CN111600844A - Identity distribution and authentication method based on zero-knowledge proof - Google Patents
Identity distribution and authentication method based on zero-knowledge proof Download PDFInfo
- Publication number
- CN111600844A CN111600844A CN202010305862.0A CN202010305862A CN111600844A CN 111600844 A CN111600844 A CN 111600844A CN 202010305862 A CN202010305862 A CN 202010305862A CN 111600844 A CN111600844 A CN 111600844A
- Authority
- CN
- China
- Prior art keywords
- identity
- information
- hardware
- authentication
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 238000009826 distribution Methods 0.000 title claims abstract description 21
- 230000007246 mechanism Effects 0.000 claims abstract description 12
- 238000007726 management method Methods 0.000 claims description 22
- 238000011084 recovery Methods 0.000 claims description 9
- 238000004364 calculation method Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 claims description 3
- 230000003993 interaction Effects 0.000 description 6
- 230000008520 organization Effects 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 238000004873 anchoring Methods 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000009827 uniform distribution Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
- H04L9/3221—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses an identity distribution and authentication method based on zero-knowledge proof, based on identity hardware and an authentication terminal, wherein the identity hardware comprises unique hardware information, and the identity hardware comprises the following steps: applying by a user and providing identity information, distributing identity hardware by an authority, writing unique hardware information into a block chain through the authority, obtaining public key information Pk, a user address Uk and a disposable private key through a digital identity intelligent contract established on the block chain, and acquiring an identity ID; the authority enters the identity information and the identity ID into identity hardware; a user signs a zero-knowledge proof identity information to an authority mechanism through identity authentication hardware and an authentication terminal; the authority authenticates zero-knowledge proof identity information issued by the user; after passing the authentication, sending a chain request, registering the identity ID and the identity information content into a digital identity intelligent contract object on a block chain, and completing identity distribution authentication; the invention can verify the authenticity and accuracy of the identity without revealing specific identity information.
Description
Technical Field
The invention belongs to the field of block chain technology application, and particularly relates to an identity distribution and authentication method based on zero knowledge proof.
Background
Various identities are confirmed and distributed by authorities, for example, the identity of a resident is completed by applying for a resident identity card from the resident to a local public security department; the public security department can collect the biological characteristics corresponding to the identity of the resident as information records and distribute an anti-counterfeiting identity card recorded with related personal information; the identity verifier verifies the identity of the other party by reading and recognizing the relevant information on the identity card.
With the rapid development of the internet economy, the traditional identity distribution and authentication mechanism cannot provide safe and reliable online identity authentication service for various economic behaviors in the current digital economy; the identity information has no privacy protection mechanism, the related information can be randomly copied, forged and used by technical means, and the authenticity of the identity cannot be confirmed by online identity authentication.
Disclosure of Invention
The invention aims to solve the technical problem of providing an identity distribution and authentication method based on zero-knowledge proof, which verifies that the signature information is issued by a specified authority under the condition of not revealing specific identity information; the authentication is carried out through the signature item information and the public key provided by the authority, and the authenticity and the accuracy of the identity are further verified.
The technical scheme adopted for solving the problems in the prior art is as follows:
the identity distribution and authentication method based on zero-knowledge proof is provided, based on identity hardware and an authentication terminal, wherein the identity hardware comprises unique hardware information, and the identity distribution and authentication method specifically comprises the following steps:
s1, applying by a user, providing identity information, distributing identity hardware by an authority, writing unique hardware information into a block chain through the authority, obtaining public key information Pk, a user address Uk and a one-time private key through a digital identity intelligent contract established on the block chain, and obtaining an identity ID.
And S2, the authority enters the identity information and the identity ID into the identity hardware.
And S3, the user signs a zero-knowledge proof identity information to an authority mechanism through the identity authentication hardware and the authentication terminal.
S4, the authority authenticates zero-knowledge proof identity information issued by the user; if the information authentication is passed, a chain request is sent, the identity ID and the content addressing value of the identity information are registered in the digital identity intelligent contract object on the blockchain, and the identity distribution authentication is completed.
Further, the identity information is constructed and calculated according to the way of the Mercker tree, and then the root hash of the corresponding Mercker tree is signed by the corresponding authority by using the one-time private key and a signature item is output.
