CN112507296B - User login verification method and system based on blockchain - Google Patents
User login verification method and system based on blockchain Download PDFInfo
- Publication number
- CN112507296B CN112507296B CN202011265876.0A CN202011265876A CN112507296B CN 112507296 B CN112507296 B CN 112507296B CN 202011265876 A CN202011265876 A CN 202011265876A CN 112507296 B CN112507296 B CN 112507296B
- Authority
- CN
- China
- Prior art keywords
- random information
- login verification
- user terminal
- login
- blockchain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012795 verification Methods 0.000 title claims abstract description 80
- 238000000034 method Methods 0.000 title claims abstract description 20
- 238000005516 engineering process Methods 0.000 abstract description 3
- 238000004891 communication Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a user login verification method and a system based on a blockchain, wherein the method comprises the following steps: a pair of private key public keys and random information are generated through a block chain network and distributed to a user terminal and a login verification server, and then the user terminal and the login verification server are enabled to conduct random information verification by means of an asymmetric encryption technology, so that quick login verification is achieved. Therefore, the invention monitors the login party and the verification party through the blockchain, does not need the user to provide any privacy information for the APP service provider, and can solve the problem that the privacy of the user is easy to be revealed in the traditional registration login mode of the mobile phone APP.
Description
Technical Field
The present invention relates to blockchain technologies, and in particular, to a blockchain-based user login verification method and system.
Background
Nowadays, along with the popularization of smart phones, mobile phone APP is also rapidly developed; however, the use of the mobile phone APP generally requires registration and login, and also requires that the user authorize the mobile phone APP to access certain functional rights of the mobile phone, such as storage, photo, positioning, etc.; in addition, most mobile phone APP is registered, either through mobile phone verification codes or through authorized login of social account numbers, and by adopting the above, mobile phone numbers, login passwords or authorized social account number information during user registration are stored in a centralized server of a mobile phone APP service provider, so that user privacy is easy to leak; with the increasing importance of privacy protection, a scheme for solving the problem that the conventional registration and login method of the mobile phone APP easily causes privacy disclosure of the user is needed.
Disclosure of Invention
In view of the above-described deficiencies of the prior art, the present invention aims to: the user login verification method based on the blockchain is provided, login parties and verification parties are supervised through the blockchain, and the problem that user privacy is easy to reveal due to a traditional registration login mode of a mobile phone APP can be solved.
In order to achieve the above object, the present invention provides the following technical solutions:
a blockchain-based user login verification method, comprising the steps of:
after receiving a login request sent by a user terminal, the blockchain network generates a pair of private key public keys and at least one piece of random information through an intelligent contract, distributes the private keys and the random information to the user terminal or a login verification server, and distributes the public keys and the random information to the login verification server or the user terminal;
the user terminal encrypts the random information through the private key or the public key, and sends the encrypted random information to the login verification server for login verification;
and the login verification server decrypts the random information sent by the user terminal through the public key or the private key, if the decrypted random information is consistent with the random information distributed by the blockchain network, the login verification is successful, and otherwise, the login verification is failed.
According to a specific implementation mode, in the user login verification method based on the blockchain, the user terminal calculates a hash value of the random information and encrypts the random information and the hash value thereof through the private key or the public key; and the login verification server decrypts the random information and the hash value thereof sent by the user terminal through the public key or the private key.
According to a specific embodiment, in the blockchain-based user login verification method, a login request, a private key public key and random information sent by a user terminal are written into a blockchain as transaction data.
In another aspect of the present invention, there is also provided a blockchain-based user login verification system, including:
the block chain platform is used for generating a pair of private key public keys and at least one piece of random information through an intelligent contract after receiving a login request sent by a user terminal, distributing the private key and the random information to the user terminal or a login verification server, and distributing the public key and the random information to the login verification server or the user terminal;
the user terminal is used for encrypting the random information through the private key or the public key and sending the encrypted random information to the login verification server for login verification;
and the login verification server is used for decrypting the random information sent by the user terminal through the public key or the private key, if the decrypted random information is consistent with the random information distributed by the blockchain network, the login verification is successful, and otherwise, the login verification is failed.
According to a specific implementation mode, in the user login verification system based on the blockchain, the user terminal is further used for calculating a hash value of the random information and encrypting the random information and the hash value thereof through the private key or the public key; the login verification server is used for decrypting the random information and the hash value thereof sent by the user terminal through the public key or the private key.
According to a specific embodiment, in the blockchain-based user login verification system, the blockchain platform is further used for writing a login request, a private key public key and random information sent by the user terminal into the blockchain as transaction data.
Compared with the prior art, the invention has the beneficial effects that:
the user login verification method based on the block chain generates a pair of private key public keys and random information through the block chain network, distributes the private key public keys and the random information to the user terminal and the login verification server, and verifies the random information between the user terminal and the login verification server by utilizing an asymmetric encryption technology, so that quick login verification is realized. Therefore, the invention monitors the login party and the verification party through the blockchain, does not need the user to provide any privacy information for the APP service provider, and can solve the problem that the privacy of the user is easy to be revealed in the traditional registration login mode of the mobile phone APP.
Drawings
FIG. 1 is a schematic diagram of the interaction timing of the method of the present invention;
FIG. 2 is a block chain system architecture diagram of the present invention.
Detailed Description
Other advantages and effects of the present invention will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present invention with reference to specific examples. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention.
As shown in fig. 1, the blockchain-based user login verification method of the present invention includes the following steps:
after receiving a login request sent by a user terminal, the blockchain network generates a pair of private key public keys and at least one piece of random information through an intelligent contract, distributes the private keys and the random information to the user terminal or a login verification server, and distributes the public keys and the random information to the login verification server or the user terminal;
the user terminal encrypts the random information through the private key or the public key, and sends the encrypted random information to the login verification server for login verification;
and the login verification server decrypts the random information sent by the user terminal through the public key or the private key, if the decrypted random information is consistent with the random information distributed by the blockchain network, the login verification is successful, and otherwise, the login verification is failed.
In order to prevent random information from being tampered, in the user login verification method based on the blockchain, the user terminal calculates a hash value of the random information and encrypts the random information and the hash value thereof through the private key or the public key; and the login verification server decrypts the random information and the hash value thereof sent by the user terminal through the public key or the private key.
Meanwhile, in order to ensure that the login process information of the user is not tampered, in the blockchain-based user login verification method, a login request, a private key public key and random information sent by a user terminal are written into the blockchain as transaction data.
As shown in fig. 2, in another aspect of the present invention, there is also provided a blockchain-based user login authentication system, including:
the blockchain platform 100 is configured to generate a pair of private key public keys and at least one piece of random information through an intelligent contract after receiving a login request sent by a user terminal, and distribute the private key and the random information to the user terminal or a login verification server, and distribute the public key and the random information to the login verification server or the user terminal;
the user terminal 200 is configured to encrypt the random information by using the private key or the public key, and send the encrypted random information to a login verification server for login verification;
the login verification server 300 is configured to decrypt the random information sent by the user terminal through the public key or the private key, and if the decrypted random information is consistent with the random information distributed by the blockchain network, the login verification is successful, otherwise the login verification is failed.
In implementation, in the blockchain-based user login verification system, the user terminal 200 is further configured to calculate a hash value of the random information, and encrypt the random information and the hash value thereof by using the private key or the public key; the login verification server is used for decrypting the random information and the hash value thereof sent by the user terminal through the public key or the private key. The blockchain platform 100 is further configured to write the login request, the public key of the private key, and the random information sent by the user terminal as transaction data into the blockchain.
It should be understood that the system disclosed in the present invention may be implemented in other manners. For example, the modules may be divided into only one logic function, and there may be other manners of dividing the modules when actually implemented, for example, a plurality of units or components may be combined or may be integrated into another system, or some features may be omitted or not performed. In addition, the communication connection between modules may be an indirect coupling or communication connection via some interfaces, devices or units, and may be in electrical or other forms.
In addition, each functional module in the embodiments of the present invention may be integrated in one processing unit, or each module may exist alone physically, or two or more modules may be integrated in one processing unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied essentially or in part or all of the technical solution or in part in the form of a software product stored in a storage medium, including instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a removable hard disk, a magnetic disk, or an optical disk, or other various media capable of storing program codes.
Claims (6)
1. The user login verification method based on the blockchain is characterized by comprising the following steps of:
after receiving a login request sent by a user terminal, the blockchain network generates a pair of private key public keys and at least one piece of random information through an intelligent contract, distributes the private keys and the random information to the user terminal or a login verification server, and distributes the public keys and the random information to the login verification server or the user terminal;
the user terminal encrypts the random information through the private key or the public key, and sends the encrypted random information to the login verification server for login verification;
and the login verification server decrypts the random information sent by the user terminal through the public key or the private key, if the decrypted random information is consistent with the random information distributed by the blockchain network, the login verification is successful, and otherwise, the login verification is failed.
2. The blockchain-based user login verification method according to claim 1, wherein the user terminal calculates a hash value of the random information and encrypts the random information and the hash value thereof by the private key or the public key; and the login verification server decrypts the random information and the hash value thereof sent by the user terminal through the public key or the private key.
3. The blockchain-based user login verification method of claim 1, wherein a login request, a private key public key and random information sent by the user terminal are written into the blockchain as transaction data.
4. A blockchain-based user login verification system, comprising:
the block chain platform is used for generating a pair of private key public keys and at least one piece of random information through an intelligent contract after receiving a login request sent by a user terminal, distributing the private key and the random information to the user terminal or a login verification server, and distributing the public key and the random information to the login verification server or the user terminal;
the user terminal is used for encrypting the random information through the private key or the public key and sending the encrypted random information to the login verification server for login verification;
and the login verification server is used for decrypting the random information sent by the user terminal through the public key or the private key, if the decrypted random information is consistent with the random information distributed by the blockchain network, the login verification is successful, and otherwise, the login verification is failed.
5. The blockchain-based user login authentication system as in claim 4, wherein the user terminal is further configured to calculate a hash value of the random information and encrypt the random information and its hash value with the private key or the public key; the login verification server is used for decrypting the random information and the hash value thereof sent by the user terminal through the public key or the private key.
6. The blockchain-based user login verification system of claim 4, wherein the blockchain platform is further configured to write a login request, a private key public key, and random information sent by the user terminal as transaction data into the blockchain.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011265876.0A CN112507296B (en) | 2020-11-12 | 2020-11-12 | User login verification method and system based on blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011265876.0A CN112507296B (en) | 2020-11-12 | 2020-11-12 | User login verification method and system based on blockchain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112507296A CN112507296A (en) | 2021-03-16 |
| CN112507296B true CN112507296B (en) | 2024-04-05 |
Family
ID=74957402
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011265876.0A Active CN112507296B (en) | 2020-11-12 | 2020-11-12 | User login verification method and system based on blockchain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112507296B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113343264A (en) * | 2021-06-24 | 2021-09-03 | 北京八分量信息科技有限公司 | Block chain-based data tamper-proof system and method |
| CN113806711B (en) * | 2021-09-30 | 2022-11-15 | 北京航星永志科技有限公司 | Login verification method and device based on block chain system and electronic equipment |
| CN114401117B (en) * | 2021-12-27 | 2024-03-19 | 浙江数秦科技有限公司 | Block chain-based account login verification system |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006221566A (en) * | 2005-02-14 | 2006-08-24 | Dainippon Printing Co Ltd | Caring service support system using network |
| CN105656935A (en) * | 2016-03-09 | 2016-06-08 | 成都爆米花信息技术有限公司 | Could data safety modification method |
| CN105656934A (en) * | 2016-03-09 | 2016-06-08 | 成都爆米花信息技术有限公司 | Data modification method for cloud storage space |
| CN105701372A (en) * | 2015-12-18 | 2016-06-22 | 布比(北京)网络技术有限公司 | Block chain identity construction and verification method |
| KR101723405B1 (en) * | 2016-07-04 | 2017-04-06 | 주식회사 코인플러그 | Certificate authentication system and method based on block chain |
| CN108055253A (en) * | 2017-12-06 | 2018-05-18 | 珠海格力电器股份有限公司 | A kind of software login validation method, apparatus and system |
| CN109756485A (en) * | 2018-12-14 | 2019-05-14 | 平安科技(深圳)有限公司 | Electronic contract signs method, apparatus, computer equipment and storage medium |
| WO2019100865A1 (en) * | 2017-11-23 | 2019-05-31 | 阿里巴巴集团控股有限公司 | Resource transfer and capital transfer method and apparatus |
| WO2020061923A1 (en) * | 2018-09-27 | 2020-04-02 | 区链通网络有限公司 | Blockchain-based account management system and management method, and storage medium |
| CN111753014A (en) * | 2020-06-28 | 2020-10-09 | 中国银行股份有限公司 | Identity authentication method and device based on block chain |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104468115B (en) * | 2013-10-28 | 2017-10-10 | 安信通科技(澳门)有限公司 | information system access authentication method and device |
-
2020
- 2020-11-12 CN CN202011265876.0A patent/CN112507296B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006221566A (en) * | 2005-02-14 | 2006-08-24 | Dainippon Printing Co Ltd | Caring service support system using network |
| CN105701372A (en) * | 2015-12-18 | 2016-06-22 | 布比(北京)网络技术有限公司 | Block chain identity construction and verification method |
| CN105656935A (en) * | 2016-03-09 | 2016-06-08 | 成都爆米花信息技术有限公司 | Could data safety modification method |
| CN105656934A (en) * | 2016-03-09 | 2016-06-08 | 成都爆米花信息技术有限公司 | Data modification method for cloud storage space |
| KR101723405B1 (en) * | 2016-07-04 | 2017-04-06 | 주식회사 코인플러그 | Certificate authentication system and method based on block chain |
| WO2019100865A1 (en) * | 2017-11-23 | 2019-05-31 | 阿里巴巴集团控股有限公司 | Resource transfer and capital transfer method and apparatus |
| CN108055253A (en) * | 2017-12-06 | 2018-05-18 | 珠海格力电器股份有限公司 | A kind of software login validation method, apparatus and system |
| WO2020061923A1 (en) * | 2018-09-27 | 2020-04-02 | 区链通网络有限公司 | Blockchain-based account management system and management method, and storage medium |
| CN109756485A (en) * | 2018-12-14 | 2019-05-14 | 平安科技(深圳)有限公司 | Electronic contract signs method, apparatus, computer equipment and storage medium |
| CN111753014A (en) * | 2020-06-28 | 2020-10-09 | 中国银行股份有限公司 | Identity authentication method and device based on block chain |
Non-Patent Citations (6)
| Title |
|---|
| 于天娇 ; 曹春杰 ; 王隆娟 ; 许蕾 ; .基于联盟链的匿名电子投票方案.网络空间安全.2019,(第12期),第26-33页. * |
| 刘乐 ; 沈勇 ; .基于区块链技术的智能设备认证方案.计算机与数字工程.2020,(第07期),第181-185页. * |
| 基于区块链技术的智能设备认证方案;刘乐;沈勇;;计算机与数字工程(第07期);第181-185页 * |
| 基于联盟链的匿名电子投票方案;于天娇;曹春杰;王隆娟;许蕾;;网络空间安全(第12期);第26-33页 * |
| 王柏华 ; 孙长杰 ; 李照川 ; 王伟兵 ; .远程办公中基于区块链技术的身份认证方法.信息安全研究.2020,(第04期),第39-48页. * |
| 远程办公中基于区块链技术的身份认证方法;王柏华;孙长杰;李照川;王伟兵;;信息安全研究(第04期);第39-48页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112507296A (en) | 2021-03-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108418680B (en) | Block chain key recovery method and medium based on secure multi-party computing technology | |
| US11601409B2 (en) | Establishing a secure communication session with an external security processor | |
| CN112507296B (en) | User login verification method and system based on blockchain | |
| CN1985466B (en) | Method of delivering direct proof private keys in signed groups to devices using a distribution CD | |
| US8239679B2 (en) | Authentication method, client, server and system | |
| KR20210066867A (en) | An encrypted asset encryption key portion that allows assembly of an asset encryption key using a subset of the encrypted asset encryption key portion. | |
| US20070220271A1 (en) | Online creation and delivery of cryptographically verifiable one-time password tokens | |
| CN109729041B (en) | Method and device for issuing and acquiring encrypted content | |
| CN109379387B (en) | Safety certification and data communication system between Internet of things equipment | |
| CN103067160A (en) | Method and system of generation of dynamic encrypt key of encryption secure digital memory card (SD) | |
| CN101771699A (en) | Method and system for improving SaaS application security | |
| WO2019001061A1 (en) | Payment verification method and system, and mobile device and security authentication device | |
| JP2005080315A (en) | System and method for providing service | |
| US9215070B2 (en) | Method for the cryptographic protection of an application | |
| CN101019368A (en) | Method of delivering direct proof private keys to devices using a distribution CD | |
| KR20120113690A (en) | Apparatus and methods for storing electronic access clients | |
| CN101409621B (en) | Multipart identification authentication method and system base on equipment | |
| US9438595B2 (en) | Network resource access control methods and systems using transactional artifacts | |
| CN108809936B (en) | Intelligent mobile terminal identity verification method based on hybrid encryption algorithm and implementation system thereof | |
| CN101951315A (en) | Key processing method and device | |
| CN107911221B (en) | Key management method for secure storage of solid-state disk data | |
| CN116244750A (en) | Secret-related information maintenance method, device, equipment and storage medium | |
| CN114221927A (en) | Mail encryption service system and method based on national encryption algorithm | |
| CN111817856B (en) | Identity authentication method and system based on zero-knowledge proof and password technology | |
| CN103916834A (en) | Short message encryption method and system allowing user to have exclusive secret key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |