CN110430201A - A kind of distribution identity documents generate, verification method and system - Google Patents
A kind of distribution identity documents generate, verification method and system Download PDFInfo
- Publication number
- CN110430201A CN110430201A CN201910733791.1A CN201910733791A CN110430201A CN 110430201 A CN110430201 A CN 110430201A CN 201910733791 A CN201910733791 A CN 201910733791A CN 110430201 A CN110430201 A CN 110430201A
- Authority
- CN
- China
- Prior art keywords
- identity
- verified
- public key
- client public
- identity documents
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a kind of distributed identity documents generation, verification method and systems.Distributed identity documents generation method includes signing and issuing mechanism to obtain client public key and subscriber identity information that identity wallet client end generates;Mechanism is signed and issued to verify subscriber identity information;If the subscriber identity information after verifying is effective, signs and issues mechanism and generate the identity documents of user to client public key signature, while being sent to identity wallet client end and being proved to be successful information and user identity voucher;Otherwise, authentication failed information is sent to identity wallet client end;It signs and issues mechanism identity documents are stored on block chain.Using the generation of distributed identity documents, verification method and system of the invention, it solves identity documents centralization and stores the risk distorted by hacker attack, there is the probability that can reduce identity documents fraud, save verifying cost, the advantages of reducing proving period, expanding the usage scenario of identity documents.
Description
Technical field
The present invention relates to identity validation technology fields, generate more particularly to a kind of distributed identity documents, verification method
And system.
Background technique
Currently, identity documents information is all centralization storage, that is, mechanism is signed and issued when a user meets condition of signing and issuing
It waits, by the storage system of oneself centralization of the data input of user, is then presented to the certificate of one identity documents of user, example
Such as identity card, diploma, certification.But the identity documents of certificate type are easy to copy, identification of the different platform to certificate
Ability is irregular.Certain third-party platforms distribute different permissions according to these identity documents of user, but third party is flat
The true and false judgement of the certificate for the identity documents that platform shows user is very limited, and third-party platform verifying user identity with
The at high cost of card, long period, limitation are larger.
Summary of the invention
The object of the present invention is to provide a kind of distributed identity documents generation, verification method and systems, and having can reduce
The advantages of certificate fraud probability of identity documents.
To achieve the above object, the present invention provides following schemes:
A kind of distribution identity documents generation method, comprising:
It signs and issues mechanism and obtains client public key and subscriber identity information that identity wallet client end generates;
The mechanism of signing and issuing verifies the subscriber identity information;If the subscriber identity information after verifying is effective,
The identity documents signed and issued mechanism and generate user to client public key signature, while being sent to identity wallet client end
It is proved to be successful information and the user identity voucher;Otherwise, Xiang Suoshu identity wallet client end sends authentication failed information;
The identity documents are stored on block chain by the mechanism of signing and issuing.
Optionally, the identity documents signed and issued mechanism and generate user to client public key signature, specifically include:
It is signed using the private key for signing and issuing mechanism to the client public key and generates the identity documents of user.
The present invention also provides a kind of distributed identity documents to generate system, comprising:
Identity wallet client end is also used to receive and signs and issues mechanism transmission for generating client public key and subscriber identity information
Verification information and user identity voucher;
Mechanism is signed and issued, for obtaining the client public key and subscriber identity information of the generation of identity wallet client end, and it is right
The subscriber identity information is verified;Subscriber identity information is effective after verifying, and the mechanism of signing and issuing is to the client public key
Signature generates the identity documents of user, while sending to identity wallet client end and being proved to be successful information and user's body
Part voucher;Otherwise, Xiang Suoshu identity wallet client end sends authentication failed information;
Block chain, for storing the identity documents for signing and issuing mechanism upload.
The present invention also provides a kind of distributed identity documents verification methods, comprising:
Verification platform obtains the identity documents to be verified and client public key to be verified that identity wallet client end provides;
Operation is decrypted to the identity documents to be verified in the verification platform, the client public key after being decrypted;
The verification platform compares the client public key to be verified with the client public key after the decryption, if
The client public key to be verified is consistent with the client public key after the decryption, then the identity documents to be verified are effective;If
The client public key to be verified and the client public key after the decryption are inconsistent, then the identity documents to be verified are invalid.
Optionally, the verification platform obtains identity documents to be verified that identity wallet client end provides and to be verified
Client public key specifically includes:
Identity wallet client end signs to the identity documents to be verified using private key for user, after being signed
Identity documents to be verified;
The verification platform obtain the identity wallet client end offer signature after identity documents to be verified and to
The client public key of verifying.
Optionally, operation is decrypted to the identity documents to be verified in the verification platform, the use after being decrypted
Family public key, specifically includes:
The verification platform solves the identity documents to be verified after the signature using client public key to be verified
Close operation, the identity documents to be verified after being decrypted;
The verification platform is decrypted the identity documents to be verified after the decryption using the public key for signing and issuing mechanism
Operation, the client public key after being decrypted.
The present invention also provides a kind of distributed identity documents to verify system, comprising:
Identity wallet client end, for providing identity documents to be verified and client public key to be verified for user;
Verification platform, for obtaining the identity documents to be verified and use to be verified of the offer of identity wallet client end
Family public key, and for operation to be decrypted to the identity documents to be verified, the client public key after being decrypted;It is also used to
The client public key to be verified is compared with the client public key after the decryption, if the client public key to be verified
Consistent with the client public key after the decryption, then the identity documents to be verified are effective;If the client public key to be verified
Inconsistent with the client public key after the decryption, then the identity documents to be verified are invalid.
Optionally, identity wallet client end is also used to using private key for user to the identity documents label to be verified
Name, the identity documents to be verified after being signed;
The verification platform is also used to using client public key to be verified to the identity documents to be verified after the signature
Operation is decrypted, the identity documents to be verified after being decrypted;It is also used to use the public key for signing and issuing mechanism to the decryption
Operation, the client public key after being decrypted is decrypted in identity documents to be verified afterwards.
The present invention also provides a kind of distributed identity documents to generate verification method, comprising:
It signs and issues mechanism and obtains client public key and subscriber identity information that identity wallet client end generates;
The mechanism of signing and issuing verifies the subscriber identity information;If the subscriber identity information after verifying is effective,
The identity documents signed and issued mechanism and generate user to client public key signature, while being sent to identity wallet client end
It is proved to be successful information and the user identity voucher;Otherwise, Xiang Suoshu identity wallet client end sends authentication failed information;
The identity documents are stored on block chain by the mechanism of signing and issuing;
Verification platform obtains the identity documents to be verified and client public key to be verified that identity wallet client end provides;
Operation is decrypted to the identity documents to be verified in the verification platform, the client public key after being decrypted;
The verification platform compares the client public key to be verified with the client public key after the decryption, if
The client public key to be verified is consistent with the client public key after the decryption, then the identity documents to be verified are effective;If
The client public key to be verified and the client public key after the decryption are inconsistent, then the identity documents to be verified are invalid.
The present invention also provides a kind of distributed identity documents to generate verifying system, comprising:
Identity wallet client end, for generating client public key and subscriber identity information;Mechanism transmission is signed and issued for receiving
Verification information and user identity voucher;For providing identity documents to be verified and client public key to be verified for user;
Mechanism is signed and issued, for obtaining the client public key and subscriber identity information of the generation of identity wallet client end, and it is right
The subscriber identity information is verified;Subscriber identity information is effective after verifying, and the mechanism of signing and issuing is to the client public key
Signature generates the identity documents of user, while sending to identity wallet client end and being proved to be successful information and user's body
Part voucher;Otherwise, Xiang Suoshu identity wallet client end sends authentication failed information;
Block chain, for storing the identity documents for signing and issuing mechanism upload;
Verification platform, for obtaining the identity documents to be verified and use to be verified of the offer of identity wallet client end
Family public key, and for operation to be decrypted to the identity documents to be verified, the client public key after being decrypted;It is also used to
The client public key to be verified is compared with the client public key after the decryption, if the client public key to be verified
Consistent with the client public key after the decryption, then the identity documents to be verified are effective;If the client public key to be verified
Inconsistent with the client public key after the decryption, then the identity documents to be verified are invalid.
Compared with prior art, the beneficial effects of the present invention are:
The invention proposes a kind of distributed identity documents generation, verification method and systems, by signing and issuing mechanism to user
Public key signature generates the identity documents of user, and the user identity voucher of generation is stored in block chain, has identity documents
Have the advantages that can not to distort, is open.It solves identity documents centralization and stores the risk distorted by hacker attack, reduce body
The probability that part voucher is faked.
In addition, verification platform obtains the identity documents to be verified that identity wallet client end provides and user to be verified is public
Key, and operation is decrypted to identity documents to be verified, the client public key after being decrypted;By client public key to be verified with
Client public key after decryption compares, and judges whether identity documents to be verified are effective;Distributed storage facilitates verification platform to test
The true and false of user identity voucher is demonstrate,proved, verifying cost is saved, reduces proving period, expand the usage scenario of identity documents.
Detailed description of the invention
It in order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, below will be to institute in embodiment
Attached drawing to be used is needed to be briefly described, it should be apparent that, the accompanying drawings in the following description is only some implementations of the invention
Example, for those of ordinary skill in the art, without any creative labor, can also be according to these attached drawings
Obtain other attached drawings.
Fig. 1 is distributed identity documents generation method flow chart in the embodiment of the present invention;
Fig. 2 is that distributed identity documents generate system construction drawing in the embodiment of the present invention;
Fig. 3 is distributed identity documents verification method flow chart in the embodiment of the present invention;
Fig. 4 is that distributed identity documents verify system construction drawing in the embodiment of the present invention;
Fig. 5 is that distributed identity documents generate verification method flow chart in the embodiment of the present invention;
Fig. 6 is that distributed identity documents generate verifying system construction drawing in the embodiment of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
The object of the present invention is to provide a kind of distributed identity documents generation, verification method and systems, and having can reduce
The advantages of certificate fraud probability of identity documents.
In order to make the foregoing objectives, features and advantages of the present invention clearer and more comprehensible, with reference to the accompanying drawing and specific real
Applying mode, the present invention is described in further detail.
Fig. 1 is distribution of embodiment of the present invention identity documents generation method flow chart.As shown in Figure 1, a kind of distribution body
Part verification method, comprising:
Step 101: signing and issuing mechanism and obtain client public key and subscriber identity information that identity wallet client end generates.Wherein,
Public private key pair is generated for user using elliptic curve in identity wallet client end.Subscriber identity information is user identity voucher
Certificate information, such as ID card information, diploma information or certification information.
Step 102: signing and issuing mechanism and subscriber identity information is verified;If the subscriber identity information after verifying is effective,
It is signed using the private key for signing and issuing mechanism to client public key and generates the identity documents of user, while sent and testing to identity wallet client end
Demonstrate,prove successful information and user identity voucher;Otherwise, authentication failed information is sent to identity wallet client end.Wherein, machine is signed and issued
Structure signs to client public key with the private key of oneself using ellipse curve signature algorithm and generates the identity documents of user.Identity wallet visitor
Family end receives the business identity of one active states of increase after the user identity voucher for signing and issuing mechanism transmission.
Step 103: signing and issuing mechanism and identity documents are stored on block chain.
Fig. 2 is that distribution of embodiment of the present invention identity documents generate system construction drawing.As shown in Fig. 2, a kind of distribution body
Part voucher generating system, comprising:
Identity wallet client end 1 is also used to receive and signs and issues mechanism transmission for generating client public key and subscriber identity information
Verification information and user identity voucher.
