CN111355591A - Block chain account safety management method based on real-name authentication technology - Google Patents
Block chain account safety management method based on real-name authentication technology Download PDFInfo
- Publication number
- CN111355591A CN111355591A CN202010124255.4A CN202010124255A CN111355591A CN 111355591 A CN111355591 A CN 111355591A CN 202010124255 A CN202010124255 A CN 202010124255A CN 111355591 A CN111355591 A CN 111355591A
- Authority
- CN
- China
- Prior art keywords
- account
- private key
- real
- client
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000005516 engineering process Methods 0.000 title claims abstract description 16
- 238000007726 management method Methods 0.000 title claims abstract description 10
- 238000000034 method Methods 0.000 claims abstract description 32
- 238000011084 recovery Methods 0.000 claims abstract description 18
- 230000008569 process Effects 0.000 claims abstract description 11
- 238000012545 processing Methods 0.000 claims description 10
- 230000006378 damage Effects 0.000 claims description 8
- 238000012795 verification Methods 0.000 claims description 7
- 238000001514 detection method Methods 0.000 claims description 6
- 230000007246 mechanism Effects 0.000 claims description 6
- 238000004422 calculation algorithm Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- RTZKZFJDLAIYFH-UHFFFAOYSA-N Diethyl ether Chemical compound CCOCC RTZKZFJDLAIYFH-UHFFFAOYSA-N 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000013515 script Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000006854 communication Effects 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention relates to the technical field of data security, in particular to a block chain account security management method based on a real-name authentication technology, which comprises the following steps that S1, a user client generates an account private key A and stores the account private key A in the local of the client; s2: performing real-name authentication through a client, binding an account after the real-name authentication, and generating a private key B for a user; s3, the account number processes the decentralized transaction; s4, recovering the account number in different places; s5: recovering the account number; s6: and (4) destroying the account, namely, utilizing a brand-new safety technology by combining a real-name authentication mode according to the characteristics of the decentralized block chain account. The convenience and the safety of the use of the user account are guaranteed, and meanwhile, the account of the user can be guaranteed not to be lost and can be recovered. The method overcomes the problems that the digital assets are lost due to careless loss, recovery and attack and manual misoperation in the existing decentralized account management process.
Description
Technical Field
The invention relates to the technical field of data security, in particular to a management method for block chain account security based on a real-name authentication technology.
Background
The traditional method for processing the block chain account number comprises the following steps: and the block chain account is generated in a way of decentralized client. The generated block chain account is only stored in the client of the user, and decentralized block chain account information does not participate in interaction and network transmission in any mode. When the account number is used for transaction, only the decentralized blockchain account number is used for off-line signature of transaction information, and the signed data are interacted through a network. Therefore, in the traditional processing of decentralized block chain accounts, a user needs to be responsible for the full authority of the account, and once the user forgets a password and loses the account, the digital assets in the decentralized account are lost. And cannot be restored by technical means. Because the traditional mode only protects the safety, but does not provide good use experience. The problem that the existing decentralized block chain account number is used abnormally and difficult, and digital assets are lost due to various conditions caused by manual operation errors is solved.
In order to solve the problems of the conventional method and improve the convenience and safety of use, people also propose various technical points and new solutions. Among them, the following techniques are prominent:
the first method comprises the following steps: hosting mode: account centralized hosting
The account generated by the user is not only stored in the client side of the user, but also backed up in a centralized database. Therefore, once the account of the client is lost, the recovery operation can be carried out on the account in a centralized verification mode. Related patents such as "account security system of a new decentralized hosting platform and its operation method" apply for number: CN201910324825.1
And the second method comprises the following steps: account key Sharing (Secret Sharing Scheme) mode
In the account key sharing mode (SSS for short), the key is divided into a plurality of parts and stored separately in a redundant mode, and a certain number of keys are reassembled into the key for signature when a transaction is initiated. For example, "shared key generation method", application No. CN200710202055.0
And the third is that: a multi-label mode: the multiple account keys control one account, and when the multiple signature is used, the multiplexing of the private key is avoided, which increases the risk of private key leakage. Multiple signatures are typically implemented using contracts (or scripts) on the chain. For example, "authentication method and system for pre-sharing multiple keys based on symmetric cryptographic algorithm" application No.: CN201510875058.5, and the patent application No.: CN201710253749.0
And fourthly: threshold signature (Threshold signatures)
The threshold signature (TSS) combines the advantages of account key sharing and MulTI-signature, and uses a plurality of partitioned secret keys to carry out (transaction) signature in turn based on MulTI-Party security computing (MPC) to generate a final effective signature. For example, "a threshold private key generation method, transaction method and related device", application number: CN 201810644332.1.
