CN110492989A - The processing method of private key, the medium of access method and corresponding method, device - Google Patents
The processing method of private key, the medium of access method and corresponding method, device Download PDFInfo
- Publication number
- CN110492989A CN110492989A CN201910785886.8A CN201910785886A CN110492989A CN 110492989 A CN110492989 A CN 110492989A CN 201910785886 A CN201910785886 A CN 201910785886A CN 110492989 A CN110492989 A CN 110492989A
- Authority
- CN
- China
- Prior art keywords
- private key
- user
- abstract
- key
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
This application discloses the media of a kind of processing method of private key, access method and corresponding method, device to obtain the corresponding private key abstract of private key for user by carrying out abstract operation to private key for user;Wherein, the corresponding private key abstract of private key for user is corresponding with multiple and different private keys;It is encrypted using the key pair private key for user of user, obtains the encryption key of user;The encryption key and the corresponding private key abstract of private key for user for combining user, obtain the encryption data of private key for user.The corresponding private key abstract of the private key for user as obtained in the application, has corresponded to multiple and different private keys in fact.Even if malicious user has found a private key, private key abstract corresponding with private key for user is consistent after which carries out abstract operation, then the private key is also not necessarily the real private key of user, therefore reduces the risk that malicious user cracks out real private key for user.
Description
Technical field
The present invention relates to technical field of information encryption more particularly to a kind of processing methods of private key, access method and correspondence
Medium, the device of method.
Background technique
In the prior art, client usually requires to carry out encrypted backup preservation to the private key of user.Currently, the private to user
The method that key is encrypted are as follows: the key (key) that user is generated using the Crypted password of user's input recycles key to user
Private key and private key for user corresponding private key abstract encrypted, obtain the encryption data of private key for user.Wherein, private key for user
Corresponding private key abstract carries out abstract operation by private key for user and obtains.
If user wants to give private key for change, user can input Crypted password, encryption of the client further according to user to client
Password generates key, is decrypted using encryption data of the key to the private key for user of preservation, private key is obtained after decryption and private key is plucked
It wants.Abstract operation is carried out to private key again, and judge private key abstract that operation obtains whether with the private key abstract one that is obtained after decryption
It causes, it is whether correct come the Crypted password for verifying user's input with this.If consistent, then it is assumed that the Crypted password that user provides is just
Really, the private key of user can be sent to user.
However, can have malicious user during whether the Crypted password for verifying user's offer is correct and pass through constantly
The case where attempting Crypted password, finally obtaining a Crypted password being proved to be successful.Since each private key abstract is almost only right
The private key that the Crypted password solution answering a private key, therefore being proved to be successful comes out very likely is exactly the real private key of user, therefore
There are the risks that malicious user cracks out real private key for user.
Summary of the invention
Based on above-mentioned the deficiencies in the prior art, present applicant proposes a kind of processing method of private key, access method and correspondences
Medium, the device of method crack to obtain the risk of private key for user to reduce malicious user.
First aspect present invention discloses a kind of processing method of private key, is applied to client, the processing side of the private key
Method includes:
Abstract operation is carried out to private key for user, obtains the corresponding private key abstract of the private key for user;Wherein, the user is private
The corresponding private key abstract of key is corresponding with multiple and different private keys;
Private key for user described in key pair using user encrypts, and obtains the encryption key of user;
The encryption key and the corresponding private key abstract of the private key for user for combining the user, obtain the private key for user
Encryption data.
Optionally, described that abstract operation is carried out to private key for user in the processing method of above-mentioned private key, obtain the user
The corresponding private key abstract of private key, comprising:
Abstract operation is carried out to the private key for user using the abstract function that collision rate is higher than threshold value, it is private to obtain the user
The corresponding private key abstract of key.
Optionally, described to be higher than the abstract function of threshold value to described using collision rate in the processing method of above-mentioned private key
Private key for user carries out abstract operation, obtains the corresponding private key abstract of the private key for user, comprising:
The private key for user is calculated using formula h ash (x)=x%N, obtains the corresponding private key abstract of the private key for user;
In formula, x is the private key for user;N is a positive integer;Hash (x) is that the corresponding private key of the private key for user is plucked
It wants.
Optionally, in the processing method of above-mentioned private key, the encryption key of the combination user and the user are private
Key corresponding private key abstract, after obtaining the encryption data of private key for user, further includes:
Receive the private key for user gives request for change;Wherein, described give for change in request carries Crypted password to be verified;
Hash operation is done to the Crypted password to be verified, obtains key to be verified;
Be decrypted using the encryption key in the encryption data of private key for user described in the key pair to be verified, obtain to
Verify private key;
Abstract operation is carried out to the private key to be verified, obtains private key abstract to be verified;
The private key corresponding with the private key for user in the encryption data of the private key for user if the private key to be verified is made a summary
Abstract is consistent, then prompts the user with the private key for user.
Second aspect of the present invention discloses a kind of server access method, is applied to client, the server access side
Method includes:
The logging request of user is sent to server;Wherein, initial data and label are carried in the logging request of the user
Name data;The initial data includes the identification information and the corresponding private key abstract of private key for user of user;The private key for user pair
The private key abstract answered carries out abstract operation by private key for user and obtains;The corresponding private key abstract of the private key for user be corresponding with it is multiple not
Same private key;The signed data is signed to obtain using the private key for user by the client to the initial data.
Third aspect present invention discloses a kind of server access method, is applied to server, the server access side
Method includes:
Receive the logging request for the user that client is sent;Wherein, initial data is carried in the logging request of the user
And signed data;The initial data includes the identification information and the corresponding private key abstract of private key for user of user;The user is private
The corresponding private key abstract of key carries out abstract operation by private key for user and obtains;The corresponding private key abstract of the private key for user is corresponding with more
A different private key;The signed data is by the client using the private key for user to the summary data of the initial data
It is signed to obtain;
Using the public key and initial data of the user that the client uploads in advance, verify whether the logging request closes
Method;
If the logging request is illegal, judge that the corresponding private key of the private key for user carried in the logging request is plucked
It wants, whether private key abstract corresponding with the private key for user that the client uploads in advance is consistent;Wherein, the client it is preparatory on
The corresponding private key abstract of the private key for user of biography carries out abstract operation to private key for user by the client and obtains;The private key for user
Corresponding private key abstract is corresponding with multiple and different private keys;
If the corresponding private key abstract of the private key for user that the logging request carries, the user uploaded in advance with the client
The corresponding private key abstract of private key is consistent, then sends prompting message to the legitimate user of the private key for user, wherein the prompting letter
It ceases the private key for user for illustrating the legitimate user and there is the risk illegally cracked.
