CN111565109A - Key processing method, device, equipment and medium for block chain - Google Patents
Key processing method, device, equipment and medium for block chain Download PDFInfo
- Publication number
- CN111565109A CN111565109A CN202010683542.9A CN202010683542A CN111565109A CN 111565109 A CN111565109 A CN 111565109A CN 202010683542 A CN202010683542 A CN 202010683542A CN 111565109 A CN111565109 A CN 111565109A
- Authority
- CN
- China
- Prior art keywords
- private key
- block chain
- key
- blockchain
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
Abstract
The application discloses a method, a device, equipment and a medium for processing a key of a block chain, relates to the technical field of block chains, and can be used for cloud computing and cloud services. The specific implementation scheme is as follows: obtaining a private key backup request initiated by a block chain account, and obtaining an encrypted private key from the private key backup request; splitting the encrypted private key into at least two private key substrings, and distributing the at least two private key substrings to at least two block chain nodes for distributed storage; acquiring a private key recovery request initiated by a block chain account, and acquiring stored private key substrings from at least two block chain link points; and generating an encrypted private key according to the private key substring, and decrypting the encrypted private key by using a backup private key input by a user to obtain the private key of the blockchain account. The embodiment of the application realizes the technical effect that the secret key can be recovered when the secret key of the user is lost, and other users cannot obtain the secret key reversely, so that the safety of the secret key of the user is ensured.
Description
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to a block chain technology.
Background
In the blockchain system, a blockchain account is registered for a user, and an asymmetric key is distributed to the blockchain account so as to perform identity verification.
The asymmetric key is often a long character string which is not easy to read and memorize, and if the asymmetric key is not properly kept by a user, the asymmetric key is easy to lose, cannot be recovered after being lost, and only can be distributed again. If a centralized system is utilized to host the keys, there is a risk of maliciously stealing user assets with the keys, or revealing the user keys by hacking.
Disclosure of Invention
The embodiment of the application provides a method, a device, equipment and a medium for processing a key of a block chain.
According to an aspect disclosed in the present application, there is provided a method for processing a key of a blockchain, the method including:
the method comprises the steps of obtaining a private key backup request initiated by a blockchain account, and obtaining an encryption private key from the private key backup request, wherein the encryption private key is generated by encrypting a backup public key of a user to which the blockchain account belongs;
splitting the encrypted private key into at least two private key substrings, and distributing the at least two private key substrings to at least two block chain nodes for distributed storage;
acquiring a private key recovery request initiated by a blockchain account, and acquiring stored private key substrings from the at least two blockchain nodes;
and generating the encrypted private key according to the private key substring, and decrypting the encrypted private key by using a backup private key input by a user to obtain a blockchain account private key.
According to another aspect of the present disclosure, there is provided a key processing apparatus of a blockchain, the apparatus including:
the system comprises an encryption private key acquisition module, a block chain account generation module and a block chain management module, wherein the encryption private key acquisition module is used for acquiring a private key backup request initiated by a block chain account and acquiring an encryption private key from the private key backup request, and the encryption private key is generated by encrypting a backup public key of a user to which the block chain account belongs;
the encrypted private key splitting module is used for splitting the encrypted private key into at least two private key sub-character strings and distributing the at least two private key sub-character strings to at least two block chain nodes for distributed storage;
the private key substring acquisition module is used for acquiring a private key recovery request initiated by a block chain account and acquiring stored private key substrings from the at least two block chain nodes;
and the encrypted private key decryption module is used for generating the encrypted private key according to the private key substring and decrypting the encrypted private key by adopting a backup private key input by a user so as to obtain a private key of the blockchain account.
According to another aspect of the present disclosure, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a blockchain key processing method according to any of the embodiments of the present application.
According to another aspect of the present disclosure, there is provided a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the method for key processing of a blockchain according to any one of the embodiments of the present disclosure.
According to the technology of the application, the technical effect that the secret key can be recovered when the secret key of the user is lost is achieved, other users cannot solve the secret key reversely, and the safety of the secret key of the user is guaranteed.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not intended to limit the present application. Wherein:
fig. 1 is a flowchart of a method for processing a key of a blockchain according to an embodiment of the present disclosure;
fig. 2 is a flowchart of a method for processing a key of a blockchain according to an embodiment of the present disclosure;
fig. 3 is a schematic structural diagram of a key processing apparatus of a blockchain according to an embodiment of the present application;
fig. 4 is a block diagram of an electronic device of a key processing method of a blockchain according to an embodiment of the present application.
