CN111931226A - Block chain certificate revocation method, device, equipment and medium - Google Patents
Block chain certificate revocation method, device, equipment and medium Download PDFInfo
- Publication number
- CN111931226A CN111931226A CN202010517196.7A CN202010517196A CN111931226A CN 111931226 A CN111931226 A CN 111931226A CN 202010517196 A CN202010517196 A CN 202010517196A CN 111931226 A CN111931226 A CN 111931226A
- Authority
- CN
- China
- Prior art keywords
- certificate
- accumulator
- node
- prime number
- issuing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 238000012795 verification Methods 0.000 claims abstract description 10
- 239000000126 substance Substances 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 9
- 230000006872 improvement Effects 0.000 description 9
- 238000004590 computer program Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 238000005516 engineering process Methods 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000000354 decomposition reaction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 229920001296 polysiloxane Polymers 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Data Mining & Analysis (AREA)
- Computing Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the application discloses a block chain certificate revocation method, a block chain certificate revocation device, a block chain certificate revocation apparatus and a block chain certificate revocation medium, wherein the block chain certificate revocation apparatus comprises: if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number; and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers. According to the embodiment of the application, the prime number of the certificate to be revoked is added into the accumulator through the characteristic of the prime number, so that the verification node can verify that the certificate is revoked by the issuing node.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a block chain certificate revocation method, apparatus, device, and medium.
Background
The certificate is an important basis for identity authentication and identification in the block chain. The issuing node issues the certificate of the digital certificate after confirming the identity of the holder, and the holding node stores the certificate of the issuing node.
In the prior art, if an issuing node once issues a certificate, the issuing node stores the certificate in a database through a holding node, and the issuing node cannot revoke the issued certificate.
Disclosure of Invention
In view of this, embodiments of the present application provide a block chain certificate revocation method, apparatus, device, and medium, so as to solve the problem in the prior art that an issued certificate cannot be revoked.
The embodiment of the application adopts the following technical scheme:
the embodiment of the application provides a block chain certificate revocation method, which comprises the following steps:
if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number;
and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
Further, if the issuing node needs to revoke the certificate, before multiplying the prime number corresponding to the certificate by the accumulator of the issuing node and updating the accumulator of the issuing node, the method further includes:
and when the issuing node issues the certificate, distributing a unique prime number to the certificate to finish issuing the certificate.
Further, when the issuing node issues the certificate, it allocates a unique prime number to the certificate, and completes issuing of the certificate, specifically including:
when the issuing node issues the certificate, the identity of a certified node corresponding to the certificate is confirmed according to a private key of the issuing node;
and after the issuing node confirms the identity of the certification node, distributing a unique prime number for the certificate to complete the issuing of the certificate.
Further, after assigning a unique prime number to the certificate, the method further comprises:
recording the number of the prime number in the certificate and associating the number with the prime number.
Further, the verifying node verifies that the certificate has been revoked through an accumulator stored in the block chain, specifically including:
and the verification node acquires an accumulator from the block chain, divides the accumulator by the prime number corresponding to the certificate, and if the updated accumulator can divide the prime number corresponding to the certificate in an integer manner, the certificate is proved to be revoked.
Further, if the updated accumulator cannot divide the prime number corresponding to the certificate by an integer, the method further includes:
the authentication node proves that the certificate was not revoked.
Further, after the revocation of the certificate is completed, the method further includes:
and the issuing node sends a notice that the certificate is revoked to a holding node corresponding to the certificate.
An embodiment of the present application further provides a device for revoking a block chain certificate, where the device includes:
the revocation node is used for multiplying the prime number corresponding to the certificate by the accumulator of the issuing node and updating the accumulator of the issuing node if the issuing node needs to revoke the certificate, wherein each certificate corresponds to a unique prime number;
and the block node is used for sending the updated accumulator to a block chain by the issuing node to complete the revocation of the certificate so as to verify that the certificate is revoked by a verification node through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
An embodiment of the present application further provides a block chain certificate revocation medium, in which computer-executable instructions are stored, where the computer-executable instructions are configured to:
if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number;
and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
An embodiment of the present application further provides a device for revocation of a block chain certificate, where the device includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number;
and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
The embodiment of the application adopts at least one technical scheme which can achieve the following beneficial effects: according to the embodiment of the application, the prime number of the certificate to be revoked is added into the accumulator through the characteristic of the prime number, so that the verification node can verify that the certificate is revoked by the issuing node.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1 is a flowchart illustrating a block chain certificate revocation method according to an embodiment of the present disclosure;
fig. 2 is a flowchart illustrating a block chain certificate revocation method according to a second embodiment of the present disclosure;
fig. 3 is a schematic flowchart of a certificate revocation method provided in the second embodiment of the present specification;
fig. 4 is a schematic structural diagram of a block chain certificate revocation apparatus according to a third embodiment of the present disclosure.