Optionally, in above-mentioned server access method, the public key of the user uploaded in advance using the client
And initial data, whether legal verify the logging request, comprising:
The public key of the user uploaded in advance using the client carries out sign test to the signed data;
If sign test passes through, it is legal to regard as the logging request;
If sign test does not pass through, it is illegal to regard as the logging request.
Fourth aspect present invention discloses a kind of processing unit of private key, and the processing unit of the private key is client, institute
State client, comprising:
First computing unit obtains the corresponding private key of the private key for user and plucks for carrying out abstract operation to private key for user
It wants;Wherein, the corresponding private key abstract of the private key for user is corresponding with multiple and different private keys;
Encryption unit is encrypted for private key for user described in the key pair using user, obtains the encryption key of user;
Assembled unit, the corresponding private key abstract of encryption key and the private key for user for combining the user, obtains
The encryption data of the private key for user.
Optionally, in the processing unit of above-mentioned private key, first computing unit, comprising:
First computation subunit, the abstract function for being higher than threshold value using collision rate make a summary to the private key for user
Operation obtains the corresponding private key abstract of the private key for user.
Optionally, in the processing unit of above-mentioned private key, first computation subunit, comprising:
Second computation subunit obtains the user for calculating the private key for user using formula h ash (x)=x%N
The corresponding private key abstract of private key;
In formula, x is the private key for user;N is a positive integer;Hash (x) is that the corresponding private key of the private key for user is plucked
It wants.
Optionally, in the processing unit of above-mentioned private key, further includes:
Receiving unit gives request for change for receive the private key for user;Wherein, it is described give for change request in carry it is to be verified
Crypted password;
Second computing unit obtains key to be verified for doing Hash operation to the Crypted password to be verified;
Decryption unit, for the encryption key in the encryption data using private key for user described in the key pair to be verified into
Row decryption, obtains private key to be verified;
Third computing unit obtains private key abstract to be verified for carrying out abstract operation to the private key to be verified;
Prompt unit, if private for the private key abstract and the user in the encryption data of the private key for user to be verified
The corresponding private key abstract of key is consistent, then prompts the user with the private key for user.
Fifth aspect present invention discloses a kind of server access device, and the server access device is client, institute
Stating client includes:
Transmission unit, for sending the logging request of user to server;Wherein, it is carried in the logging request of the user
Initial data and signed data;The initial data includes the identification information and the corresponding private key abstract of private key for user of user;Institute
It states private key for user corresponding private key abstract abstract operation is carried out by private key for user and obtain;The corresponding private key abstract of the private key for user
It is corresponding with multiple and different private keys;The signed data is by the client using the private key for user to the initial data label
Name obtains.
Sixth aspect present invention discloses a kind of server access device, and the server access device is server, institute
Stating server includes:
Receiving unit, the logging request of the user for receiving client transmission;Wherein, in the logging request of the user
Carry initial data and signed data;The initial data includes that the identification information of user and the corresponding private key of private key for user are plucked
It wants;The corresponding private key abstract of the private key for user carries out abstract operation by private key for user and obtains;The corresponding private of the private key for user
Key abstract is corresponding with multiple and different private keys;The signed data is by the client using the private key for user to described original
The summary data of data is signed to obtain;
Authentication unit, the public key and initial data of the user for being uploaded in advance using the client are stepped on described in verifying
Whether record request is legal;
Judging unit judges the private key for user carried in the logging request if illegal for the logging request
Whether corresponding private key abstract, private key abstract corresponding with the private key for user that the client uploads in advance are consistent;Wherein, described
The corresponding private key abstract of the private key for user that client uploads in advance carries out abstract operation to private key for user by the client and obtains;
The corresponding private key abstract of the private key for user is corresponding with multiple and different private keys;
Reminding unit, if for the corresponding private key abstract of private key for user that the logging request carries, with the client
The corresponding private key abstract of the private key for user uploaded in advance is consistent, then sends prompting message to the legitimate user of the private key for user,
Wherein, the prompting message is used to illustrate that the private key for user of the legitimate user to have the risk illegally cracked.
Optionally, in above-mentioned server access device, the authentication unit, comprising:
The public key of sign test unit, the user for being uploaded in advance using the client tests the signed data
Label;If sign test passes through, it is legal to regard as the logging request;If sign test does not pass through, regards as the logging request and do not conform to
Method.
Seventh aspect present invention discloses a kind of computer-readable medium, is stored thereon with computer program, wherein described
Processing method, such as above-mentioned second party of the private key as described in any one of above-mentioned first aspect are realized when program is executed by processor
Server access method described in face or the server access method as described in any one of above-mentioned third aspect.
Eighth aspect present invention discloses a kind of electronic equipment, comprising:
One or more processors;
Storage device is stored thereon with one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of places
Reason device realizes the processing method of the private key as described in any one of above-mentioned first aspect, the server as described in above-mentioned second aspect
Access method or the server access method as described in any one of above-mentioned third aspect.
It can be seen from the above technical scheme that the processing method for the private key that the application proposes is applied to client, pass through
Abstract operation is carried out to private key for user, obtains the corresponding private key abstract of private key for user.Wherein, the corresponding private key abstract of private key for user
It is corresponding with multiple and different private keys.It is encrypted using the key pair private key for user of user, obtains the encryption key of user.Combination
The corresponding private key abstract of the encryption key and private key for user of user, obtains the encryption data of private key for user.Due to being obtained in the application
The corresponding private key abstract of the private key for user arrived, has corresponded to multiple and different private keys in fact.Even if malicious user has found a private
Key, private key abstract corresponding with private key for user is consistent after which carries out abstract operation, then the private key is also not necessarily user
Real private key, therefore reduce the risk that malicious user cracks out real private key for user.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The embodiment of invention for those of ordinary skill in the art without creative efforts, can also basis
The attached drawing of offer obtains other attached drawings.
Fig. 1 is a kind of flow diagram of the processing method of private key disclosed by the embodiments of the present invention;
Fig. 2 is a kind of flow diagram of the method for key for generating user disclosed by the embodiments of the present invention;
Fig. 3 is a kind of flow diagram for the method for giving private key for user for change disclosed by the embodiments of the present invention;
Fig. 4 is a kind of flow diagram of server access method disclosed by the embodiments of the present invention;
Fig. 5 is a kind of flow diagram of method for verifying signed data disclosed by the embodiments of the present invention;
Fig. 6 is a kind of structural schematic diagram of the processing unit of private key disclosed by the embodiments of the present invention;
Fig. 7 is a kind of structural schematic diagram of server access device disclosed by the embodiments of the present invention;
Fig. 8 is the structural schematic diagram of another server access device disclosed by the embodiments of the present invention.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
Refering to fig. 1, the embodiment of the present application discloses a kind of processing method of private key, and this method is applied to client, specifically
The step of are as follows:
S101, abstract operation is carried out to private key for user, obtains the corresponding private key abstract of private key for user.