Mechanism 2 is signed and issued, for obtaining the client public key and subscriber identity information of the generation of identity wallet client end, and to user
Identity information is verified;Subscriber identity information is effective after verifying, signs and issues the body that mechanism generates user to client public key signature
Part voucher, while being sent to identity wallet client end and being proved to be successful information and user identity voucher;Otherwise, to identity wallet visitor
Family end sends authentication failed information.
Block chain 3, for storing the identity documents for signing and issuing mechanism upload.
The present invention signs to client public key by signing and issuing mechanism and generates the identity documents of user, and by the user identity of generation
Voucher is stored in block chain, makes identity documents have many advantages, such as can not to distort, is open.Solve identity documents centralization storage
The risk distorted by hacker attack reduces the probability of identity documents fraud.
Fig. 3 is distribution of embodiment of the present invention identity documents verification method flow chart.As shown in figure 3, a kind of distribution body
Part credential verification method, comprising:
Step 301: verification platform obtains the identity documents to be verified and use to be verified that identity wallet client end provides
Family public key.The step specifically includes:
Identity wallet client end signs to identity documents to be verified using private key for user, to be verified after being signed
Identity documents.Wherein, public private key pair is generated for user using elliptic curve in identity wallet client end.
Verification platform obtains the identity documents to be verified and use to be verified after the signature that identity wallet client end provides
Family public key.
Step 302: operation is decrypted to identity documents to be verified in verification platform, the client public key after being decrypted.
The step specifically includes:
Operation is decrypted to the identity documents to be verified after signature using client public key to be verified in verification platform, obtains
Identity documents to be verified after to decryption.
Operation is decrypted to the identity documents to be verified after decryption using the public key for signing and issuing mechanism in verification platform, obtains
Client public key after decryption.
Step 303: verification platform compares the client public key after client public key to be verified and decryption, if to be tested
The client public key of card is consistent with the client public key after decryption, then identity documents to be verified are effective;If client public key to be verified
Inconsistent with the client public key after decryption, then identity documents to be verified are invalid.
Fig. 4 is that distribution of embodiment of the present invention identity documents verify system construction drawing.As shown in figure 4, a kind of distribution body
Part credential verification system, comprising:
Identity wallet client end 1, for providing identity documents to be verified and client public key to be verified for user;Also use
In the identity documents to be verified using private key for user to identity documents signature to be verified, after being signed.
Verification platform 4, for obtaining the identity documents to be verified and user to be verified that identity wallet client end provides
Public key, and for operation to be decrypted to identity documents to be verified, the client public key after being decrypted;Being also used to will be to be tested
The client public key and the client public key after decryption of card compare, if the client public key after client public key and decryption to be verified
Unanimously, then identity documents to be verified are effective;If the client public key after client public key and decryption to be verified is inconsistent, to be tested
It is invalid to demonstrate,prove identity documents.
Verification platform 4 is also used to that the identity documents to be verified after signature are decrypted using client public key to be verified
Operation, the identity documents to be verified after being decrypted;It is also used to use the public key for signing and issuing mechanism to be verified after decryption
Operation, the client public key after being decrypted is decrypted in identity documents.
Verification platform of the invention obtains the identity documents to be verified and use to be verified that identity wallet client end provides
Family public key, and operation is decrypted to identity documents to be verified, the client public key after being decrypted;User to be verified is public
Key is compared with the client public key after decryption, judges whether identity documents to be verified are effective;Distributed storage facilitates verifying flat
Platform verifies the true and false of user identity voucher, saves verifying cost, reduces proving period, expand the usage scenario of identity documents.
Fig. 5 is distribution of embodiment of the present invention identity documents verification method flow chart.As shown in figure 5, a kind of distribution body
Part voucher generates verification method, comprising:
Step 501: signing and issuing mechanism and obtain client public key and subscriber identity information that identity wallet client end generates.Wherein,
Public private key pair is generated for user using elliptic curve in identity wallet client end.
Step 502: signing and issuing mechanism and subscriber identity information is verified;If the subscriber identity information after verifying is effective,
It signs and issues mechanism and generates the identity documents of user to client public key signature, while being sent to identity wallet client end and being proved to be successful information
And user identity voucher;Otherwise, authentication failed information is sent to identity wallet client end.Wherein, mechanism is signed and issued using oval
Curve signature algorithm signs to client public key with the private key of oneself and generates the identity documents of user.Identity wallet client end receives label
Increase the business identity of an active states after the user identity voucher that hair mechanism is sent.
Step 503: signing and issuing mechanism and identity documents are stored on block chain.
Step 504: verification platform obtains the identity documents to be verified and use to be verified that identity wallet client end provides
Family public key.The step specifically includes:
Identity wallet client end signs to identity documents to be verified using private key for user, to be verified after being signed
Identity documents.Wherein, public private key pair is generated for user using elliptic curve in identity wallet client end.
Verification platform obtains the identity documents to be verified and use to be verified after the signature that identity wallet client end provides
Family public key.
Step 505: operation is decrypted to identity documents to be verified in verification platform, the client public key after being decrypted.
The step specifically includes:
Operation is decrypted to the identity documents to be verified after signature using client public key to be verified in verification platform, obtains
Identity documents to be verified after to decryption.
Operation is decrypted to the identity documents to be verified after decryption using the public key for signing and issuing mechanism in verification platform, obtains
Client public key after decryption.
Step 506: verification platform compares the client public key after client public key to be verified and decryption, if to be tested
The client public key of card is consistent with the client public key after decryption, then identity documents to be verified are effective;If client public key to be verified
Inconsistent with the client public key after decryption, then identity documents to be verified are invalid.
Fig. 6 is that distribution of embodiment of the present invention identity documents verify system construction drawing.As shown in fig. 6, a kind of distribution body
Part voucher generates verifying system, comprising:
Identity wallet client end 1, for generating client public key and subscriber identity information;Mechanism transmission is signed and issued for receiving
Verification information and user identity voucher;For providing identity documents to be verified and client public key to be verified for user.
Mechanism 2 is signed and issued, for obtaining the client public key and subscriber identity information of the generation of identity wallet client end, and to user
Identity information is verified;Subscriber identity information is effective after verifying, signs and issues the body that mechanism generates user to client public key signature
Part voucher, while being sent to identity wallet client end and being proved to be successful information and user identity voucher;Otherwise, to identity wallet visitor
Family end sends authentication failed information.
Block chain 3, for storing the identity documents for signing and issuing mechanism upload.
Verification platform 4, for obtaining the identity documents to be verified and user to be verified that identity wallet client end provides
Public key, and for operation to be decrypted to identity documents to be verified, the client public key after being decrypted;Being also used to will be to be tested
The client public key and the client public key after decryption of card compare, if the client public key after client public key and decryption to be verified
Unanimously, then identity documents to be verified are effective;If the client public key after client public key and decryption to be verified is inconsistent, to be tested
It is invalid to demonstrate,prove identity documents.
Used herein a specific example illustrates the principle and implementation of the invention, and above embodiments are said
It is bright to be merely used to help understand method and its core concept of the invention;At the same time, for those skilled in the art, foundation
Thought of the invention, there will be changes in the specific implementation manner and application range.To sum up, the content of the present specification should not manage
Solution is limitation of the present invention.
Claims (10)
1. a kind of distribution identity documents generation method characterized by comprising
It signs and issues mechanism and obtains client public key and subscriber identity information that identity wallet client end generates;
The mechanism of signing and issuing verifies the subscriber identity information;If the subscriber identity information after verifying is effective, described
It signs and issues mechanism and generates the identity documents of user to client public key signature, while sending and verifying to identity wallet client end
Successful information and the user identity voucher;Otherwise, Xiang Suoshu identity wallet client end sends authentication failed information;
The identity documents are stored on block chain by the mechanism of signing and issuing.