Detailed Description
The following description of the exemplary embodiments of the present application, taken in conjunction with the accompanying drawings, includes various details of the embodiments of the application for the understanding of the same, which are to be considered exemplary only. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present application. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
Fig. 1 is a flowchart of a method for processing a blockchain key according to an embodiment of the present disclosure, which can be applied to a situation where a user backs up a blockchain account private key and restores the blockchain account private key. The method of the present embodiment may be performed by a key processing apparatus of a blockchain, which may be implemented by software and/or hardware, and may be integrated on any electronic device with computing capability, such as an electronic device serving as a blockchain node.
As shown in fig. 1, the method for processing a key of a blockchain disclosed in this embodiment may include:
s101, a private key backup request initiated by a blockchain account is obtained, and an encryption private key is obtained from the private key backup request, wherein the encryption private key is generated by encrypting with a backup public key of a user to which the blockchain account belongs.
The blockchain account is established by the following processes: the user applies for registration and account opening to the block chain link points, the block chain link points correspondingly create a block chain account for the user according to the application registration request information, and provide corresponding block chain account mnemonic words, block chain account asymmetric key pairs, block chain account addresses and the like for the user, the block chain account mnemonic words are used for helping the user conveniently memorize the block chain account asymmetric key pairs, the block chain account asymmetric key pairs are usually formed by 12, 15 or 18 words, the block chain account asymmetric key pairs are usually used for information encryption, information decryption, signature verification and the like, and the block chain account addresses are used for embodying the uniqueness of the block chain account.
In one embodiment, a user encrypts a private key to be encrypted by using a backup public key to obtain an encrypted private key, where the encryption algorithm includes, but is not limited to, an RSA encryption algorithm, a Rabin encryption algorithm, a knapsack algorithm, an elliptic curve algorithm, and the like, and the generation of the backup public key includes, but is not limited to, the following two ways: 1) and calculating the backup private key distributed to the block link point by the user through an elliptic curve algorithm to obtain a backup public key. 2) The user selects a pair of keys from a key pair generated in advance by the local end, and the public key in the pair of keys is used as a backup public key. After the encrypted private key is obtained, a user generates a private key backup request based on the encrypted private key and submits the private key backup request to the block chain node, and after the block chain node obtains the private key backup request, the private key backup request is analyzed to obtain the encrypted private key.
The method has the advantages that the private key backup request initiated by the blockchain account is obtained, the encrypted private key is obtained from the private key backup request, the effect that the blockchain node responds to the private key backup request initiated by a user is achieved, and a foundation is laid for the following blockchain node to split the encrypted private key and distribute the split encrypted private key to other blockchain nodes.
S102, splitting the encrypted private key into at least two private key substrings, and distributing the at least two private key substrings to at least two block chain nodes for distributed storage.
Wherein, the blockchain link point represents an electronic device which has access to the blockchain network, including but not limited to a smart phone, a mainframe computer, a workstation or a server, etc.
In an embodiment, the block link points may split the obtained encrypted private key into at least two private key substrings according to a preset splitting number, where the number of characters included in each private key substring may be the same or different, and this embodiment is not limited specifically. For example, assuming that the encrypted private key is "L4 wvc4 ikkdaX", and the preset splitting number is four, the split four private key substrings may be "L4 w", "vc 4", "ikk", and "daX", or "L4 wv", "c 4", "i", and "kkdaX", and so on. Further, the block chain nodes distribute the split private key substrings to at least two block chain nodes for distributed storage according to a preset distribution number, wherein the distribution mode can be that one private key substring is distributed to one block chain node, for example, ten substrings are distributed to ten block chain nodes respectively; or multiple private key substrings may be distributed to one block chain node, for example, ten substrings are distributed to five block chain nodes, and each block chain node stores two private key substrings.
The encrypted private key is split into at least two private key substrings, and the at least two private key substrings are distributed to at least two block chain nodes for distributed storage, so that the risk of leakage of the encrypted private key due to the fact that the encrypted private key is managed in a centralized system is avoided, and the safety of the encrypted private key is improved.
S103, obtaining a private key recovery request initiated by the blockchain account, and obtaining the stored private key substring from the at least two blockchain nodes.
In one embodiment, when a private key of a user is lost or wants to recover the private key, the user creates a private key recovery request and sends the private key recovery request to the block chain nodes, and after receiving the private key recovery request, the block chain nodes acquire private key substrings from all the block chain nodes in which the private key substrings are stored.
The method comprises the steps of obtaining a private key recovery request initiated by a block chain account, obtaining stored private key substrings from at least two block chain link points, and laying a foundation for obtaining an encrypted private key according to the private key substrings subsequently.
And S104, generating the encrypted private key according to the private key substring, and decrypting the encrypted private key by using a backup private key input by a user to obtain a private key of the blockchain account.
In one embodiment, the user inputs a backup private key in a private key input interface of the blockchain account, where the backup private key may be allocated by a blockchain node, or may be selected by the user from a key pair generated in advance at the local end. After the block chain link point obtains a backup private key input by a user, splicing the obtained private key substrings according to a preset sequence to obtain an encrypted private key, decrypting the encrypted private key according to a decryption algorithm corresponding to the preset encryption algorithm and the backup private key to obtain a block chain account private key, and feeding the block chain account private key back to the corresponding user for checking.
The encrypted private key is generated according to the private key substring, and the backup private key input by the user is used for decrypting the encrypted private key to obtain the block chain account private key, so that the effect of recovering the block chain account private key is realized.
According to the technical scheme of the embodiment, the encryption private key is obtained from the private key backup request by obtaining the private key backup request initiated by the blockchain account, the encryption private key is divided into at least two private key substrings, the at least two private key substrings are distributed to at least two blockchain nodes for distributed storage, then the private key recovery request initiated by the blockchain account is obtained, the stored private key substrings are obtained from at least two blockchain nodes, the encryption private key is finally generated according to the private key substrings, the encryption private key is decrypted by the backup private key input by a user to obtain the blockchain account private key, the technical effect that the key can be recovered when the key of the user is lost is achieved, other users cannot obtain the key through reverse decoding, and the security of the user key is guaranteed.
On the basis of the above embodiment, the at least two block chain nodes are candidate block nodes determined based on a consensus mechanism.
The consensus mechanisms include, but are not limited to, workload attestation mechanisms, equity attestation mechanisms, delegation of equity attestation, and verification pool consensus mechanisms.
In one embodiment, based on the consensus mechanism, the block chain nodes meeting the requirement of the consensus mechanism are selected from all the block chain nodes as candidate block nodes for performing distributed storage on the private key substring.
The candidate block-out nodes determined based on the consensus mechanism are used as the block chain link points for storing the private key substring, so that the fairness, the safety and the reliability of the storage of the private key substring are ensured.
Fig. 2 is a flowchart of a method for processing a key of a blockchain according to an embodiment of the present application, which is further optimized and expanded based on the above technical solution, and can be combined with the above optional embodiments. As shown in fig. 2, the method may include:
s201, obtaining an asymmetric key pair distributed for the blockchain account, wherein the asymmetric key pair comprises a blockchain account public key and a blockchain account private key.
In one embodiment, the blockchain link points generate a string of random character strings as the blockchain account private key by including a random number generator, calculate the blockchain account private key by including an elliptic curve algorithm, and generate a pair of asymmetric key pairs by using the calculated character strings as the blockchain public key.
S202, providing the private key of the blockchain account to the blockchain account.
In one embodiment, the blockchain node sends the blockchain account private key to the corresponding blockchain account, and the user can encrypt or sign information according to the blockchain account private key.
S203, a private key backup request initiated by the blockchain account is obtained, and an encrypted private key and identity information of a user to which the blockchain account belongs are obtained from the private key backup request, wherein the encrypted private key is generated by encrypting with a backup public key of the user.
In one embodiment, if a user loses or forgets the private key of the own blockchain account, a private key backup request may be initiated to the blockchain nodes through the own blockchain account, where the private key backup request includes the private key of the blockchain account to be backed up and the identity information of the user.
Optionally, the identity information is real-name identity information of the user. Such as the user's name, identification number, cell phone number, bank card number, etc.
S204, splitting the encrypted private key into at least two private key substrings, and distributing the at least two private key substrings and the identity information to at least two block chain nodes for distributed storage.
In one embodiment, the block link point splits the encrypted private key into at least two private key substrings according to a preset splitting number, distributes the at least two private key substrings to at least two block link nodes for distributed storage according to a preset distribution number, and also distributes the identity information of the user to each block link point for subsequent identity verification.
S205, a private key recovery request initiated by a blockchain account is obtained, the identity information of the user is obtained from the private key recovery request, and the identity information is sent to each blockchain node to perform identity verification based on the stored identity information.
In one embodiment, a user creates a private key recovery request based on own identity information and sends the private key recovery request to a block chain node, after receiving the private key recovery request, the block chain node firstly analyzes the identity information contained in the private key recovery request and sends the identity information to each block chain node in which a private key substring is stored, and each block chain node compares the stored identity information with the identity information in the private key recovery request at this time.
S206, if the verification is passed, the stored private key substring is obtained from the at least two block chain link points.
In one embodiment, if the stored identity information in all the block chain nodes storing the private key substring is the same as the identity information in the private key recovery request at this time, it indicates that the identity verification passes, at this time, each block chain link point feeds back to the block chain link point directly queried by the user, and the verification passes information, and the block chain link point acquires the stored private key substring from each block chain node according to the verification passing information.
S207, generating the encrypted private key according to the private key substring, and decrypting the encrypted private key by using a backup private key input by a user to obtain a private key of a blockchain account.
According to the technical scheme of the embodiment, the block chain account private key is provided for the block chain account by acquiring the asymmetric key pair distributed for the block chain account, so that a user can encrypt information, sign a signature and the like according to the block chain account private key; the identity information of the user is acquired from the private key backup request and is distributed to at least two block chain nodes for distributed storage, and after a private key recovery request initiated by a block chain account is acquired, the identity information of the user in the private key recovery request is sent to each block chain node to perform identity verification based on the stored identity information, so that the security of private key recovery is ensured, and the problem that someone maliciously acquires a private key sub-character string is avoided; the real-name identity information of the user is used as the identity information for verification, so that the reliability of identity verification is improved.
Fig. 3 is a schematic structural diagram of a key processing apparatus for a blockchain according to an embodiment of the present disclosure, which can be applied to a situation where a user backs up a private key of a blockchain account and restores the private key of the blockchain account. The apparatus of the embodiment can be implemented by software and/or hardware, and can be integrated on any electronic device with computing capability, such as a server.
As shown in fig. 3, the key processing apparatus 30 of the blockchain disclosed in this embodiment may include an encrypted private key obtaining module 31, an encrypted private key splitting module 32, a private key substring obtaining module 33, and an encrypted private key decrypting module 34, where:
the encrypted private key obtaining module 31 is configured to obtain a private key backup request initiated by a blockchain account, and obtain an encrypted private key from the private key backup request, where the encrypted private key is generated by encrypting a backup public key of a user to which the blockchain account belongs;
the encrypted private key splitting module 32 is configured to split the encrypted private key into at least two private key substrings, and distribute the at least two private key substrings to at least two block chain nodes for distributed storage;
a private key substring acquisition module 33, configured to acquire a private key recovery request initiated by a blockchain account, and acquire stored private key substrings from the at least two blockchain nodes;
and the encrypted private key decryption module 34 is configured to generate the encrypted private key according to the private key substring, and decrypt the encrypted private key by using a backup private key input by a user to obtain a blockchain account private key.
Optionally, the apparatus further includes an asymmetric key pair obtaining module, specifically configured to:
obtaining an asymmetric key pair distributed for the blockchain account, wherein the asymmetric key pair comprises a blockchain account public key and a blockchain account private key;
providing the blockchain account private key to the blockchain account.
Optionally, the encrypted private key obtaining module 31 is specifically configured to:
acquiring the identity information of the user from the private key backup request;
correspondingly, the encryption private key splitting module 32 is specifically configured to:
distributing the at least two private key substrings and the identity information to at least two block chain nodes for distributed storage;
correspondingly, the device further comprises an identity verification module, which is specifically configured to:
and acquiring the identity information of the user from the private key recovery request, and sending the identity information to each block chain node to perform identity verification based on the stored identity information.