The above methods all have different drawbacks,
1. defects of managed mode
The problem root of this approach is: the account number which is originally stored in a decentralized mode becomes the storage in a centralized mode. Although the problem of account recovery is solved, problems due to centralized storage are also introduced. If the centralized storage server fails or is hacked, the digital assets in the user account are more easily lost.
2. Defect of account key sharing
This solution has one major drawback: the account key is always assembled in one place and forms one usable account. When the account key is reassembled, an attacker is provided with a multiplier for obtaining the key.
3. A multi-label mode: multiple account keys control one account
When the multi-signature is used, the multiplexing of the account number and the private key is avoided, and the risk of private key leakage is increased due to the multiplexing of the account number and the private key. Multi-sign signatures are typically implemented using contracts (or scripts) on the chain, which also brings a drawback to multi-sign: higher transaction fees need to be paid and longer transaction validation times due to multi-person asynchronous signatures.
4. Threshold signature (Threshold signatures)
The threshold signature problem exists in what is needed to save two different keys for the user, where are the user account private key? How to recover, whether the recovery process has the risk of being attacked or not. In addition, the implementation of a system that addresses common signatures of multiple keys is difficult.
Disclosure of Invention
In view of the above, the present invention provides a method for managing block chain account security based on real-name authentication technology, and the invention utilizes a brand-new security technology by combining a real-name authentication mode according to the characteristics of decentralized block chain accounts. The convenience and the safety of the use of the user account are guaranteed, and meanwhile, the account of the user can be guaranteed not to be lost and can be recovered. The method overcomes the problems that the digital assets are lost due to careless loss, recovery and attack and manual misoperation in the existing decentralized account management process.
The invention also provides a block chain account safety management method based on the real-name authentication technology, which comprises the following steps: the method comprises the following steps:
s1: the user client generates an account private key A and stores the account private key A in the local client;
s2: performing real-name authentication through a client, and binding an account after the real-name authentication;
further, step S2 is specifically executed as follows:
s2.1, the user submits real-name authentication information;
s2.2, after the verification is passed, the unique ID of the user is bound to the real-name authentication identity of the user;
s2.3, binding the account private key A with the user account, and storing the account private key A on a three-party escrow server;
s2.4, only the client which passes the real-name authentication verification can access the account private key A through the escrow server;
s2.5, calling a private key signature server interface by the real-name authentication program, generating an account private key B on the private key signature server, storing the account private key B on the private key signature server, and binding the account private key B with user information;
s2.6, when a user initiates a transaction, signing by using a local account private key A;
s2.7, delivering the signed data to a private key signature server;
s2.8, the private key signature server signs by using the account private key corresponding to the real name;
s2.9, submitting the data to a block chain network for storage;
further, the account number processes the decentralized transaction; step S3 is specifically executed as follows:
s3.1, the user logs in through the client;
s3.2, the user initiates a transaction;
s3.3, the client signs by using a local account private key A;
s3.4, calling a private key signature server interface by the client to request secondary signature;
s3.5, after the private key signature server obtains the request and verifies the identity of the user, the private key B of the account number is used for off-line signature, and the signed data can be returned to the client side or directly submitted to the block chain network;
s3.6, the client acquires the returned data of the private key signature server and sends a request submitted to the blockchain network to the blockchain;
s3.7, verifying the signature information by the blockchain, and completing the transaction and submitting the transaction to a blockchain network;
further, the account number is recovered in different places, and the step 4 is specifically executed according to the following steps:
s4.1, a user installs a client, a mobile terminal App or a PC terminal client on a new device;
s4.2, carrying out real-name authentication detection processing through the client;
s4.3, after real-name authentication detection, calling a three-party hosting platform interface by a real-name authentication mechanism to perform the following operations;
s4.4, the new client acquires the real-name authentication token;
s4.5, the original client equipment cancels the binding and can not pass the real-name authentication any more, thereby being incapable of carrying out any operation and request;
further, recovering the account number; step S5 is specifically executed as follows:
s5.1, due to the conditions of reinstallation and the like, the user client resets and reinstalls the client;
s5.2, performing real-name authentication through the client;
s5.3, after real-name authentication, the client requests the three-party hosting server to recover the user account;
s5.4, the three-party escrow server verifies the user real-name authentication token and provides an account private key A bound with the user account;
s5.5, the client saves the private key A of the account number to complete the recovery work of the user account number;
further, the account destruction, in step S6, is specifically executed according to the following steps:
s6.1 user authenticates to real name authentication server through client
S6.2 after the real-name authentication is passed, the client submits an account number destroying request
S6.3 after the three-party escrow server and the private key signature server receive the request, the following operations are carried out
S6.4, after receiving the result, the client deletes the local account number private key A
S6.5 finishing the account destroying process
The invention discloses a block chain account safety management method based on a real-name authentication technology. Not only is the use convenience of the digital assets of the user provided, but also the safety of the user account system is provided most importantly. The account key A locally used by the user can be recovered through real-name authentication, and can be recovered in different places on another device (the original device loses the authority after recovery), so that the private key of the user is fully protected, and risks caused by equipment faults, personnel misoperation and other problems are resisted.
Particularly, a private key signature server is introduced, a double-signature account system is realized, and any user cannot contact another private key (an account private key B). The account private key only carries out off-line signature on the private key signature server, does not go out of the server and cannot leak information. Within the scope of the present description, the probability of failing to recover account information may occur if and only if all of the following conditions occur:
1. the real-name authentication information of the user is completely revealed
2. Loss or corruption of the user's local private key
3. Failure of the three-party hosting server, resulting in total damage of hosting information (including disaster recovery data in different places)
4. Failure of the private key signature server, resulting in total damage to the managed information (including disaster recovery data in different places)
5. The real-name authentication mechanism fails, so that the authentication cannot pass
The above conditions are very difficult to be met under normal conditions because all aspects make relevant safety errors. Moreover, the servers described in the patent can be enlarged by adding servers, adding partners and the like, so that the probability of threat occurrence is reduced.
From the above description, it can be determined that the patent provides a complete and excellent processing solution in terms of protection and convenience of use of digitized assets. The security and the usability of the decentralized blockchain account are obviously promoted.
Drawings
FIG. 1 is a diagram of a data system architecture of the present invention;
FIG. 2 is a flow diagram of real name authentication of the present invention;
FIG. 3 is a flow diagram of the decentralized transaction signature process of the present invention;
FIG. 4 is a flow chart of the remote account recovery of the present invention;
FIG. 5 is an account recovery flow diagram of the present invention;
FIG. 6 is a flow chart of account destruction of the present invention;
fig. 7 is a private key decryption flow diagram of the present invention.
Detailed Description
The present invention will be described in detail with reference to the drawings and specific embodiments, and it is to be understood that the described embodiments are only a few embodiments of the present invention, rather than the entire embodiments, and that all other embodiments obtained by those skilled in the art based on the embodiments in the present application without inventive work fall within the scope of the present application.
In this embodiment, as shown in fig. 1, the block chain account management method for security and loss prevention based on the real-name authentication technology provided by the present invention includes the following data relationships:
firstly, a user client generates an account private key A and stores the account private key A in the local of the client. The private key storage mode and the field are as follows:
a) the ground file is in a Keystore format
b) 256-bit private key is converted into Keystore format for storage
c) The file fields are as follows
Version number i.version
Id unique identification
Crypto encryption mode
1, nepher: name of symmetric AES algorithm;
ciperparams: parameters required by the above-mentioned nepher algorithm;
3. cipaertext: encrypting the Ether private key by using the nepher algorithm;
4, kdf: a key generation function for you to cryptographically encrypt the keystore file;
5, kdfparams: the parameters required by the kdf algorithm described above;
mac: code for authenticating the password.
Private key decryption flow is shown in FIG. 7
In this embodiment, the client performs real-name authentication, and binds the account after the real-name authentication: firstly, the user submits real-name authentication information, and the fields of the real-name authentication information are as follows
i. User mobile phone number
ii, user identification number
iii. user bank card
Dynamic monitoring of authentication information by a user's face
v. user hand-held ID card photo
Hardware unique ID of user client (client auto-submit without user participation)
In the embodiment, after the verification is passed, the device unique ID of the user client is bound to the user real-name authentication identity, c) the account private key a is bound with the user account and stored on the escrow server, d) only the client verified through the real-name authentication can access the account private key a through the escrow server, e) the real-name authentication program calls a private key signature server interface, an account private key B is generated on the private key signature server, stored on the private key signature server and bound with the user information
(3) When a user initiates a transaction, a local account number private key A is used for signing firstly
(4) Delivering the signed data to a private key signature server
(5) The private key signature server uses the account private key corresponding to the real name to perform signature
(6) Submit to blockchain network, uplink save
In this embodiment, as shown in fig. 2, the real-name authentication process of the present invention includes the following steps: firstly, the user carries out real-name authentication through the client, then the real-name authentication mechanism carries out real-name authentication on the information provided by the user to determine whether the identity of the user is correct or not, and the provided fields are as follows
a) User name
b) User mobile phone number
c) Client device unique ID
d) Short message login verification code
e) The above data are symmetrically encrypted by using AES or DES
(3) After the real-name authentication is passed, the client acquires the result information of the real-name authentication, and the token passing the real-name authentication
(4) The client submits the account private key A to the three-party escrow organization (the submission process uses an encryption mode to complete the encryption communication process with the third party)
a) User account (Mobile phone number)
b) Token after user real name authentication
c) User account A (submitting encrypted according to the requirements of three party custody)
(5) When a three-party hosting mechanism acquires a hosting request of a user, the following fields need to be processed:
a) user account (Mobile phone number)
b) User real-name authenticated token (check if login has been through real-name authentication)
c) Private key A submitted by user (encryption mode)
d) Decrypting the account number private key A and verifying whether the decrypted result is correct
e) Stored on a escrow server and bound with the existing user account
f) Returning processing results
(6) The real-name certification authority informs the private key signature server to provide the account private key B for the user
(7) The private key signature server generates the following fields
a) Private key B of user account
b) Binding relationship between account private key and user real-name information
c) Returning processing results
(8) And after all the data are finished, the user client displays the normal state.
In this embodiment, as shown in fig. 3, an account processing decentralized transaction flow chart according to the technical solution of the present invention is shown. The user account transaction provided by the invention comprises the following steps: firstly, a user logs in through a client, then the user initiates a transaction (3), the client signs by using a local account private key A, the client calls a private key signature server interface to request secondary signature, after the private key signature server obtains a request and verifies the identity of the user, an account private key B is used for off-line signature (signed data can be returned to the client or can be directly submitted to uplink), and the client acquires the data returned by the private key signature server and submits a uplink request to a block chain; and the block chain verifies the signature information and finishes the uplink transaction work, and the client can inquire the uplink result through the block chain information.
In this embodiment, as shown in fig. 4: the remote recovery process of the account number, the remote recovery of the user account number provided by the invention comprises the following steps: firstly, a user installs a client (a mobile terminal App or a PC terminal client) on a new device, then real-name authentication detection processing is carried out through the client (the unique ID of the new device needs to be submitted), and finally after the real-name authentication detection, a real-name authentication mechanism calls a three-party hosting platform interface to carry out the following operations:
a) client device ID for unbinding original user real-name identity binding
b) Binding new client device IDs
c) Complete the real-name authentication update work
(4) The new client acquires the real-name authentication token and completes the following operations
a) Requesting a escrow interface through the obtained token to require recovery of the private key
b) Three-party hosting platform for verifying user submitted information
c) Under the condition of passing, the new client obtains the account private key A managed by the third party and stores the account private key A in the local
(5) The original client device cancels the binding and cannot pass the real-name authentication any more, so that the account recovery flow chart in the embodiment cannot be operated and requested. As shown in fig. 5, the user account recovery proposed by the present invention includes the following steps:
(1) due to the conditions of reinstallation and the like, the user client resets and reinstalls the client
(2) Real name authentication through client
(3) After real-name authentication, the client requests the three-party hosting server to recover the user account
(4) The three-party escrow server verifies the user real-name authentication token and provides an account private key A bound with the user account
(5) Client saves account private key A
(6) Completing the recovery work of the user account
In this embodiment, the account destruction flow chart in the technical scheme of the present invention. As shown in fig. 6, the destruction of the user account proposed by the present invention includes the following steps:
(1) user authentication to real-name authentication server through client
(2) After the real-name authentication is passed, the client side submits an account number destroying request
(3) After the three-party escrow server and the private key signature server receive the request, the following operations are carried out
a) Token for verifying real name authentication
b) Removing the binding relationship between the account and the account private key
c) Deleting account private key files
d) Deleting user account information
e) Returning processing results
(4) After the client receives the result, the client deletes the local account number private key A
(5) Completing the account destroying process
(6) Once the account number is destroyed, any technical means can not be recovered
Although the present invention has been described in detail with reference to the preferred embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the spirit and scope of the invention as defined in the appended claims. The techniques, shapes, and configurations not described in detail in the present invention are all known techniques.
Claims (6)
1. A management method for block chain account security based on real-name authentication technology is specifically executed according to the following steps:
s1: the user client generates an account private key A and stores the account private key A in the local client;
s2: performing real-name authentication through a client, binding a user account after the real-name authentication, and generating a related private key B;
s3, the account number processes the decentralized transaction;
s4, recovering the account number in different places;
s5: recovering the account number;
s6: and (6) destroying the account number.
2. The method for managing block chain account security based on real-name authentication technology as claimed in claim 1, wherein: step S2 is specifically executed as follows:
s2.1, the user submits real-name authentication information;
s2.2, after the verification is passed, the unique ID of the user is bound to the real-name authentication identity of the user;
s2.3, binding the account private key A with the user account, and storing the account private key A on a three-party escrow server;
s2.4, only the client which passes the real-name authentication verification can access the account private key A through the escrow server;
s2.5, calling a private key signature server interface by the real-name authentication program, generating an account private key B on the private key signature server, storing the account private key B on the private key signature server, and binding the account private key B with user information;
s2.6, when a user initiates a transaction, signing by using a local account private key A;
s2.7, delivering the signed data to a private key signature server;
s2.8, the private key signature server signs by using the account private key corresponding to the real name;
s2.9, submitting to the blockchain network for storage.
3. The method for managing block chain account security based on real-name authentication technology as claimed in claim 1, wherein: step S3 is specifically executed as follows:
s3.1, the user logs in through the client;
s3.2, the user initiates a transaction;
s3.3, the client signs by using a local account private key A;
s3.4, calling a private key signature server interface by the client to request secondary signature;
s3.5, after the private key signature server obtains the request and verifies the identity of the user, the private key B of the account number is used for off-line signature, and the signed data can be returned to the client side or directly submitted to the block chain network;
s3.6, the client acquires the returned data of the private key signature server and sends a request submitted to the blockchain network to the blockchain;
s3.7 the blockchain verifies the signature information and completes the transaction and submits to the blockchain network.
4. The method for managing block chain account security based on real-name authentication technology as claimed in claim 1, wherein: step S4 is specifically executed as follows:
s4.1, a user installs a client, a mobile terminal App or a PC terminal client on a new device;
s4.2, carrying out real-name authentication detection processing through the client;
s4.3, after real-name authentication detection, calling a three-party hosting platform interface by a real-name authentication mechanism to perform the following operations;
s4.4, the new client acquires the real-name authentication token;
s4.5, the original client equipment cancels the binding and can not pass the real-name authentication any more, thereby being incapable of carrying out any operation and request.
5. The method for managing block chain account security based on real-name authentication technology as claimed in claim 1, wherein: step S5 is specifically executed as follows:
s5.1, due to the conditions of reinstallation and the like, the user client resets and reinstalls the client;
s5.2, performing real-name authentication through the client;
s5.3, after real-name authentication, the client requests the three-party hosting server to recover the user account;
s5.4, the three-party escrow server verifies the user real-name authentication token and provides an account private key A bound with the user account;
and S5.5, the client saves the account private key A and finishes the recovery work of the user account.
6. The method for managing block chain account security based on real-name authentication technology as claimed in claim 1, wherein: step S6 is specifically executed as follows:
s6.1, authenticating the user to a real-name authentication server through the client;
s6.2, after the real-name authentication is passed, the client submits an account destruction request;
s6.3, after the three-party escrow server and the private key signature server receive the request, performing the following operations;
s6.4, after receiving the result, the client deletes the local account number private key A;
and S6.5, finishing the account destruction process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010124255.4A CN111355591A (en) | 2020-02-27 | 2020-02-27 | Block chain account safety management method based on real-name authentication technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010124255.4A CN111355591A (en) | 2020-02-27 | 2020-02-27 | Block chain account safety management method based on real-name authentication technology |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111355591A true CN111355591A (en) | 2020-06-30 |
Family
ID=71195896
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010124255.4A Pending CN111355591A (en) | 2020-02-27 | 2020-02-27 | Block chain account safety management method based on real-name authentication technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111355591A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111737675A (en) * | 2020-08-14 | 2020-10-02 | 支付宝(杭州)信息技术有限公司 | Block chain-based electronic signature method and device |
| CN112272089A (en) * | 2020-10-26 | 2021-01-26 | 中国联合网络通信集团有限公司 | Cloud host login method, device, equipment and computer readable storage medium |
| CN114640490A (en) * | 2020-12-16 | 2022-06-17 | 智弘软体科技股份有限公司 | Method and architecture for terminal use safety, monitoring and management of equipment account |
| CN114666066A (en) * | 2022-05-20 | 2022-06-24 | 杭州天谷信息科技有限公司 | Private key recovery method and system and private key updating method and system |
| CN116055047A (en) * | 2023-03-31 | 2023-05-02 | 中国科学技术大学 | Trusted anonymous management method for primary account number association records |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106920080A (en) * | 2017-02-15 | 2017-07-04 | 捷德(中国)信息科技有限公司 | The account management method and system of digital cash |
| CN107196966A (en) * | 2017-07-05 | 2017-09-22 | 北京信任度科技有限公司 | The identity identifying method and system of multi-party trust based on block chain |
| CN107623569A (en) * | 2017-09-30 | 2018-01-23 | 矩阵元技术(深圳)有限公司 | Block chain key escrow and restoration methods, device based on Secret sharing techniques |
| CN109412798A (en) * | 2018-12-06 | 2019-03-01 | 中链科技有限公司 | Private key generation, data interactive method and its system of block chain |
| CN109767215A (en) * | 2018-12-29 | 2019-05-17 | 杭州趣链科技有限公司 | A kind of online block chain identity identifying method based on a variety of private key storage modes |
| CN110634072A (en) * | 2019-09-20 | 2019-12-31 | 余欢 | Block chain transaction system based on multiple tags and hardware encryption and operation mechanism thereof |
