CN111294209B - Block chain-based intelligent terminal security verification method and device - Google Patents
Block chain-based intelligent terminal security verification method and device Download PDFInfo
- Publication number
- CN111294209B CN111294209B CN202010057040.5A CN202010057040A CN111294209B CN 111294209 B CN111294209 B CN 111294209B CN 202010057040 A CN202010057040 A CN 202010057040A CN 111294209 B CN111294209 B CN 111294209B
- Authority
- CN
- China
- Prior art keywords
- hash value
- verified
- entity
- intelligent terminal
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The intelligent terminal safety verification method and device based on the block chain comprises the steps of carrying out hash calculation according to an entity to be verified to obtain a first hash value when the entity to be verified is detected to trigger a preset verification event; the entity to be verified comprises an application program and data acquired by the intelligent terminal; and encrypting and transmitting the first hash value to a server side, so that the server side compares the first hash value with a second hash value, wherein the second hash value comprises a second hash value obtained by the server side through hash calculation according to the entity to be verified. Obtaining a consistency comparison result transmitted by the server; and when the first hash value is consistent with the second hash value, determining that the entity to be verified is safe. By carrying out consistency verification on the application program and the acquired data, the safety of the intelligent terminal can be ensured, the consistency of the terminal data and the server data is ensured, and the data blocks are prevented from being tampered in the transmission process.
Description
Technical Field
The invention relates to the technical field of the Internet of things, in particular to a block chain-based intelligent terminal security verification method and device.
Background
With the continuous development of the internet of things industry, the data acquisition terminal in the traditional sense cannot meet the service processing requirement of the terminal, and the market demand for intelligent terminals with edge computing capability is increasing. According to statistics, in 2019, the scale of the terminal of the internet of things reaches 120 hundred million connection numbers, wherein most intelligent terminals have computing power on collected data, can intelligently update codes and programs, can store the data as backup, and can transmit the data to the background. In the process of high-speed development of the intelligent terminal, the guarantee of program security and data security of the intelligent terminal is one of the necessary functions of the intelligent terminal.
The intelligent terminal is deployed at the front end of the network, and the intelligent terminal generally adopts a general operating system, a general platform application program, a function implementation application program, collected data storage transmission and other operation flows. Therefore, the aspects of security mainly consider that the data are not tampered, not lost and the like, and the current many intelligent terminals only consider the security, consistency and integrity of the data, but after the intelligent terminal is attacked, a destructor directly uses the application program to disguise the attack of legal users by modifying the application program, so that the destructor has more destructive power. In addition, for the protection of data safety, most of the data are encrypted, so that the data are prevented from being stolen manually, the difficulty of tampering is improved, but the consistency of the data cannot be effectively ensured, and the data cannot be tampered.
Disclosure of Invention
The invention mainly solves the technical problem of ensuring the safety of the intelligent terminal.
According to a first aspect, in one embodiment, there is provided a blockchain-based intelligent terminal security verification method, including:
when detecting that an entity to be verified triggers a preset verification event, carrying out hash calculation according to the entity to be verified to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
encrypting and transmitting the first hash value to a server so that the server compares the first hash value with a second hash value, wherein the second hash value comprises a second hash value obtained by the server through hash calculation according to the entity to be verified;
obtaining a consistency comparison result transmitted by the server;
and when the first hash value is consistent with the second hash value, determining that the entity to be verified is safe.
In one possible implementation manner, when the entity to be verified is detected to trigger a preset verification event, performing hash calculation according to the entity to be verified, and obtaining a first hash value includes:
When the entity to be verified is an application program, acquiring the time corresponding to the application program;
and carrying out hash calculation according to the time corresponding to the combination of the application programs to obtain a first hash value.
In one possible implementation manner, when the entity to be verified includes at least two applications, performing hash calculation according to the time corresponding to the application association, and obtaining the first hash value includes:
aiming at each application program, carrying out hash calculation according to the time which the application program is combined with to obtain a corresponding hash value;
sequentially sequencing hash values corresponding to all application programs in series according to the numerical value to form a first character string;
and carrying out hash calculation on the first character string to obtain a first hash value.
In one possible implementation manner, the performing hash calculation according to the entity to be verified, to obtain a first hash value includes:
when the entity to be verified is data acquired by the intelligent terminal, the acquired data are packed into data blocks; the data acquired by the intelligent terminal are data in a preset time acquired by the intelligent terminal;
Sorting the data blocks according to a time sequence to form a data block group; wherein the data block group comprises n data blocks, n being greater than 0;
carrying out hash calculation on each data block in the data block group to obtain a hash value of each data block;
the hash values of all the data blocks are combined in pairs according to a Merkel tree mode to calculate the hash values of the data block groups;
acquiring time corresponding to the data acquired by the intelligent terminal;
and carrying out hash calculation according to the hash value of the data block group and the time corresponding to the data acquired by the intelligent terminal to obtain a first hash value.
In one possible implementation manner, the encrypting the first hash value for transmission to the server includes:
concatenating the first hash value with the time to form a second string;
obtaining a public key;
and encrypting and transmitting the second character string to a server by using the public key.
In one possible implementation manner, when the entity to be verified is an application program, the preset verification event includes:
downloading, updating or upgrading application programs;
when the entity to be verified is data acquired by the intelligent terminal, the preset verification event comprises:
Storage or transmission of data.
According to a second aspect, in one embodiment, there is provided a blockchain-based intelligent terminal security verification method, including:
when an entity to be verified triggers a preset verification event, a first hash value obtained by performing hash calculation on the entity to be verified by an intelligent terminal is obtained; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
performing hash calculation on the entity to be verified to obtain a second hash value;
comparing the first hash value with the second hash value to obtain a comparison result;
and when the comparison result is that the first hash value is consistent with the second hash value, determining that the entity to be verified is safe.
According to a third aspect, in one embodiment, there is provided a blockchain-based intelligent terminal security verification method, including:
when the intelligent terminal detects that an entity to be verified triggers a preset verification event, carrying out hash calculation according to the entity to be verified to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
the intelligent terminal encrypts and transmits the first hash value to a server;
The server side obtains the first hash value;
the server performs hash calculation on the entity to be verified to obtain a second hash value;
the server side compares the first hash value with the second hash value to obtain a comparison result;
and the server transmits a comparison result to the intelligent terminal, and determines that the entity to be verified is safe when the comparison result is that the first hash value is consistent with the second hash value.
According to a fourth aspect, in one embodiment, there is provided a blockchain-based intelligent terminal security verification device, including:
the computing module is used for carrying out hash computation according to the entity to be verified when the entity to be verified triggers a preset verification event to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
the transmission module is used for carrying out encryption transmission on the first hash value to a server side so that the server side can carry out consistent comparison on the first hash value and a second hash value, wherein the second hash value comprises a second hash value obtained by carrying out hash calculation on the server side according to the entity to be verified;
the result acquisition module is used for acquiring a consistent comparison result transmitted by the server;
And the determining module is used for determining that the entity to be verified is safe when the first hash value is consistent with the second hash value.
According to a fifth aspect, in one embodiment, there is provided a blockchain-based intelligent terminal security verification device, including:
the acquisition module is used for acquiring a first hash value obtained by performing hash calculation on the entity to be verified by the intelligent terminal when the entity to be verified triggers a preset verification event; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
the calculation module is used for carrying out hash calculation on the entity to be verified by the server to obtain a second hash value;
the comparison module is used for comparing the first hash value with the second hash value to obtain a comparison result;
and the determining module is used for determining that the entity to be verified is safe when the comparison result is that the first hash value is consistent with the second hash value.
According to the intelligent terminal safety verification method and device based on the block chain, when the entity to be verified is detected to trigger a preset verification event, hash calculation is carried out according to the entity to be verified, and a first hash value is obtained; the entity to be verified comprises an application program and data acquired by the intelligent terminal; and encrypting and transmitting the first hash value to a server so that the server compares the first hash value with a second hash value, wherein the second hash value comprises a second hash value obtained by the server through hash calculation according to the entity to be verified. Obtaining a consistency comparison result transmitted by the server; and when the first hash value is consistent with the second hash value, determining that the entity to be verified is safe. Through consistency verification of the application program and the acquired data, the safety of the intelligent terminal can be ensured, the consistency of the intelligent terminal data and the server data is ensured, and the data blocks are prevented from being tampered in the transmission process.
Drawings
FIG. 1 is a flowchart of a method for verifying the security of an intelligent terminal based on a blockchain in an embodiment of the invention;
FIG. 2 is a flowchart of an application hash calculation method according to an embodiment of the present invention;
FIG. 3 is a flowchart of another method for hash computation of an application according to an embodiment of the present invention;
fig. 4 is a schematic flow chart of an encryption transmission method according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of a block chain based intelligent terminal security verification for an application in accordance with an embodiment of the present invention;
FIG. 6 is a flowchart of a method for hash computation of collected data according to an embodiment of the present invention;
FIG. 7 is a flowchart of another method for hash calculation of collected data according to an embodiment of the present invention;
FIG. 8 is a flowchart of a block chain based intelligent terminal security verification method according to an embodiment of the present invention;
FIG. 9 is a flowchart of another block chain based intelligent terminal security verification method according to an embodiment of the present invention;
FIG. 10 is a schematic diagram of a block chain based intelligent terminal security authentication device according to an embodiment of the present invention;
fig. 11 is a schematic diagram of another intelligent terminal security verification apparatus based on blockchain in an embodiment of the present invention.
Detailed Description
The invention will be described in further detail below with reference to the drawings by means of specific embodiments. Wherein like elements in different embodiments are numbered alike in association. In the following embodiments, numerous specific details are set forth in order to provide a better understanding of the present application. However, one skilled in the art will readily recognize that some of the features may be omitted, or replaced by other elements, materials, or methods in different situations. In some instances, some operations associated with the present application have not been shown or described in the specification to avoid obscuring the core portions of the present application, and may not be necessary for a person skilled in the art to describe in detail the relevant operations based on the description herein and the general knowledge of one skilled in the art.
Furthermore, the described features, operations, or characteristics of the description may be combined in any suitable manner in various embodiments. Also, various steps or acts in the method descriptions may be interchanged or modified in a manner apparent to those of ordinary skill in the art. Thus, the various orders in the description and drawings are for clarity of description of only certain embodiments, and are not meant to be required orders unless otherwise indicated.
The numbering of the components itself, e.g. "first", "second", etc., is used herein merely to distinguish between the described objects and does not have any sequential or technical meaning. The terms "coupled" and "connected," as used herein, are intended to encompass both direct and indirect coupling (coupling), unless otherwise indicated.
Embodiment one:
referring to fig. 1, in one embodiment, a method for verifying the security of an intelligent terminal based on a blockchain is provided, and an execution subject of the method is the intelligent terminal, including steps S10 to S40, and the following is specifically described:
step S10: when detecting that an entity to be verified triggers a preset verification event, carrying out hash calculation according to the entity to be verified to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal.
Step S20: and encrypting and transmitting the first hash value to a server so that the server compares the first hash value with a second hash value, wherein the second hash value comprises a second hash value obtained by the server through hash calculation according to the entity to be verified.
Step S30: and obtaining a consistency comparison result transmitted by the server.
Step S40: and when the first hash value is consistent with the second hash value, determining that the entity to be verified is safe.
In the embodiment of the invention, the consistency of the data between the intelligent terminal and the server is realized by adopting algorithm methods such as data block Hash, asymmetric encryption, merkle tree and the like in the block chain technology for the application program and the acquired data on the intelligent terminal, so that the falsification and the damage are prevented, and the function realization and the reliability and the consistency of the data storage and transmission of the intelligent terminal are effectively ensured.
In one possible implementation manner, when the entity to be verified is an application program, the preset verification event includes:
downloading, updating or upgrading of application programs.
When the entity to be verified is data acquired by the intelligent terminal, the preset verification event comprises:
storage or transmission of data.
In the embodiment of the invention, the security assurance of the intelligent terminal in the aspects of remote upgrading, data transmission and the like is realized through downloading, updating or upgrading of the application program or detection of storage and transmission of the acquired data. The consistency of the application program and the data of the server side, the application program and the data of the intelligent terminal is ensured, the security level of the intelligent terminal is improved, and the risk of attack of the application program and the data is reduced.
In the embodiment of the invention, the safety protection of the intelligent terminal application program and the service data is realized by adopting a Hash principle, a Merkle tree principle and an asymmetric encryption principle in a block chain technology. Each principle contains various algorithms, and various algorithms can be selected according to the requirements of the intelligent terminal. Such as MD4, MD5, SHA-1, SHA-256, etc. in Hash, asymmetric encryption algorithms such as RSA, elGama1, knapsack algorithm, rabin, diffie-Hellman (D-H), elliptic Curve Cryptography, etc., merkle trees such as Merkle Patricia tree, binary Mekle tree, etc.
The working principle of each algorithm is as follows:
hash algorithm: an arbitrary length input (also called pre-image) is transformed by a hashing algorithm into a fixed length output, which is a hash value. This conversion is a mapping, simply a function of mapping an arbitrary length message to a fixed length message.
Merkel tree: the merkel tree is an important data structure of a blockchain, which functions to quickly generalize and check the existence and integrity of blockdata. In general, it is a way to hash a large number of aggregated data "chunks", which relies on splitting these data "chunks" into smaller units of data chunks, each chunk containing only a few data "chunks", then taking each chunk unit data chunk and hashing again, repeating the same process until the total number of hashes remaining becomes only 1.
Asymmetric key: also known as public keys, everyone has a pair of uniquely corresponding keys: public keys (public keys for short) and private keys (private keys for short), wherein the public keys are disclosed to the outside, and the private keys are stored by personal secrets; with one of the keys being encrypted, only the other key can be decrypted.
According to the difference between the application program executed by the intelligent terminal and the data, the adopted verification mode is slightly different, the application program verification process does not need to be verified in real time, and the verification mode is a verification mode according to the need, for example, verification can be performed after the application program of the intelligent terminal is upgraded or when the intelligent terminal is restarted each time, the consistency of the application program in the intelligent terminal and the application program stored by the server is ensured, and no error or artificial tampering of the data in the transmission process is ensured. The data collected by the intelligent terminal belongs to real-time conventional data, and Hash calculation is basically impossible for each collected data. Therefore, the data received by the server side is judged in real time by adopting a dynamic calculation mode, so that the consistency of the terminal data and the data of the server side is ensured, and the data block is prevented from being tampered in the transmission process. The reliability is ensured by the process adopted by the application program, and the reliability and the calculation efficiency are both considered by the process adopted by the data.
In one possible implementation manner, referring to fig. 2, when the entity to be verified is detected to trigger the preset verification event, a hash calculation is performed according to the entity to be verified to obtain a first hash value, which includes steps S01 to S02, and is described in detail below.
Step S01: and when the entity to be verified is an application program, acquiring the time corresponding to the application program.
Step S02: and carrying out hash calculation according to the time corresponding to the combination of the application programs to obtain a first hash value.