Optionally, the identity information is real-name identity information of the user.
Optionally, the at least two block chain nodes are candidate block nodes determined based on a consensus mechanism.
The key processing device 30 of the blockchain disclosed in the embodiment of the present application can execute the key processing method of the blockchain disclosed in the embodiment of the present application, and has functional modules and beneficial effects corresponding to the execution method. The content that is not described in detail in this embodiment may refer to the description in the embodiment of the key processing method of any block chain in this application.
According to an embodiment of the present application, an electronic device and a readable storage medium are also provided.
Fig. 4 is a block diagram of an electronic device according to a key processing method of a block chain according to an embodiment of the present application. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the present application that are described and/or claimed herein.
As shown in fig. 4, the electronic apparatus includes: one or more processors 401, memory 402, and interfaces for connecting the various components, including high-speed interfaces and low-speed interfaces. The various components are interconnected using different buses and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions for execution within the electronic device, including instructions stored in or on the memory to display graphical information of a GUI on an external input/output apparatus (such as a display device coupled to the interface). In other embodiments, multiple processors and/or multiple buses may be used, along with multiple memories and multiple memories, as desired. Also, multiple electronic devices may be connected, with each device providing portions of the necessary operations (e.g., as a server array, a group of blade servers, or a multi-processor system). In fig. 4, one processor 401 is taken as an example.
The memory 402, as a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the key processing method of the blockchain in the embodiment of the present application (for example, the encrypted private key obtaining module 31, the encrypted private key splitting module 32, the private key substring obtaining module 33, and the encrypted private key decrypting module 34 shown in fig. 3). The processor 401 executes various functional applications of the server and data processing, i.e., a key processing method of the blockchain in the above method embodiments, by running non-transitory software programs, instructions, and modules stored in the memory 402.
The memory 402 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to use of the electronic device of the key processing method of the block chain, and the like. Further, the memory 402 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, memory 402 optionally includes memory located remotely from processor 401, and these remote memories may be connected to the electronic device of the key processing method of the blockchain through a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The electronic device of the key processing method of the blockchain may further include: an input device 403 and an output device 404. The processor 401, the memory 402, the input device 403 and the output device 404 may be connected by a bus or other means, and fig. 4 illustrates an example of a connection by a bus.
The input device 403 may receive input numeric or character information and generate key signal inputs related to user settings and function control of the electronic device of the key processing method of the block chain, such as a touch screen, a keypad, a mouse, a track pad, a touch pad, a pointing stick, one or more mouse buttons, a track ball, a joystick, or the like. The output devices 404 may include a display device, auxiliary lighting devices (e.g., LEDs), and haptic feedback devices (e.g., vibrating motors), among others. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device can be a touch screen.
Various implementations of the systems and techniques described here can be realized in digital electronic circuitry, integrated circuitry, application specific ASICs (application specific integrated circuits), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
These computer programs (also known as programs, software applications, or code) include machine instructions for a programmable processor, and may be implemented using high-level procedural and/or object-oriented programming languages, and/or assembly/machine languages. As used herein, the terms "machine-readable medium" and "computer-readable medium" refer to any computer program product, apparatus, and/or device (e.g., magnetic discs, optical disks, memory, Programmable Logic Devices (PLDs)) used to provide machine instructions and/or data to a programmable processor, including a machine-readable medium that receives machine instructions as a machine-readable signal. The term "machine-readable signal" refers to any signal used to provide machine instructions and/or data to a programmable processor.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
According to the technical scheme of the embodiment of the application, the encryption private key is obtained from the private key backup request by obtaining the private key backup request initiated by the block chain account, the encryption private key is divided into at least two private key substrings, the at least two private key substrings are distributed to at least two block chain nodes for distributed storage, then the private key recovery request initiated by the block chain account is obtained, the stored private key substrings are obtained from the at least two block chain nodes, the encryption private key is finally generated according to the private key substrings, the encryption private key is decrypted by the backup private key input by a user to obtain the block chain account private key, the technical effect that the key can be recovered when the key of the user is lost is achieved, other users cannot reversely solve the key, and the security of the key of the user is guaranteed.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present application may be executed in parallel, sequentially, or in different orders, and the present invention is not limited thereto as long as the desired results of the technical solutions disclosed in the present application can be achieved.
The above-described embodiments should not be construed as limiting the scope of the present application. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present application shall be included in the protection scope of the present application.
Claims (12)
1. A method of key processing for a blockchain, the method comprising:
the method comprises the steps of obtaining a private key backup request initiated by a blockchain account, and obtaining an encryption private key from the private key backup request, wherein the encryption private key is generated by encrypting a backup public key of a user to which the blockchain account belongs;
splitting the encrypted private key into at least two private key substrings, and distributing the at least two private key substrings to at least two block chain nodes for distributed storage;
acquiring a private key recovery request initiated by a blockchain account, and acquiring stored private key substrings from the at least two blockchain nodes;
and generating the encrypted private key according to the private key substring, and decrypting the encrypted private key by using a backup private key input by a user to obtain a blockchain account private key.
2. The method of claim 1, wherein prior to the obtaining a blockchain account initiated private key backup request, further comprising:
obtaining an asymmetric key pair distributed for the blockchain account, wherein the asymmetric key pair comprises a blockchain account public key and a blockchain account private key;
providing the blockchain account private key to the blockchain account.
3. The method of claim 1, wherein obtaining the encrypted private key from the private key backup request further comprises:
acquiring the identity information of the user from the private key backup request;
correspondingly, when the at least two private key substrings are distributed to at least two block chain nodes for distributed storage, the method further includes:
distributing the at least two private key substrings and the identity information to at least two block chain nodes for distributed storage;
correspondingly, after the private key recovery request initiated by the blockchain account is acquired, the method further includes:
and acquiring the identity information of the user from the private key recovery request, and sending the identity information to each block chain node to perform identity verification based on the stored identity information.
4. The method of claim 3, wherein the identity information is real-name identity information of the user.
5. The method of claim 1, wherein the at least two blockchain nodes are candidate out-of-block nodes determined based on a consensus mechanism.
6. A key processing apparatus of a blockchain, the apparatus comprising:
the system comprises an encryption private key acquisition module, a block chain account generation module and a block chain management module, wherein the encryption private key acquisition module is used for acquiring a private key backup request initiated by a block chain account and acquiring an encryption private key from the private key backup request, and the encryption private key is generated by encrypting a backup public key of a user to which the block chain account belongs;
the encrypted private key splitting module is used for splitting the encrypted private key into at least two private key sub-character strings and distributing the at least two private key sub-character strings to at least two block chain nodes for distributed storage;
the private key substring acquisition module is used for acquiring a private key recovery request initiated by a block chain account and acquiring stored private key substrings from the at least two block chain nodes;
and the encrypted private key decryption module is used for generating the encrypted private key according to the private key substring and decrypting the encrypted private key by adopting a backup private key input by a user so as to obtain a private key of the blockchain account.
7. The apparatus according to claim 6, wherein the apparatus further comprises an asymmetric key pair acquisition module, specifically configured to:
obtaining an asymmetric key pair distributed for the blockchain account, wherein the asymmetric key pair comprises a blockchain account public key and a blockchain account private key;
providing the blockchain account private key to the blockchain account.
8. The apparatus according to claim 6, wherein the encryption private key obtaining module is specifically configured to:
acquiring the identity information of the user from the private key backup request;
correspondingly, the encryption private key splitting module is specifically configured to:
distributing the at least two private key substrings and the identity information to at least two block chain nodes for distributed storage;
correspondingly, the device further comprises an identity verification module, which is specifically configured to:
and acquiring the identity information of the user from the private key recovery request, and sending the identity information to each block chain node to perform identity verification based on the stored identity information.
9. The apparatus of claim 8, wherein the identity information is real name identity information of the user.
10. The apparatus of claim 6, wherein the at least two blockchain nodes are candidate out-of-block nodes determined based on a consensus mechanism.
11. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-5.
12. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the method of any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010683542.9A CN111565109A (en) | 2020-07-16 | 2020-07-16 | Key processing method, device, equipment and medium for block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010683542.9A CN111565109A (en) | 2020-07-16 | 2020-07-16 | Key processing method, device, equipment and medium for block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111565109A true CN111565109A (en) | 2020-08-21 |
Family
ID=72072860
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010683542.9A Pending CN111565109A (en) | 2020-07-16 | 2020-07-16 | Key processing method, device, equipment and medium for block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111565109A (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112054898A (en) * | 2020-08-27 | 2020-12-08 | 中信银行股份有限公司 | User private key backup and recovery method and device and electronic equipment |
| CN112272087A (en) * | 2020-10-26 | 2021-01-26 | 链盟智能科技(广州)有限公司 | Application method in block chain based on safe multi-party calculation |
| CN112329068A (en) * | 2020-11-27 | 2021-02-05 | 北京百度网讯科技有限公司 | Private data storage method, construction method, device, equipment and medium |
| CN112581285A (en) * | 2020-12-28 | 2021-03-30 | 上海万向区块链股份公司 | Block chain-based account generation method, system and medium in stock right transaction system |
| CN112751841A (en) * | 2020-12-25 | 2021-05-04 | 江苏通付盾科技有限公司 | Encryption communication method and system based on block chain technology |
| CN112835744A (en) * | 2021-02-02 | 2021-05-25 | 上海优扬新媒信息技术有限公司 | Block chain information disaster tolerance method and device, computer equipment and storage medium |
| CN112907245A (en) * | 2021-03-08 | 2021-06-04 | 北京邮电大学 | Key management method and device in block chain, electronic equipment and storage medium |
| CN113098696A (en) * | 2021-06-08 | 2021-07-09 | 清华大学 | Block chain data writing and accessing method and device |
| CN113421091A (en) * | 2021-06-29 | 2021-09-21 | 中国电子科技网络信息安全有限公司 | Block chain-based digital identity contract implementation method |
| CN114448632A (en) * | 2022-04-11 | 2022-05-06 | 中国工商银行股份有限公司 | Block chain-based secret key backup and recovery method and system |
| CN114638697A (en) * | 2022-05-18 | 2022-06-17 | 浙江数秦科技有限公司 | Small loan management system based on block chain |
| CN117459233A (en) * | 2023-12-21 | 2024-01-26 | 法琛堂(昆明)医疗科技有限公司 | Medical information multilayer encryption method, device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107623569A (en) * | 2017-09-30 | 2018-01-23 | 矩阵元技术(深圳)有限公司 | Block chain key escrow and restoration methods, device based on Secret sharing techniques |
| CN108964903A (en) * | 2018-07-12 | 2018-12-07 | 腾讯科技(深圳)有限公司 | password storage method and device |
| CN109902494A (en) * | 2019-01-24 | 2019-06-18 | 北京融链科技有限公司 | Data encryption storage method, device and document storage system |
| CN111192054A (en) * | 2020-04-15 | 2020-05-22 | 傲林科技有限公司 | Multi-block chain linkage method and device and storage medium |
-
2020
- 2020-07-16 CN CN202010683542.9A patent/CN111565109A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107623569A (en) * | 2017-09-30 | 2018-01-23 | 矩阵元技术(深圳)有限公司 | Block chain key escrow and restoration methods, device based on Secret sharing techniques |
| CN108964903A (en) * | 2018-07-12 | 2018-12-07 | 腾讯科技(深圳)有限公司 | password storage method and device |
| CN109902494A (en) * | 2019-01-24 | 2019-06-18 | 北京融链科技有限公司 | Data encryption storage method, device and document storage system |
| CN111192054A (en) * | 2020-04-15 | 2020-05-22 | 傲林科技有限公司 | Multi-block chain linkage method and device and storage medium |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112054898B (en) * | 2020-08-27 | 2022-10-25 | 中信银行股份有限公司 | User private key backup and recovery method and device and electronic equipment |
| CN112054898A (en) * | 2020-08-27 | 2020-12-08 | 中信银行股份有限公司 | User private key backup and recovery method and device and electronic equipment |
| CN112272087A (en) * | 2020-10-26 | 2021-01-26 | 链盟智能科技(广州)有限公司 | Application method in block chain based on safe multi-party calculation |
| CN112272087B (en) * | 2020-10-26 | 2023-04-18 | 链盟智能科技(广州)有限公司 | Application method in block chain based on safe multi-party calculation |
| CN112329068A (en) * | 2020-11-27 | 2021-02-05 | 北京百度网讯科技有限公司 | Private data storage method, construction method, device, equipment and medium |
| CN112751841A (en) * | 2020-12-25 | 2021-05-04 | 江苏通付盾科技有限公司 | Encryption communication method and system based on block chain technology |
| CN112581285A (en) * | 2020-12-28 | 2021-03-30 | 上海万向区块链股份公司 | Block chain-based account generation method, system and medium in stock right transaction system |
| CN112835744A (en) * | 2021-02-02 | 2021-05-25 | 上海优扬新媒信息技术有限公司 | Block chain information disaster tolerance method and device, computer equipment and storage medium |
| CN112835744B (en) * | 2021-02-02 | 2023-05-05 | 度小满科技(北京)有限公司 | Block chain information disaster recovery method, device, computer equipment and storage medium |
| CN112907245A (en) * | 2021-03-08 | 2021-06-04 | 北京邮电大学 | Key management method and device in block chain, electronic equipment and storage medium |
| CN113098696A (en) * | 2021-06-08 | 2021-07-09 | 清华大学 | Block chain data writing and accessing method and device |
| CN113421091A (en) * | 2021-06-29 | 2021-09-21 | 中国电子科技网络信息安全有限公司 | Block chain-based digital identity contract implementation method |
| CN114448632A (en) * | 2022-04-11 | 2022-05-06 | 中国工商银行股份有限公司 | Block chain-based secret key backup and recovery method and system |
| CN114448632B (en) * | 2022-04-11 | 2022-08-05 | 中国工商银行股份有限公司 | Block chain-based secret key backup and recovery method and system |
| CN114638697A (en) * | 2022-05-18 | 2022-06-17 | 浙江数秦科技有限公司 | Small loan management system based on block chain |
| CN114638697B (en) * | 2022-05-18 | 2022-11-15 | 浙江数秦科技有限公司 | Small loan management system based on block chain |
| CN117459233A (en) * | 2023-12-21 | 2024-01-26 | 法琛堂(昆明)医疗科技有限公司 | Medical information multilayer encryption method, device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111565109A (en) | Key processing method, device, equipment and medium for block chain | |
| CN111683071B (en) | Private data processing method, device, equipment and storage medium of block chain | |
| CN111125763B (en) | Method, device, equipment and medium for processing private data | |
| US9171145B2 (en) | Protecting cryptographic secrets using file system attributes | |
| CN111934872B (en) | Key processing method, device, electronic equipment and storage medium | |
| CN112016110B (en) | Method, device, equipment and storage medium for storing data | |
| CN111352996A (en) | Data sharing method, device, equipment and medium based on block chain network | |
| JP2022054386A (en) | Model joint training method, apparatus, electronic device, storage medium, and computer program | |
| CN111464297B (en) | Transaction processing method, device, electronic equipment and medium based on block chain | |
| CN112116474B (en) | Verification method and device for electronic contract, electronic equipment and storage medium | |
| CN110610101A (en) | Data storage method, device, equipment and storage medium | |
| CN113612597A (en) | Data calculation method, device and system and electronic equipment | |
| CN110909372A (en) | Data processing method, device, equipment and medium | |
| CN114363088B (en) | Method and device for requesting data | |
| US9648012B1 (en) | Automatic propagation of password updates on multiple devices | |
| CN111400743B (en) | Transaction processing method, device, electronic equipment and medium based on blockchain network | |
| CN111459672B (en) | Transaction processing method, device, equipment and medium based on block chain network | |
| CN112987942A (en) | Method, device and system for inputting information by keyboard, electronic equipment and storage medium | |
| CN111339571B (en) | Block chain key management method, device, equipment and storage medium | |
| Kumar et al. | Data security and encryption technique for cloud storage | |
| CN113609156A (en) | Data query and write-in method and device, electronic equipment and readable storage medium | |
| US20220076245A1 (en) | Method and system for a multi-member cryptographic wallet | |
| US11886301B2 (en) | Encryption key management | |
| CN111371557A (en) | Block chain data processing method and device, electronic equipment and medium | |
| CN111062047B (en) | Data storage method, system, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200821 |
|
| RJ01 | Rejection of invention patent application after publication |