Specifically, the identity information includes public information and private information; the public information includes: identity ID: the identifier of the identity meets the uniqueness and validity of the identity on the blockchain; public key information: the public key information of the user is used for confirming that the identity information is provided by the user in the identity information exchange protocol; public key information of the issuer; year, month and day of issuance: in order to ensure that the identity authentication information in the private key leakage time period can be used as verification to be processed by the verification logic under the condition that the private key is leaked by the issuer; public parameters specifying mathematical constraints: such as: year of birth + 16 years > current year, month, and day, the public parameter is 16 and the current year, month, and day, and the private information is the year, month, and day of birth.
The privacy information includes: various privacy information in the identity information comprises name, gender, nationality, birth year, month and day, address and citizen identity number; non-public parameters of the mathematical constraints: the mathematical constraint condition is mainly characterized in that a random number is introduced into identity authentication information as a public parameter, a non-public parameter is introduced to constrain the public parameter, and a constraint calculation result as the public parameter becomes a part of evidence information; in addition, the expiry date can be set selectively; a mathematical constraint is required to be made between the current year, month and day: expiration date > current year, month, day.
Further, the specific authentication process is as follows:
t1, the authentication terminal is connected with identity hardware through a hardware interface;
t2, the authentication terminal requests identity information from the identity hardware through a hardware interface and transmits a challenge random number and related public parameters;
t3, the identity hardware calculates a zero-knowledge proof identity authentication information through the public parameters input from the outside and the identity information in the identity hardware; and signing the challenge random number and identity information based on zero knowledge proof by using a private key through the challenge random number input from the outside, outputting signature information, and verifying the signature information by using the authentication terminal.
Further, each identity creates a digital identity with intelligent contract logic binding power on the blockchain, and the digital identity has the following characteristics:
1. the identity ID satisfies the uniqueness and validity of the identity; it becomes a unique and always valid identifier on the block chain;
2. the corresponding digital identity intelligent contract can be directly positioned through the identity ID.
The digital identity intelligent contract is formed by a group of intelligent contracts which cooperate with each other to complete identity functions, and main intelligent contract logic objects comprise:
1. an identity generator; through this contract, the authority may create a corresponding set of contract logical constraints for each new identity to accomplish the management functions for its identity. The identity generator object also has the following logical functions in order to implement security:
(1) the authority control function: only through the private key authorized by the authority, the logical operations of identity generation and identity registration can be completed;
(2) the identity management function is as follows: the created identity ID is registered in the identity generator logic object, and corresponding zero-knowledge proof identity information is anchored to provide an inquiry function for the outside; the identity ID can also be logged off;
(3) the authority updating function: under the condition that the authorized private key is lost or leaked by an authority department, a plurality of trusted entities set by the authority can reset a new authorized user address for an identity generator object through a multi-signature mechanism, so that the logic control right of generating new identity is handed to the private key of a new authorized user.
2. Identity agent
It is created by an identity generator, representing an entry to an identity; the method has the capability of re-anchoring the corresponding identity control contract, so that the identity can be anchored to the new identity control contract logic under the condition that the new identity management logic needs to be updated;
of course, in consideration of the security problem of interaction, the proxy object is also responsible for interacting with identity recovery and other logic management objects, and here, the transaction forwarding and interaction functions of the intelligent contract logic object are completed through only one interaction interface.
3. Identity control
It is created by an identity generator, representing the entry for identity rights control and management. Firstly, it carries out authority confirmation to the access request of the client; secondly, it transmits and interacts the management request affairs of the identity through the identity agent object in a unified way.
4. Identity recovery
When the private key corresponding to the identity user is lost, the identity user needs to be able to update the private key corresponding to the identity through an identity recovery mechanism, so that the identity user can obtain the control right of the identity again.
This is a multiple signature mechanism, controlled by one or more identity agents of the identity user, who can assign new user public keys and user addresses to the identity control objects, which provides a method for digital identity users to recover their identity in the event of loss of the key device.
5. Other logical management objects
Mainly comprises management objects such as identification information and the like. For example, a user creates an own identity certificate for a certain organization, and the corresponding identity certificate can be verified through an intelligent contract and anchored in an identity certificate information management object of the user; the corresponding organization can confirm that the identification information is indeed issued by the corresponding user through the blockchain.
Specifically, the management method comprises the following steps: setting user addresses Dk0, …, Dki of a plurality of identity agents and the number of people required for identity recovery; when the user private key is lost, a new user public key and user address are specified for the user by the user's one or more identity agents.
Furthermore, a security chip is arranged in the identity hardware and used for storing user identity information and identity ID; in the whole life cycle, the private key is generated only once, and the generated private key has the random characteristic of uniform distribution; the private key is stored in the security chip and cannot be copied and read; in the whole life cycle, the identity information is generated only once; the identity information is stored in the security chip and cannot be copied and read;
specifically, the identity hardware realizes the following functions through a terminal interface:
1. responding to a private key generation request of an external hardware interface, and returning an error if the private key is generated; if not, generating a primary private key and returning success;
2. responding to an identity information generation request of an external hardware interface, and returning an error if the identity information is generated; if the identity information does not exist, generating primary identity information through externally input identity information, and returning success;
3. responding to a public key acquisition request of an external hardware interface, and outputting public key information to the outside;
4. responding to an identity authentication request of an external hardware interface, and calculating zero-knowledge proof identity authentication information through externally input public parameters and identity information in a chip; and signing the challenge random number and the zero-knowledge proof identity authentication information by using a private key through the challenge random number input from the outside, and outputting the signature information to the outside.
The invention has the following beneficial effects:
under the condition of not revealing specific identity information, verifying that the signature information is signed and issued by a specified authority; the authentication is carried out through the signature item information and the public key provided by the authority, and the authenticity and the accuracy of the identity are further verified.
Detailed Description
The present invention will be further described with reference to the following embodiments.
The embodiment provides an identity distribution and authentication method based on zero-knowledge proof, which is based on identity hardware and an authentication terminal, wherein the identity hardware comprises unique hardware information, and the identity distribution and authentication method specifically comprises the following steps:
s1, applying by a user, providing identity information, distributing identity hardware by an authority, writing unique hardware information into a block chain through the authority, obtaining public key information Pk, a user address Uk and a one-time private key through a digital identity intelligent contract established on the block chain, and obtaining an identity ID.
And S2, the authority enters the identity information and the identity ID into the identity hardware.
And S3, the user signs a zero-knowledge proof identity information to an authority mechanism through the identity authentication hardware and the authentication terminal.
S4, the authority authenticates zero-knowledge proof identity information issued by the user; if the information authentication is passed, a chain request is sent, the identity ID and the content addressing value of the identity information are registered in the digital identity intelligent contract object on the blockchain, and the identity distribution authentication is completed.
In this embodiment, the identity information is constructed and calculated according to the way of the mercker tree, and then the corresponding authority signs using the one-time private key and outputs a signature item.
The identity information comprises public information and private information; the public information includes: identity ID: the identifier of the identity meets the uniqueness and validity of the identity on the blockchain; public key information: the public key information of the user is used for confirming that the identity information is provided by the user in the identity information exchange protocol; public key information of the issuer; year, month and day of issuance: in order to ensure that the identity authentication information in the private key leakage time period can be used as verification to be processed by the verification logic under the condition that the private key is leaked by the issuer; public parameters specifying mathematical constraints: in this embodiment, according to the year, month, day and 16 year > the current year, month and day, the public parameter is 16 and the current year, month and day, and the private information is the year, month and day of birth.
The privacy information includes: various privacy information in the identity information comprises name, gender, nationality, birth year, month and day, address and citizen identity number; non-public parameters of the mathematical constraints: the mathematical constraint condition is mainly characterized in that a random number is introduced into identity authentication information as a public parameter, a non-public parameter is introduced to constrain the public parameter, and a constraint calculation result as the public parameter becomes a part of evidence information; in addition, the expiry date can be set selectively; a mathematical constraint is required to be made between the current year, month and day: expiration date > current year, month, day.
The specific authentication process is as follows:
t1, the authentication terminal is connected with identity hardware through a hardware interface;
t2, the authentication terminal requests identity information from the identity hardware through a hardware interface and transmits a challenge random number and related public parameters;
t3, the identity hardware calculates a zero-knowledge proof identity authentication information through the public parameters input from the outside and the identity information in the identity hardware; and signing the challenge random number and identity information based on zero knowledge proof by using a private key through the challenge random number input from the outside, outputting signature information, and verifying the signature information by using the authentication terminal.
Each identity creates a digital identity with intelligent contract logic binding force on the blockchain, and the digital identity has the following characteristics:
1. the identity ID satisfies the uniqueness and validity of the identity; it becomes a unique and always valid identifier on the block chain;
2. the corresponding digital identity intelligent contract can be directly positioned through the identity ID.
The digital identity intelligent contract is formed by a group of intelligent contracts which cooperate with each other to complete identity functions, and main intelligent contract logic objects comprise:
1. an identity generator; through this contract, the authority may create a corresponding set of contract logical constraints for each new identity to accomplish the management functions for its identity. The identity generator object also has the following logical functions in order to implement security:
(1) the authority control function: only through the private key authorized by the authority, the logical operations of identity generation and identity registration can be completed;
(2) the identity management function is as follows: the created identity ID is registered in the identity generator logic object, and corresponding zero-knowledge proof identity information is anchored to provide an inquiry function for the outside; the identity ID can also be logged off;
(3) the authority updating function: under the condition that the authorized private key is lost or leaked by an authority department, a plurality of trusted entities set by the authority can reset a new authorized user address for an identity generator object through a multi-signature mechanism, so that the logic control right of generating new identity is handed to the private key of a new authorized user.
2. Identity agent
It is created by an identity generator, representing an entry to an identity; the method has the capability of re-anchoring the corresponding identity control contract, so that the identity can be anchored to the new identity control contract logic under the condition that the new identity management logic needs to be updated;
of course, in consideration of the security problem of interaction, the proxy object is also responsible for interacting with identity recovery and other logic management objects, and here, the transaction forwarding and interaction functions of the intelligent contract logic object are completed through only one interaction interface.
3. Identity control
It is created by an identity generator, representing the entry for identity rights control and management. Firstly, it carries out authority confirmation to the access request of the client; secondly, it transmits and interacts the management request affairs of the identity through the identity agent object in a unified way.
4. Identity recovery
When the private key corresponding to the identity user is lost, the identity user needs to be able to update the private key corresponding to the identity through an identity recovery mechanism, so that the identity user can obtain the control right of the identity again.
This is a multiple signature mechanism, controlled by one or more trusted entities (called identity agents) of the identity user. The identity agent can assign a new user public key and user address to the identity control object, which provides a way for digital identity users to recover their identity in the event of loss of the key device.
5. Other logical management objects
Mainly comprises management objects such as identification information and the like. For example, a user creates an own identity certificate for a certain organization, and the corresponding identity certificate can be verified through an intelligent contract and anchored in an identity certificate information management object of the user; the corresponding organization can confirm that the identification information is indeed issued by the corresponding user through the blockchain.
The management method comprises the following steps: setting user addresses Dk0, …, Dki of a plurality of identity agents and the number of people required for identity recovery; when the user private key is lost, a new user public key and user address are specified for the user by the user's one or more identity agents.
The identity hardware is provided with a security chip for storing user identity information and identity ID; in the whole life cycle, the private key is generated only once, and the generated private key has the random characteristic of uniform distribution; the private key is stored in the security chip and cannot be copied and read; in the whole life cycle, the identity information is generated only once; the identity information is stored in the security chip and cannot be copied and read;
specifically, the identity hardware realizes the following functions through a terminal interface:
1. responding to a private key generation request of an external hardware interface, and returning an error if the private key is generated; if not, generating a primary private key and returning success;
2. responding to an identity information generation request of an external hardware interface, and returning an error if the identity information is generated; if the identity information does not exist, generating primary identity information through externally input identity information, and returning success;
3. responding to a public key acquisition request of an external hardware interface, and outputting public key information to the outside;
4. responding to an identity authentication request of an external hardware interface, and calculating zero-knowledge proof identity authentication information through externally input public parameters and identity information in a chip; and signing the challenge random number and the zero-knowledge proof identity authentication information by using a private key through the challenge random number input from the outside, and outputting the signature information to the outside.
In the embodiment, the identity information is doubly protected through the security chip of the identity hardware and the characteristic of zero knowledge proof, and the signature information can be verified to be signed and issued by a specified authority under the condition of not revealing specific identity information; the authentication is carried out through the signature item information and the public key provided by the authority, and the authenticity and the accuracy of the identity are further verified.
It should be understood that the above examples are only for clearly illustrating the technical solutions of the present invention, and are not intended to limit the embodiments of the present invention. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present invention should be included in the protection of the claims of the present invention.
Claims (6)
1. An identity distribution and authentication method based on zero-knowledge proof is characterized in that based on identity hardware and an authentication terminal, the identity hardware comprises unique hardware information, and the identity distribution and authentication method specifically comprises the following steps:
s1, applying by a user, providing identity information, distributing identity hardware by an authority, writing unique hardware information into a block chain through the authority, obtaining public key information Pk, a user address Uk and a one-time private key through a digital identity intelligent contract established on the block chain, and acquiring an identity ID;
s2, an authority enters identity information and an identity ID into the identity hardware;
s3, the user signs a zero-knowledge proof identity information to an authority mechanism through identity authentication hardware and an authentication terminal;
s4, the authority authenticates zero-knowledge proof identity information issued by the user; if the information authentication is passed, a chain request is sent, the identity ID and the content addressing value of the identity information are registered in the digital identity intelligent contract object on the blockchain, and the identity distribution authentication is completed.
2. The zero-knowledge proof-based identity distribution and authentication method according to claim 1, wherein the identity information is constructed and calculated as a root hash of a corresponding merkel tree in a merkel tree manner, and then signed by a corresponding authority using the one-time private key and a signed item is output.
3. The zero-knowledge proof-based identity distribution and authentication method according to claim 1, wherein the identity information comprises public information and private information; the public information includes: identity ID, public key information of an issuer, the year, month and day of issuance and public parameters of specified mathematical constraint conditions; the privacy information includes: name, gender, ethnicity, year, month and day of birth, address, citizen identification number, and non-public parameters of mathematical constraint conditions; the mathematical constraint condition is mainly characterized in that a random number is introduced into identity authentication information as a public parameter, a non-public parameter is introduced to constrain the public parameter, and a constraint calculation result as the public parameter becomes a part of evidence information.
4. The identity distribution and authentication method based on zero-knowledge proof according to claim 3, wherein the specific authentication process is as follows:
t1, the authentication terminal is connected with identity hardware through a hardware interface;
t2, the authentication terminal requests identity information from the identity hardware through a hardware interface and transmits a challenge random number and related public parameters;
t3, the identity hardware calculates a zero-knowledge proof identity authentication information through the public parameters input from the outside and the identity information in the identity hardware; and signing the challenge random number and identity information based on zero knowledge proof by using a private key through the challenge random number input from the outside, outputting signature information, and verifying the signature information by using the authentication terminal.
5. The zero-knowledge proof-based identity distribution and authentication method of claim 1, wherein the digital intelligent contract further comprises an identity generator for creating a set of corresponding contract logical constraints for management of the identity of the user, the specific management method comprising: setting user addresses Dk0, …, Dki of a plurality of identity agents and the number of people required for identity recovery; when the user private key is lost, a new user public key and user address are specified for the user by the user's one or more identity agents.
6. The identity distribution and authentication method based on zero-knowledge proof of claim 1, wherein a security chip is provided in the identity hardware for storing user identity information and identity ID.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010305862.0A CN111600844A (en) | 2020-04-17 | 2020-04-17 | Identity distribution and authentication method based on zero-knowledge proof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010305862.0A CN111600844A (en) | 2020-04-17 | 2020-04-17 | Identity distribution and authentication method based on zero-knowledge proof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111600844A true CN111600844A (en) | 2020-08-28 |
Family
ID=72188968
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010305862.0A Pending CN111600844A (en) | 2020-04-17 | 2020-04-17 | Identity distribution and authentication method based on zero-knowledge proof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111600844A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111861480A (en) * | 2020-09-21 | 2020-10-30 | 浙江大学 | Traffic detection model transaction method and device, electronic equipment and storage medium |
| CN112199448A (en) * | 2020-12-04 | 2021-01-08 | 南京星链高科技发展有限公司 | Industrial and commercial registration method and system based on block chain |
| CN112333158A (en) * | 2020-10-20 | 2021-02-05 | 杭州云象网络技术有限公司 | Privacy protection method and system based on block chain all-in-one machine |
| CN112364311A (en) * | 2020-11-10 | 2021-02-12 | 上海保险交易所股份有限公司 | Method and device for managing identity on block chain |
| CN112948789A (en) * | 2021-04-20 | 2021-06-11 | 北京优品三悦科技发展有限公司 | Identity authentication method and device, storage medium and electronic equipment |
| CN114070567A (en) * | 2021-09-28 | 2022-02-18 | 中诚区块链研究院(南京)有限公司 | Zero-knowledge proof equal-block chain identity authentication and privacy protection core technology |
| CN115051807A (en) * | 2022-06-02 | 2022-09-13 | 昆明理工大学 | Zero-knowledge identity authentication method based on super book Fabric |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101877638A (en) * | 2009-04-30 | 2010-11-03 | 北京邮电大学 | Cubic residue-based identity signature system |
| CN102932149A (en) * | 2012-10-30 | 2013-02-13 | 武汉理工大学 | Integrated identity based encryption (IBE) data encryption system |
| CN107995151A (en) * | 2016-10-27 | 2018-05-04 | 腾讯科技(深圳)有限公司 | Login validation method, apparatus and system |
| CN109274481A (en) * | 2018-08-01 | 2019-01-25 | 中国科学院数据与通信保护研究教育中心 | A kind of traceable method of data of block chain |
| CN109376528A (en) * | 2018-10-26 | 2019-02-22 | 上海交通大学 | A kind of trusted identity management system and method based on block chain |
| CN109922077A (en) * | 2019-03-27 | 2019-06-21 | 北京思源互联科技有限公司 | A kind of identity identifying method and its system based on block chain |
| CN110049060A (en) * | 2019-04-28 | 2019-07-23 | 南京理工大学 | Distributed trusted identity based on block chain deposits card method and system |
| CN110224837A (en) * | 2019-06-06 | 2019-09-10 | 西安纸贵互联网科技有限公司 | Zero-knowledge proof method and terminal based on distributed identity |
| CN110768791A (en) * | 2019-09-24 | 2020-02-07 | 北京八分量信息科技有限公司 | Zero-knowledge proof data interaction method, node and equipment |
| US20200076602A1 (en) * | 2018-08-29 | 2020-03-05 | International Business Machines Corporation | Trusted identity solution using blockchain |
-
2020
- 2020-04-17 CN CN202010305862.0A patent/CN111600844A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101877638A (en) * | 2009-04-30 | 2010-11-03 | 北京邮电大学 | Cubic residue-based identity signature system |
| CN102932149A (en) * | 2012-10-30 | 2013-02-13 | 武汉理工大学 | Integrated identity based encryption (IBE) data encryption system |
| CN107995151A (en) * | 2016-10-27 | 2018-05-04 | 腾讯科技(深圳)有限公司 | Login validation method, apparatus and system |
| CN109274481A (en) * | 2018-08-01 | 2019-01-25 | 中国科学院数据与通信保护研究教育中心 | A kind of traceable method of data of block chain |
| US20200076602A1 (en) * | 2018-08-29 | 2020-03-05 | International Business Machines Corporation | Trusted identity solution using blockchain |
| CN109376528A (en) * | 2018-10-26 | 2019-02-22 | 上海交通大学 | A kind of trusted identity management system and method based on block chain |
| CN109922077A (en) * | 2019-03-27 | 2019-06-21 | 北京思源互联科技有限公司 | A kind of identity identifying method and its system based on block chain |
| CN110049060A (en) * | 2019-04-28 | 2019-07-23 | 南京理工大学 | Distributed trusted identity based on block chain deposits card method and system |
| CN110224837A (en) * | 2019-06-06 | 2019-09-10 | 西安纸贵互联网科技有限公司 | Zero-knowledge proof method and terminal based on distributed identity |
| CN110768791A (en) * | 2019-09-24 | 2020-02-07 | 北京八分量信息科技有限公司 | Zero-knowledge proof data interaction method, node and equipment |
Non-Patent Citations (1)
| Title |
|---|
| 张利华 等: "基于联盟链的微电网身份认证协议", 《应用科学学报 2020年》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111861480A (en) * | 2020-09-21 | 2020-10-30 | 浙江大学 | Traffic detection model transaction method and device, electronic equipment and storage medium |
| CN112333158A (en) * | 2020-10-20 | 2021-02-05 | 杭州云象网络技术有限公司 | Privacy protection method and system based on block chain all-in-one machine |
| CN112364311A (en) * | 2020-11-10 | 2021-02-12 | 上海保险交易所股份有限公司 | Method and device for managing identity on block chain |
| CN112364311B (en) * | 2020-11-10 | 2024-01-26 | 上海保险交易所股份有限公司 | Identity management method and device on blockchain |
| CN112199448A (en) * | 2020-12-04 | 2021-01-08 | 南京星链高科技发展有限公司 | Industrial and commercial registration method and system based on block chain |
| CN112948789A (en) * | 2021-04-20 | 2021-06-11 | 北京优品三悦科技发展有限公司 | Identity authentication method and device, storage medium and electronic equipment |
| CN112948789B (en) * | 2021-04-20 | 2023-03-28 | 北京优品三悦科技发展有限公司 | Identity authentication method and device, storage medium and electronic equipment |
| CN114070567A (en) * | 2021-09-28 | 2022-02-18 | 中诚区块链研究院(南京)有限公司 | Zero-knowledge proof equal-block chain identity authentication and privacy protection core technology |
| CN115051807A (en) * | 2022-06-02 | 2022-09-13 | 昆明理工大学 | Zero-knowledge identity authentication method based on super book Fabric |
| CN115051807B (en) * | 2022-06-02 | 2024-05-24 | 昆明理工大学 | Zero-knowledge identity authentication method based on super account book Fabric |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111600844A (en) | Identity distribution and authentication method based on zero-knowledge proof | |
| US11314891B2 (en) | Method and system for managing access to personal data by means of a smart contract | |
| US11018869B2 (en) | Blockchain-based digital identity management (DIM) system | |
| CN109286497B (en) | Anonymous voting and multi-condition vote counting method based on block chain | |
| JP3595109B2 (en) | Authentication device, terminal device, authentication method in those devices, and storage medium | |
| CN102420690B (en) | Fusion and authentication method and system of identity and authority in industrial control system | |
| EP3376708B1 (en) | Anonymous communication system and method for subscribing to said communication system | |
| US20080250246A1 (en) | Method for Controlling Secure Transactions Using a Single Multiple Dual-Key Device, Corresponding Physical Deivce, System and Computer Program | |
| CN113239382A (en) | Credible identity model based on block chain intelligent contract | |
| CN106789090A (en) | Public key infrastructure system and semi-random participating certificate endorsement method based on block chain | |
| CZ11597A3 (en) | Method of safe use of digital designation in a commercial coding system | |
| CN112165382B (en) | Software authorization method and device, authorization server side and terminal equipment | |
| CN108171068A (en) | A kind of student status certification alliance catenary system and its operation method | |
| CN110235410A (en) | Replace the method for the login of user using the block chain database of the agreement based on UTXO and by the certification based on PKI and utilizes its server | |
| JPH10327147A (en) | Electronic authenticating and notarizing method and its system | |
| JP2005050308A (en) | Personal authentication device, system, and method thereof | |
| CN101461209A (en) | Arrangement and method for securing data transmission | |
| JP7114078B2 (en) | Electronic authentication method and program | |
| JP2009503967A (en) | Method for controlling protected transaction using a single physical device, and corresponding physical device, system and computer program | |
| Gulati et al. | Self-sovereign dynamic digital identities based on blockchain technology | |
| Dongre et al. | Education degree fraud detection and student certificate verification using blockchain | |
| US20240187259A1 (en) | Method and apparatus for generating, providing and distributing a trusted electronic record or certificate based on an electronic document relating to a user | |
| CN108496194A (en) | A kind of method, server-side and the system of verification terminal legality | |
| Boontaetae et al. | RDI: Real digital identity based on decentralized PKI | |
| CN103414563A (en) | Validity time management method of CPK identification, secret key pair and certificate |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200828 |