In one possible implementation manner, referring to fig. 3, when the entity to be verified includes at least two applications, hash calculation is performed according to the time corresponding to the application association, so as to obtain the first hash value, which includes steps S021 to S023, and is described in detail below.
Step S021: and aiming at each application program, carrying out hash calculation according to the time corresponding to the application program combination to obtain a corresponding hash value.
Step S022: and sequentially sequencing hash values corresponding to the application programs in series according to the numerical value size to form a first character string.
Step S023: and carrying out hash calculation on the first character string to obtain a first hash value.
In the embodiment of the invention, the intelligent terminal can verify the application programs triggering the preset verification event in the intelligent terminal, obtain the hash value of each application program after carrying out hash operation on each application program, then sequentially sort and connect the application programs in series according to the numerical value to form a first character string, and carry out hash calculation on the character string to obtain the first hash value.
In one possible implementation manner, referring to fig. 4, the encrypted transmission of the first hash value to the server includes steps S201 to S203, which are described in detail below.
Step S201: and concatenating the first hash value with the time to form a second character string.
Step S202: a public key is obtained.
Step S203: and encrypting and transmitting the second character string to a server by using the public key.
Referring specifically to fig. 5, a server prepares a pair of asymmetric keys, publishes the public key to each intelligent terminal, and reserves the private key.
The method comprises the steps that the intelligent terminal downloads or uses a local application program to be verified from a server, when the application program to be verified is detected to be downloaded, updated or upgraded, the intelligent terminal uses a preset Hash function to output a Hash value in combination time of the application program to be verified, wherein the preset Hash function can be a preset Hash function, the intelligent terminal sorts all Hash values according to a size sequence and serially connects the Hash values to form a first character string, then uses the preset Hash function to output a Hash value of the whole application program package, namely the first Hash value, the intelligent terminal serially connects the first Hash value with the used time to form a second character string, the intelligent terminal encrypts the second character string by using an obtained public key, and the intelligent terminal uploads the second character string encrypted by the public key to the server.
In one possible implementation manner, referring to fig. 6, the hash calculation is performed according to the entity to be verified to obtain a first hash value, which includes steps S03 to S08, which are described in detail below.
Step S03: when the entity to be verified is data acquired by the intelligent terminal, the acquired data are packed into data blocks; the data collected by the intelligent terminal are data in a preset time collected by the intelligent terminal.
Step S04: sorting the data blocks according to a time sequence to form a data block group; wherein the data block group includes n data blocks, n being greater than 0.
Step S05: and carrying out hash calculation on each data block in the data block group to obtain hash values of each data block.
Step S06: and calculating the hash value of each data block group according to the two-by-two combination of the hash values of each data block in a Merkel tree mode.
Step S07: and acquiring the time corresponding to the data acquired by the intelligent terminal.
Step S08: and carrying out hash calculation according to the hash value of the data block group and the time corresponding to the data acquired by the intelligent terminal to obtain a first hash value.
Specifically, referring to fig. 7, the intelligent terminal packages data within a period of time into data blocks, and sorts the data blocks according to a time sequence to form a data block group, wherein the data block group comprises n data blocks (n is greater than 0); the intelligent terminal carries out a Hash function on each data block in the data block group to calculate a Hash value of each data block; the intelligent terminal calculates the Hash values of the preset data block group according to the mode of the Meckel tree for each data block in a pairwise combination mode, the intelligent terminal calculates the Hash value by utilizing a Hash function again according to the output Hash value combining time to obtain a first Hash value, the intelligent terminal combines the calculated first Hash value with time to form a second character string, and the intelligent terminal encrypts the second character string with a public key and uploads the second character string to the server.
After the encrypted data is transmitted to the server, the server performs consistent verification, hash calculation is performed on the entity to be verified to obtain a second hash value, the first hash value and the second hash value are compared to obtain a comparison result, the comparison result is transmitted to the intelligent terminal, and when the comparison result is that the first hash value is consistent with the second hash value, the entity to be verified is determined to be safe.
The embodiment of the invention has the following characteristics:
the intelligent terminal safety verification method based on the block chain can ensure the safety of the intelligent terminal by carrying out consistency verification on the application program and the collected data, and ensure the consistency of the terminal data and the server data and avoid the tampering of the data blocks in the transmission process. The intelligent terminal ensures the consistency of the application program of the server side and the application program used by the intelligent terminal in the software upgrading process, and ensures the consistency of the application program started by the intelligent terminal and the application program of the server side in the restarting process. The method ensures that the data of the intelligent terminal is safely and reliably uploaded to the server, reduces the calculation capacity required by calculating the data block group, reduces the calculation capacity required by data comparison when whether the data is tampered or not to be verified, and reduces the high bandwidth required by transmitting the verification data.
Example two
Referring to fig. 8, in one embodiment, a blockchain-based intelligent terminal security verification method is provided, which is executed on a server, and includes steps S50 to S80, and is specifically described below.
Step S50: when an entity to be verified triggers a preset verification event, a first hash value obtained by performing hash calculation on the entity to be verified by an intelligent terminal is obtained; the entity to be verified comprises an application program and data acquired by the intelligent terminal.
Step S60: and carrying out hash calculation on the entity to be verified to obtain a second hash value.
Step S70: and comparing the first hash value with the second hash value to obtain a comparison result.
Step S80: and when the comparison result is that the first hash value is consistent with the second hash value, determining that the entity to be verified is safe.
Specifically, referring to fig. 5, for an entity to be verified as an application program, after receiving a second string encrypted by a public key, a server decrypts the second string by using a private key, extracts data, extracts time and a Hash value of an intelligent terminal application program from the decrypted second string, calculates the Hash value by using a Hash function for each application program joint time, sorts the Hash values according to the sizes of the Hash values by the server, forms a new string, calculates the Hash value of the application program of the server by using the Hash function, compares the calculated Hash value of the application program of the server with the Hash value of the intelligent terminal application program which is solved by the private key, and considers that the application program is not tampered when the comparison result is that the first Hash value is consistent with the second Hash value, and determines that the entity to be verified is safe and the authentication is completed.
Specifically, referring to fig. 7, when the entity to be verified is data collected by the intelligent terminal, the server decrypts the uploaded encrypted second character string by using a private key, extracts time and Hash value of the terminal stored data, the server calculates the Hash value of the final data block group by adopting a mekel tree mode for the data block group to be verified, the server calculates the Hash value of the server stored data by using the extracted time and the Hash value of the data block group and using a Hash function, compares the Hash value of the server stored data with the Hash value of the terminal stored data obtained by the solution, and determines that the entity to be verified is safe when the comparison result is that the first Hash value is consistent with the second Hash value.
The implementation of the embodiment has the following characteristics:
the intelligent terminal safety verification method based on the block chain can ensure the safety of the intelligent terminal by carrying out consistency verification on the application program and the collected data, and ensure the consistency of the terminal data and the server data and avoid the tampering of the data blocks in the transmission process. The intelligent terminal ensures the consistency of the application program of the server side and the application program used by the intelligent terminal in the process of upgrading the application program, and ensures the consistency of the application program started by the intelligent terminal and the application program of the server side in the process of restarting the intelligent terminal. The method ensures that the data of the intelligent terminal is safely and reliably uploaded to the server, reduces the calculation capacity required by calculating the data block group, reduces the calculation capacity required by data comparison when whether the data is tampered or not to be verified, and reduces the high bandwidth required by transmitting the verification data.
Example III
Referring to fig. 9, in one embodiment, a method for securely verifying a blockchain-based intelligent terminal is provided, which is executed by a blockchain-based intelligent terminal security verification system, where the system includes an intelligent terminal and a server, and specifically includes steps S001 to S006, which are described in detail below.
Step S001: when the intelligent terminal detects that an entity to be verified triggers a preset verification event, carrying out hash calculation according to the entity to be verified to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal.
Step S002: and the intelligent terminal encrypts and transmits the first hash value to a server.
Step S003: the server acquires the first hash value.
Step S004: and the server performs hash calculation on the entity to be verified to obtain a second hash value.
Step S005: and the server compares the first hash value with the second hash value to obtain a comparison result.
Step S006: and the server transmits a comparison result to the intelligent terminal, and determines that the entity to be verified is safe when the comparison result is that the first hash value is consistent with the second hash value.
The implementation of the embodiment has the following characteristics:
the intelligent terminal safety verification method based on the block chain can ensure the safety of the intelligent terminal by carrying out consistency verification on the application program and the collected data, and ensure the consistency of the intelligent terminal data and the server data and avoid the falsification of the data block in the transmission process. The intelligent terminal ensures the consistency of the application program of the server side and the application program used by the intelligent terminal in the process of upgrading the application program, and ensures the consistency of the application program started by the intelligent terminal and the application program of the server side in the process of restarting the intelligent terminal. The method ensures that the data of the intelligent terminal is safely and reliably uploaded to the server, reduces the calculation capacity required by calculating the data block group, reduces the calculation capacity required by data comparison when whether the data is tampered or not to be verified, and reduces the high bandwidth required by transmitting the verification data.
Example IV
Referring to fig. 10, in one embodiment, a blockchain-based intelligent terminal security verification device is provided, which includes a computing module 10, a transmitting module 20, a result obtaining module 30, and a determining module 40, and is described in detail below.
The computing module 10 is configured to perform hash computation according to an entity to be verified when detecting that the entity to be verified triggers a preset verification event, so as to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
The transmission module 20 is configured to encrypt the first hash value and transmit the first hash value to a server, so that the server compares the first hash value with a second hash value, where the second hash value includes a second hash value obtained by the server by performing hash calculation according to the entity to be verified;
the result obtaining module 30 is configured to obtain a consistent comparison result transmitted by the server;
a determining module 40, configured to determine that the entity to be verified is secure when the first hash value is consistent with the second hash value.
The embodiment of the invention has the following characteristics:
the intelligent terminal safety verification method based on the block chain can ensure the safety of the intelligent terminal by carrying out consistency verification on the application program and the collected data, and ensure the consistency of the terminal data and the server data and avoid the tampering of the data blocks in the transmission process. The intelligent terminal ensures the consistency of the application program of the server side and the application program used by the intelligent terminal in the process of upgrading the application program, and ensures the consistency of the application program started by the intelligent terminal and the application program of the server side in the process of restarting the intelligent terminal. The method ensures that the data of the intelligent terminal is safely and reliably uploaded to the server, reduces the calculation capacity required by calculating the data block group, reduces the calculation capacity required by data comparison when whether the data is tampered or not to be verified, and reduces the high bandwidth required by transmitting the verification data.
Example five
Referring to fig. 11, in one embodiment, a block chain-based intelligent terminal security verification apparatus is provided, which includes an acquisition module
The acquisition module 01 is used for acquiring a first hash value obtained by performing hash calculation on the entity to be verified by the intelligent terminal when the entity to be verified triggers a preset verification event; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
a calculation module 02, configured to perform hash calculation on the entity to be verified, to obtain a second hash value;
a comparison module 03, configured to compare the first hash value with the second hash value to obtain a comparison result;
and the determining module 04 is configured to determine that the entity to be verified is safe when the comparison result is that the first hash value is consistent with the second hash value.
The embodiment of the invention has the following characteristics:
the intelligent terminal safety verification method based on the block chain can ensure the safety of the intelligent terminal by carrying out consistency verification on the application program and the collected data, and ensure the consistency of the terminal data and the server data and avoid the tampering of the data blocks in the transmission process. The intelligent terminal ensures the consistency of the application program of the server side and the application program used by the intelligent terminal in the process of upgrading the application program, and ensures the consistency of the application program started by the intelligent terminal and the application program of the server side in the process of restarting the intelligent terminal. The method ensures that the data of the intelligent terminal is safely and reliably uploaded to the server, reduces the calculation capacity required by calculating the data block group, reduces the calculation capacity required by data comparison when whether the data is tampered or not to be verified, and reduces the high bandwidth required by transmitting the verification data.
Those skilled in the art will appreciate that all or part of the functions of the various methods in the above embodiments may be implemented by hardware, or may be implemented by a computer program. When all or part of the functions in the above embodiments are implemented by means of a computer program, the program may be stored in a computer readable storage medium, and the storage medium may include: read-only memory, random access memory, magnetic disk, optical disk, hard disk, etc., and the program is executed by a computer to realize the above-mentioned functions. For example, the program is stored in the memory of the device, and when the program in the memory is executed by the processor, all or part of the functions described above can be realized. In addition, when all or part of the functions in the above embodiments are implemented by means of a computer program, the program may be stored in a storage medium such as a server, another computer, a magnetic disk, an optical disk, a flash disk, or a removable hard disk, and the functions in all or part of the above embodiments may be implemented by downloading or copying the program into a memory of a local device or updating a version of a system of the local device, and executing the program in the memory by a processor.
The foregoing description of the invention has been presented for purposes of illustration and description, and is not intended to be limiting. Several simple deductions, modifications or substitutions may also be made by a person skilled in the art to which the invention pertains, based on the idea of the invention.
Claims (8)
1. The intelligent terminal safety verification method based on the block chain is characterized by comprising the following steps of:
when detecting that an entity to be verified triggers a preset verification event, carrying out hash calculation according to the entity to be verified to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
encrypting and transmitting the first hash value to a server so that the server compares the first hash value with a second hash value, wherein the second hash value comprises a second hash value obtained by the server through hash calculation according to the entity to be verified;
obtaining a consistency comparison result transmitted by the server;
when the first hash value is consistent with the second hash value, determining that the entity to be verified is safe;
when the entity to be verified is detected to trigger a preset verification event, performing hash calculation according to the entity to be verified, and obtaining a first hash value includes:
When the entity to be verified is an application program, acquiring the time corresponding to the application program, and performing hash calculation according to the time corresponding to the application program in a combined mode to obtain a first hash value;
when the entity to be verified is data acquired by the intelligent terminal, the acquired data are packed into data blocks, wherein the data acquired by the intelligent terminal are data in preset time acquired by the intelligent terminal; sorting the data blocks according to a time sequence to form a data block group, wherein the data block group comprises n data blocks, and n is greater than 0; carrying out hash calculation on each data block in the data block group to obtain a hash value of each data block; the hash values of all the data blocks are combined in pairs according to a Merkel tree mode to calculate the hash values of the data block groups; acquiring time corresponding to the data acquired by the intelligent terminal; and carrying out hash calculation according to the hash value of the data block group and the time corresponding to the data acquired by the intelligent terminal, so as to obtain a first hash value.
2. The method of claim 1, wherein,
when the entity to be verified comprises at least two application programs, performing hash calculation according to the time corresponding to the application programs in a joint way, and obtaining the first hash value comprises:
Aiming at each application program, carrying out hash calculation according to the time which the application program is combined with to obtain a corresponding hash value;
sequentially sequencing hash values corresponding to all application programs in series according to the numerical value to form a first character string;
and carrying out hash calculation on the first character string to obtain a first hash value.