-
2020
- 2020-02-27 CN CN202010124255.4A patent/CN111355591A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106920080A (en) * | 2017-02-15 | 2017-07-04 | 捷德(中国)信息科技有限公司 | The account management method and system of digital cash |
| CN107196966A (en) * | 2017-07-05 | 2017-09-22 | 北京信任度科技有限公司 | The identity identifying method and system of multi-party trust based on block chain |
| CN107623569A (en) * | 2017-09-30 | 2018-01-23 | 矩阵元技术(深圳)有限公司 | Block chain key escrow and restoration methods, device based on Secret sharing techniques |
| CN109412798A (en) * | 2018-12-06 | 2019-03-01 | 中链科技有限公司 | Private key generation, data interactive method and its system of block chain |
| CN109767215A (en) * | 2018-12-29 | 2019-05-17 | 杭州趣链科技有限公司 | A kind of online block chain identity identifying method based on a variety of private key storage modes |
| CN110634072A (en) * | 2019-09-20 | 2019-12-31 | 余欢 | Block chain transaction system based on multiple tags and hardware encryption and operation mechanism thereof |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111737675A (en) * | 2020-08-14 | 2020-10-02 | 支付宝(杭州)信息技术有限公司 | Block chain-based electronic signature method and device |
| US11356279B2 (en) | 2020-08-14 | 2022-06-07 | Alipay (Hangzhou) Information Technology Co., Ltd. | Blockchain-based electronic signature method and apparatus |
| CN112272089A (en) * | 2020-10-26 | 2021-01-26 | 中国联合网络通信集团有限公司 | Cloud host login method, device, equipment and computer readable storage medium |
| CN114640490A (en) * | 2020-12-16 | 2022-06-17 | 智弘软体科技股份有限公司 | Method and architecture for terminal use safety, monitoring and management of equipment account |
| CN114666066A (en) * | 2022-05-20 | 2022-06-24 | 杭州天谷信息科技有限公司 | Private key recovery method and system and private key updating method and system |
| CN116055047A (en) * | 2023-03-31 | 2023-05-02 | 中国科学技术大学 | Trusted anonymous management method for primary account number association records |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3661120B1 (en) | Method and apparatus for security authentication | |
| CN106548345B (en) | Method and system for realizing block chain private key protection based on key partitioning | |
| US20180034810A1 (en) | A system and methods for protecting keys in computerized devices operating versus a server | |
| CN111355591A (en) | Block chain account safety management method based on real-name authentication technology | |
| CN114788226B (en) | Unmanaged tool for building decentralized computer applications | |
| CN1937498A (en) | Dynamic cipher authentication method, system and device | |
| CN110929290B (en) | Private key threshold backup, loss reporting and recovery system and method based on alliance chain | |
| JP6906521B2 (en) | Biometric Protocol Standard Systems and Methods | |
| CN107920052B (en) | Encryption method and intelligent device | |
| CN106936588B (en) | Hosting method, device and system of hardware control lock | |
| CN110690957B (en) | Anti-quantum computing private key backup, loss report and recovery method and system | |
| CN110138548B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and DH protocol | |
| CN112633884B (en) | Local private key recovery method and device for transaction main body identity certificate | |
| JP2010231404A (en) | System, method, and program for managing secret information | |
| CN113051540A (en) | Application program interface safety grading treatment method | |
| CN110519222B (en) | External network access identity authentication method and system based on disposable asymmetric key pair and key fob | |
| CN113271207A (en) | Escrow key using method and system based on mobile electronic signature, computer equipment and storage medium | |
| CN109412799B (en) | System and method for generating local key | |
| CN114553557A (en) | Key calling method, key calling device, computer equipment and storage medium | |
| CN110138547B (en) | Quantum communication service station key negotiation method and system based on asymmetric key pool pair and serial number | |
| CN110855444A (en) | Pure software CAVA identity authentication method based on trusted third party | |
| KR101708880B1 (en) | Integrated lon-in apparatus and integrated log-in method | |
| CN113139166B (en) | Evaluation expert signature method and device based on cloud certificate | |
| KR102678262B1 (en) | Non-archival tools for building distributed computer applications | |
| US20230153209A1 (en) | System and method for database recovery |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20240614 |
|
| AD01 | Patent right deemed abandoned |