2. distribution identity documents verification method according to claim 1, which is characterized in that the mechanism of signing and issuing is to described
Client public key signature generates the identity documents of user, specifically includes:
It is signed using the private key for signing and issuing mechanism to the client public key and generates the identity documents of user.
3. a kind of distribution identity documents generate system characterized by comprising
Identity wallet client end is also used to receive and signs and issues testing for mechanism transmission for generating client public key and subscriber identity information
Demonstrate,prove information and user identity voucher;
Mechanism is signed and issued, for obtaining the client public key and subscriber identity information of the generation of identity wallet client end, and to described
Subscriber identity information is verified;Subscriber identity information is effective after verifying, and the mechanism of signing and issuing signs to the client public key
Generate user identity documents, while to identity wallet client end send be proved to be successful information and the user identity with
Card;Otherwise, Xiang Suoshu identity wallet client end sends authentication failed information;
Block chain, for storing the identity documents for signing and issuing mechanism upload.
4. a kind of distribution identity documents verification method characterized by comprising
Verification platform obtains the identity documents to be verified and client public key to be verified that identity wallet client end provides;
Operation is decrypted to the identity documents to be verified in the verification platform, the client public key after being decrypted;
The verification platform compares the client public key to be verified with the client public key after the decryption, if described
Client public key to be verified is consistent with the client public key after the decryption, then the identity documents to be verified are effective;If described
Client public key to be verified and the client public key after the decryption are inconsistent, then the identity documents to be verified are invalid.
5. distribution identity documents verification method according to claim 4, which is characterized in that the verification platform obtains body
The identity documents to be verified and client public key to be verified that part wallet client end provides, specifically include:
Identity wallet client end signs to the identity documents to be verified using private key for user, to be tested after being signed
The identity documents of card;
The verification platform obtains the identity documents to be verified and to be verified after the signature of identity wallet client end offer
Client public key.
6. distribution identity documents verification method according to claim 5, which is characterized in that the verification platform is to described
Operation is decrypted in identity documents to be verified, and the client public key after being decrypted specifically includes:
Behaviour is decrypted to the identity documents to be verified after the signature using client public key to be verified in the verification platform
Make, the identity documents to be verified after being decrypted;
Operation is decrypted to the identity documents to be verified after the decryption using the public key for signing and issuing mechanism in the verification platform,
Client public key after being decrypted.
7. a kind of distribution identity documents verify system characterized by comprising
Identity wallet client end, for providing identity documents to be verified and client public key to be verified for user;
Verification platform, the identity documents to be verified and user to be verified for obtaining the offer of identity wallet client end are public
Key, and for operation to be decrypted to the identity documents to be verified, the client public key after being decrypted;It is also used to institute
It states client public key to be verified to compare with the client public key after the decryption, if the client public key to be verified and institute
Client public key after stating decryption is consistent, then the identity documents to be verified are effective;If the client public key to be verified and institute
Client public key after stating decryption is inconsistent, then the identity documents to be verified are invalid.
8. distribution identity documents according to claim 7 verify system, which is characterized in that
Identity wallet client end is also used to sign to the identity documents to be verified using private key for user, be signed
Identity documents to be verified afterwards;
The verification platform is also used to carry out the identity documents to be verified after the signature using client public key to be verified
Decryption oprerations, the identity documents to be verified after being decrypted;After being also used to using the public key of mechanism is signed and issued to the decryption
Operation, the client public key after being decrypted is decrypted in identity documents to be verified.
9. a kind of distribution identity documents generate verification method characterized by comprising
It signs and issues mechanism and obtains client public key and subscriber identity information that identity wallet client end generates;
The mechanism of signing and issuing verifies the subscriber identity information;If the subscriber identity information after verifying is effective, described
It signs and issues mechanism and generates the identity documents of user to client public key signature, while sending and verifying to identity wallet client end
Successful information and the user identity voucher;Otherwise, Xiang Suoshu identity wallet client end sends authentication failed information;
The identity documents are stored on block chain by the mechanism of signing and issuing;
Verification platform obtains the identity documents to be verified and client public key to be verified that identity wallet client end provides;
Operation is decrypted to the identity documents to be verified in the verification platform, the client public key after being decrypted;
The verification platform compares the client public key to be verified with the client public key after the decryption, if described
Client public key to be verified is consistent with the client public key after the decryption, then the identity documents to be verified are effective;If described
Client public key to be verified and the client public key after the decryption are inconsistent, then the identity documents to be verified are invalid.
10. a kind of distribution identity documents generate verifying system characterized by comprising
Identity wallet client end, for generating client public key and subscriber identity information;For receiving the verifying for signing and issuing mechanism transmission
Information and user identity voucher;For providing identity documents to be verified and client public key to be verified for user;
Mechanism is signed and issued, for obtaining the client public key and subscriber identity information of the generation of identity wallet client end, and to described
Subscriber identity information is verified;Subscriber identity information is effective after verifying, and the mechanism of signing and issuing signs to the client public key
Generate user identity documents, while to identity wallet client end send be proved to be successful information and the user identity with
Card;Otherwise, Xiang Suoshu identity wallet client end sends authentication failed information;
Block chain, for storing the identity documents for signing and issuing mechanism upload;
Verification platform, the identity documents to be verified and user to be verified for obtaining the offer of identity wallet client end are public
Key, and for operation to be decrypted to the identity documents to be verified, the client public key after being decrypted;It is also used to institute
It states client public key to be verified to compare with the client public key after the decryption, if the client public key to be verified and institute
Client public key after stating decryption is consistent, then the identity documents to be verified are effective;If the client public key to be verified and institute
Client public key after stating decryption is inconsistent, then the identity documents to be verified are invalid.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910733791.1A CN110430201A (en) | 2019-08-09 | 2019-08-09 | A kind of distribution identity documents generate, verification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910733791.1A CN110430201A (en) | 2019-08-09 | 2019-08-09 | A kind of distribution identity documents generate, verification method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110430201A true CN110430201A (en) | 2019-11-08 |
Family
ID=68415235
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910733791.1A Pending CN110430201A (en) | 2019-08-09 | 2019-08-09 | A kind of distribution identity documents generate, verification method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110430201A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110933117A (en) * | 2020-02-18 | 2020-03-27 | 支付宝(杭州)信息技术有限公司 | Derivation and verification method, device and equipment of digital identity information |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106789041A (en) * | 2017-02-15 | 2017-05-31 | 江苏信源久安信息科技有限公司 | A kind of credible block chain method of decentralization certificate |
| CN107196966A (en) * | 2017-07-05 | 2017-09-22 | 北京信任度科技有限公司 | The identity identifying method and system of multi-party trust based on block chain |
| CN107257340A (en) * | 2017-06-19 | 2017-10-17 | 阿里巴巴集团控股有限公司 | A kind of authentication method, authentication data processing method and equipment based on block chain |
| CN107579817A (en) * | 2017-09-12 | 2018-01-12 | 广州广电运通金融电子股份有限公司 | User ID authentication method, apparatus and system based on block chain |
| CN109767215A (en) * | 2018-12-29 | 2019-05-17 | 杭州趣链科技有限公司 | A kind of online block chain identity identifying method based on a variety of private key storage modes |
| US10298396B1 (en) * | 2015-11-10 | 2019-05-21 | Wells Fargo Bank, N.A. | Identity management service via virtual passport |
| CN109983466A (en) * | 2018-09-27 | 2019-07-05 | 区链通网络有限公司 | A kind of account management system and management method, storage medium based on block chain |
| CN110046482A (en) * | 2018-12-25 | 2019-07-23 | 阿里巴巴集团控股有限公司 | Identity verification method and its system |
-
2019
- 2019-08-09 CN CN201910733791.1A patent/CN110430201A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10298396B1 (en) * | 2015-11-10 | 2019-05-21 | Wells Fargo Bank, N.A. | Identity management service via virtual passport |
| CN106789041A (en) * | 2017-02-15 | 2017-05-31 | 江苏信源久安信息科技有限公司 | A kind of credible block chain method of decentralization certificate |
| CN107257340A (en) * | 2017-06-19 | 2017-10-17 | 阿里巴巴集团控股有限公司 | A kind of authentication method, authentication data processing method and equipment based on block chain |
| CN107196966A (en) * | 2017-07-05 | 2017-09-22 | 北京信任度科技有限公司 | The identity identifying method and system of multi-party trust based on block chain |
| CN107579817A (en) * | 2017-09-12 | 2018-01-12 | 广州广电运通金融电子股份有限公司 | User ID authentication method, apparatus and system based on block chain |
| CN109983466A (en) * | 2018-09-27 | 2019-07-05 | 区链通网络有限公司 | A kind of account management system and management method, storage medium based on block chain |
| CN110046482A (en) * | 2018-12-25 | 2019-07-23 | 阿里巴巴集团控股有限公司 | Identity verification method and its system |
| CN109767215A (en) * | 2018-12-29 | 2019-05-17 | 杭州趣链科技有限公司 | A kind of online block chain identity identifying method based on a variety of private key storage modes |
Non-Patent Citations (1)
| Title |
|---|
| 张焕国等: "《密码学引论》", 30 November 2015, 武汉:武汉大学出版社 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110933117A (en) * | 2020-02-18 | 2020-03-27 | 支付宝(杭州)信息技术有限公司 | Derivation and verification method, device and equipment of digital identity information |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107403303B (en) | Signing method of electronic contract system based on block chain deposit certificate | |
| CN105429760B (en) | A kind of auth method and system of the digital certificate based on TEE | |
| CN103067402B (en) | The generation method and system of digital certificate | |
| CN103095456B (en) | The processing method of transaction message and system | |
| CN103167491B (en) | A kind of mobile terminal uniqueness authentication method based on software digital certificate | |
| CN103685138B (en) | The authentication method of the Android platform application software that mobile interchange is online and system | |
| CN112153608A (en) | Vehicle networking cross-domain authentication method based on side chain technology trust model | |
| CN107493273A (en) | Identity identifying method, system and computer-readable recording medium | |
| CN108809658A (en) | A kind of digital signature method and system of the identity base based on SM2 | |
| CN104753881B (en) | A kind of WebService safety certification access control method based on software digital certificate and timestamp | |
| CN109992953A (en) | Digital certificate on block chain signs and issues, verification method, equipment, system and medium | |
| CN110493273B (en) | Identity authentication data processing method and device, computer equipment and storage medium | |
| CN106534143A (en) | Method and system capable of realizing cross-application authentication authorization | |
| CN108768652A (en) | It is a kind of can the attack of anti-quantum alliance's block chain bottom encryption method | |
| CN110493237A (en) | Identity management method, device, computer equipment and storage medium | |
| CN105554018B (en) | Genuine cyber identification verification method | |
| CN109547451A (en) | The method of authentic authentication service authentication based on TEE | |
| CN103312691A (en) | Method and system for authenticating and accessing cloud platform | |
| CN111835526B (en) | Method and system for generating anonymous credential | |
| CN108848496A (en) | Authentication method, TEE terminal and the management platform of virtual eSIM card based on TEE | |
| CN106897761A (en) | A kind of two-dimensional code generation method and device | |
| CN106851635B (en) | A kind of distributed signature method and system of identity-based | |
| US20080141035A1 (en) | Limited Blind Signature System | |
| CN106375092A (en) | Digital certificate signature method for privacy protection | |
| CN106060078A (en) | User information encryption method, user registration method and user validation method applied to cloud platform |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20191108 |
|
| RJ01 | Rejection of invention patent application after publication |