3. The method according to any one of claims 1 to 2, wherein said encrypting the first hash value for transmission to a server comprises:
concatenating the first hash value with the time to form a second string;
obtaining a public key;
and encrypting and transmitting the second character string to a server by using the public key.
4. The method of claim 1, wherein when the entity to be authenticated is an application, the preset authentication event comprises:
downloading, updating or upgrading application programs;
when the entity to be verified is data acquired by the intelligent terminal, the preset verification event comprises:
storage or transmission of data.
5. The intelligent terminal safety verification method based on the block chain is characterized by comprising the following steps of:
when an entity to be verified triggers a preset verification event, a first hash value obtained by performing hash calculation on the entity to be verified by an intelligent terminal is obtained; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
Performing hash calculation on the entity to be verified to obtain a second hash value;
comparing the first hash value with the second hash value to obtain a comparison result;
when the comparison result is that the first hash value is consistent with the second hash value, determining that the entity to be verified is safe;
when the entity to be verified is an application program, after receiving a second character string encrypted by a public key, decrypting the second character string by using a private key, extracting data, extracting time and an intelligent terminal application program Hash value from the decrypted second character string, calculating the Hash value by using a Hash function for each application program joint time, sorting according to the size of the Hash value, forming a new character string, calculating a server application program Hash value by using the Hash function, comparing the calculated server application program Hash value with the intelligent terminal application program Hash value obtained by the key, and determining that the entity to be verified is safe when the comparison result is that the first Hash value is consistent with the second Hash value;
when the entity to be verified is data acquired by the intelligent terminal, decrypting the uploaded encrypted second character string by adopting a private key, extracting time and a Hash value of the terminal stored data, calculating a Hash value of a final data block group by adopting a Meckel tree mode for the data block group to be verified, calculating a server stored data Hash value by utilizing a Hash function by combining the extracted time and the Hash value of the data block group, comparing the server stored data Hash value with the solved terminal stored data Hash value, and determining that the entity to be verified is safe when the comparison result is that the first Hash value is consistent with the second Hash value.
6. The intelligent terminal safety verification method based on the block chain is characterized by comprising the following steps of:
when the intelligent terminal detects that an entity to be verified triggers a preset verification event, carrying out hash calculation according to the entity to be verified to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
the intelligent terminal encrypts and transmits the first hash value to a server;
the server side obtains the first hash value;
the server performs hash calculation on the entity to be verified to obtain a second hash value;
the server side compares the first hash value with the second hash value to obtain a comparison result;
the server transmits a comparison result to the intelligent terminal, and determines that the entity to be verified is safe when the comparison result is that the first hash value is consistent with the second hash value;
when the intelligent terminal detects that an entity to be verified triggers a preset verification event, carrying out hash calculation according to the entity to be verified to obtain a first hash value, wherein the method comprises the following steps:
when the entity to be verified is an application program, the intelligent terminal acquires the time corresponding to the application program, and carries out hash calculation according to the time corresponding to the application program in a combined mode to obtain a first hash value;
When the entity to be verified is data acquired by the intelligent terminal, the intelligent terminal packages the acquired data into a data block, wherein the data acquired by the intelligent terminal is data in a preset time acquired by the intelligent terminal; sorting the data blocks according to a time sequence to form a data block group, wherein the data block group comprises n data blocks, and n is greater than 0; carrying out hash calculation on each data block in the data block group to obtain a hash value of each data block; the hash values of all the data blocks are combined in pairs according to a Merkel tree mode to calculate the hash values of the data block groups; acquiring time corresponding to the data acquired by the intelligent terminal; and carrying out hash calculation according to the hash value of the data block group and the time corresponding to the data acquired by the intelligent terminal, so as to obtain a first hash value.
7. Intelligent terminal safety verification device based on block chain, characterized by comprising:
the computing module is used for carrying out hash computation according to the entity to be verified when the entity to be verified triggers a preset verification event to obtain a first hash value; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
The transmission module is used for carrying out encryption transmission on the first hash value to a server side so that the server side can carry out consistent comparison on the first hash value and a second hash value, wherein the second hash value comprises a second hash value obtained by carrying out hash calculation on the server side according to the entity to be verified;
the result acquisition module is used for acquiring a consistent comparison result transmitted by the server;
the determining module is used for determining that the entity to be verified is safe when the first hash value is consistent with the second hash value;
the computing module is specifically configured to:
when the entity to be verified is an application program, acquiring the time corresponding to the application program, and performing hash calculation according to the time corresponding to the application program in a combined mode to obtain a first hash value;
when the entity to be verified is data acquired by the intelligent terminal, the acquired data are packed into data blocks, wherein the data acquired by the intelligent terminal are data in preset time acquired by the intelligent terminal; sorting the data blocks according to a time sequence to form a data block group, wherein the data block group comprises n data blocks, and n is greater than 0; carrying out hash calculation on each data block in the data block group to obtain a hash value of each data block; the hash values of all the data blocks are combined in pairs according to a Merkel tree mode to calculate the hash values of the data block groups; acquiring time corresponding to the data acquired by the intelligent terminal; and carrying out hash calculation according to the hash value of the data block group and the time corresponding to the data acquired by the intelligent terminal, so as to obtain a first hash value.