Wherein, the corresponding private key abstract of private key for user is corresponding with multiple and different private keys.The corresponding private key of private key for user is plucked
It is corresponding with multiple and different private keys and refers to other private keys such as private key A, private key B of the presence in addition to private key for user, to private key
A, other private keys such as private key B, which carry out the corresponding private key obtained after abstract operation abstract private key abstract corresponding with private key for user, is
It is identical.It is not one-to-one relationship i.e. between private key abstract and private key, there are other privates other than private key for user
Key can also obtain the corresponding private key abstract of private key for user after carrying out abstract operation.Private key for user be user be used for data into
The personal key algorithm of row encryption and decryption, it is peculiar for user.User can make when needing to encrypt some data
It is encrypted with private key for user, when user needs using the data, the number can be obtained by reusing private key for user and being decrypted
According to.
Specifically, when executing step S101, private key for user is substituted into abstract function to abstract operation is carried out, can be obtained
The corresponding private key abstract of private key for user.
It, can be when executing step S101 in order to make the corresponding corresponding multiple and different private key of private key abstract of private key for user, benefit
Abstract operation is carried out to private key for user with the abstract function that collision rate is higher than threshold value, obtains the corresponding private key abstract of private key for user.
Wherein, collision rate refers to probability existing for the private key of private key abstract having the same.It is higher using collision rate
Abstract function carries out abstract operation to private key for user, and the corresponding private key of the corresponding private key abstract of obtained private key for user will be got over
It is more.Threshold value can be set according to actual conditions.When collision rate is higher than threshold value, if there is malicious user corresponding according to private key for user
Private key abstract, it is intended to when cracking out the private key of user, even with attempt to gone out a private key can by abstract budget after obtain
The consistent abstract of private key abstract corresponding with private key for user, this private key are also only multiple privates of available private key abstract
One in key, it is not necessarily real private key for user.Therefore, collision rate is higher, and the corresponding private key abstract of private key for user can
Corresponding private key just has more, can try out the probability of real private key for user also just by private key for user corresponding private key abstract
It is smaller.
Optionally, in one specific embodiment of the application, it is higher than the abstract function of threshold value to the user using collision rate
Private key carries out abstract operation, obtains the corresponding private key abstract of the private key for user, comprising:
Private key for user is calculated using formula h ash (x)=x%N, obtains the corresponding private key abstract of private key for user.
In formula, x is private key for user;N is a positive integer;Hash (x) is the corresponding private key abstract of private key for user.N's takes
Value is determined by collision rate threshold value." % " is complementation operation.If N takes 1000, illustrate just to will appear a private in 1000 private keys
Hash (x) can be obtained after carrying out abstract operation in key.Therefore the value of N is smaller, then collision rate is higher, malicious user attempts to pass through
Private key abstract goes the difficulty for trying out private key also bigger.
S102, it is encrypted using the key pair private key for user of user, obtains the encryption key of user.
Wherein, key (key) Crypted password input by user of user is obtained by operation.Use the key pair of user
After private key for user is encrypted, when user input correct Crypted password can successful decryption obtain private key for user.
Optionally, referring to Fig.2, in one specific embodiment of the application, the method that generates the key of user are as follows:
The Crypted password input to user and salt (salt) value generated at random carry out multiple one-way hash function (Hash) fortune
It calculates, obtains the key of user.
Wherein, the frequency n for carrying out one-way hash function operation is different, and the key of the user of generation is also different.Salt figure be one with
Machine number, the salt figure used during the key for generating user is different, and the key of obtained user also can be different.Therefore, user
The Crypted password that is inputted by salt figure, user of key and the number of Hash operation determined.Since the key of generation user is
The risk that the key for being determined by multiple parameters, therefore also reducing user is stolen.
S103, the encryption key for combining user and the corresponding private key abstract of private key for user, obtain the encryption number of private key for user
According to.
Wherein, the encryption key of user is obtained by step S102, and the corresponding private key abstract of private key for user is obtained by step S101
It arrives.The encryption data for combining obtained private key for user can be reserved in the client.When user needs using private key for user
Crypted password is tested by client according to the encryption data of Crypted password and private key for user by input Crypted password
Card, if being able to verify that success, private key for user is can be obtained in user.
It should be noted that the corresponding private key abstract of private key for user is not by user's in the encryption data of private key for user
Key encryption.If the corresponding private key abstract of private key for user and private key for user all use key to encrypt, due to using encryption
It is all random value that key, which attempts the private key that obtains and private key abstract after decryption, and private key and private key equal probability of making a summary will become
It is lower, if the key for meeting the equal situation of the two that malicious user is found, it is likely that is obtained is exactly correct private key, i.e., only
It is proved to be successful, obtained private key is just likely to correct private key.And the corresponding private key abstract of private key for user does not have in the application
Have encrypted, therefore be not a random value, and because private key is made a summary corresponding private key have it is multiple, even if being proved to be successful,
Obtained private key is also not necessarily correct private key.
Optionally, refering to Fig. 3, in one specific embodiment of the application, after execution step S103, further includes:
S301, it receives private key for user and gives request for change.
When user needs using private key for user, request can be given for change to client transmission.Wherein, give for change request in carry to
Verify Crypted password.It should be noted that give the identification information that user can also be carried in request for change, the mark letter of the user
Breath can be the account (Identity Document, ID) of user.Client would know that user according to the identification information of user
Which the required private key given for change is, finds the encryption data of private key for user corresponding with the identification information of user, wherein is used
The step S103 that the encryption data of family private key is shown by fig. 1 is obtained.
S302, Hash operation is done to Crypted password to be verified, obtains key to be verified.
Client generates a key to be verified according to Crypted password to be verified, wherein generates the process and Fig. 2 of key
The principle shown is identical with implementation procedure, and details are not described herein again.
S303, it is decrypted, is obtained to be tested using the encryption key in the encryption data of key pair private key for user to be verified
Demonstrate,prove private key.
If the Crypted password to be verified of user's input is correct, the key to be verified obtained according to Crypted password to be verified
Can be identical as the key encrypted to private key in step S102 shown in fig. 1, it is private using the key decryption encryption to be verified
Key can also obtain real private key for user.If the Crypted password to be verified of user's input be it is wrong, according to be verified plus
The key to be verified that password obtains is different with the key encrypted to private key in step S102, to be verified using this
Key decrypts encryption key, and obtained private key to be verified would not be the real private key of user.
S304, abstract operation is carried out to private key to be verified, obtains private key abstract to be verified.
Wherein, the concrete principle and implementation procedure and the step S101 phase in Fig. 1 of abstract operation are carried out to private key to be verified
Together, details are not described herein again.
S305, judge that private key abstract private key corresponding with the private key for user in the encryption data of private key for user to be verified is plucked
It is whether consistent.
If private key to be verified is made a summary, private key abstract corresponding with the private key for user in the encryption data of private key for user is consistent,
Then explanation is proved to be successful, and executes step S306.If private key abstract and the user in the encryption data of private key for user to be verified is private
The corresponding private key abstract of key is inconsistent, then illustrates that verifying does not pass through, can prompt the user with the Crypted password mistake of input.It is optional
It ground can also be corresponding really legal to the User ID if the Crypted password error of same User ID continuous several times input
The cell-phone number of user sends prompting message, and prompting the legitimate user, there are the risks that private key for user is cracked.
S306, private key for user is prompted the user with.
Wherein, it prompts the user with private key and refers to prompting the user with and have verified that success, and provide a user by be verified close
Private key after key decryption.
The private corresponding with the private key for user in the encryption data of private key for user it should be noted that private key to be verified is made a summary
When key abstract is consistent, the private key that key to be verified is decrypted also is not necessarily real private key for user.Because in the application
The corresponding private key abstract of private key for user can correspond to multiple and different private keys.If malicious user is looked for during attempting Crypted password
The Crypted password being proved to be successful to one, then the encryption key for the key pair user to be verified that this Crypted password generates
After operation is decrypted, what is obtained is not necessarily private key for user, it is also possible to other private key abstracts corresponding with private key for user
Corresponding private key.
For example, the corresponding private key abstract of private key for user A, is also corresponding with other private keys such as private key B, private key C and private key D.
Malicious user has attempted out a Crypted password, after the key pair private key for user which generates is decrypted verifying at
Function.So Crypted password to obtained private key after private key for user decryption, then may be private key for user A, private key B, private key C and
One of them in the private keys such as private key D, then the private key that client is sent to the malicious user is also not necessarily real user
Private key A.And when private key for user make a summary corresponding different private key number it is more, then after malicious user is proved to be successful, decryption
Out be real private key for user A a possibility that will be smaller, also just reduce what private key for user was successfully cracked by malicious user
Risk, while also correct private key for user is given for change without influence on the user for holding correct Crypted password.
The processing method for the private key that the application proposes is applied to client and is obtained by carrying out abstract operation to private key for user
To the corresponding private key abstract of private key for user.Wherein, the corresponding private key abstract of private key for user is corresponding with multiple and different private keys.It utilizes
The key pair private key for user of user encrypts, and obtains the encryption key of user.Combine the encryption key and private key for user of user
Corresponding private key abstract, obtains the encryption data of private key for user.The corresponding private key of the private key for user as obtained in the application is plucked
It wants, has corresponded to multiple and different private keys in fact.Even if malicious user has found a private key, the private key carry out after abstract operation with
The corresponding private key abstract of private key for user is consistent, then the private key is also not necessarily the real private key of user, therefore reduces malice
User cracks out the risk of real private key for user.
Refering to Fig. 4, based on the processing method of private key disclosed in above-mentioned the embodiment of the present application, the embodiment of the present application is also disclosed
A kind of server access method, specifically includes the following steps:
S401, user end to server send the logging request of user.
Wherein, initial data and signed data are carried in the logging request of user.Initial data includes the mark letter of user
Cease private key abstract corresponding with private key for user.The corresponding private key abstract of private key for user uses the reality of the processing method such as above-mentioned private key
Apply proposed in example to private key for user carry out abstract operation obtain.User identity information is specially the ID of user, the user's registration
When ID, the ID of user, the corresponding private key abstract of private key for user and the corresponding public key of private key for user can be uploaded to server, i.e.,
Server remains the initial data and public key of the user in user's registration ID, and when users log on, server can will be used
Information in the logging request of family is verified according to the data uploaded in advance, if being verified, illustrates the use that current request logs in
Family is legitimate user, can consenting user access server.
Wherein, the signed data that user's logging request carries signs to initial data using private key for user by client
It arrives.Optionally, the process signed using private key for user to initial data are as follows: client carries out abstract operation to initial data, obtains
To summary data to be verified, then reuses private key for user and summary data to be verified is encrypted, obtain signed data.
It should be noted that the login that step S401 also can be regarded as the user that server receives client transmission is asked
It asks.
The public key and initial data for the user that S402, server by utilizing client upload in advance, whether verifying logging request
It is legal.
Wherein, whether the whether legal private key mainly used according to user of logging request is real private key for user to sentence
It is fixed.If logging request be it is legal, it will be real private key for user that user, which is used to the private key signed, ask if logged in
Ask illegal, then the private key that user is used to sign is not just real private key for user.
If verifying, logging request is legal, and the logging request for the user that customer in response end is sent receives client to clothes
The access of business device.Optionally, prompting message can also be sent to client, user is reminded to login successfully.
If it is illegal to verify logging request, refuses the user access server and execute step S403.Specifically, may be used
To send the prompting message for rejecting logging request to client.
Optionally, refering to Fig. 5, in one specific embodiment of the application, user that server by utilizing client uploads in advance
Public key and initial data, verifying logging request it is whether legal, comprising:
S501, the user uploaded in advance using client public key sign test is carried out to signed data.
If sign test passes through, it is legal to regard as logging request, if sign test does not pass through, it is illegal to regard as logging request.
Specifically, execute step S501 process are as follows: signed data is decrypted using the public key that client uploads in advance, obtain to
Verifying abstract.Judge whether abstract to be verified is consistent with original digest data, if abstract to be verified is consistent with original digest data,
Then prove that user signs using real private key for user, i.e., sign test passes through, and logging request is legal.If to be verified pluck
It wants data and original digest data inconsistent, then proves that the user for sending logging request is not carried out using real private key for user
Signature, sign test do not pass through, and logging request is illegal.Wherein, the original that original digest data upload client by server in advance
Beginning data carry out abstract operation and obtain.Original digest data can make a summary again after receiving user's logging request each time
Operation obtains, and can also make an abstract operation to the initial data of upload in advance, obtained original digest data are stored in service
In device, directly the original digest data taking-up of preservation in the server is tested after receiving the logging request of client
Label.
It should be noted that the public key and private key for user due to user are the key pairs obtained by a kind of algorithm,
Public key decryptions must be used if with private key encryption, otherwise decryption will not succeed.Therefore, it is tested using the public key of user
Label, if sign test passes through, the signed data carried in the logging request of user is the data that real private key for user was signed.
S403, judge the corresponding private key abstract of the private key for user carried in logging request, the use uploaded in advance with client
Whether private key corresponding private key abstract in family is consistent.
If the logging request of user is illegal, it can also pass through the corresponding private key of the private key for user for judging to carry in logging request
Abstract, whether private key abstract corresponding with the private key for user that client uploads in advance is consistent, to determine whether the private key for user is deposited
In the risk illegally cracked.
If the corresponding private key abstract of the private key for user carried in logging request, the private key for user pair uploaded in advance with client
The private key abstract answered is consistent, then illustrates that the private key for user of legitimate user has the risk illegally cracked, need to execute step S404.
Since the corresponding private key abstract of the private key for user carried in logging request is proposed by the embodiment of the processing method of above-mentioned private key
Abstract operation carried out to private key for user obtain, therefore private key for user corresponding private key abstract is corresponding with multiple and different private keys.
If the corresponding private key abstract of the private key for user carried in logging request is correct private key abstract, illustrate that being likely to malice uses
The corresponding private key abstract of private key for user has been stolen at family, has then attempted out private key corresponding with private key for user after an abstract operation
It makes a summary consistent private key.
If the private key for user pair that the corresponding private key abstract of the private key for user carried in logging request uploads in advance with client
The private key abstract answered is inconsistent, then terminates.
S404, prompting message is sent to the legitimate user of private key for user.
Wherein, prompting message is used to illustrate that the private key for user of legitimate user to have the risk illegally cracked.Optionally, may be used
To send prompting message to the cell-phone number of legitimate user, legitimate user is informed.
The server access method that the embodiment of the present application proposes, verifies the illegal situation of logging request in server-side
Under, further judge the corresponding private key abstract of the private key for user carried in logging request, the user uploaded in advance with client is private
Whether the corresponding private key abstract of key is consistent.If the corresponding private key abstract of the private key for user that logging request carries, preparatory with client
The corresponding private key abstract of the private key for user of upload is consistent, then sends prompting message to the legitimate user of private key for user, wherein remind
Information is used to illustrate that the private key for user of legitimate user to have the risk illegally cracked.Due to logging request in the embodiment of the present application
The private key for user of carrying corresponding private key abstract be the processing method of above-mentioned private key embodiment in propose to private key for user into
Row abstract operation obtains, therefore the corresponding private key abstract of the private key for user in the embodiment of the present application is corresponding with multiple private keys, if
The private key for user carried in logging request corresponding private key abstract and upload in advance in the server consistent, but logging request
And it is illegal, then explanation be likely to have malicious user attempt to have obtained a private key corresponding with private key for user make a summary it is corresponding
Other private keys, that is, detected that there are the risks that private key for user is illegally cracked.The service proposed by the embodiment of the present application
Device access method can detect that the risk that private key for user is illegally cracked, and remind legitimate user.
Refering to Fig. 6, based on the processing method of above-mentioned private key, the embodiment of the present application also correspondence discloses a kind of processing of private key
Device 600, the processing unit 600 of the private key are client, comprising: the first computing unit 601, encryption unit 602 and combination
Unit 603.
First computing unit 601 obtains the corresponding private key of private key for user and plucks for carrying out abstract operation to private key for user
It wants.Wherein, the corresponding private key abstract of private key for user is corresponding with multiple and different private keys.
Optionally, in one specific embodiment of the application, the first computing unit 601 includes:
First computation subunit, the abstract function for being higher than threshold value using collision rate carry out abstract fortune to private key for user
It calculates, obtains the corresponding private key abstract of private key for user.
Optionally, in one specific embodiment of the application, the first computation subunit, comprising:
It is corresponding to obtain private key for user for calculating private key for user using formula h ash (x)=x%N for second computation subunit
Private key abstract.
In formula, x is private key for user;N is a positive integer;Hash (x) is the corresponding private key abstract of private key for user.
Encryption unit 602 obtains the encryption key of user for encrypting using the key pair private key for user of user.
Assembled unit 603, the corresponding private key abstract of encryption key and private key for user for combining user, obtains user's private
The encryption data of key.
Optionally, in one specific embodiment of the application, the processing unit 600 of private key further include: receiving unit, the second meter
Calculate unit, decryption unit, third computing unit and prompt unit.
Receiving unit gives request for change for receive private key for user.Wherein, give for change request in carry it is to be verified encryption it is close
Code.
Second computing unit obtains key to be verified for doing Hash operation to Crypted password to be verified.
Decryption unit is decrypted for the encryption key in the encryption data using key pair private key for user to be verified,
Obtain private key to be verified.
Third computing unit obtains private key abstract to be verified for carrying out abstract operation to private key to be verified.
Prompt unit, if the private key abstract for be verified is corresponding with the private key for user in the encryption data of private key for user
Private key abstract is consistent, then prompts the user with private key for user.
Specific principle and implementation procedure in the processing unit 600 of private key disclosed in above-mentioned the embodiment of the present application, and it is upper
The processing method for stating private key disclosed in the embodiment of the present application is identical, reference can be made to the processing of private key disclosed in above-mentioned the embodiment of the present application
Corresponding part, is not discussed here in method.
The application propose private key processing unit 600 be client, by the first computing unit 601 to private key for user into
Row abstract operation obtains the corresponding private key abstract of private key for user.Wherein, private key for user corresponding private key abstract be corresponding with it is multiple not
Same private key.Encryption unit 602 is encrypted using the key pair private key for user of user, obtains the encryption key of user.Combination
Unit 603 combines the encryption key and the corresponding private key abstract of private key for user of user, obtains the encryption data of private key for user.Due to
The corresponding private key abstract of the private key for user that the first computing unit 601 obtains in the application, has corresponded to multiple and different private keys in fact.
Even if malicious user has found a private key, private key abstract corresponding with private key for user is consistent after which carries out abstract operation,
So the private key is also not necessarily the real private key of user, therefore reduces the wind that malicious user cracks out real private key for user
Danger.
Refering to Fig. 7, it is based on above-mentioned server access method, the embodiment of the present application is corresponding to disclose a kind of server access dress
700 are set, server access device 700 is client, comprising: transmission unit 701.
Transmission unit 701, for sending the logging request of user to server.
Wherein, initial data and signed data are carried in the logging request of user.Initial data includes the mark letter of user
Private key abstract corresponding with private key for user is ceased, the corresponding private key abstract of private key for user carries out abstract operation by private key for user and obtains.
The corresponding private key abstract of private key for user is corresponding with multiple and different private keys.Signed data is by client using private key for user to original
Data signature obtains.
Specific principle and implementation procedure in server access device 700 disclosed in above-mentioned the embodiment of the present application, and it is upper
It is identical to state server access method disclosed in the embodiment of the present application, reference can be made to server access disclosed in above-mentioned the embodiment of the present application
Corresponding part, is not discussed here in method.
Refering to Fig. 8, the embodiment of the present application also discloses another server access device 800, server access device 800
For server, comprising: receiving unit 801, authentication unit 802, judging unit 803 and reminding unit 804.
Receiving unit 801, the logging request of the user for receiving client transmission.
Wherein, initial data and signed data are carried in the logging request of user.Initial data includes the mark letter of user
Cease private key abstract corresponding with private key for user.The corresponding private key abstract of private key for user carries out abstract operation by private key for user and obtains,
The corresponding private key abstract of private key for user is corresponding with multiple and different private keys.Signed data is by client using private key for user to original
The summary data of data is signed to obtain.
Authentication unit 802, the public key and initial data of the user for being uploaded in advance using client verify logging request
It is whether legal.
Optionally, in one specific embodiment of the application, authentication unit 802, comprising: sign test unit, for utilizing client
The public key of the user uploaded in advance is held to carry out sign test to signed data.If sign test passes through, it is legal to regard as logging request;If testing
Label do not pass through, then it is illegal to regard as logging request.
If judging unit 803 judges that the private key for user carried in logging request is corresponding illegal for logging request
Whether private key abstract, private key abstract corresponding with the private key for user that client uploads in advance are consistent.Wherein, client uploads in advance
Private key for user corresponding private key abstract abstract operation carried out to private key for user by client obtain.The corresponding private key of private key for user
Abstract is corresponding with multiple and different private keys.
Reminding unit 804, if for the private key for user corresponding private key abstract that logging request carries, with client it is preparatory on
The corresponding private key abstract of the private key for user of biography is consistent, then sends prompting message to the legitimate user of private key for user.Wherein, letter is reminded
It ceases the private key for user for illustrating legitimate user and there is the risk illegally cracked.
Specific principle and implementation procedure in server access device 800 disclosed in above-mentioned the embodiment of the present application, and it is upper
It is identical to state server access method disclosed in the embodiment of the present application, reference can be made to server access disclosed in above-mentioned the embodiment of the present application
Corresponding part, is not discussed here in method.
The server access device 800 that the embodiment of the present application proposes, it is illegal to verify logging request in authentication unit 802
In the case where, judging unit 803 further judges the corresponding private key abstract of the private key for user carried in logging request, with client
Whether the corresponding private key abstract of the private key for user uploaded in advance is consistent.If the corresponding private key of private key for user that logging request carries is plucked
It wants, corresponding with the private key for user that client uploads in advance private key abstract is consistent, then reminding unit 804 is to the legal of private key for user
User sends prompting message, wherein prompting message is used to illustrate that the private key for user of legitimate user to have the risk illegally cracked.
Since the user that the logging request that the transmission unit 701 in the embodiment of the present application in server access device 700 is sent carries is private
The corresponding private key abstract of key is to carry out abstract operation by private key for user to obtain, and the corresponding private key abstract of the private key for user is corresponding with
Multiple private keys, if the private key for user carried in logging request corresponding private key abstract and upload in advance in the server consistent,
But logging request is simultaneously illegal, then detected that there are the risks that private key for user is illegally cracked.Pass through the embodiment of the present application
The server access device of proposition can detect that the risk that private key for user is illegally cracked, and remind legitimate user.
The embodiment of the present application provides a kind of computer-readable medium, is stored thereon with computer program, wherein the program
The processing method that the private key that the above each method embodiment provides is realized when being executed by processor, alternatively, server access method.
The embodiment of the present application provides a kind of electronic equipment, which includes processor, memory and be stored in memory
Program that is upper and can running on a processor, processor realize the place for the private key that the above each method embodiment provides when executing program
Reason method, alternatively, server access method.
The embodiment of the present application also provides a kind of computer program products, when being executed on data processing equipment, so that
Data processing equipment realizes the processing method for the private key that the above each method embodiment provides, alternatively, server access method.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The application is referring to method, the process of equipment (system) and computer program product according to the embodiment of the present application
Figure and/or block diagram describe.It should be understood that every one stream in flowchart and/or the block diagram can be realized by computer program instructions
The combination of process and/or box in journey and/or box and flowchart and/or the block diagram.It can provide these computer programs
Instruct the processor of general purpose computer, special purpose computer, Embedded Processor or other programmable data processing devices to produce
A raw machine, so that being generated by the instruction that computer or the processor of other programmable data processing devices execute for real
The device for the function of being specified in present one or more flows of the flowchart and/or one or more blocks of the block diagram.
These computer program instructions, which may also be stored in, is able to guide computer or other programmable data processing devices with spy
Determine in the computer-readable memory that mode works, so that it includes referring to that instruction stored in the computer readable memory, which generates,
Enable the manufacture of device, the command device realize in one box of one or more flows of the flowchart and/or block diagram or
The function of being specified in multiple boxes.
These computer program instructions also can be loaded onto a computer or other programmable data processing device, so that counting
Series of operation steps are executed on calculation machine or other programmable devices to generate computer implemented processing, thus in computer or
The instruction executed on other programmable devices is provided for realizing in one or more flows of the flowchart and/or block diagram one
The step of function of being specified in a box or multiple boxes.
In a typical configuration, calculating equipment includes one or more processors (CPU), input/output interface, net
Network interface and memory.
Memory may include the non-volatile memory in computer-readable medium, random access memory (RAM) and/
Or the forms such as Nonvolatile memory, such as read-only memory (ROM) or flash memory (flash RAM).Memory is computer-readable Jie
The example of matter.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitorymedia), such as the data-signal and carrier wave of modulation.
It should also be noted that, the terms "include", "comprise" or its any other variant are intended to nonexcludability
It include so that the process, method, commodity or the equipment that include a series of elements not only include those elements, but also to wrap
Include other elements that are not explicitly listed, or further include for this process, method, commodity or equipment intrinsic want
Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including element
There is also other identical elements in process, method, commodity or equipment.
It will be understood by those skilled in the art that embodiments herein can provide as method, system or computer program product.
Therefore, complete hardware embodiment, complete software embodiment or embodiment combining software and hardware aspects can be used in the application
Form.It is deposited moreover, the application can be used to can be used in the computer that one or more wherein includes computer usable program code
The shape for the computer program product implemented on storage media (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.)
Formula.
The above is only embodiments herein, are not intended to limit this application.To those skilled in the art,
Various changes and changes are possible in this application.It is all within the spirit and principles of the present application made by any modification, equivalent replacement,
Improve etc., it should be included within the scope of the claims of this application.
Claims (12)
1. a kind of processing method of private key, which is characterized in that be applied to client, the processing method of the private key includes:
Abstract operation is carried out to private key for user, obtains the corresponding private key abstract of the private key for user;Wherein, the private key for user pair
The private key abstract answered is corresponding with multiple and different private keys;
Private key for user described in key pair using user encrypts, and obtains the encryption key of user;
The encryption key and the corresponding private key abstract of the private key for user for combining the user, obtain the encryption of the private key for user
Data.
2. being obtained described the method according to claim 1, wherein described carry out abstract operation to private key for user
The corresponding private key abstract of private key for user, comprising:
Abstract operation is carried out to the private key for user using the abstract function that collision rate is higher than threshold value, obtains the private key for user pair
The private key abstract answered.
3. according to the method described in claim 2, it is characterized in that, described be higher than the abstract function of threshold value to institute using collision rate
It states private key for user and carries out abstract operation, obtain the corresponding private key abstract of the private key for user, comprising:
The private key for user is calculated using formula h ash (x)=x%N, obtains the corresponding private key abstract of the private key for user;
In formula, x is the private key for user;N is a positive integer;Hash (x) is the corresponding private key abstract of the private key for user.
4. the method according to claim 1, which is characterized in that the encryption of the combination user
Private key and the private key for user corresponding private key abstract, after obtaining the encryption data of private key for user, further includes:
Receive the private key for user gives request for change;Wherein, described give for change in request carries Crypted password to be verified;
Hash operation is done to the Crypted password to be verified, obtains key to be verified;
It is decrypted, is obtained to be verified using the encryption key in the encryption data of private key for user described in the key pair to be verified
Private key;
Abstract operation is carried out to the private key to be verified, obtains private key abstract to be verified;
The private key abstract corresponding with the private key for user in the encryption data of the private key for user if the private key to be verified is made a summary
Unanimously, then the private key for user is prompted the user with.
5. a kind of server access method, which is characterized in that be applied to client, the server access method includes:
The logging request of user is sent to server;Wherein, initial data and number of signature are carried in the logging request of the user
According to;The initial data includes the identification information and the corresponding private key abstract of private key for user of user;The private key for user is corresponding
Private key abstract carries out abstract operation by private key for user and obtains;The corresponding private key abstract of the private key for user is corresponding with multiple and different
Private key;The signed data is signed to obtain using the private key for user by the client to the initial data.
6. a kind of server access method, which is characterized in that be applied to server, the server access method includes:
Receive the logging request for the user that client is sent;Wherein, initial data and label are carried in the logging request of the user
Name data;The initial data includes the identification information and the corresponding private key abstract of private key for user of user;The private key for user pair
The private key abstract answered carries out abstract operation by private key for user and obtains;The corresponding private key abstract of the private key for user be corresponding with it is multiple not
Same private key;The signed data is carried out by the client using summary data of the private key for user to the initial data
Signature obtains;
Using the public key and initial data of the user that the client uploads in advance, whether legal the logging request is verified;
If the logging request is illegal, the corresponding private key abstract of the private key for user carried in the logging request is judged, with
Whether the corresponding private key abstract of the private key for user that the client uploads in advance is consistent;Wherein, the client uploads in advance
The corresponding private key abstract of private key for user carries out abstract operation to private key for user by the client and obtains;The private key for user is corresponding
Private key abstract be corresponding with multiple and different private keys;
If the corresponding private key abstract of the private key for user that the logging request carries, the private key for user uploaded in advance with the client
Corresponding private key abstract is consistent, then sends prompting message to the legitimate user of the private key for user, wherein the prompting message is used
There is the risk illegally cracked in the private key for user for illustrating the legitimate user.
7. according to the method described in claim 6, it is characterized in that, the public affairs of the user uploaded in advance using the client
Whether legal key and initial data verify the logging request, comprising:
The public key of the user uploaded in advance using the client carries out sign test to the signed data;
If sign test passes through, it is legal to regard as the logging request;
If sign test does not pass through, it is illegal to regard as the logging request.
8. a kind of processing unit of private key, which is characterized in that the processing unit of the private key is client, the client, packet
It includes:
First computing unit obtains the corresponding private key abstract of the private key for user for carrying out abstract operation to private key for user;Its
In, the corresponding private key abstract of the private key for user is corresponding with multiple and different private keys;
Encryption unit is encrypted for private key for user described in the key pair using user, obtains the encryption key of user;
Assembled unit, the corresponding private key abstract of encryption key and the private key for user for combining the user, obtains described
The encryption data of private key for user.
9. a kind of server access device, which is characterized in that the server access device is client, the client packet
It includes:
Transmission unit, for sending the logging request of user to server;Wherein, it is carried in the logging request of the user original
Data and signed data;The initial data includes the identification information and the corresponding private key abstract of private key for user of user;The use
Private key corresponding private key abstract in family carries out abstract operation by private key for user and obtains;The corresponding private key abstract of the private key for user corresponds to
There is multiple and different private keys;The signed data signs to the initial data using the private key for user by the client
It arrives.
10. a kind of server access device, which is characterized in that the server access device is server, the server packet
It includes:
Receiving unit, the logging request of the user for receiving client transmission;Wherein, it is carried in the logging request of the user
Initial data and signed data;The initial data includes the identification information and the corresponding private key abstract of private key for user of user;Institute
It states private key for user corresponding private key abstract abstract operation is carried out by private key for user and obtain;The corresponding private key abstract of the private key for user
It is corresponding with multiple and different private keys;The signed data is by the client using the private key for user to the initial data
Summary data is signed to obtain;
Authentication unit, the public key and initial data of the user for being uploaded in advance using the client are verified the login and asked
Seeking Truth is no legal;
Judging unit judges that the private key for user carried in the logging request is corresponding if illegal for the logging request
Private key abstract, whether corresponding with the private key for user that the client uploads in advance private key abstract consistent;Wherein, the client
It holds the corresponding private key abstract of the private key for user uploaded in advance to carry out abstract operation to private key for user by the client to obtain;It is described
The corresponding private key abstract of private key for user is corresponding with multiple and different private keys;
Reminding unit, if for the corresponding private key abstract of private key for user that the logging request carries, it is preparatory with the client
The corresponding private key abstract of the private key for user of upload is consistent, then sends prompting message to the legitimate user of the private key for user, wherein
The prompting message is used to illustrate that the private key for user of the legitimate user to have the risk illegally cracked.
11. a kind of computer-readable medium, which is characterized in that be stored thereon with computer program, wherein described program is processed
Device realizes the processing method of private key according to any one of claims 1 to 4, service as claimed in claim 5 when executing
Device access method or the server access method as described in any one of claim 6 or 7.
12. a kind of electronic equipment characterized by comprising
One or more processors;
Storage device is stored thereon with one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of processors
Realize the processing method of private key according to any one of claims 1 to 4, server access side as claimed in claim 5
Method or the server access method as described in any one of claim 6 or 7.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910785886.8A CN110492989B (en) | 2019-08-23 | 2019-08-23 | Private key processing method, access method, and medium and device corresponding to method |
CN202010799914.4A CN111934862B (en) | 2019-08-23 | 2019-08-23 | Server access method and device, readable medium and electronic equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910785886.8A CN110492989B (en) | 2019-08-23 | 2019-08-23 | Private key processing method, access method, and medium and device corresponding to method |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010799914.4A Division CN111934862B (en) | 2019-08-23 | 2019-08-23 | Server access method and device, readable medium and electronic equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110492989A true CN110492989A (en) | 2019-11-22 |
CN110492989B CN110492989B (en) | 2020-11-13 |
Family
ID=68553472
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910785886.8A Active CN110492989B (en) | 2019-08-23 | 2019-08-23 | Private key processing method, access method, and medium and device corresponding to method |
CN202010799914.4A Active CN111934862B (en) | 2019-08-23 | 2019-08-23 | Server access method and device, readable medium and electronic equipment |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010799914.4A Active CN111934862B (en) | 2019-08-23 | 2019-08-23 | Server access method and device, readable medium and electronic equipment |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN110492989B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111739200A (en) * | 2020-06-19 | 2020-10-02 | 广东工业大学 | Fingerprint electronic lock and encryption and decryption authentication method thereof |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113127844A (en) * | 2021-03-24 | 2021-07-16 | 山东英信计算机技术有限公司 | Variable access method, device, system, equipment and medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101447870A (en) * | 2008-12-25 | 2009-06-03 | 中国电子科技集团公司第五十四研究所 | Safe storage method of private key based on technology of distributed password |
CN104796265A (en) * | 2015-05-06 | 2015-07-22 | 厦门大学 | Internet-of-things identity authentication method based on Bluetooth communication access |
CN105812334A (en) * | 2014-12-31 | 2016-07-27 | 北京华虹集成电路设计有限责任公司 | Network authentication method |
CN106453234A (en) * | 2016-08-12 | 2017-02-22 | 北京东方车云信息技术有限公司 | Identity authentication method, relevant server and client |
CN106656495A (en) * | 2016-10-18 | 2017-05-10 | 北京海泰方圆科技股份有限公司 | User password storage method and device |
CN108200014A (en) * | 2017-12-18 | 2018-06-22 | 北京深思数盾科技股份有限公司 | The method, apparatus and system of server are accessed using intelligent key apparatus |
CN108604336A (en) * | 2016-02-02 | 2018-09-28 | 科因普拉格株式会社 | The method and server of file are serviced and recorded by notarization service verification for providing the notarization to file |
CN109104272A (en) * | 2017-06-20 | 2018-12-28 | 上海策链信息科技有限公司 | Private key store method, system and computer readable storage medium |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7792303B2 (en) * | 2004-07-14 | 2010-09-07 | Intel Corporation | Method of delivering direct proof private keys to devices using a distribution CD |
CN109246156B (en) * | 2018-10-30 | 2021-03-02 | 佛山中科芯蔚科技有限公司 | Login authentication method and device, login method and device, and login authentication system |
-
2019
- 2019-08-23 CN CN201910785886.8A patent/CN110492989B/en active Active
- 2019-08-23 CN CN202010799914.4A patent/CN111934862B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101447870A (en) * | 2008-12-25 | 2009-06-03 | 中国电子科技集团公司第五十四研究所 | Safe storage method of private key based on technology of distributed password |
CN105812334A (en) * | 2014-12-31 | 2016-07-27 | 北京华虹集成电路设计有限责任公司 | Network authentication method |
CN104796265A (en) * | 2015-05-06 | 2015-07-22 | 厦门大学 | Internet-of-things identity authentication method based on Bluetooth communication access |
CN108604336A (en) * | 2016-02-02 | 2018-09-28 | 科因普拉格株式会社 | The method and server of file are serviced and recorded by notarization service verification for providing the notarization to file |
CN106453234A (en) * | 2016-08-12 | 2017-02-22 | 北京东方车云信息技术有限公司 | Identity authentication method, relevant server and client |
CN106656495A (en) * | 2016-10-18 | 2017-05-10 | 北京海泰方圆科技股份有限公司 | User password storage method and device |
CN109104272A (en) * | 2017-06-20 | 2018-12-28 | 上海策链信息科技有限公司 | Private key store method, system and computer readable storage medium |
CN108200014A (en) * | 2017-12-18 | 2018-06-22 | 北京深思数盾科技股份有限公司 | The method, apparatus and system of server are accessed using intelligent key apparatus |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111739200A (en) * | 2020-06-19 | 2020-10-02 | 广东工业大学 | Fingerprint electronic lock and encryption and decryption authentication method thereof |
Also Published As
Publication number | Publication date |
---|---|
CN111934862A (en) | 2020-11-13 |
CN111934862B (en) | 2023-08-11 |
CN110492989B (en) | 2020-11-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107742212B (en) | Asset verification method, device and system based on block chain | |
CN109309565B (en) | Security authentication method and device | |
CN110519260B (en) | Information processing method and information processing device | |
CN102271042B (en) | Certificate authorization method, system, universal serial bus (USB) Key equipment and server | |
CN102484638B (en) | Layered protection and validation of identity data delivered online via multiple intermediate clients | |
KR101391151B1 (en) | Method and apparatus for authenticating between clients using session key shared with server | |
CN109194466A (en) | A kind of cloud data integrity detection method and system based on block chain | |
CN109067801A (en) | A kind of identity identifying method, identification authentication system and computer-readable medium | |
CN109981255B (en) | Method and system for updating key pool | |
CN104836784B (en) | A kind of information processing method, client and server | |
US11349660B2 (en) | Secure self-identification of a device | |
CN103685138A (en) | Method and system for authenticating application software of Android platform on mobile internet | |
CN110401615A (en) | A kind of identity identifying method, device, equipment, system and readable storage medium storing program for executing | |
CN113128999B (en) | Block chain privacy protection method and device | |
CN109660353A (en) | A kind of application program installation method and device | |
CN106470103B (en) | Method and system for sending encrypted URL request by client | |
CN110505185A (en) | Auth method, equipment and system | |
Yu et al. | Decim: Detecting endpoint compromise in messaging | |
CN109831311A (en) | A kind of server validation method, system, user terminal and readable storage medium storing program for executing | |
CN109117674A (en) | A kind of client validation encryption method, system, equipment and computer media | |
CN111130798A (en) | Request authentication method and related equipment | |
CN110336663A (en) | A kind of PUFs based on block chain technology certificate scheme group to group | |
CN110492989A (en) | The processing method of private key, the medium of access method and corresponding method, device | |
CN115348107A (en) | Internet of things equipment secure login method and device, computer equipment and storage medium | |
CN110929231A (en) | Digital asset authorization method and device and server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
EE01 | Entry into force of recordation of patent licensing contract | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20191122 Assignee: GUANGZHOU CUBESILI INFORMATION TECHNOLOGY Co.,Ltd. Assignor: GUANGZHOU HUADUO NETWORK TECHNOLOGY Co.,Ltd. Contract record no.: X2021980000151 Denomination of invention: Processing method of private key, access method, medium and device of corresponding method Granted publication date: 20201113 License type: Common License Record date: 20210107 |