Detailed Description
The issuing node issues the certificate of the digital certificate after confirming the identity of the holder, and the holding node stores the certificate of the holding node. The issuing node stores the certificate in the database by the holding node once issuing the certificate, and the issuing node cannot edit the issued certificate, and cannot revoke the certificate in a mode of marking on the certificate
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.
Fig. 1 is a flowchart illustrating a block chain certificate revocation method according to an embodiment of the present disclosure, which specifically includes:
and step S101, if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node.
In step S101 in this embodiment of the present specification, the prime number corresponding to the certificate may be a prime number assigned when the issuing node issues the certificate. Each certificate corresponds to a unique prime number. The accumulator is a product of the multiplication of a plurality of different prime numbers. If the prime number corresponding to the certificate is multiplied by the accumulator of the issuing node, the newly generated accumulator becomes a revocation blacklist.
It should be noted that the accumulator only multiplies the prime number corresponding to the revoked certificate.
Step S102, the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain.
According to the embodiment of the application, the prime number of the certificate to be revoked is added into the accumulator through the characteristic of the prime number, so that the verification node can verify that the certificate is revoked by the issuing node.
Corresponding to the first embodiment of the present specification, fig. 2 is a flowchart illustrating a block chain certificate revocation method provided in the second embodiment of the present specification, which specifically includes:
step S201, when the issuing node issues the certificate, a unique prime number is distributed to the certificate, and the issuing of the certificate is completed.
In step S201 in the embodiment of this specification, this step may specifically include:
when the issuing node issues the certificate, the identity of a certified node corresponding to the certificate is confirmed according to a private key of the issuing node;
and after the issuing node confirms the identity of the node which holds the certificate, distributing a unique prime number for the certificate to complete the issuing of the certificate.
In step S201 of the embodiment of the present specification, after the issuing node assigns a unique prime number to the certificate, the method further includes:
the number of the prime number is recorded in the certificate and is associated with the prime number. Because the prime number distributed to the certificate is long and is not suitable for being directly placed in the certificate, the storage space of the certificate can be reduced by recording the serial number in the certificate.
Step S202, if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node.
In step S202 in this embodiment of the present specification, the prime number corresponding to the certificate may be a prime number assigned when the issuing node issues the certificate. Each certificate corresponds to a unique prime number. The accumulator is a product of the multiplication of a plurality of different prime numbers. If the prime number corresponding to the certificate is multiplied by the accumulator of the issuing node, the newly generated accumulator becomes a revocation blacklist.
It should be noted that the accumulator only multiplies the prime number corresponding to the revoked certificate.
Step S203, the issuing node sends the updated accumulator to the blockchain, and completes revocation of the certificate, so that the verifying node verifies that the certificate has been revoked through the accumulator stored in the blockchain.
In step S203 in this embodiment of the present specification, the verifying node verifies that the certificate has been revoked through an accumulator stored in the block chain, which specifically includes:
and the verification node acquires an accumulator from the block chain, divides the accumulator by the prime number corresponding to the certificate, and if the updated accumulator can divide the prime number corresponding to the certificate in an integer manner, the certificate is proved to be revoked. If the prime number corresponding to a certain certificate exists in the revocation blacklist accumulator, the certificate is revoked, namely, the prime number corresponding to the revoked certificate can be divided by the accumulator.
It should be noted that, the certificate is revoked by using the accumulator of the issuing node, and the following two principles are utilized: 1. any integer a greater than 1, if a is not a prime number, a can be expressed as the product of a series of prime numbers, and this expression is unique; 2. currently, there is no efficient algorithm for integer decomposition of a semi-prime number (semiprime) obtained by multiplying two sufficiently large prime numbers.
If the updated accumulator cannot divide the prime number corresponding to the certificate, the method further comprises:
the authentication node proves that the certificate was not revoked. Whether the certificate is revoked or not can be verified by the verification node.
After completing the revocation of the certificate, the method further comprises:
and the issuing node sends a notice that the certificate is revoked to a holding node corresponding to the certificate.
It should be noted that, with reference to fig. 3, the issuer (issuing node) assigns a large prime number to the holder (holding node), the holder's certificate authority records the ID (number) of the prime number, and stores a digital certificate (certificate) prime number table in the database, including the prime number index, the issuer ID, and the prime number. If the issuer needs to cancel the digital certificate, the issuer Accumulator is multiplied by the prime number of the certificate, and updates its Accumulator in the block chain, to cancel the certificate, i.e. the certificate, the Accumulator is the product value of a plurality of different prime numbers, the holder (holding node) shows the verifiable certificate to the verifier (verifying node), the verifier takes out the value of the Accumulator from the block chain, and can be divided by the big prime number associated with the holder ID, to indicate that the certificate (certificate) has been cancelled.
According to the embodiment of the application, the prime number of the certificate to be revoked is added into the accumulator through the characteristic of the prime number, so that the verification node can verify that the certificate is revoked by the issuing node.
Corresponding to the second embodiment of this specification, fig. 4 is a schematic structural diagram of an apparatus for revoking a block chain certificate according to the third embodiment of this specification, where the apparatus includes: revocation node 1, block node 2.
The revocation node 1 is used for multiplying the prime number corresponding to the certificate by an accumulator of the signing node and updating the accumulator of the signing node if the signing node needs to revoke the certificate, wherein each certificate corresponds to a unique prime number;
the block node 2 is used for the issuing node to send the updated accumulator to the block chain, so as to complete the revocation of the certificate, and therefore, the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
An embodiment of the present application further provides a block chain certificate revocation medium, in which computer-executable instructions are stored, where the computer-executable instructions are configured to:
if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number;
and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
An embodiment of the present application further provides a device for revocation of a block chain certificate, where the device includes:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number;
and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape disk storage or other magnetic storage devices, or any other non-transmission medium which can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A method of block chain certificate revocation, the method comprising:
if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number;
and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
2. The method of claim 1, wherein if the issuing node needs to revoke the certificate, the method further comprises, before multiplying a prime number corresponding to the certificate by an accumulator of the issuing node and updating the accumulator of the issuing node:
and when the issuing node issues the certificate, distributing a unique prime number to the certificate to finish issuing the certificate.
3. The method of claim 2, wherein when the issuing node issues the certificate, the issuing node assigns a unique prime number to the certificate, and completes issuance of the certificate, and specifically includes:
when the issuing node issues the certificate, the identity of a certified node corresponding to the certificate is confirmed according to a private key of the issuing node;
and after the issuing node confirms the identity of the certification node, distributing a unique prime number for the certificate to complete the issuing of the certificate.
4. The blockchain certificate revocation method of claim 2, wherein after said assigning a unique prime number to the certificate, the method further comprises:
recording the number of the prime number in the certificate and associating the number with the prime number.
5. The method according to claim 1, wherein the verifying node verifies that the certificate has been revoked by an accumulator stored in the blockchain, and specifically comprises:
and the verification node acquires an accumulator from the block chain, divides the accumulator by the prime number corresponding to the certificate, and if the updated accumulator can divide the prime number corresponding to the certificate in an integer manner, the certificate is proved to be revoked.
6. The method of claim 5, wherein if the updated accumulator cannot divide the corresponding prime number of the certificate, the method further comprises:
the authentication node proves that the certificate was not revoked.
7. The blockchain certificate revocation method of claim 1, wherein after the completion of the revocation of the certificate, the method further comprises:
and the issuing node sends a notice that the certificate is revoked to a holding node corresponding to the certificate.
8. An apparatus for block chain certificate revocation, the apparatus comprising:
the revocation node is used for multiplying the prime number corresponding to the certificate by the accumulator of the issuing node and updating the accumulator of the issuing node if the issuing node needs to revoke the certificate, wherein each certificate corresponds to a unique prime number;
and the block node is used for sending the updated accumulator to a block chain by the issuing node to complete the revocation of the certificate so as to verify that the certificate is revoked by a verification node through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
9. A blockchain certificate revocation medium having stored thereon computer-executable instructions configured to:
if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number;
and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
10. A blockchain certificate revocation device, the device comprising:
at least one processor; and the number of the first and second groups,
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to:
if the issuing node needs to revoke the certificate, multiplying the prime number corresponding to the certificate by the accumulator of the issuing node, and updating the accumulator of the issuing node, wherein each certificate corresponds to a unique prime number;
and the issuing node sends the updated accumulator to the block chain to complete the revocation of the certificate, so that the verifying node verifies that the certificate is revoked through the accumulator stored in the block chain, wherein the accumulator is the product of the multiplication of a plurality of different prime numbers.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010517196.7A CN111931226A (en) | 2020-06-09 | 2020-06-09 | Block chain certificate revocation method, device, equipment and medium |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010517196.7A CN111931226A (en) | 2020-06-09 | 2020-06-09 | Block chain certificate revocation method, device, equipment and medium |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111931226A true CN111931226A (en) | 2020-11-13 |
Family
ID=73317167
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010517196.7A Pending CN111931226A (en) | 2020-06-09 | 2020-06-09 | Block chain certificate revocation method, device, equipment and medium |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111931226A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114785585A (en) * | 2022-04-18 | 2022-07-22 | 高途教育科技集团有限公司 | Information verification and verification method, device, equipment and storage medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105264819A (en) * | 2013-03-15 | 2016-01-20 | 微软技术许可有限责任公司 | Minimal disclosure credential verification and revocation |
US20190036710A1 (en) * | 2017-07-26 | 2019-01-31 | Alibaba Group Holding Limited | Digital certificate management method and apparatus, and electronic device |
US20190036712A1 (en) * | 2017-07-26 | 2019-01-31 | Alibaba Group Holding Limited | Digital certificate management method, apparatus, and system |
CN110942302A (en) * | 2019-11-26 | 2020-03-31 | 深圳前海微众银行股份有限公司 | Block chain certificate revocation and verification method, issuing node and verification node |
CN111092724A (en) * | 2019-12-25 | 2020-05-01 | 杭州溪塔科技有限公司 | Block chain system digital certificate issuing method, equipment, system and medium |
-
2020
- 2020-06-09 CN CN202010517196.7A patent/CN111931226A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105264819A (en) * | 2013-03-15 | 2016-01-20 | 微软技术许可有限责任公司 | Minimal disclosure credential verification and revocation |
US20190036710A1 (en) * | 2017-07-26 | 2019-01-31 | Alibaba Group Holding Limited | Digital certificate management method and apparatus, and electronic device |
US20190036712A1 (en) * | 2017-07-26 | 2019-01-31 | Alibaba Group Holding Limited | Digital certificate management method, apparatus, and system |
CN110942302A (en) * | 2019-11-26 | 2020-03-31 | 深圳前海微众银行股份有限公司 | Block chain certificate revocation and verification method, issuing node and verification node |
CN111092724A (en) * | 2019-12-25 | 2020-05-01 | 杭州溪塔科技有限公司 | Block chain system digital certificate issuing method, equipment, system and medium |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114785585A (en) * | 2022-04-18 | 2022-07-22 | 高途教育科技集团有限公司 | Information verification and verification method, device, equipment and storage medium |
CN114785585B (en) * | 2022-04-18 | 2023-12-08 | 高途教育科技集团有限公司 | Information verification method, device, equipment and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110990804B (en) | Resource access method, device and equipment | |
CN106899666B (en) | Data processing method and device for service identification | |
CN112564920B (en) | Enterprise identity verification method, system, electronic equipment and storage medium | |
CN113079200A (en) | Data processing method, device and system | |
CN110990820B (en) | Tax disk authorization method and device, electronic equipment and storage medium | |
CN111683039B (en) | Authentication method, device and medium | |
CN109214193B (en) | Data encryption and machine learning model training method and device and electronic equipment | |
CN109947643B (en) | A/B test-based experimental scheme configuration method, device and equipment | |
CN107578338B (en) | Service publishing method, device and equipment | |
CN110781192B (en) | Verification method, device and equipment of block chain data | |
CN113076527B (en) | Block chain-based digital asset processing method and device | |
CN108616361B (en) | Method and device for identifying uniqueness of equipment | |
CN116305298B (en) | Method and device for managing computing power resources, storage medium and electronic equipment | |
CN114331428A (en) | Non-homogeneous evidence-based distribution method and device | |
CN113221142A (en) | Authorization service processing method, device, equipment and system | |
CN114529417A (en) | Method for executing transaction, block chain, main node and slave node | |
CN111931226A (en) | Block chain certificate revocation method, device, equipment and medium | |
CN110995447B (en) | Data storage method, device, equipment and medium | |
CN111641499A (en) | Block chain-based private key restoration method, device, equipment and medium | |
CN113935019A (en) | Method and equipment for accessing and establishing client digital identity by client | |
CN112286572A (en) | Configuration method and device of business process | |
CN111163113A (en) | Registration processing method, device, equipment and system | |
CN111640016A (en) | Verification method, device, equipment and medium for private transaction | |
CN111030826A (en) | Certificate revocation method and device for block chain network and electronic equipment | |
CN110955653A (en) | Data page processing method, device, equipment and computer system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |