the UID, and the public key into one string, and performs a one-way hash operation using the string as an input of a hash function to obtain an operation result.
Step S106: and the client judges whether the first n-bit hash value of the operation result is equal to the target character string. If yes, go to step S107, otherwise go to step S108.
In the process of implementing step S106 specifically, the client compares whether the first n bits in the operation result are equal to the target character string, and if so, sends the nonce value for calculating the operation result to the server. And if not, the client increases the current nonce value by m to obtain the adjusted nonce value. And the client uses the adjusted nonce value to perform hash operation again until the first n bits in the operation result are equal to the target character string, and sends the nonce value for calculating the operation result to the server. For example: in the first hash operation, the nonce value is 0, the client performs the hash operation by using the nonce value with the value of 0 to obtain a first operation result, and the first 3 bits of the first operation result are not equal to the target character string. And the client adds 1 to the nonce value, namely, the nonce value is adjusted to 1. In the second hash operation, the client performs the hash operation by using the nonce value with the value of 1 to obtain a second operation result, the first 3 bits of the second operation result are equal to the target character string, and the client sends the nonce value with the value of 1 to the server.
It should be noted that, when the client performs the hash operation, the client needs to consume its own computing resources, and as can be seen from the above, the client needs to calculate a subsequent step in which the previous n bits of the computing result equal to the target character string can continue to register the account, where the value of n is the length of the target character string, and the larger the value of n is, the more computing resources are consumed when the client performs the hash operation. Therefore, as can be seen from the content shown in step S103, the server can control the computing resources consumed by the client when registering an account by adjusting the length of the target character string, so as to prevent the client from registering a large number of accounts in a short time.
Step S107: the client sends the nonce value to the server, and executes step S109.
Step S108: and the client adds the nonce value after m as the adjusted nonce value and returns to execute the step S105.
Step S109: and the server performs the hash operation based on the nonce value to obtain a server operation result.
In the process of implementing step S109, as can be seen from the foregoing, the client sends a registration message carrying the UID and the public key to the server. After the server receives the nonce value sent by the client, the server calculates the nonce value, the UID, the public key and the challenge character string by adopting the hash algorithm same as that of the client, and further determines whether the first n bits of the operation result calculated by the client are equal to the target character string.
Step S110: and the server compares whether the first n-bit hash value of the server operation result is equal to the target character string, if so, executes the step S111, and if not, executes the step S112.
In the process of implementing step S110 specifically, if the first n bits of the server operation result are equal to the target character string, the server determines that the first n bits of the operation result calculated by the client are equal to the target character string. And the server records the registration message which is sent by the client and carries the UID and the public key, and sends a feedback message for indicating successful registration to the client. And if the first n bits of the server operation result are not equal to the target character string, the server generates and sends a feedback message for indicating the registration failure to the client.
Step S111: and the server generates and sends a feedback message for indicating successful registration to the client.
Step S112: the server generates and sends a feedback message indicating registration failure to the client.
In the embodiment of the invention, when the client registers the account, the client consumes own computing resources to carry out hash operation according to the nonce value, the public key, the UID and the challenge character string to obtain an operation result. When the first n bits of the operation result are equal to the target character string, the client sends the nonce value to the server, the server further determines that the first n bits of the operation result calculated by the client are equal to the target character string according to the nonce value, the server records the UID, the public key and other messages, and feeds back a feedback message for indicating successful registration to the client. Because the computing resources of the client are limited, part of the computing resources of the client are occupied when the account is registered every time, so that the client cannot register a large number of accounts in a short time.
To better explain the registration method in fig. 1 according to the above embodiment of the present invention, a flow chart of an account registration method shown in fig. 2 is used for example, where fig. 2 includes the following steps:
step S201: the client generates a UID and public-private key pair.
Step S202: the client registers the UID and public key with the server.
In the process of implementing step S202 specifically, the client sends a registration message carrying the UID and the public key to the server.
Step S203: the server sends a challenge string (challenge) and a target string (target) to the client.
In the process of implementing step S203 specifically, the server randomly generates the challenge character string and the target character string, and sends the challenge character string and the target character string to the client.
Step S204: and the client combines the UID, the public key, the challenge character string and the nonce value into a character string and carries out hash operation based on the character string to obtain a hash value.
Step S205: and the client determines whether the first n bits of the hash value are equal to the target character string, if so, executes step S207, and if not, executes step S206.
Step S206: the nonce value is incremented by 1 and the execution returns to step S204.
Step S207: and the client reports the nonce value to the server.
Step S208: the server performs hash operation based on the UID, the public key, the challenge string, and the nonce value.
Step S209: and the server judges whether the first n bits of the hash value obtained by self calculation are equal to the target character string, if so, the client registers the account successfully, and if not, the client registers the account unsuccessfully.
It should be noted that, the content of each step in the above embodiment of the present invention in fig. 1 can be referred to as an execution principle of step S201 to step S209, and is not described again here.
To better explain the process of adjusting the target character string by the server involved in step S103 in fig. 1 in the above embodiment of the present invention, the process is exemplified by the contents shown in fig. 3 and fig. 4.
Referring to fig. 3, a flowchart illustrating a server adjusting a length of a target string according to an embodiment of the present invention is shown, where fig. 3 includes the following steps:
step S301: the server sets the length of a target character string needing to be matched with a certain IP address registered account number as a default length.
Step S302: when the IP address sends a registration request to the server, the server determines whether the registration request sent by the IP address is greater than a threshold value in a unit time, and if so, executes step S103.
Step S303: and the server adds 1 to the length of a target character string to be matched with the IP address registration account.
Referring to fig. 4, another flowchart of the server adjusting the length of the target character string according to an embodiment of the present invention is shown, where fig. 4 includes the following steps:
step S401: the server determines whether an account registration request sent in a unit time of the whole system is larger than a threshold value, if so, executes step S402, and if not, executes step S403.
In the process of implementing step S401, it should be noted that the whole system refers to an instant messaging system.
Step S402: and the server adds 1 to the lengths of target character strings needing to be matched with all client registered accounts.
Step S403: the server judges whether the length of a target character string needing to be matched with each client registration account is larger than a default length.
Step S404: and for the client with the length of the target character string needing to be matched with the registered account number being greater than the default length, subtracting 1 from the length of the target character string needing to be matched with the registered account number of the client.
In the embodiment of the invention, when the client registers the account, the client consumes own computing resources to carry out hash operation according to the nonce value, the public key, the UID and the challenge character string to obtain an operation result. When the first n bits of the operation result are equal to the target character string, the client sends the nonce value to the server, the server further determines that the first n bits of the operation result calculated by the client are equal to the target character string according to the nonce value, the server records the UID, the public key and other messages, and feeds back a feedback message for indicating successful registration to the client. Because the computing resources of the client are limited, part of the computing resources of the client are occupied when the account is registered every time, so that the client cannot register a large number of accounts in a short time.
Corresponding to the account registration method provided in the embodiment of the present invention, referring to fig. 5, an embodiment of the present invention further provides a structural block diagram of a client, where the client includes: generation section 501, transmission section 502, first reception section 503, calculation section 504, determination section 505, upload section 506, adjustment section 507, and second reception section 508.
The generating unit 501 is configured to generate the UID, the public key, and the private key.
A sending unit 502, configured to send a registration message carrying the UID and the public key to a server.
A first receiving unit 503, configured to receive the challenge character string and the target character string fed back by the server.
And an operation unit 504, configured to perform hash operation to obtain an operation result based on a nonce value, the challenge string, the UID, and the public key, where the nonce value is generated by the client. The process of calculating the operation result is referred to the corresponding content in step S105 of fig. 1 in the above embodiment of the present invention.
A determining unit 505, configured to determine whether the first n-bit hash value of the operation result is equal to the target character string, if so, execute the uploading unit 506, and if not, execute the adjusting unit 507. A process of determining whether the first n bits of the operation result are equal to the target character string, see the corresponding content in step S106 in fig. 1 in the embodiment of the present invention.
The uploading unit 506 is configured to send the nonce value to the server, so that the server performs the hash operation based on the nonce value to obtain a server operation result.
The adjusting unit 507 is configured to use the nonce value after being incremented by m as the adjusted nonce value, and return to execute the operation unit 504, where m is an integer greater than or equal to 1.
A second receiving unit 508, configured to receive a feedback message, which is fed back by the server and used to indicate that the registration is successful, where the feedback message is generated after the server determines that a hash value of the first n bits of the server operation result is equal to the target character string.
In the embodiment of the invention, when the client registers the account, the client needs to consume own computing resources to carry out hash operation, so as to obtain an operation result. And the account can be successfully registered only if the first n bits of the operation result are equal to the target character string. Because the computing resources of the client are limited, part of the computing resources of the client are occupied when the account is registered every time, so that the client cannot register a large number of accounts in a short time.
Corresponding to the account registration method provided in the embodiment of the present invention, referring to fig. 6, an embodiment of the present invention further provides a structural block diagram of a service, where the server includes: a receiving unit 601, a determining unit 602, a sending unit 603, a processing unit 604 and a feedback unit 605;
the receiving unit 601 is configured to receive a registration message that carries the UID and the public key and is sent by the client.
The determining unit 602 is configured to determine a length of a target character string to be generated, and generate a challenge character string and the target character string. The process of determining the length of the target character string is described in the above embodiment of the present invention in step S103 in fig. 1.
The issuing unit 603 is configured to send the challenge character string and the target character string to the client, so that the client performs hash operation based on the nonce value, the challenge character string, the public key, and the UID to obtain an operation result, and compares the first n-bit hash value of the operation result with the target character string.
And the processing unit 604 is configured to receive a nonce value sent by the client, and perform the hash operation based on the nonce value to obtain a server operation result.
A feedback unit 605, configured to compare whether the first n-bit hash value of the server operation result is equal to the target character string, and if so, generate and send a feedback message indicating that the registration is successful to the client. A process of comparing whether the first n bits of the server operation result are equal to the target character string, see the corresponding content in step S110 in fig. 1 in the embodiment of the present invention.
In the embodiment of the invention, when the client sends the registration request to the server, the server sends the randomly generated target character string and the challenge character string to the client. And the server further determines that the first n bits of the operation result obtained by the calculation of the client are equal to the target character string according to the nonce value fed back by the client. And the server records the UID, the public key and other messages and feeds back a feedback message for indicating successful registration to the client. Because the computing resources of the client are limited, part of the computing resources of the client are occupied when the account is registered every time, so that the client cannot register a large number of accounts in a short time.
Referring to fig. 7 in conjunction with fig. 6, a block diagram of a server according to an embodiment of the present invention is shown, where the determining unit 602 includes:
a determining module 6021, configured to determine whether the number of times that the client sends the registration message within a first preset time is greater than a first threshold, and if so, execute the adjusting module 6022.
The adjusting module 6022 is configured to increase a preset length on the basis of the target character string, and determine the length of the target character string to be generated.
Preferably, with reference to fig. 7, a server provided in an embodiment of the present invention further includes:
and the monitoring unit is used for judging whether the total times of the registration messages sent by all the clients in the second preset time is greater than a second threshold value. If so, increasing the preset length on the basis of the target character strings needing to be sent to all the clients, and if not, judging whether the length of the target character strings sent to the clients is larger than the default length or not aiming at each client in all the clients. And if the length of the target character string sent to the client is larger than the default length, reducing the preset length on the basis of the target character string needing to be sent to the client.
In the embodiment of the invention, when the server receives the registration message sent by the client, the length of the target character string to be sent to the client is adjusted according to the number of times of the registration message sent by the client in the first preset time. The server monitors the times of the registration messages sent by all the clients in real time, and adjusts the length of the target character strings to be sent to all the clients according to the times. Therefore, the computing resources required to be consumed when the client registers the account are adjusted, and the client cannot register a large number of accounts in a short time.
Preferably, corresponding to the account registration method shown in the above embodiment of the present invention, an embodiment of the present invention further provides an account registration system, where the system includes: a client and a server. The implementation principle of the client is referred to in the above embodiment of the present invention, and the implementation principle of the server is referred to in the above embodiments of the present invention, fig. 5, and fig. 6 and fig. 7.
Based on the account registration system disclosed by the embodiment of the invention, the modules can be realized by an electronic device consisting of a processor and a memory. The method specifically comprises the following steps: the modules are stored in the memory as program units, and the processor executes the program units stored in the memory to realize account registration.
The processor comprises a kernel, and the kernel calls a corresponding program unit from the memory. The kernel can set one or more than one, and account registration is realized by adjusting kernel parameters.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
Further, an embodiment of the present invention provides a processor, where the processor is configured to execute a program, where the program executes an account registration method when running.
Further, an embodiment of the present invention provides an electronic device, where the electronic device includes a processor, a memory, and a program stored in the memory and capable of running on the processor, and when the processor executes the program, the account registration method shown in any of the above embodiments is implemented.
The equipment disclosed in the embodiment of the invention can be a PC, a PAD, a mobile phone and the like.
Further, an embodiment of the present invention provides a storage medium, on which a program is stored, where the program, when executed by a processor, implements account registration.
The present application further provides a computer program product adapted to perform, when executed on a data processing device, initializing an account registration method as shown in any of the above embodiments.
In summary, embodiments of the present invention provide an account registration method, a client, a server, and a system, where the method includes: the client generates a UID, a public key and a private key; sending a registration message carrying the UID and the public key to a server; receiving a challenge character string and a target character string fed back by a server; based on the nonce value, the challenge character string, the UID and the public key, performing hash operation to obtain an operation result; judging whether the first n-bit hash value of the operation result is equal to the target character string; if so, sending the nonce value to the server, and enabling the server to carry out hash operation based on the nonce value to obtain a server operation result; if not, taking the nonce value after the increase of m as the adjusted nonce value, and returning to the step of executing the hash operation; and receiving a feedback message fed back by the server and used for indicating the successful registration. In the scheme, when the client registers the account, the client needs to consume own computing resources to perform hash operation, so as to obtain an operation result. And the account can be successfully registered only if the first n bits of the operation result are equal to the target character string. Because the computing resources of the client are limited, part of the computing resources of the client are occupied when the account is registered every time, so that the client cannot register a large number of accounts in a short time.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are only illustrative, wherein the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. An account registration method is applicable to a client, and comprises the following steps:
the client generates a user identifier UID, a public key and a private key;
sending a registration message carrying the UID and the public key to a server;
receiving a challenge character string and a target character string fed back by the server;
based on a nonce value, the challenge character string, the UID and a public key, performing hash operation to obtain an operation result, wherein the nonce value is generated by the client;
judging whether the first n-bit hash value of the operation result is equal to the target character string;
if so, sending the nonce value to the server, and enabling the server to perform the hash operation based on the nonce value to obtain a server operation result;
if not, taking the nonce value after increasing m as the adjusted nonce value, and returning to the step of executing the hash operation, wherein m is an integer greater than or equal to 1;
and receiving a feedback message which is fed back by the server and used for indicating successful registration, wherein the feedback message is generated after the server determines that the first n-bit hash value of the operation result of the server is equal to the target character string.
2. An account registration method is applicable to a server, and comprises the following steps:
the server receives a registration message which is sent by the client and carries a user identifier UID and a public key;
the server determines the length of a target character string to be generated, and generates a challenge character string and the target character string;
sending the challenge character string and a target character string to the client, enabling the client to carry out Hash hash operation based on a nonce value, the challenge character string, a public key and a UID to obtain an operation result, and comparing a first n-bit hash value of the operation result with the target character string, wherein if the first n-bit hash value of the operation result is equal to the target character string, the client sends the nonce value to the server, and if the first n-bit hash value of the operation result is not equal to the target character string, the client increases a nonce value after m as an adjusted nonce value and returns to the step of executing the hash operation, wherein m is an integer greater than or equal to 1;
receiving a nonce value sent by the client, and performing the hash operation based on the nonce value sent by the client to obtain a server operation result;
and comparing whether the first n-bit hash value of the server operation result is equal to the target character string, and if so, generating and sending a feedback message for indicating successful registration to the client.
3. The method of claim 2, wherein the server determines the length of the target string to be generated, comprising:
judging whether the number of times of sending the registration message by the client in a first preset time is greater than a first threshold value or not;
if yes, increasing a preset length on the basis of the target character string, and determining the length of the target character string to be generated.
4. A method according to claim 2 or 3, characterized in that the method further comprises:
judging whether the total times of the registration messages sent by all the clients in the second preset time is greater than a second threshold value or not;
if yes, increasing a preset length on the basis of target character strings needing to be sent to all clients;
if not, judging whether the length of the target character string sent to the client is greater than the default length or not for each client in all the clients;
and if the length of the target character string sent to the client is larger than the default length, reducing the preset length on the basis of the target character string needing to be sent to the client.
5. A client, the client comprising:
the generating unit is used for generating a user identifier UID, a public key and a private key;
the sending unit is used for sending a registration message carrying the UID and the public key to a server;
the first receiving unit is used for receiving the challenge character string and the target character string fed back by the server;
the computing unit is used for carrying out hash operation on the basis of a nonce value, the challenge character string, the UID and a public key to obtain a computing result, wherein the nonce value is generated by the client;
the judging unit is used for judging whether the first n-bit hash value of the operation result is equal to the target character string or not, if so, the uploading unit is executed, and if not, the adjusting unit is executed;
the uploading unit is used for sending the nonce value to the server, so that the server performs the hash operation based on the nonce value to obtain a server operation result;
the adjusting unit is used for taking the nonce value after increasing m as the adjusted nonce value and returning to the execution unit, wherein m is an integer greater than or equal to 1;
and the second receiving unit is used for receiving a feedback message which is fed back by the server and used for indicating successful registration, wherein the feedback message is generated after the server determines that the hash value of the first n bits of the operation result of the server is equal to the target character string.
6. A server, characterized in that the server comprises:
the receiving unit is used for receiving a registration message which is sent by the client and carries the user identifier UID and the public key;
the system comprises a determining unit, a generating unit and a processing unit, wherein the determining unit is used for determining the length of a target character string to be generated and generating a challenge character string and the target character string;
a sending unit, configured to send the challenge character string and a target character string to the client, so that the client performs a hash operation based on a nonce value, the challenge character string, a public key and a UID to obtain an operation result, and compares a first n-bit hash value of the operation result with the target character string, where if the first n-bit hash value of the operation result is equal to the target character string, the client sends the nonce value to the server, and if the first n-bit hash value of the operation result is not equal to the target character string, the client increases a nonce value by m, which is an adjusted nonce value, and returns to execute the hash operation, where m is an integer greater than or equal to 1;
the processing unit is used for receiving the nonce value sent by the client and carrying out the hash operation based on the nonce value sent by the client to obtain a server operation result;
and the feedback unit is used for comparing whether the first n-bit hash value of the server operation result is equal to the target character string or not, and if so, generating and sending a feedback message for indicating successful registration to the client.
7. The server according to claim 6, wherein the determining unit includes:
the judging module is used for judging whether the times of sending the registration message by the client in a first preset time is greater than a first threshold value or not, and if so, the adjusting module is executed;
and the adjusting module is used for increasing a preset length on the basis of the target character string and determining the length of the target character string to be generated.
8. An account registration system, comprising: the client of claim 5 and the server of any of claims 6-7.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of claim 1 when executing the program or implements the method of any one of claims 2 to 4 when executing the program.
10. A storage medium comprising a stored program, wherein the program when executed by a processor implements the method of claim 1 or wherein the program when executed by a processor implements the method of any one of claims 2 to 4.
CN201910677009.9A 2019-07-25 2019-07-25 Account registration method, client, server and system Active CN110391904B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910677009.9A CN110391904B (en) 2019-07-25 2019-07-25 Account registration method, client, server and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910677009.9A CN110391904B (en) 2019-07-25 2019-07-25 Account registration method, client, server and system

Publications (2)

Publication Number Publication Date
CN110391904A CN110391904A (en) 2019-10-29
CN110391904B true CN110391904B (en) 2020-10-27

Family

ID=68287360

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910677009.9A Active CN110391904B (en) 2019-07-25 2019-07-25 Account registration method, client, server and system

Country Status (1)

Country Link
CN (1) CN110391904B (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9807092B1 (en) * 2013-07-05 2017-10-31 Dcs7, Llc Systems and methods for classification of internet devices as hostile or benign
US20170116693A1 (en) * 2015-10-27 2017-04-27 Verimatrix, Inc. Systems and Methods for Decentralizing Commerce and Rights Management for Digital Assets Using a Blockchain Rights Ledger
CN108881310B (en) * 2018-08-15 2020-05-19 飞天诚信科技股份有限公司 Registration system and working method thereof
CN109150546A (en) * 2018-09-07 2019-01-04 全链通有限公司 The method for realizing the registration of block chain system of real name based on phone number

Also Published As

Publication number Publication date
CN110391904A (en) 2019-10-29

Similar Documents

Publication Publication Date Title
JP6800147B2 (en) Methods, devices, terminals and servers for verifying the security of service operations
US9973513B2 (en) Method and apparatus for communication number update
CN107666470B (en) Verification information processing method and device
AU2004285255A1 (en) Methods and apparatus for providing application credentials
EP3465510B1 (en) Account verification in deferred provisioning systems
CN110417920B (en) Message pushing method, device, equipment and storage medium
US20100145951A1 (en) Methods for establishing legitimacy of communications
JP2023518662A (en) Verifying cryptographically secure claims
CN112035763A (en) Information processing method, device and system, electronic equipment and storage medium
GB2582877A (en) Multifactor authentication
CN107294931B (en) Method and apparatus for adjusting restricted access frequency
WO2019047345A1 (en) Method of generating one-time password sending policy, and one-time password sending method
CN110955905A (en) Block chain based asset transfer method, device, equipment and readable storage medium
CN110391904B (en) Account registration method, client, server and system
CN108111591A (en) The method, apparatus and computer readable storage medium of PUSH message
CN114144993A (en) Protecting integrity of client device communications
GB2582878A (en) Multifactor authentication
CN111835523B (en) Data request method, system and computing device
WO2023214975A1 (en) Privacy-preserving and secure application install attribution
US11075911B2 (en) Group-based treatment of network addresses
CN108494805B (en) CC attack processing method and device
KR102562178B1 (en) Prevention of data manipulation of communication network measurements and protection of user privacy
CN113225348B (en) Request anti-replay verification method and device
CN109150919B (en) Network attack prevention method and network equipment
JP4958225B2 (en) Request reception method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
EE01 Entry into force of recordation of patent licensing contract
EE01 Entry into force of recordation of patent licensing contract

Application publication date: 20191029

Assignee: GUANGZHOU CUBESILI INFORMATION TECHNOLOGY Co.,Ltd.

Assignor: GUANGZHOU HUADUO NETWORK TECHNOLOGY Co.,Ltd.

Contract record no.: X2021980000151

Denomination of invention: An account registration method, client, server and system

Granted publication date: 20201027

License type: Common License

Record date: 20210107