CN112700245A - Block chain-based digital mobile certificate application method and device - Google Patents

Block chain-based digital mobile certificate application method and device Download PDF

Info

Publication number
CN112700245A
CN112700245A CN202011619618.8A CN202011619618A CN112700245A CN 112700245 A CN112700245 A CN 112700245A CN 202011619618 A CN202011619618 A CN 202011619618A CN 112700245 A CN112700245 A CN 112700245A
Authority
CN
China
Prior art keywords
private key
public
certificate
server
signed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011619618.8A
Other languages
Chinese (zh)
Other versions
CN112700245B (en
Inventor
金石成
王同舟
符史健
张军锋
李学志
郭威
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Standard Credit Chain Hangzhou Technology Development Co ltd
Original Assignee
Standard Credit Chain Hangzhou Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Standard Credit Chain Hangzhou Technology Development Co ltd filed Critical Standard Credit Chain Hangzhou Technology Development Co ltd
Priority to CN202011619618.8A priority Critical patent/CN112700245B/en
Publication of CN112700245A publication Critical patent/CN112700245A/en
Application granted granted Critical
Publication of CN112700245B publication Critical patent/CN112700245B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application provides a block chain-based digital mobile certificate application method and device. The method comprises the following steps: the client signs the application information by using a local public and private key generated for a transaction subject and then sends the signed application information to the server through the notarization node server; the server side generates a first public and private key and a signed certificate request file for a transaction main body, and sends the signed certificate request file and the identification number of the first public and private key to the client side through the public node server; the digital mobile certificate authority verifies the signed certificate request file of the client to generate a second public and private key, encrypts the second private key by using the first public key in the signed certificate request file and sends the encrypted second private key to the client; the client side sends the identification number of the first public private key and the encrypted second private key to the server side through the public node server; and the server side decrypts the encrypted second private key by using the first private key corresponding to the identification number of the first public private key to obtain the second private key. By storing the private key of the CA certificate in the cloud encryption machine in the server, a plurality of people can share one CA certificate without repeated handling.

Description

Block chain-based digital mobile certificate application method and device
Technical Field
The present application relates to the field of network security and blockchain technologies, and in particular, to a method and an apparatus for applying a digital mobile certificate based on a blockchain, an electronic device, and a computer-readable medium.
Background
The transaction body needs to sign or encrypt the bidding document through a digital mobile Certificate (CA) in the process of participating in the transaction. Currently, the way in which a transaction principal applies CA is: the CA lock, such as a USBKey, is checked out of the counter by a certified CA institution. And when the transaction subject needs to bid, the CA lock is inserted into a computer to perform operations such as signature and encryption on the bid document.
Different workers in the transaction body need to use the CA lock to carry out the time-stamping, and need to register at a CA lock manager. After registering, the CA lock can be picked up and used, and then the return is carried out after the use.
Disclosure of Invention
The application aims to provide a block chain-based digital mobile certificate application method, and aims to solve the problems that an existing CA lock is a hardware medium, multiple persons cannot use the existing CA lock at the same time, usage records cannot be traced, and safety cannot be guaranteed.
According to a first aspect of the present application, a block chain-based digital mobile certificate application method is provided. The method comprises the following steps:
the client signs the application information by using a local public and private key generated for the transaction main body and then sends the signed application information to the server through the notarization node server;
the server side generates a first public and private key and a signed certificate request file for the transaction main body, and sends the signed certificate request file and the identification number of the first public and private key to the client side through a public node server;
the digital mobile certificate authority verifies the signed certificate request file sent by the client to generate a second public and private key, encrypts the second private key by using the first public key in the signed certificate request file and sends the encrypted second private key to the client;
the client side sends the identification number of the first public private key and the encrypted second private key to the server side through a public node server;
and the server side decrypts the encrypted second private key by using the first private key corresponding to the identification number of the first public private key to obtain the second private key.
According to some embodiments of the present application, the server generates a first public and private key and a signed certificate request file for the transaction principal, including:
the cloud encryption machine in the server side generates a certificate request file according to the signed application information;
the certificate request file is signed using a first public and private key to generate a signed certificate request file including a first public key.
According to some embodiments of the present application, the local public-private key comprises: and the client APP in the client generates the local public and private key through an embedded software development tool.
According to some embodiments of the present application, after the server decrypts the encrypted second private key to obtain the second private key, the method further includes:
and the server stores the second private key into a private key database.
According to some embodiments of the present application, after the client sends the identification number of the first public private key and the encrypted second private key to the server through the public node server, the method further includes:
and the justice node server stores the digital mobile certificate application information to the block chain through a chain service device.
According to some embodiments of the present application, the digital mobile certificate application method further comprises:
when the digital mobile certificate is authorized, the client uses the local private key to sign the authorization request information according to the authorization request information of a transaction main body and then sends the authorization request information to the server through the notarization node server;
the notarization node server stores the authorization request information to a block chain through a chain service device;
and the server side verifies the signed authorization request information by using the backed-up local public key and then passes authorization.
According to some embodiments of the present application, the digital mobile certificate application method further comprises:
when the digital mobile certificate is used, after the client signs the use request information of a transaction main body by using a local private key, the signed use request information and the identification number of a second public private key required to be used are sent to the server through a notarization node server;
the notarization node server stores the use request information to a block chain through a chain service device;
the server side verifies the signed use request information by using the backed-up local public key, and then obtains an encrypted second private key corresponding to the identification number of the second public private key requested to be used;
and the server decrypts the encrypted second private key and operates according to the use request information.
According to a second aspect of the present application, there is provided a block chain-based digital mobile certificate application method. The method comprises the following steps:
signing the application information by using a local public and private key generated for the transaction main body, and then sending the signed application information to a server through a notarization node server;
receiving a signed certificate request file and an identification number of the first public and private keys sent by the server, and sending the signed certificate request file to a digital mobile certificate authority;
and receiving the encrypted second private key sent by the digital mobile certificate authority and sending the encrypted second private key and the identification number of the first public private key to the server through the public node server.
According to some embodiments of the present application, the digital mobile certificate application method further comprises:
when the digital mobile certificate is authorized, the local private key is used for signing the authorization request information according to the authorization request information of a transaction main body, and then the authorization request information is sent to a server side through a notarization node server.
According to some embodiments of the present application, the digital mobile certificate application method further comprises:
when the digital mobile certificate is used, the local private key is used for signing the use request information of the transaction main body, and the signed use request information and the identification number of the second public and private key requested to be used are sent to the server side through the notarization node server.
According to a third aspect of the present application, there is provided a block chain-based digital mobile certificate application method. The method comprises the following steps:
receiving signed application information sent by a fair node server and generating a first public and private key for a transaction subject;
generating a certificate request file according to signed application information, and signing the certificate request file by using a first public and private key to generate a signed certificate request file comprising a first public key;
sending the signed certificate request file and the identification number of the first public and private keys to the client through a public node server;
receiving an identification number of the first public private key and an encrypted second private key sent by the public node server;
and decrypting the encrypted second private key by using the first private key corresponding to the identification number of the first public private key to obtain a second private key.
According to some embodiments of the present application, the digital mobile certificate application method further comprises:
and when the digital mobile certificate is authorized, the signed authorization request information sent by the justice node server is verified by using the backed-up local public key and then passes the authorization.
According to some embodiments of the present application, the digital mobile certificate application method further comprises:
when the digital mobile certificate is used, the backed-up local public key is used for verifying the signed use request information sent by the public node server, and then an encrypted second private key corresponding to the identification number of the second public private key requested to be used is obtained;
and after the encrypted second private key is decrypted, the operation is carried out according to the use request information.
According to a fourth aspect of the present application, there is provided a block chain-based digital mobile certificate application method. The method comprises the following steps:
sending the signed application information sent by the client to the server;
sending the signed certificate request file sent by the server and the identification number of the first public and private keys to the client;
sending the identification number of the first public private key and the encrypted second private key sent by the client to the server;
and uploading the application information to a chain service device for storage.
According to some embodiments of the present application, the digital mobile certificate application method further comprises:
when the digital mobile certificate is authorized, the signed authorization request information sent by the client is sent to the server;
and the authorization request information is subjected to chain storage through the chain service device.
According to some embodiments of the present application, the digital mobile certificate application method further comprises:
when the digital mobile certificate is used, the signed use request information sent by the client is sent to the server;
and storing the use request information on a chain service device through a chain.
The present application further provides a block chain-based digital mobile certificate application apparatus, including:
the application information submitting module is used for the client to sign the application information by using a local public and private key generated for the transaction main body and then send the signed application information to the server through the notarization node server;
the application information verification module is used for generating a first public and private key and a signed certificate request file for the transaction main body by the server side, and sending the signed certificate request file and the identification number of the first public and private key to the client side through a public and positive node server;
the certificate verification issuing module is used for generating a second public private key after the digital mobile certificate authority verifies the signed certificate request file sent by the client, encrypting the second private key by using the first public key in the signed certificate request file and sending the encrypted second private key to the client;
the certificate information uploading module is used for the client side to send the identification number of the first public private key and the encrypted second private key to the server side through the public node server;
and the certificate information storage module is used for decrypting the encrypted second private key by using the first private key corresponding to the identification number of the first public private key by the server side to obtain the second private key.
The present application also provides another block chain-based digital mobile certificate application apparatus, including:
the application information submitting module is used for signing the application information by using a local public and private key generated for the transaction main body and then sending the signed application information to the server side through the notarization node server;
the request file submitting module is used for receiving the signed certificate request file sent by the server and the identification number of the first public and private keys and sending the signed certificate request file to a digital mobile certificate authority;
and the certificate information uploading module is used for receiving the encrypted second private key sent by the digital mobile certificate authority and sending the encrypted second private key and the identification number of the first public private key to the server through the public node server.
The present application also provides another block chain-based digital mobile certificate application apparatus, including:
the first key generation module is used for receiving signed application information sent by the fair node server and generating a first public and private key for a transaction subject;
the request file generation module is used for generating a certificate request file according to the signed application information and signing the certificate request file by using a first public and private key to generate a signature certificate request file comprising a first public key;
the request file sending module is used for sending the signed certificate request file and the identification number of the first public and private key to the client through a public node server;
the certificate information receiving module is used for receiving the identification number of the first public private key and the encrypted second private key which are sent by the public node server;
and the certificate information decryption module is used for decrypting the encrypted second private key by using the first private key corresponding to the identification number of the first public private key to obtain the second private key.
The present application also provides another block chain-based digital mobile certificate application apparatus, including:
the application information transmission module is used for transmitting the signed application information transmitted by the client to the server;
the request file transmission module is used for transmitting the signed certificate request file sent by the server and the identification number of the first public and private keys to the client;
the certificate information transmission module is used for transmitting the identification number of the first public private key and the encrypted second private key which are transmitted by the client to the server;
and the application information uplink module is used for enabling the application information to pass through the chain service device to uplink the deposit certificate.
The present application further provides an electronic device, comprising: one or more processors; storage means for storing one or more programs; when executed by the one or more processors, cause the one or more processors to implement the digital mobile certificate application method described above.
The present application also provides a computer readable medium having stored thereon a computer program which, when executed by a processor, implements the above-described digital mobile certificate application method.
The application method of the digital mobile certificate utilizes the characteristics of block chain disclosure transparency and tamper prevention, and the private key of the CA certificate is stored in a cloud encryption machine in a server; on one hand, a plurality of persons share one CA certificate through an authorization mechanism without repeated handling, and on the other hand, the use safety of the CA certificate is guaranteed; the data transfer is carried out through the third-party justice node server, so that the safety can be further improved; in addition, the application, use and authorization information of the CA certificate is stored in the block chain, and the whole process traceability is realized.
Additional aspects and advantages of the present application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the present application.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is apparent that the drawings in the following description are only some embodiments of the present application.
FIG. 1A illustrates a first portion of a timing diagram for a digital mobile certificate application method according to an exemplary embodiment of the present application;
FIG. 1B illustrates a first portion of a timing diagram for a digital mobile certificate application method according to an example embodiment of the present application;
fig. 1C shows a digital mobile certificate application method application diagram according to an example embodiment of the present application;
fig. 2A shows a sequence diagram of a recovery process of a local private key of a transaction principal in the digital mobile certificate application method according to an example embodiment of the present application;
fig. 2B shows a timing chart of a recovery process of the local private key of the transaction principal in the digital mobile certificate application method according to the example embodiment of the present application;
FIG. 3 shows a flow chart of a digital mobile certificate application method according to a first example embodiment of the present application;
FIG. 4 shows a flow diagram of a digital mobile certificate application method according to a second example embodiment of the present application;
FIG. 5 shows a flow chart of a digital mobile certificate application method according to a third example embodiment of the present application;
FIG. 6 shows a flowchart of a digital mobile certificate application method according to a fourth example embodiment of the present application;
fig. 7 shows a block diagram of a digital mobile certificate application apparatus according to a first example embodiment of the present application;
fig. 8 is a block diagram illustrating a digital mobile certificate application apparatus according to a second exemplary embodiment of the present application;
fig. 9 is a block diagram illustrating a digital mobile certificate application apparatus according to a third exemplary embodiment of the present application;
fig. 10 is a block diagram illustrating a digital mobile certificate application apparatus according to a fourth exemplary embodiment of the present application;
FIG. 11 shows a block diagram of a digital mobile certificate application electronic device, according to an example embodiment of the present application.
Detailed Description
Example embodiments will now be described more fully hereinafter with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. These embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The same reference numerals denote the same or similar parts in the drawings, and thus, a repetitive description thereof will be omitted.
Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the application. One skilled in the relevant art will recognize, however, that the subject matter of the present application can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and so forth. In other instances, well-known methods, devices, implementations, or operations have not been shown or described in detail to avoid obscuring aspects of the application.
It will be understood that, although the terms first, second, etc. may be used herein to describe various components, these components should not be limited by these terms. These terms are used to distinguish one element from another. Thus, a first component discussed below may be termed a second component without departing from the teachings of the present concepts. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
Those skilled in the art will appreciate that the drawings are merely schematic representations of exemplary embodiments, which may not be to scale. The blocks or flows in the drawings are not necessarily required to practice the present application and therefore should not be used to limit the scope of the present application.
The inventors have found that the use of offline CA locks presents the following problems for the transaction agent:
first, existing CA locks are hardware media and can only be used by one at a time. When the transaction body needs to use the CA lock by a plurality of persons at the same time, a plurality of CA locks need to be handled. For the subject with large traffic, transaction costs are increased.
Second, the CA mechanisms for different regional certifications differ. Therefore, when the transaction subject performs the bidding in different areas, the CA locks of different CA organizations need to be handled, and the transaction cost is further increased.
Moreover, the hardware medium type CA lock does not use a recording trace in the using process, and the safety is not ensured.
Therefore, the application aims to provide a block chain-based digital mobile certificate application method, and a CA certificate private key is stored in a cloud encryption machine in a server; on one hand, a plurality of persons share one CA certificate through an authorization mechanism without repeated handling, and on the other hand, the use safety of the CA certificate is guaranteed; in addition, the application, use and authorization information of the CA certificate is stored in the block chain, and the whole process traceability is realized.
The technical solution of the present application will be described in detail below with reference to the accompanying drawings.
Fig. 1A illustrates a first portion of a timing diagram of a digital mobile certificate application method according to an example embodiment of the present application.
Fig. 1B illustrates a first portion of a timing diagram for a digital mobile certificate application method according to an example embodiment of the present application.
Fig. 1C shows an application diagram of a digital mobile certificate application method according to an example embodiment of the present application.
As shown in fig. 1A, 1B, and 1C, the general flow of the digital mobile certificate application method provided by the present application includes:
the client 110 generates a pair of local public and private keys for each transaction principal. For example, after the transaction subjects are successfully registered through the client APP in the client 110, a software development tool (SDK) embedded in the client 110 generates a pair of local public and private keys for each transaction subject, which are used as identity certificates representing each transaction subject, and the generated identity certificates are backed up to the server 130.
When a transaction principal applies for a CA certificate, a client 110 signs application information of the transaction principal using a local public and private key and then sends the signed application information to a server 130 through a notarization node server 120. For example, when the transaction principal applies for a CA certificate through a client APP in the client 110, the application information is signed by a local public and private key, and then sent to the notarization node server 120 through the client service device of the client 110, and then sent to the server 130 by the notarization node server 120.
The server 130 generates a certificate request file according to the signed application information, and signs the certificate request file by using a first public and private key generated for a transaction principal to generate a signed certificate request file including a first public key. For example, the cloud encryption engine in the server 130 generates a pair of first public and private keys as signature public and private keys of the transaction subject for each transaction subject initialization. After the server 130 generates the certificate request file, the server uses the first public key to generate a signature certificate request file containing the first public key, and obtains the identification number of the first public and private keys.
Next, the server 130 sends the signed certificate request file and the identification number of the first public and private keys to the client 110 through the public node server 120.
After receiving the signature certificate request file and the identification number of the first public and private keys, the client 110 sends the signature certificate request file to the digital mobile certificate authority 100, and applies for issuing a certificate to the CA authority.
The digital mobile certificate authority 100 verifies the signature certificate request file and then generates a second public and private key, encrypts the second private key by using the first public key in the signature certificate request file, and sends the encrypted second private key to the client. The second public and private keys are encrypted certificates issued by the CA organization to the transaction main body.
The client 110 sends the certificate information issued by the CA, such as the encrypted second private key and the identification number of the first public private key, to the server 130 through the fair node server 120. The fair node server 130 further stores the digital mobile certificate application information of the transaction subject to the blockchain 140 through the chain service device for uplink certificate storage.
The server 130 obtains the corresponding first private key from the private key database of the server 130 according to the identification number of the first public private key to decrypt the encrypted second private key to obtain the second private key, and stores the second private key, for example, in the private key database of the server 130. The server 130 may also share the second public key. Thus, the application of the CA certificate is completed. According to some embodiments of the present application, in order to further ensure the security of the second private key, the second private key obtained after decryption may be encrypted by using a local public key of the cloud encryption machine and then stored in the private key database.
In order to ensure the security of the CA certificate in the use process, the digital mobile certificate application method provided by the present application further includes performing authorization management on the CA certificate, as follows:
when the transaction principal applies for authorization of the digital mobile certificate, the client 110 signs the authorization request information with a local private key according to the authorization request information of the transaction principal, and then sends the signed authorization request information to the server 130 through the notarization node server 120. For example, the transaction body may apply for authorization through a client APP in the client 110. The notary node server 120 may also store the authorization request message to the blockchain 140 via a chain serving device for uplink credentialing.
The server 130 verifies the signed authorization request information by using the backed-up local public key and then passes authorization. For example, the server 130 sends the authorization request information to a cloud encryption machine in the server 130. And the cloud encryption machine verifies the signature information. And after passing the verification, authorizing according to the authorization request information, and returning authorization success. Thus, the authorization of the CA certificate is completed.
When the transaction principal uses the digital mobile certificate, for example, to encrypt or decrypt, after the client 110 signs the usage request information of the transaction principal using the local private key, the signed usage request information and the identification number of the second public private key requested to be used are sent to the server 130 through the notarization node server 120. For example, the transaction body may use a CA certificate through a client APP in the client 110, for example. The notary node server 120 may also store the usage request message to the blockchain 140 via a chain service device for uplink credentialing.
The server 130 verifies the signed use request information by using the backed-up local public key, and then obtains an encrypted second private key corresponding to the identification number of the second public private key requested to be used. For example, the corresponding encrypted second private key is obtained from the private key database according to the identification number of the second public private key requested to be used. According to some embodiments of the application, the encrypted second private key stored in the private key database is encrypted by a local public key of the cloud encryption engine. Thus, decryption may be performed using the local private key of the cloud encryptor.
The server 130 decrypts the encrypted second private key and then operates according to the use request information. For example, the cloud encryption machine in the server 130 decrypts the second private key and then performs an encryption or decryption operation according to the use request information. After the operation is successful, the server 130 may also operate to return success.
Fig. 2A shows a first time sequence diagram of a recovery process of a local private key in a digital mobile certificate application method according to an example embodiment of the present application.
Fig. 2B shows a timing chart of a recovery process of the local private key in the digital mobile certificate application method according to the example embodiment of the present application.
In the application method of the digital mobile certificate, the client generates a local public and private key for a transaction subject to serve as an identity certificate of the transaction subject. The local public and private keys are frequently used in the transaction process. When the transaction body changes the client hardware, for example, after a mobile phone is changed, the local private key needs to be recovered on the new client hardware, that is, the local private key is retrieved. In order to facilitate the recovery of the local private key by the transaction subject when the client hardware is replaced, the application also provides a local private key recovery method for the transaction subject identity certificate. The overall process of local private key recovery will be described below with reference to fig. 2A and 2B.
As shown in fig. 2A and 2B, when a transaction principal applies for a digital mobile certificate through the client 110, a pair of local public and private keys is generated for each transaction principal. For example, after the transaction subjects are successfully registered through the client APP in the client 110, a software development tool (SDK) embedded in the client 110 generates a pair of local public and private keys for each transaction subject, which are used as identity certificates representing each transaction subject, and the generated identity certificates are backed up to the server 130. The cloud encryption machine in the server 130 generates a first public and private key for the transaction subject, and shares the first public key. The encryption gateway in the server 130 generates a second public and private key for the transaction principal and shares the second public key.
The client 110 signs the account number list provided by the transaction subject for recovering the local private key with the local private key to generate a recovery data packet containing the identification number of the identity certificate. The account number list may be a list of backup mobile phone numbers provided by the transaction subject.
The client 110 uses the local private key to sign the recovery packet and the encrypted local private key together and sends the signature to the server 130 through the fair node server 120 for storage. For example, the client 110 may encrypt the local private key using a first public key generated by a cloud encryptor, generating an encrypted local private key.
When the local private key is recovered, the client 110 sends the request account number provided by the transaction subject and the identification number of the identity certificate requested to be recovered to the server 130 through the notarization node server 120. The client 110 may also generate a temporary third public and private key for the transaction principal according to the recovery request, and share the third public and private key.
The server 130 obtains a corresponding recovery data packet through the identification number of the identity certificate, verifies the request account, generates a verification code corresponding to the request account and a first hash value of the verification code, and sends the verification code to the request account in a form of a short message. The server 130 first finds a corresponding recovery data packet according to the identification number of the identity certificate requested to be recovered. And when the request account number provided by the transaction main body exists in the account number list of the recovery data packet, the verification is passed. After the verification, the encryption machine generates a verification code corresponding to the request account and a first hash value thereof, and then integrally encrypts the request account and the verification code by using a second public key and sends the encrypted verification code to an encryption gateway in the server 130. The encryption gateway decrypts the integrally encrypted request account and verification code by using a second private key to obtain the request account and the verification code, and sends the verification code to the request account in a form of short message.
The client 110 obtains the verification code through the request account, generates a second hash value of the verification code, and sends the second hash value to the server 130 through the notarization node server 120.
The server 130 compares the second hash value with the first hash value, and sends the encrypted local private key to the client 130 through the fair node server 120 after the comparison is consistent. For example, after receiving the second hash value, the server 130 sends the second hash value to the cloud encryption machine. And the cloud encryption machine compares and verifies the second hash value with the first hash value. After the comparison is consistent, the cloud encryption machine in the server 130 decrypts the encrypted local private key by using the first private key to obtain the local private key, and then encrypts the local private key by using the third public key and sends the encrypted local private key to the client 130 through the fair node server 120.
The client 110 decrypts the encrypted local private key using the third private key to obtain the local private key. At this point, the recovery of the local private key is completed.
Fig. 3 shows a flow chart of a digital mobile certificate application method according to a first example embodiment of the present application.
As shown in fig. 3, the block chain-based digital mobile certificate application method provided by the present application includes the following steps:
in step S110, the client signs the application information with a local public and private key generated for the transaction principal, and then sends the signed application information to the server through the notarization node server. For example, the local public and private keys include: and the client APP in the client generates the local public and private key through an embedded software development tool.
In step S120, the server generates a first public and private key and a signed certificate request file for the transaction principal, and sends the signed certificate request file and the identification number of the first public and private key to the client through the public node server. For example, the cloud encryption engine in the server generates a certificate request file according to the signed application information, and then signs the certificate request file by using a first public and private key to generate a signed certificate request file including the first public key.
In step S130, the digital mobile certificate authority verifies the signed certificate request file sent by the client, generates a second public and private key, encrypts the second private key using the first public key in the signed certificate request file, and sends the encrypted second private key to the client.
In step S140, the client sends the identification number of the first public and private key and the encrypted second private key to the server through the public node server. According to some embodiments of the present application, the notarization node server may further store the digital mobile certificate application information to the blockchain through a chain service device.
In step S150, the server decrypts the encrypted second private key by using the first private key corresponding to the identification number of the first public private key to obtain a second private key. According to some embodiments of the application, after the server decrypts the encrypted second private key to obtain the second private key, the server may further store the second private key in a private key database.
According to some embodiments of the present application, the method for applying a digital mobile certificate may further include: the client signs the authorization request information by using the local private key according to the authorization request information of the transaction subject and then sends the authorization request information to the server through the notarization node server; the notarization node server stores the authorization request information to a block chain through a chain service device; and the server side verifies the signed authorization request information by using the backed-up local public key and then passes authorization.
According to other embodiments of the present application, when the digital mobile certificate is used, the digital mobile certificate application method further includes: and after the client signs the use request information of the transaction main body by using the local private key, the signed use request information and the identification number of the second public private key required to be used are sent to the server through the notarization node server. And the notarization node server stores the use request information to a block chain through a chain service device. And after verifying the signed use request information by using the backed-up local public key, the server side acquires an encrypted second private key corresponding to the identification number of the second public private key requested to be used. And the server decrypts the encrypted second private key, operates according to the use request information, and returns prompt information after the operation is successful.
Fig. 4 shows a flow chart of a digital mobile certificate application method according to a second example embodiment of the present application.
As shown in fig. 4, the present application also provides another block chain-based digital mobile certificate application method, including the following steps:
in step S210, the application information is signed by using a local public and private key generated for the transaction principal, and then sent to the server through the notarization node server.
In step S220, the signed certificate request file sent by the server and the identification number of the first public and private keys are received, and the signed certificate request file is sent to a digital mobile certificate authority.
In step S230, the encrypted second private key sent by the digital mobile certificate authority is received and sent to the server through the public node server together with the identification number of the first public private key.
According to some embodiments of the present application, the method for applying a digital mobile certificate may further include: and according to the authorization request information of the transaction subject, the local private key is used for signing the authorization request information and then the authorization request information is sent to the server side through the notarization node server.
According to another embodiment of the present application, when the digital mobile certificate is used, the method for applying the digital mobile certificate may further include: and after the local private key is used for signing the use request information of the transaction main body, the signed use request information and the identification number of the second public private key required to be used are sent to the server side through the notarization node server.
Fig. 5 shows a flowchart of a digital mobile certificate application method according to a third example embodiment of the present application.
As shown in fig. 5, the present application also provides another block chain-based digital mobile certificate application method, including the following steps:
in step S310, the signed application information sent by the fair node server is received and a first public and private key is generated for the transaction subject.
In step S320, a certificate request file is generated according to the signed application information and is signed by using the first public and private key to generate a signed certificate request file including the first public key.
In step S330, the signed certificate request file and the identification number of the first public and private keys are sent to the client through a public node server.
In step S340, the identification number of the first public and private key and the encrypted second private key sent by the public node server are received.
In step S350, the encrypted second private key is decrypted by using the first private key corresponding to the identification number of the first public private key to obtain a second private key.
According to some embodiments of the present application, the method for applying a digital mobile certificate may further include: and verifying the signed authorization request information sent by the justice node server by using the backed-up local public key and then authorizing the authorized request information.
According to another embodiment of the present application, when the digital mobile certificate is used, the method for applying the digital mobile certificate may further include: and after verifying the signed use request information sent by the public node server by using the backed-up local public key, acquiring an encrypted second private key corresponding to the identification number of the second public private key requested to be used. And after the encrypted second private key is decrypted, the operation is carried out according to the use request information.
Fig. 6 shows a flowchart of a digital mobile certificate application method according to a fourth example embodiment of the present application.
In step S410, the signed application information sent by the client is sent to the server.
In step S420, the signed certificate request file sent by the server and the identification number of the first public and private keys are sent to the client.
In step S430, the identification number of the first public and private keys and the encrypted second private key sent by the client are sent to the server.
In step S440, the application information is chain-certified through the chain service device.
According to some embodiments of the present application, when the digital mobile certificate is authorized, the signed authorization request information sent by the client may also be sent to the server. When the digital mobile certificate is used, the signed use request information sent by the client can be sent to the server; and storing the use request information on the chain service device.
Fig. 7 is a block diagram illustrating a digital mobile certificate application apparatus according to a first exemplary embodiment of the present application.
According to the first exemplary embodiment of the present application, as shown in fig. 7, a block chain-based digital mobile certificate application apparatus 100 is provided, which includes an application information submitting module 110, an application information verifying module 120, a certificate auditing and issuing module 130, a certificate information uploading module 140, and a certificate information storing module 150.
The application information submitting module 110 is configured to enable the client to sign the application information with a local public and private key generated for the transaction principal and then send the signed application information to the server through the notarization node server.
The application information verification module 120 may be configured to generate, by the server, a first public and private key and a signed certificate request file for the transaction principal, and send the signed certificate request file and an identification number of the first public and private key to the client through a public node server.
The certificate audit issuing module 130 may be configured to generate a second public and private key after the digital mobile certificate authority audits the signed certificate request file sent by the client, encrypt the second private key by using the first public key in the signed certificate request file, and send the encrypted second private key to the client.
The certificate information uploading module 140 may be configured to send, by the client, the identification number of the first public and private key and the encrypted second private key to the server through the public node server.
The certificate information storage module 150 may be configured to decrypt the encrypted second private key by using the first private key corresponding to the identification number of the first public private key by the server to obtain the second private key.
Fig. 8 is a block diagram illustrating a digital mobile certificate application apparatus according to a second exemplary embodiment of the present application.
According to the second exemplary embodiment of the present application, as shown in fig. 8, a block chain-based digital mobile certificate application apparatus 200 is provided, which includes an application information submitting module 210, a request file submitting module 220, and a certificate information uploading module 230.
An application information submitting module 210, configured to sign application information using a local public and private key generated for the transaction principal, and send the signed application information to a server through a notarization node server;
the request file submitting module 220 is configured to receive a signed certificate request file and an identification number of the first public and private keys sent by the server, and send the signed certificate request file to a digital mobile certificate authority;
the certificate information uploading module 230 may be configured to receive the encrypted second private key sent by the digital mobile certificate authority and send the encrypted second private key and the identification number of the first public private key to the server through the public node server.
Fig. 9 is a block diagram illustrating a digital mobile certificate application apparatus according to a third exemplary embodiment of the present application.
According to the third exemplary embodiment of the present application, as shown in fig. 9, there is provided a blockchain-based digital mobile certificate application apparatus 300, which includes a first key generation module 310, a request file generation module 320, a request file transmission module 330, a certificate information reception module 340, and a certificate information decryption module 350.
The first key generation module 310 may be configured to receive the signed application information sent by the fair node server and generate a first public and private key for the transaction principal.
The request file generating module 320 may be configured to generate a certificate request file according to the signed application information, and generate a signed certificate request file including the first public key by signing the certificate request file using the first public and private key.
The request file sending module 330 may be configured to send the signed certificate request file and the identification number of the first public and private keys to the client through a public node server.
The certificate information receiving module 340 may be configured to receive the identification number of the first public and private key and the encrypted second private key sent by the public node server.
The certificate information decryption module 350 may be configured to decrypt the encrypted second private key using the first private key corresponding to the identification number of the first public private key to obtain a second private key.
Fig. 10 is a block diagram illustrating a digital mobile certificate application apparatus according to a fourth exemplary embodiment of the present application.
According to a fourth exemplary embodiment of the present application, as shown in fig. 10, there is provided a block chain-based digital mobile certificate application apparatus 400, which includes an application information transmission module 410, a request document transmission module 420, a certificate information transmission module 430, and an application information uplink module 440.
The application information transmission module 410 may be configured to send the signed application information sent by the client to the server.
The request file transmission module 420 may be configured to send the signed certificate request file sent by the server and the identification number of the first public and private keys to the client.
The certificate information transmission module 430 may be configured to send the identification number of the first public and private key sent by the client and the encrypted second private key to the server.
An application information uplink module 440 configured to transmit the application information to the chain serving device for storing the certificate.
FIG. 11 shows a block diagram of a digital mobile certificate application electronic device, according to an example embodiment of the present application.
The application also provides a block chain-based digital mobile certificate application electronic device 700. The electronic device 700 shown in fig. 11 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 11, electronic device 700 is embodied in the form of a general purpose computing device. The components of the electronic device 700 may include, but are not limited to: at least one processing unit 710, at least one memory unit 720, a bus 730 that couples various system components including the memory unit 720 and the processing unit 710, and the like.
The storage unit 720 stores program codes, which can be executed by the processing unit 710, so that the processing unit 710 executes the digital mobile certificate application method according to the embodiments of the present application described in the present specification.
The storage unit 720 may include readable media in the form of volatile memory units, such as a random access memory unit (RAM)7201 and/or a cache memory unit 7202, and may further include a read only memory unit (ROM) 7203.
The storage unit 720 may also include a program/utility 7204 having a set (at least one) of program modules 7205, such program modules 7205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
Bus 730 may be any representation of one or more of several types of bus structures, including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.
The electronic device 700 may also communicate with one or more external devices 7001 (e.g., touch screen, keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 700, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 700 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 750. Also, the electronic device 700 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network such as the internet) via the network adapter 760. The network adapter 760 may communicate with other modules of the electronic device 700 via the bus 730. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 700, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The present application also provides a computer readable medium having stored thereon a computer program which, when executed by a processor, implements the above-described digital mobile certificate application method.
It should be understood that the above examples are only for clearly illustrating the present application and are not intended to limit the embodiments. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. And obvious variations or modifications of this invention may be made without departing from the spirit or scope of the invention.

Claims (22)

1. A block chain-based digital mobile certificate application method is characterized by comprising the following steps:
the client signs the application information by using a local public and private key generated for the transaction main body and then sends the signed application information to the server through the notarization node server;
the server side generates a first public and private key and a signed certificate request file for the transaction main body, and sends the signed certificate request file and the identification number of the first public and private key to the client side through a public node server;
the digital mobile certificate authority verifies the signed certificate request file sent by the client to generate a second public and private key, encrypts the second private key by using the first public key in the signed certificate request file and sends the encrypted second private key to the client;
the client side sends the identification number of the first public private key and the encrypted second private key to the server side through a public node server;
and the server side decrypts the encrypted second private key by using the first private key corresponding to the identification number of the first public private key to obtain the second private key.
2. The method for applying digital mobile certificates according to claim 1, wherein the server generates a first public and private key and a signed certificate request file for the transaction principal, comprising:
the cloud encryption machine in the server side generates a certificate request file according to the signed application information;
the certificate request file is signed using a first public and private key to generate a signed certificate request file including a first public key.
3. The method of claim 1, wherein the local public-private key comprises:
and the client APP in the client generates the local public and private key through an embedded software development tool.
4. The method for applying the digital mobile certificate according to claim 1, wherein after the server decrypts the encrypted second private key to obtain the second private key, the method further comprises:
and the server stores the second private key into a private key database.
5. The method for applying the digital mobile certificate according to claim 1, wherein after the client sends the identification number of the first public and private key and the encrypted second private key to the server through the public node server, the method further comprises:
and the justice node server stores the digital mobile certificate application information to the block chain through a chain service device.
6. The digital mobile certificate application method of claim 1, further comprising:
when the digital mobile certificate is authorized, the client uses the local private key to sign the authorization request information according to the authorization request information of a transaction main body and then sends the authorization request information to the server through the notarization node server;
the notarization node server stores the authorization request information to a block chain through a chain service device;
and the server side verifies the signed authorization request information by using the backed-up local public key and then passes authorization.
7. The digital mobile certificate application method of claim 1, further comprising:
when the digital mobile certificate is used, after the client signs the use request information of a transaction main body by using a local private key, the signed use request information and the identification number of a second public private key required to be used are sent to the server through a notarization node server;
the notarization node server stores the use request information to a block chain through a chain service device;
the server side verifies the signed use request information by using the backed-up local public key, and then obtains an encrypted second private key corresponding to the identification number of the second public private key requested to be used;
and the server decrypts the encrypted second private key and operates according to the use request information.
8. A block chain-based digital mobile certificate application method is characterized by comprising the following steps:
signing the application information by using a local public and private key generated for the transaction main body, and then sending the signed application information to a server through a notarization node server;
receiving a signed certificate request file and an identification number of the first public and private keys sent by the server, and sending the signed certificate request file to a digital mobile certificate authority;
and receiving the encrypted second private key sent by the digital mobile certificate authority and sending the encrypted second private key and the identification number of the first public private key to the server through the public node server.
9. The digital mobile certificate application method of claim 8, further comprising:
when the digital mobile certificate is authorized, the local private key is used for signing the authorization request information according to the authorization request information of a transaction main body, and then the authorization request information is sent to a server side through a notarization node server.
10. The digital mobile certificate application method of claim 8, further comprising:
when the digital mobile certificate is used, the local private key is used for signing the use request information of the transaction main body, and the signed use request information and the identification number of the second public and private key requested to be used are sent to the server side through the notarization node server.
11. A block chain-based digital mobile certificate application method is characterized by comprising the following steps:
receiving signed application information sent by a fair node server and generating a first public and private key for a transaction subject;
generating a certificate request file according to signed application information, and signing the certificate request file by using a first public and private key to generate a signed certificate request file comprising a first public key;
sending the signed certificate request file and the identification number of the first public and private keys to the client through a public node server;
receiving an identification number of the first public private key and an encrypted second private key sent by the public node server;
and decrypting the encrypted second private key by using the first private key corresponding to the identification number of the first public private key to obtain a second private key.
12. The digital mobile certificate application method of claim 11, further comprising:
and when the digital mobile certificate is authorized, the signed authorization request information sent by the justice node server is verified by using the backed-up local public key and then passes the authorization.
13. The digital mobile certificate application method of claim 11, further comprising:
when the digital mobile certificate is used, the backed-up local public key is used for verifying the signed use request information sent by the public node server, and then an encrypted second private key corresponding to the identification number of the second public private key requested to be used is obtained;
and after the encrypted second private key is decrypted, the operation is carried out according to the use request information.
14. A block chain-based digital mobile certificate application method is characterized by comprising the following steps:
sending the signed application information sent by the client to the server;
sending the signed certificate request file sent by the server and the identification number of the first public and private keys to the client;
sending the identification number of the first public private key and the encrypted second private key sent by the client to the server;
and uploading the application information to a chain service device for storage.
15. The digital mobile certificate application method of claim 14, further comprising:
when the digital mobile certificate is authorized, the signed authorization request information sent by the client is sent to the server;
and the authorization request information is subjected to chain storage through the chain service device.
16. The digital mobile certificate application method of claim 14, further comprising:
when the digital mobile certificate is used, the signed use request information sent by the client is sent to the server;
and storing the use request information on a chain service device through a chain.
17. A block chain-based digital mobile certificate application apparatus, comprising:
the application information submitting module is used for the client to sign the application information by using a local public and private key generated for the transaction main body and then send the signed application information to the server through the notarization node server;
the application information verification module is used for generating a first public and private key and a signed certificate request file for the transaction main body by the server side, and sending the signed certificate request file and the identification number of the first public and private key to the client side through a public and positive node server;
the certificate verification issuing module is used for generating a second public private key after the digital mobile certificate authority verifies the signed certificate request file sent by the client, encrypting the second private key by using the first public key in the signed certificate request file and sending the encrypted second private key to the client;
the certificate information uploading module is used for the client side to send the identification number of the first public private key and the encrypted second private key to the server side through the public node server;
and the certificate information storage module is used for decrypting the encrypted second private key by using the first private key corresponding to the identification number of the first public private key by the server side to obtain the second private key.
18. A block chain-based digital mobile certificate application apparatus, comprising:
the application information submitting module is used for signing the application information by using a local public and private key generated for the transaction main body and then sending the signed application information to the server side through the notarization node server;
the request file submitting module is used for receiving the signed certificate request file sent by the server and the identification number of the first public and private keys and sending the signed certificate request file to a digital mobile certificate authority;
and the certificate information uploading module is used for receiving the encrypted second private key sent by the digital mobile certificate authority and sending the encrypted second private key and the identification number of the first public private key to the server through the public node server.
19. A block chain-based digital mobile certificate application apparatus, comprising:
the first key generation module is used for receiving signed application information sent by the fair node server and generating a first public and private key for a transaction subject;
the request file generation module is used for generating a certificate request file according to the signed application information and signing the certificate request file by using a first public and private key to generate a signature certificate request file comprising a first public key;
the request file sending module is used for sending the signed certificate request file and the identification number of the first public and private key to the client through a public node server;
the certificate information receiving module is used for receiving the identification number of the first public private key and the encrypted second private key which are sent by the public node server;
and the certificate information decryption module is used for decrypting the encrypted second private key by using the first private key corresponding to the identification number of the first public private key to obtain the second private key.
20. A block chain-based digital mobile certificate application apparatus, comprising:
the application information transmission module is used for transmitting the signed application information transmitted by the client to the server;
the request file transmission module is used for transmitting the signed certificate request file sent by the server and the identification number of the first public and private keys to the client;
the certificate information transmission module is used for transmitting the identification number of the first public private key and the encrypted second private key which are transmitted by the client to the server;
and the application information uplink module is used for enabling the application information to pass through the chain service device to uplink the deposit certificate.
21. An electronic device, comprising:
one or more processors;
storage means for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the digital mobile certificate application method of any of claims 1-16.
22. A computer-readable medium, on which a computer program is stored, which, when being executed by a processor, carries out the digital mobile certificate application method of any one of claims 1 to 16.
CN202011619618.8A 2020-12-30 2020-12-30 Digital mobile certificate application method and device based on block chain Active CN112700245B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011619618.8A CN112700245B (en) 2020-12-30 2020-12-30 Digital mobile certificate application method and device based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011619618.8A CN112700245B (en) 2020-12-30 2020-12-30 Digital mobile certificate application method and device based on block chain

Publications (2)

Publication Number Publication Date
CN112700245A true CN112700245A (en) 2021-04-23
CN112700245B CN112700245B (en) 2024-06-21

Family

ID=75512873

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011619618.8A Active CN112700245B (en) 2020-12-30 2020-12-30 Digital mobile certificate application method and device based on block chain

Country Status (1)

Country Link
CN (1) CN112700245B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113204752A (en) * 2021-06-01 2021-08-03 京东科技控股股份有限公司 Identity verification method based on block chain, client and server
CN113472783A (en) * 2021-06-30 2021-10-01 杭州云象网络技术有限公司 Block chain cipher certificate service method, system, storage medium and device
CN113541935A (en) * 2021-06-08 2021-10-22 西安电子科技大学 Encryption cloud storage method, system, equipment and terminal supporting key escrow
CN114389819A (en) * 2021-12-31 2022-04-22 航天信息股份有限公司 Signature verification method and device
CN114760111A (en) * 2022-03-24 2022-07-15 标信智链(杭州)科技发展有限公司 File security method and file security device based on block chain
CN115941217A (en) * 2021-08-17 2023-04-07 中金金融认证中心有限公司 Method for secure communication and related product
CN117272406A (en) * 2023-11-23 2023-12-22 国泰新点软件股份有限公司 Method, device, system and storage medium for verifying encrypted bidding document

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101490687A (en) * 2006-07-07 2009-07-22 桑迪士克股份有限公司 Control system and method using identity objects
CN104883677A (en) * 2014-02-28 2015-09-02 阿里巴巴集团控股有限公司 Equipment communication connection method, apparatus and system
CN106301792A (en) * 2016-08-31 2017-01-04 江苏通付盾科技有限公司 Ca authentication management method based on block chain, Apparatus and system
CN106548345A (en) * 2016-12-07 2017-03-29 北京信任度科技有限公司 The method and system of block chain private key protection are realized based on Secret splitting
CN106779707A (en) * 2016-12-23 2017-05-31 中钞信用卡产业发展有限公司北京智能卡技术研究院 Monitoring and managing method, the apparatus and system of the digital cash Transaction Information based on block chain
CN106845960A (en) * 2017-01-24 2017-06-13 上海亿账通区块链科技有限公司 Method for secure transactions and system based on block chain
CN109495490A (en) * 2018-12-04 2019-03-19 中国电子科技集团公司第三十研究所 A kind of unified identity authentication method based on block chain
CN109992953A (en) * 2019-02-18 2019-07-09 深圳壹账通智能科技有限公司 Digital certificate on block chain signs and issues, verification method, equipment, system and medium
CN110336774A (en) * 2019-04-17 2019-10-15 中国联合网络通信集团有限公司 Hybrid Encryption decryption method, equipment and system
US20200028693A1 (en) * 2018-07-17 2020-01-23 Huawei Technologies Co., Ltd. Verifiable Encryption Based on Trusted Execution Environment
WO2020124843A1 (en) * 2018-12-21 2020-06-25 暨南大学 Traceable anonymous electronic voting method employing blockchain

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101490687A (en) * 2006-07-07 2009-07-22 桑迪士克股份有限公司 Control system and method using identity objects
CN104883677A (en) * 2014-02-28 2015-09-02 阿里巴巴集团控股有限公司 Equipment communication connection method, apparatus and system
CN106301792A (en) * 2016-08-31 2017-01-04 江苏通付盾科技有限公司 Ca authentication management method based on block chain, Apparatus and system
CN106548345A (en) * 2016-12-07 2017-03-29 北京信任度科技有限公司 The method and system of block chain private key protection are realized based on Secret splitting
CN106779707A (en) * 2016-12-23 2017-05-31 中钞信用卡产业发展有限公司北京智能卡技术研究院 Monitoring and managing method, the apparatus and system of the digital cash Transaction Information based on block chain
CN106845960A (en) * 2017-01-24 2017-06-13 上海亿账通区块链科技有限公司 Method for secure transactions and system based on block chain
US20200028693A1 (en) * 2018-07-17 2020-01-23 Huawei Technologies Co., Ltd. Verifiable Encryption Based on Trusted Execution Environment
CN109495490A (en) * 2018-12-04 2019-03-19 中国电子科技集团公司第三十研究所 A kind of unified identity authentication method based on block chain
WO2020124843A1 (en) * 2018-12-21 2020-06-25 暨南大学 Traceable anonymous electronic voting method employing blockchain
CN109992953A (en) * 2019-02-18 2019-07-09 深圳壹账通智能科技有限公司 Digital certificate on block chain signs and issues, verification method, equipment, system and medium
CN110336774A (en) * 2019-04-17 2019-10-15 中国联合网络通信集团有限公司 Hybrid Encryption decryption method, equipment and system

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113204752A (en) * 2021-06-01 2021-08-03 京东科技控股股份有限公司 Identity verification method based on block chain, client and server
CN113541935A (en) * 2021-06-08 2021-10-22 西安电子科技大学 Encryption cloud storage method, system, equipment and terminal supporting key escrow
CN113541935B (en) * 2021-06-08 2022-06-03 西安电子科技大学 Encryption cloud storage method, system, equipment and terminal supporting key escrow
CN113472783A (en) * 2021-06-30 2021-10-01 杭州云象网络技术有限公司 Block chain cipher certificate service method, system, storage medium and device
CN115941217A (en) * 2021-08-17 2023-04-07 中金金融认证中心有限公司 Method for secure communication and related product
CN115941217B (en) * 2021-08-17 2024-03-29 中金金融认证中心有限公司 Method for secure communication and related products
CN114389819A (en) * 2021-12-31 2022-04-22 航天信息股份有限公司 Signature verification method and device
CN114760111A (en) * 2022-03-24 2022-07-15 标信智链(杭州)科技发展有限公司 File security method and file security device based on block chain
CN117272406A (en) * 2023-11-23 2023-12-22 国泰新点软件股份有限公司 Method, device, system and storage medium for verifying encrypted bidding document
CN117272406B (en) * 2023-11-23 2024-03-12 国泰新点软件股份有限公司 Method, device, system and storage medium for verifying encrypted bidding document

Also Published As

Publication number Publication date
CN112700245B (en) 2024-06-21

Similar Documents

Publication Publication Date Title
CN112700245B (en) Digital mobile certificate application method and device based on block chain
CN109687963B (en) Anti-quantum computing alliance chain transaction method and system based on public key pool
US7028180B1 (en) System and method for usage of a role certificate in encryption and as a seal, digital stamp, and signature
CN112633884B (en) Local private key recovery method and device for transaction main body identity certificate
US20060095769A1 (en) System and method for initializing operation for an information security operation
RU2584500C2 (en) Cryptographic authentication and identification method with real-time encryption
CN101529791A (en) A method and apparatus to provide authentication and privacy with low complexity devices
CN101419686A (en) A kind of on-line contract signing system based on the internet
CN101335754B (en) Method for information verification using remote server
CN105553654A (en) Key information query processing method and device and key information management system
CN109728905B (en) Anti-quantum computation MQV key negotiation method and system based on asymmetric key pool
CN111355591A (en) Block chain account safety management method based on real-name authentication technology
CN111353000A (en) Transaction network system, method and device for safely opening electronic insurance
CN101924734A (en) Identity authentication method and authentication device based on Web form
CN114143306B (en) Bid file transfer method and transfer device based on block chain
JPH11298470A (en) Key distribution method and system
CN110365472B (en) Quantum communication service station digital signature method and system based on asymmetric key pool pair
CN110176989B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool
CN115276978A (en) Data processing method and related device
CN109586918B (en) Anti-quantum-computation signature method and signature system based on symmetric key pool
EP1164745A2 (en) System and method for usage of a role certificate in encryption, and as a seal, digital stamp, and a signature
CN117294484A (en) Method, apparatus, device, medium and product for data interaction
CN115134144A (en) Enterprise-level business system authentication method, device and system
CN112613876B (en) Digital wallet transaction method, device and system
US11502840B2 (en) Password management system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information

Inventor after: Jin Shicheng

Inventor after: Fu Shijian

Inventor after: Zhang Junfeng

Inventor after: Li Xuezhi

Inventor after: Guo Wei

Inventor before: Jin Shicheng

Inventor before: Wang Tongzhou

Inventor before: Fu Shijian

Inventor before: Zhang Junfeng

Inventor before: Li Xuezhi

Inventor before: Guo Wei

CB03 Change of inventor or designer information
GR01 Patent grant
GR01 Patent grant