8. Intelligent terminal safety verification device based on block chain, characterized by comprising:
the acquisition module is used for acquiring a first hash value obtained by performing hash calculation on the entity to be verified by the intelligent terminal when the entity to be verified triggers a preset verification event; the entity to be verified comprises an application program and data acquired by the intelligent terminal;
the calculation module is used for carrying out hash calculation on the entity to be verified to obtain a second hash value;
the comparison module is used for comparing the first hash value with the second hash value to obtain a comparison result;
the determining module is used for determining that the entity to be verified is safe when the comparison result is that the first hash value is consistent with the second hash value;
the computing module is specifically configured to:
when the entity to be verified is an application program, after receiving a second character string encrypted by a public key, decrypting the second character string by using a private key, extracting data, extracting time and an intelligent terminal application program Hash value from the decrypted second character string, calculating the Hash value of each application program joint time by using a Hash function, sorting according to the size of the Hash value, forming a new character string, and calculating the server application program Hash value by using the Hash function;
When the entity to be verified is data acquired by the intelligent terminal, decrypting the uploaded encrypted second character string by adopting a private key, extracting time and a Hash value of the data stored by the terminal, calculating a Hash value of a final data block group by adopting a Meeker tree mode for the data block group to be verified, combining the extracted time and the Hash value of the data block group, and calculating the Hash value of the data stored by the server by utilizing a Hash function.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010057040.5A CN111294209B (en) | 2020-01-17 | 2020-01-17 | Block chain-based intelligent terminal security verification method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010057040.5A CN111294209B (en) | 2020-01-17 | 2020-01-17 | Block chain-based intelligent terminal security verification method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111294209A CN111294209A (en) | 2020-06-16 |
| CN111294209B true CN111294209B (en) | 2023-06-16 |
Family
ID=71023399
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010057040.5A Active CN111294209B (en) | 2020-01-17 | 2020-01-17 | Block chain-based intelligent terminal security verification method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111294209B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111769952B (en) * | 2020-06-29 | 2024-04-02 | 福建福链科技有限公司 | Data processing system of block chain sensor |
| CN112689260B (en) * | 2020-12-15 | 2023-04-07 | 中国联合网络通信集团有限公司 | Message verification method of vehicle-mounted terminal and terminal |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004207965A (en) * | 2002-12-25 | 2004-07-22 | Nec Commun Syst Ltd | High speed authentication system and method for wireless lan |
| CN110113167A (en) * | 2019-04-01 | 2019-08-09 | 广州杰赛科技股份有限公司 | A kind of information protecting method of intelligent terminal, system and readable storage medium storing program for executing |
-
2020
- 2020-01-17 CN CN202010057040.5A patent/CN111294209B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004207965A (en) * | 2002-12-25 | 2004-07-22 | Nec Commun Syst Ltd | High speed authentication system and method for wireless lan |
| CN110113167A (en) * | 2019-04-01 | 2019-08-09 | 广州杰赛科技股份有限公司 | A kind of information protecting method of intelligent terminal, system and readable storage medium storing program for executing |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111294209A (en) | 2020-06-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109194466B (en) | Block chain-based cloud data integrity detection method and system | |
| US10747721B2 (en) | File management/search system and file management/search method based on block chain | |
| US9977918B2 (en) | Method and system for verifiable searchable symmetric encryption | |
| CN110334526B (en) | Forward security searchable encryption storage system and method supporting verification | |
| CN110008757A (en) | Data guard method and system in a kind of internet-of-things terminal firmware update | |
| US8850583B1 (en) | Intrusion detection using secure signatures | |
| CN112637166A (en) | Data transmission method, device, terminal and storage medium | |
| CN112732695B (en) | Cloud storage data security deduplication method based on block chain | |
| CN112199698B (en) | Robust searchable symmetric encryption method and system | |
| CN111294209B (en) | Block chain-based intelligent terminal security verification method and device | |
| CN110601815B (en) | Block chain data processing method and equipment | |
| CN112491989A (en) | Data transmission method, device, equipment and storage medium | |
| CN107566360B (en) | A kind of generation method of data authentication code | |
| CN112907375B (en) | Data processing method, device, computer equipment and storage medium | |
| CN111090386A (en) | Cloud storage method, device and system and computer equipment | |
| Pardeshi et al. | Improving data integrity for data storage security in cloud computing | |
| CN111045856A (en) | Method, apparatus and computer program product for managing application systems | |
| CN109978543B (en) | Contract signing method and device, electronic equipment and storage medium | |
| CN111585995A (en) | Method and device for transmitting and processing safety wind control information, computer equipment and storage medium | |
| CN115943609A (en) | Block propagation for poisoned transactions in block chain networks | |
| EP3742367A1 (en) | Method for determining information integrity and computer system using the same | |
| CN116579026A (en) | Cloud data integrity auditing method, device, equipment and storage medium | |
| CN106650342B (en) | Jar package reinforcement method and system | |
| CN111191273B (en) | Method and device for processing document, electronic equipment and readable storage medium | |
| CN111914280A (en) | File self-encryption and decryption method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |