CN113094675A - User authentication method and device based on distributed model training - Google Patents
User authentication method and device based on distributed model training Download PDFInfo
- Publication number
- CN113094675A CN113094675A CN202110475267.6A CN202110475267A CN113094675A CN 113094675 A CN113094675 A CN 113094675A CN 202110475267 A CN202110475267 A CN 202110475267A CN 113094675 A CN113094675 A CN 113094675A
- Authority
- CN
- China
- Prior art keywords
- base station
- user
- user terminal
- random number
- target base
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012549 training Methods 0.000 title claims abstract description 118
- 238000000034 method Methods 0.000 title claims abstract description 80
- 238000012795 verification Methods 0.000 claims abstract description 16
- 230000004044 response Effects 0.000 claims description 27
- 230000008569 process Effects 0.000 description 25
- 238000004891 communication Methods 0.000 description 22
- 238000004590 computer program Methods 0.000 description 16
- 238000010586 diagram Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 5
- 230000007246 mechanism Effects 0.000 description 4
- 241000544061 Cuculus canorus Species 0.000 description 3
- 238000010801 machine learning Methods 0.000 description 3
- 230000004927 fusion Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Databases & Information Systems (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application relates to a user authentication method and device based on distributed model training, computer equipment and a storage medium. The method in one embodiment comprises: issuing a model training task through a target base station; receiving training join requests sent by user terminals through the target base station, and acquiring shared secrets of the user terminals based on the training join requests, wherein the shared secrets of the user terminals are determined according to anonymous user information of the user terminals and shared keys; verifying the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station; when the shared secret of the user terminal passes verification, decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value; and acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal. By adopting the method, the privacy safety of the user can be improved.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to a user authentication method and apparatus based on distributed model training, a computer device, and a storage medium.
Background
With the development of the technology in the computer field, the related processing through the machine learning model is increasingly important in the computer technology. Before processing with the machine learning model, a sample set needs to be provided, and a model training process is performed on the sample set to obtain a final machine learning model. In the traditional model training process, an independent device, such as a terminal or a server, completes the whole training process, and the single training mode easily causes leakage of data of a sample set and affects data security. Therefore, a distributed learning technology is provided, in which each terminal participating in training trains by using its own data as a sample set, obtains a model training result and sends the model training result to a training server, the training server fuses the model training results of each device to obtain a current model training result, and then sends the current model training result to each terminal, and repeats the next iterative training process until the training is finished.
In this distributed learning method, each terminal serves as a data owner, and model training can be performed without exchanging data between the terminals, and each terminal of the model obtained by training can be used for serving locally. Based on the model training result obtained by the distributed learning, the wireless approach is to gather the data owned by each terminal to a training result. Under the distributed learning mechanism, the identity status of the participants is the same, a shared data strategy can be established, and the data is not transferred, so that the privacy of the user or the data specification is not influenced.
However, in this distributed model training method, since the data trained by each terminal is stored locally in each terminal, the authenticity of the data cannot be verified. If an illegal terminal is added into the training process, unreal data is used for training, and the training model obtained by final fusion is undoubtedly influenced. Therefore, in order to ensure the reliability of the model training data, it is necessary to verify the location information of the terminal (or the user) at a certain time point to verify whether the user meets the requirements. However, in the traditional manner of authenticating the user location in the distributed learning process, there still exists a problem that the privacy of the user may be unnecessarily exposed, which affects the privacy security of the user.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a user authentication method, apparatus, computer device and storage medium based on distributed model training.
The user authentication method based on distributed model training in one embodiment comprises the following steps:
issuing a model training task through a target base station;
receiving training join requests sent by user terminals through the target base station, and acquiring shared secrets of the user terminals based on the training join requests, wherein the shared secrets of the user terminals are determined according to anonymous user information of the user terminals and shared keys;
verifying the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station; when the shared secret of the user terminal passes verification, decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value;
and acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal.
In one embodiment, the method further comprises:
after receiving, by the target base station, the training join request sent by each user terminal, and before acquiring the shared secret of the user terminal based on the training join request, the method further includes: establishing a secure communication channel between the target base station and each user terminal;
obtaining the shared secret of the user terminal based on the training join request, comprising: and respectively obtaining the shared secret of each user terminal through a secure communication channel between the target base station and each user terminal.
The user authentication method based on distributed model training in one embodiment comprises the following steps:
selecting a first random number, a second random number and a second numerical value at the beginning stage of the time slot;
generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
receiving a position authentication request sent by a user terminal, and acquiring user identity information of the user terminal based on the position authentication request;
generating anonymous user information of the user terminal based on the second numerical value and the user identity information;
generating a sharing key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
generating a position authentication response, and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key;
and generating a second blockchain transaction at the end of the time slot, and uploading the second blockchain transaction to a blockchain, wherein the second blockchain transaction carries the base station cipher text and a first numerical value determined based on the first random number.
In one embodiment, the method further comprises:
after receiving a location authentication request sent by a user terminal, and before obtaining user identity information of the user terminal based on the location authentication request, the method further includes: establishing a secure communication channel between the target base station and each user terminal;
obtaining user identity information of the user terminal based on the location authentication request, including: and obtaining the user identity information of the user terminal through a secure communication channel between the target base station and the user terminal.
In one embodiment, the shared key comprises a first shared key and a second shared key;
the first shared key is generated based on the third numerical value, the third random number, and the anonymous user information, and the second shared key is generated based on the third random number.
In one embodiment, after generating the location authentication response, the method further comprises the steps of:
and generating authentication identity information of the user terminal based on the user identity information and the second numerical value, and inserting the authentication identity information into a valley laying filter.
A user authentication apparatus based on distributed model training, the apparatus comprising:
the task issuing module is used for issuing a model training task through the target base station;
the shared secret acquisition module is used for receiving training join requests sent by user terminals through the target base station and acquiring the shared secret of the user terminals based on the training join requests, wherein the shared secret of the user terminals is determined according to anonymous user information of the user terminals and a shared secret key;
a shared secret verification module, configured to verify the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station;
the first ciphertext decryption module is used for decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value when the shared secret of the user terminal passes verification;
and the real information acquisition module is used for acquiring the real identity information of each user terminal based on the decryption value and the anonymous user information of each user terminal.
A user authentication apparatus based on distributed model training, the apparatus comprising:
the base station cryptograph generation module is used for selecting a first random number, a second random number and a second numerical value at the beginning stage of the time slot; generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
the authentication request receiving module is used for receiving a position authentication request sent by a user terminal and acquiring user identity information of the user terminal based on the position authentication request;
an anonymous user information generating module, configured to generate anonymous user information of the user terminal based on the second numerical value and the user identity information;
a shared key generation module, configured to generate a shared key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
the authentication response module is used for generating a position authentication response and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key;
and the uplink module is used for generating a second block chain transaction at the end of the time slot and uploading the second block chain transaction to a block chain, wherein the second block chain transaction carries the base station ciphertext and a first numerical value determined based on the first random number.
A computer device comprising a memory storing a computer program and a processor implementing the steps of the method as in any of the embodiments described above when the processor executes the computer program.
A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, carries out the steps of the method in any of the embodiments as described above.
According to the user authentication method, the device, the computer equipment and the storage medium based on the distributed model training, the base station can be combined with the first preset number of encrypted ciphertexts to authenticate the user in the process of authenticating the user identity by the base station, and the server is combined with the first preset number of encrypted ciphertexts of the base station to authenticate the user identity in the process of authenticating the user identity by the model training, so that the user identity is authenticated only under the condition that the first preset number of users participate when the distributed model training is required, the privacy leakage of the user is avoided, and the privacy safety of the user is improved.
Drawings
FIG. 1 is a diagram of an application environment of a user authentication method based on distributed model training in one embodiment;
FIG. 2 is a schematic flow chart illustrating a user authentication method based on distributed model training in one embodiment;
FIG. 3 is a schematic flow chart of a user authentication method based on distributed model training in another embodiment;
FIG. 4 is a block diagram of a user authentication device based on distributed model training in one embodiment;
FIG. 5 is a block diagram showing the structure of a user authentication apparatus based on distributed model training in another embodiment;
FIG. 6 is a diagram illustrating an internal structure of a computer device according to an embodiment;
FIG. 7 is a diagram illustrating an internal structure of an electronic device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The method for training the model provided by the present application can be applied to the application environment shown in fig. 1, where the application environment includes more than one base station, a plurality of user terminals, and an edge Server Fog Server. The base station may have a plurality of ues within its coverage area, where the ue may be a ue in a vehicle, or may be another type of ue, which may move and freely enter and leave the coverage area of the base station, such as a mobile terminal. When the user terminal enters the coverage of the base station, the mobile terminal sends a position authentication request to the base station, the base station authenticates the identity information of the user terminal, and the authentication identity information can also store a block chain. When model training is needed, the edge server issues a model training task through the base station, is located in the coverage area of the base station, and can initiate a training adding request for a user terminal needing to be added in the model training process. The user terminal may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, portable wearable devices, vehicle-mounted terminals, and the like, and the server may be implemented by an independent server or a server cluster formed by a plurality of servers.
In one embodiment, as shown in fig. 2, a user authentication method based on distributed model training is provided, which is described by taking the method as an example applied to the edge server in fig. 1, and includes the following steps S201 to S204.
Step S201: and issuing a model training task through the target base station.
The target base station may be any possible base station selected by the edge server when the model training is required, and the selected target base station may be only one or more than two.
When the model training task is issued, the model training task may be issued based on the model to be trained. The model to be trained can be provided to the edge server by a model service provider, or the edge server can issue a model training task by taking the model as the model to be trained when the model needs to be trained and updated aiming at the obtained model.
Step S202: receiving training join requests sent by user terminals through the target base station, acquiring shared secrets of the user terminals based on the training join requests, and determining the shared secrets of the user terminals according to anonymous user information of the user terminals and shared keys.
After the edge server issues the model training task through the target base station, the user terminal in the coverage area of the target base station receives the model training task, and if the model training task needs to be added, the user terminal sends a training adding request.
In one embodiment, after the training join request sent by each ue is received by the target base station, a secure communication channel may be further established between the target base station and each ue. The method for establishing the secure communication channel may be performed in any method for establishing the secure communication channel, and the embodiment of the present application is not particularly limited.
Accordingly, when the shared secret of the user terminal is obtained based on the training join request, the shared secret of each user terminal is obtained through the secure communication channel between the target base station and each user terminal when the secure communication channel is established.
In some specific examples, the shared secret of the user terminal is determined according to anonymous user information of the user terminal and a shared key, and the shared key may be information obtained by encrypting the anonymous user information based on the shared key.
Step S203: verifying the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station; and when the shared secret of the user terminal passes the verification, decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value.
In one embodiment, the verifying the shared secret of each user terminal based on the first predetermined number of encrypted ciphertexts of the target base station may specifically include step S2031 and step S2032.
Step S2031: based on a first preset number of encrypted ciphertexts of the target base station, authenticating the anonymous user information of each user terminal to obtain an authentication result;
step S2032: and verifying the authentication result according to the sharing key of each user terminal.
In one embodiment, decrypting the first ciphertext portion uploaded by the target base station to obtain a decrypted value may include:
and decrypting the first ciphertext part uploaded by the target base station based on the second ciphertext part, the third ciphertext part uploaded by the target base station and the shared key of each user terminal to obtain a decrypted value.
Step S204: and acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal.
The user authentication method based on the distributed model training combines the first preset number of encrypted ciphertexts of the base station to carry out verification in the process of carrying out the model training to verify the user identity, so that the user identity is verified only when the first preset number of users participate in the distributed model training, the privacy leakage of the user is avoided, and the privacy safety of the user is improved.
In one embodiment, after obtaining the true identity information of each of the user terminals, the method further includes:
and determining each user terminal added into the model training task based on the obtained real identity information of each user terminal.
Therefore, each user terminal added in the model training task can be determined based on the obtained real identity information of each user terminal. Then, the user terminals can perform the subsequent distributed model training process. The embodiment of the present application is not particularly limited in the specific distributed model training process.
In one embodiment, as shown in fig. 3, a user authentication method based on distributed model training is provided, which is described by taking the method as an example for being applied to the base station in fig. 1, and includes the following steps S301 to S306.
Step S301: in the beginning stage of the time slot, a first random number, a second random number and a second numerical value are selected, and a base station cipher text is generated based on the first random number, the second numerical value and a base station identifier.
In one embodiment, before selecting the first random number, the second random number, and the second value in the beginning stage of the timeslot, steps S3001 to S3003 may be further included.
Step S3001: a first predetermined number of random numbers is selected.
The first predetermined number may be determined by combining the number of users who need to participate in training when the model needs to be trained, or a threshold value of the number of users required for user authentication.
Step S3002: and respectively encrypting each random number to obtain a first preset number of encrypted ciphertexts.
The process of encrypting each random number may be set in accordance with actual technical requirements, and the embodiment of the present application is not particularly limited.
Step S3003: and generating a first blockchain transaction, and uploading the first blockchain transaction to a blockchain, wherein the first blockchain transaction carries the first preset number of encrypted ciphertexts.
The method for generating the blockchain transaction may be generated by combining with an actual method for generating the blockchain transaction, and the embodiment of the present application is not particularly limited as long as the generated first blockchain transaction can carry the first predetermined number of encrypted ciphertexts.
In one embodiment, generating a base station cryptogram based on the first random number, the second numerical value, and the base station identifier includes the following steps S3011 to S3014.
Step S3011: a first value is generated based on the first random number.
In one embodiment, when generating the first value based on the first random number, the generation may be performed in combination with actual needs, such as encryption and the like. In some specific examples, the first random number may also be considered as a private key, and a corresponding public key is generated by using the first random number as the private key, and the generated public key is taken as the first numerical value.
In one specific example, the first random number is denoted as β, and the generated first value may be denoted as gβ。
Step S3012: obtaining a first ciphertext portion based on the first value, the second nonce, and the second value.
In one embodiment, the first ciphertext portion may be obtained using the following equation:
C1=e(gβ,g2)s·x
wherein, C1Representing a first ciphertext part, gβRepresenting a first value, s a second random number, and x a second value.
Step S3013: and obtaining a second ciphertext part based on the second random number.
In one embodiment, the second ciphertext portion may be obtained using the following equation:
C2=gs
wherein, C2Representing a second ciphertext portion, s represents a second random number.
Step S3014: and obtaining a third ciphertext part based on the first numerical value, the base station identifier and the second random number.
In one embodiment, the third ciphertext portion may be obtained using the following equation:
C3=(gβ·ID·h1)s
wherein, C3Representing the third ciphertext part, s represents the second random number, and the ID represents the base station identity.
The base station ciphertext comprises the first ciphertext part, the second ciphertext part and the third ciphertext part.
Step S302: receiving a position authentication request sent by a user terminal, and acquiring user identity information of the user terminal based on the position authentication request.
In one embodiment, after receiving the location authentication request sent by the user terminal, a secure communication channel may also be established between the base station and the user terminal. The method for establishing the secure communication channel may be performed in any method for establishing the secure communication channel, and the embodiment of the present application is not particularly limited.
Accordingly, when the user identity information of the user terminal is obtained based on the location authentication request, the user identity information of the user terminal is obtained through the secure communication channel between the base station and the user terminal under the condition that the secure communication channel is established.
Step S303: and generating anonymous user information of the user terminal based on the second numerical value and the user identity information.
Step S304: and generating a sharing key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station.
In an embodiment, the generating the sharing key of the user equipment based on the anonymous user information and the first predetermined number of encrypted ciphertexts of the target base station includes steps S3041 to S3043.
Step S3041: generating a third value based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station.
In one embodiment, the third value may be generated using the following equation:
wherein, f (pid)i) Denotes a third value, αjJ (th) encrypted ciphertext, pid, of a first predetermined number of encrypted ciphertexts representing a target base stationiDenotes anonymous user information of the user i, and β denotes a first random number.
Step S3042: a third random number is selected.
Step S3043: and generating a sharing key of the user terminal based on the third numerical value, the third random number and the anonymous user information.
In one embodiment, the shared key includes a first shared key and a second shared key. The first shared key is generated based on the third numerical value, the third random number, and the anonymous user information, and the second shared key is generated based on the third random number.
In one embodiment, the sharing key may be generated using the following formula:
wherein, ω isi,1Representing a first shared key, ωi,2Denotes a second shared key, f (pid)i) Denotes a third value, pidiAnonymous user information representing user i, riRepresenting a third random number.
Step S305: and generating a position authentication response, and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key.
Step S306: and generating a second blockchain transaction at the end of the time slot, and uploading the second blockchain transaction to a blockchain, wherein the second blockchain transaction carries the base station cipher text and a first numerical value determined based on the first random number.
In one embodiment, after generating the location authentication response, the method may further include the steps of:
and generating authentication identity information of the user terminal based on the user identity information and the second numerical value, and inserting the authentication identity information into a valley laying filter.
Based on the above embodiments, the following detailed description is given with reference to a specific application example, and when the embodiment of the present application is implemented, the embodiment may include four parts: the method comprises the steps of system initialization, training task release, model ciphertext generation and model ciphertext aggregation.
The system main body of the scheme of the invention is divided into three parts: 1) initializing a system; 2) generating location authentication; 3) and (5) verifying location authentication. The working process is as follows:
first, system initialization is performed.
In the process of initializing the system, a group of base stations cooperate to initialize the encryption system based on a given security parameter k, i.e. to generate a bilinear parameter (q, G)T,e,g,g2,h1) Where q is a prime number associated with a given security parameter kAnd prime | q | ═ k, parameters (g, g)2,h1) E.g. G, G is a selected curve, e.g. elliptic curve, G2,h1Respectively, points on the curve G, e is a bilinear mapping operation, and satisfies the condition: e: GXG → GT. Meanwhile, a group of base stations uniformly selects a hash functionAnd a cuffed filter is selected. On the other hand, a group of base stations simultaneously determines a slot length ts.
In the system initialization process, ID registration is required. For any base station, during the base station ID registration process, the base station selects (k-1) (i.e. a first preset number) random numbers:and generating corresponding encrypted ciphertext according to the selected (k-1) random numbers
On this basis, the base station generates a new blockchain transaction (referred to as a first blockchain transaction in the embodiment of the present application) and uploads the first blockchain transaction to the blockchain. Wherein the first blockchain transaction comprises: a transaction ID, a transaction subject, transaction data, and a transaction signature. The transaction ID is used to uniquely identify the first blockchain transaction, the transaction summary may be used as the transaction ID, and the summary of the transaction may be generated in any manner of generating the summary, which is not specifically limited in the embodiments of the present application. The transaction body is used to identify subject information of the blockchain transaction, and may specifically include a timestamp and a service provider ID. The transaction data contains the information of the generated encrypted random number, and can be expressed asThe transaction signature is a signature of the facilitator ID. The information contained in the first blockchain transaction in one specific example may be as shown in table 1 below.
TABLE 1
After the initialization process is completed, the location authentication information generation phase can be entered. In the position authentication information generation stage, the position authentication information of each terminal is generated. For each base station, the base station selects a first random number at the beginning of each time slot TSAt the same time, the base station selects a second random numberAnd a second value x ∈ GTAnd then generating a base station cryptograph based on the first random number beta, the second random number s, the second numerical value x and the base station ID. Wherein, when generating the base station cryptograph, the first value g may be calculated based on the first random number ββIs generated on the basis of the first value gβThe second random number s, the second value x, and the base station ID generate a base station cipher text, which may include three cipher text portions.
In one embodiment, the first ciphertext portion C1May be based on the first value gβA second random number s, a second numerical value x, a second ciphertext portion C2May be generated based on the second random number s and the third ciphertext portion may be based on the first value gβAnd generating a base station ID and a second random number s. In one specific example, three ciphertexts may be generated using the following formula:
when the user isTravel to the coverage of the base station IDThe base station sends a position authentication request to request position authentication.
Based on the location authentication request, the user vidiThe first establishment of a secure communication channel with the base station ID, and in particular the secure communication channel establishment, can be performed in any known manner. User vid based on established secure communication channeliUser identity information vidi||tiSending the information to a base station ID, wherein the user identity information carries a current time stamp ti。
User-based vidiThe base station ID is first based on the transmitted user identity information, vidi||tiGenerating anonymous user information pidi=vidi·H(x||ti)。
Then, the base station ID is based on the generated anonymous user information pidiGenerating a third value f (pid)i). In one specific example, the base station ID may be combined with (k-1) random numbers (α) it selects1,α2,…,αk-1) Generate the third value f (pid)i) In one example, the formula may be expressed as
At the same time, the base station ID selects a third random numberAnd based on the third random number riGenerating a corresponding shared secret ssi=(ωi,1,ωi,2). Wherein the shared secret key ssiComprising a first shared key omegai,1And a second shared secret ωi,2The first shared key may be based on a value f (pid)i) And a third random number riGenerating, a second shared secret ωi,2Can be given a third random number riThe generation, which can be formulated as:
subsequently, the base station ID generates a location authentication response message, which may carry anonymous user information pidiSharing secret key ssiAnd a current time stamp tiIn one example, the location authentication response message may be expressed as: msgi=pidi||ssi||ti. Then, the base station ID sends the location authentication response message msgiTo a user vehicle vidi。
In addition, the base station ID is also based on the user identity information vidiGenerating authentication identity information cid by using the second numerical value xiIn one embodiment, the authentication identity information may be represented as: cidi=H(vidi||x||ti). Then, the authentication identity information vidiInsertion into the cuckoo filter CF:
in the valley filter, for each data that needs to be inserted into the valley filter, the location of the data in two tables based on the valley filter mechanism will be calculated and the data will be stored in one of the two locations. In combination with the above, the authentication identity information cidiPossibly inserted into the valley filter at a position h1(cidi) H, possibly also inserted in the cuckoo filter2(cidi)。
Then, at the end of each time slot, the base station ID generates a second blockchain transaction based on the relevant information for that time slot and uploads the second blockchain transaction into the blockchain. Wherein the second blockchain transaction comprises: a transaction ID, a transaction subject, transaction data, and a transaction signature. The transaction ID is used to uniquely identify the first blockchain transaction, the transaction summary can be used as the transaction ID, and the summary of the transaction can be generatedThe abstract is generated in any abstract generating manner, and the embodiment of the application is not particularly limited. The transaction body is used to identify subject information of the blockchain transaction, and may specifically include a timestamp and a service provider ID. The transaction data includes related data in the time slot, such as time slot information TS of the time slot, and the three generated ciphertexts (C)1,C2,C3) A first value gβAnd valley filter information CF, which may be expressed as ID TS (C)1,C2,C3)|gβCF, transaction signature is the signature of the facilitator ID. The information contained in the second blockchain transaction in one specific example may be as shown in table 2 below.
ID | Transaction summary |
Main body | Time stamp, service provider ID |
Data of | ID||TS||(C1,C2,C3)|gβ||CF |
Signature | Signature of facilitator ID |
TABLE 2
Meanwhile, the other base stations in the group generate blocks through a PoS consensus mechanism, and the blocks comprise: block ID, block subject, block data, and block signature. The block ID is used to uniquely identify the block, the digest of the block may be used as the block ID, and the digest generation method may be any digest generation method, which is not specifically limited in the embodiment of the present application. The block body is used to identify the related topic information of the block, and specifically may include a timestamp, a base station ID (e.g., minerID), a pre-block digest, and a block consensus mechanism (e.g., PoS) used. The block data includes all transactions generated by the base station during the timeslot, and the block signature is the signature of Miner (e.g., the signature of the base station). The information contained in the first blockchain transaction in one specific example may be as shown in table 3 below.
TABLE 3
Subsequently, a verification phase of the location authentication information is entered.
If an edge server (also called as a training server) intends to improve a position location model of a certain area or train a certain position location model, the edge server firstly broadcasts a training task ID | | | TS to all users, and the model training task is issued through the broadcast training task. The training task ID | | TS may include model information ID and time slot information of the model to be trained.
If a group of users (pid)i,ssi),To participate in the training process, these users send a training join request to the edge server, the training join request carrying a shared secret (pid)i,ssi),Wherein, in a specific example, the shared secret may be a shared secret ssiFor anonymous user information pidiThe encrypted information.
After the edge server receives the user's train join request, the edge server first verifies the shared secret (pid) of these usersi,ssi),And after the verification is passed, anonymous user information pid for the group of usersiThen, authentication is performed to obtain an authentication result vk. In one specific example, the encrypted random numbers, anonymous user information for each user, and the first value g of the base station's first blockchain transaction uploaded onto the blockchain may be combinedβThe operation is performed to obtain the authentication result vk, which can be expressed as:
secondly, the edge server verifies the computed authentication result vk. The authentication result vk may be verified in combination with the shared key of each user, and in a specific example, the authentication result vk may be represented by a formula:
if the above formula is verified, the server combines the second ciphertext C2And a third ciphertext C3For the first ciphertext C1Decrypting to obtain decrypted valueIn one embodiment, the decryption process may be formulated as:
Then, the edgeThe edge server decrypts the value based on the decryptionAnd anonymous user informationThe server obtains the real identity information of each user:
based on the obtained real identity information of each user, the edge server may further verify the authenticity of the obtained real identity information through the authentication identity information stored in the valley filter.
If the obtained real identity information passes the verification, the group of users can be added into a training user set, and a training addition response is returned to the group of users. Thus, the group of users can join the model training process, and the system trains out the target model to be trained.
In the above-described scheme of the embodiment of the present application, the block chain is used to issue the non-tampered user location certificate, that is, the location certificate can be shared between the base stations without a central authority. Moreover, because the location certificate comprises the identity and the location information of the user, privacy disclosure can be caused by directly issuing the location certificate, and because the storage space of a single block is limited, the storage of the location certificate fingerprint is carried out by using the cuckoo filter, so that the storage efficiency of the location certificate is improved. I.e. based on data stored in the blockchain, no user to whom the location certificate corresponds can be inferred. Moreover, based on the characteristics of the distributed training model, the training process needs the participation of a plurality of users, and the real identity of the user can be recovered only on the premise that more users than the specified book entries participate, so that the position certification of the user can be further verified through the bloom filter. The bloom filter is used for storing the position authentication information, so that the privacy of a user who publishes the position authentication on the block chain is effectively protected. Moreover, because the process of the distributed training model needs a plurality of users to participate, based on the scheme, a threshold encryption scheme based on secret sharing is actually realized, and the identity of the user is protected; that is, when the number of the participating users is more than the threshold number, the server can obtain the real identity of the user, and the authentication is performed through the bloom filter on the block chain, so that the security of the identity privacy of the user is improved.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially displayed as indicated by arrows, the steps are not necessarily performed sequentially as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in these flowcharts may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of performing the steps or stages is not necessarily sequential, but may be performed alternately or alternately with other steps or at least some of the steps or stages in other steps.
In one embodiment, as shown in fig. 4, there is provided a user authentication apparatus based on distributed model training, which may be disposed on an edge server shown in fig. 1, and includes:
a task issuing module 401, configured to issue a model training task through a target base station;
a shared secret obtaining module 402, configured to receive, by the target base station, a training join request sent by each user terminal, and obtain, based on the training join request, a shared secret of the user terminal, where the shared secret of the user terminal is determined according to anonymous user information of the user terminal and a shared key;
a shared secret verification module 403, configured to verify the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station;
a first ciphertext decryption module 404, configured to decrypt the first ciphertext portion uploaded by the target base station when the shared secret of the user terminal passes verification, to obtain a decrypted value;
a real information obtaining module 405, configured to obtain real identity information of each user terminal based on the decryption value and the anonymous user information of each user terminal.
In one embodiment, the shared secret verification module 403 includes:
the fusion module is used for authenticating the anonymous user information of each user terminal based on a first preset number of encrypted ciphertexts of the target base station to obtain an authentication result;
and the verification module is used for verifying the authentication result according to the sharing key of each user terminal.
In one embodiment, the first ciphertext decryption module 404 decrypts the first ciphertext portion uploaded by the target base station based on the second ciphertext portion, the third ciphertext portion uploaded by the target base station and the shared key of each ue, so as to obtain a decrypted value.
In one embodiment, the apparatus further comprises:
a user determining module, configured to determine, based on the obtained real identity information of each user terminal, the user terminal to which each model training task is added
In one embodiment, as shown in fig. 5, there is provided a user authentication apparatus based on distributed model training, which may be disposed on the base station shown in fig. 1, and includes:
a base station ciphertext generating module 501, configured to select a first random number, a second random number, and a second numerical value at a start stage of a timeslot; generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
an authentication request receiving module 502, configured to receive a location authentication request sent by a user terminal, and obtain user identity information of the user terminal based on the location authentication request;
an anonymous information generating module 503, configured to generate anonymous user information of the user terminal based on the second value and the user identity information;
a shared key generation module 504, configured to generate a shared key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
an authentication response module 505, configured to generate a location authentication response and send the location authentication response to the user terminal, where the location authentication response carries the anonymous user information and the sharing key;
an uplink module 506, configured to generate a second blockchain transaction at the end of the timeslot, and upload the second blockchain transaction to a blockchain, where the second blockchain transaction carries the base station cipher text and a first numerical value determined based on the first random number.
In one embodiment, the apparatus further comprises:
the ciphertext generating module is used for selecting a first preset number of random numbers; encrypting each random number respectively to obtain a first preset number of encrypted ciphertexts; and generating a first blockchain transaction, and uploading the first blockchain transaction to a blockchain, wherein the first blockchain transaction carries the first preset number of encrypted ciphertexts.
In one embodiment, the base station cryptogram generating module 501 generates a first numerical value based on the first random number; obtaining a first ciphertext portion based on the first value, the second random number, and the second value; obtaining a second ciphertext portion based on the second random number; obtaining a third ciphertext part based on the first numerical value, the base station identifier and the second random number; the base station cipher text includes the first cipher text portion, the second cipher text portion, and the third cipher text portion.
In one embodiment, the shared key generating module 504 generates a third value based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station; selecting a third random number; and generating a sharing key of the user terminal based on the third numerical value, the third random number and the anonymous user information.
For a specific implementation manner of the user authentication apparatus based on distributed model training, refer to the above description of the embodiment of the user authentication method based on distributed model training, and are not described herein again. The modules in the device for training the model can be wholly or partially realized by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer equipment is used for storing relevant data such as a model to be trained. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of user authentication based on distributed model training.
In one embodiment, an electronic device is provided, which may be disposed in a base station, and its internal structure diagram may be as shown in fig. 7. The electronic device includes a processor, a memory, and a communication interface connected by a system bus. Wherein the processor of the electronic device is configured to provide computing and control capabilities. The memory of the electronic equipment comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless communication can be realized through WIFI, an operator network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a method of user authentication based on distributed model training.
Those skilled in the art will appreciate that the configurations shown in fig. 6 and 7 are merely block diagrams of some configurations relevant to the present disclosure, and do not constitute a limitation on the computing devices and electronic devices to which the present disclosure may be applied, and that a particular computing device may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In an embodiment, a computer device is provided, comprising a memory in which a computer program is stored and a processor which, when executing the computer program, implements the steps of the method in any of the embodiments described above.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the method of training a model according to any of the embodiments described above.
In one embodiment, a computer program product or computer program is provided that includes computer instructions stored in a computer-readable storage medium. The computer instructions are read by a processor of a computer device from a computer-readable storage medium, and the computer instructions are executed by the processor to cause the computer device to perform the steps in the above-mentioned method embodiments.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (10)
1. A user authentication method based on distributed model training is characterized by comprising the following steps:
issuing a model training task through a target base station;
receiving training join requests sent by user terminals through the target base station, and acquiring shared secrets of the user terminals based on the training join requests, wherein the shared secrets of the user terminals are determined according to anonymous user information of the user terminals and shared keys;
verifying the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station; when the shared secret of the user terminal passes verification, decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value;
and acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal.
2. The method of claim 1, wherein: verifying the shared secret of each of the user terminals based on a first predetermined number of encrypted ciphertexts of the target base station, comprising:
based on a first preset number of encrypted ciphertexts of the target base station, authenticating the anonymous user information of each user terminal to obtain an authentication result;
and verifying the authentication result according to the sharing key of each user terminal.
3. The method of claim 1, wherein decrypting the first ciphertext portion uploaded by the target base station to obtain a decrypted value comprises:
and decrypting the first ciphertext part uploaded by the target base station based on the second ciphertext part, the third ciphertext part uploaded by the target base station and the shared key of each user terminal to obtain a decrypted value.
4. The method of claim 1, further comprising, after obtaining true identity information of each of the user terminals:
and determining the user terminals added into the model training tasks based on the obtained real identity information of the user terminals.
5. A user authentication method based on distributed model training is characterized by comprising the following steps:
selecting a first random number, a second random number and a second numerical value at the beginning stage of the time slot; generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
receiving a position authentication request sent by a user terminal, and acquiring user identity information of the user terminal based on the position authentication request;
generating anonymous user information of the user terminal based on the second numerical value and the user identity information;
generating a sharing key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
generating a position authentication response, and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key;
and generating a second blockchain transaction at the end of the time slot, and uploading the second blockchain transaction to a blockchain, wherein the second blockchain transaction carries the base station cipher text and a first numerical value determined based on the first random number.
6. The method of claim 5, wherein before selecting the first random number, the second random number, and the second value at the beginning of the time slot, further comprising the steps of:
selecting a first predetermined number of random numbers;
encrypting each random number respectively to obtain a first preset number of encrypted ciphertexts;
and generating a first blockchain transaction, and uploading the first blockchain transaction to a blockchain, wherein the first blockchain transaction carries the first preset number of encrypted ciphertexts.
7. The method of claim 5, wherein generating a base station cipher text based on the first random number, the second value, and a base station identification comprises:
generating a first value based on the first random number;
obtaining a first ciphertext portion based on the first value, the second random number, and the second value;
obtaining a second ciphertext portion based on the second random number;
obtaining a third ciphertext part based on the first numerical value, the base station identifier and the second random number;
the base station cipher text includes the first cipher text portion, the second cipher text portion, and the third cipher text portion.
8. The method of claim 5, wherein generating the shared key for the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station comprises:
generating a third numerical value based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
selecting a third random number;
and generating a sharing key of the user terminal based on the third numerical value, the third random number and the anonymous user information.
9. An apparatus for user authentication based on distributed model training, the apparatus comprising:
the task issuing module is used for issuing a model training task through the target base station;
the shared secret acquisition module is used for receiving training join requests sent by user terminals through the target base station and acquiring the shared secret of the user terminals based on the training join requests, wherein the shared secret of the user terminals is determined according to anonymous user information of the user terminals and a shared secret key;
a shared secret verification module, configured to verify the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station;
the first ciphertext decryption module is used for decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value when the shared secret of the user terminal passes verification;
and the real information acquisition module is used for acquiring the real identity information of each user terminal based on the decryption value and the anonymous user information of each user terminal.
10. An apparatus for user authentication based on distributed model training, the apparatus comprising:
the base station cryptograph generation module is used for selecting a first random number, a second random number and a second numerical value at the beginning stage of the time slot; generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
the authentication request receiving module is used for receiving a position authentication request sent by a user terminal and acquiring user identity information of the user terminal based on the position authentication request;
an anonymous user information generating module, configured to generate anonymous user information of the user terminal based on the second numerical value and the user identity information;
a shared key generation module, configured to generate a shared key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
the authentication response module is used for generating a position authentication response and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key;
and the uplink module is used for generating a second block chain transaction at the end of the time slot and uploading the second block chain transaction to a block chain, wherein the second block chain transaction carries the base station ciphertext and a first numerical value determined based on the first random number.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110475267.6A CN113094675B (en) | 2021-04-29 | 2021-04-29 | User authentication method and device based on distributed model training |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110475267.6A CN113094675B (en) | 2021-04-29 | 2021-04-29 | User authentication method and device based on distributed model training |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113094675A true CN113094675A (en) | 2021-07-09 |
CN113094675B CN113094675B (en) | 2023-03-28 |
Family
ID=76680660
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110475267.6A Active CN113094675B (en) | 2021-04-29 | 2021-04-29 | User authentication method and device based on distributed model training |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113094675B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116170239A (en) * | 2023-04-26 | 2023-05-26 | 成都天用唯勤科技股份有限公司 | Multi-centralised data processing method, system and storage medium |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030081785A1 (en) * | 2001-08-13 | 2003-05-01 | Dan Boneh | Systems and methods for identity-based encryption and related cryptographic techniques |
WO2006121307A1 (en) * | 2005-05-13 | 2006-11-16 | Samsung Electronics Co., Ltd. | Authentication method for wireless distributed system |
US20080288773A1 (en) * | 2007-05-15 | 2008-11-20 | At&T Knowledge Ventures, Lp | System and method for authentication of a communication device |
US20170034133A1 (en) * | 2015-07-28 | 2017-02-02 | International Business Machines Corporation | User authentication over networks |
CN110263928A (en) * | 2019-06-18 | 2019-09-20 | 中国科学技术大学 | Protect the mobile device-based distributed deep learning training method of data-privacy |
CN110572253A (en) * | 2019-09-16 | 2019-12-13 | 济南大学 | Method and system for enhancing privacy of federated learning training data |
GB202012874D0 (en) * | 2020-08-18 | 2020-09-30 | Nchain Holdings Ltd | Threshold signatures |
-
2021
- 2021-04-29 CN CN202110475267.6A patent/CN113094675B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030081785A1 (en) * | 2001-08-13 | 2003-05-01 | Dan Boneh | Systems and methods for identity-based encryption and related cryptographic techniques |
WO2006121307A1 (en) * | 2005-05-13 | 2006-11-16 | Samsung Electronics Co., Ltd. | Authentication method for wireless distributed system |
US20080288773A1 (en) * | 2007-05-15 | 2008-11-20 | At&T Knowledge Ventures, Lp | System and method for authentication of a communication device |
US20170034133A1 (en) * | 2015-07-28 | 2017-02-02 | International Business Machines Corporation | User authentication over networks |
CN110263928A (en) * | 2019-06-18 | 2019-09-20 | 中国科学技术大学 | Protect the mobile device-based distributed deep learning training method of data-privacy |
CN110572253A (en) * | 2019-09-16 | 2019-12-13 | 济南大学 | Method and system for enhancing privacy of federated learning training data |
GB202012874D0 (en) * | 2020-08-18 | 2020-09-30 | Nchain Holdings Ltd | Threshold signatures |
Non-Patent Citations (4)
Title |
---|
BIN FAN 等: ""Cuckoo Filter: Practically Better Than Bloom"", 《CONEXT "14: PROCEEDINGS OF THE 10TH ACM INTERNATIONAL ON CONFERENCE ON EMERGING NETWORKING EXPERIMENTS AND TECHNOLOGIES》, 31 December 2014 (2014-12-31), pages 75 - 88, XP055427700, DOI: 10.1145/2674005.2674994 * |
FENG YIN 等: ""FedLoc: Federated Learning Framework for Data-Driven Cooperative Localization and Location Data Processing"", 《IEEE OPEN JOURNAL OF SIGNAL PROCESSING》, 8 December 2020 (2020-12-08), pages 4898 * |
QINGLEI KONG 等: ""Achieving Privacy-Preserving and Verifiable Data Sharing in Vehicular Fog With Blockchain"", 《IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS》, 16 April 2020 (2020-04-16), pages 4889 - 4898, XP011871466, DOI: 10.1109/TITS.2020.2983466 * |
QINGLEI KONG 等: ""Privacy-Preserving Aggregation for Federated Learning-Based Navigation in Vehicular Fog"", 《IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS》, 27 April 2021 (2021-04-27), pages 8453 - 8463 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116170239A (en) * | 2023-04-26 | 2023-05-26 | 成都天用唯勤科技股份有限公司 | Multi-centralised data processing method, system and storage medium |
CN116170239B (en) * | 2023-04-26 | 2023-07-14 | 成都天用唯勤科技股份有限公司 | Multi-centralised data processing method, system and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN113094675B (en) | 2023-03-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111935080B (en) | Data sharing method and device of block chain, computer equipment and storage medium | |
CN111949953B (en) | Identity authentication method, system and device based on block chain and computer equipment | |
CN109471844B (en) | File sharing method and device, computer equipment and storage medium | |
CN111970129B (en) | Data processing method and device based on block chain and readable storage medium | |
US11115418B2 (en) | Registration and authorization method device and system | |
KR101985179B1 (en) | Blockchain based id as a service | |
CN107948736A (en) | A kind of audio and video preservation of evidence method and system | |
CN108111604A (en) | Block chain common recognition methods, devices and systems, identification information treating method and apparatus | |
CN110913390B (en) | Anti-quantum computing Internet of vehicles method and system based on identity secret sharing | |
CN101350718A (en) | Method for protecting play content authority range base on user identification module | |
CN114239857B (en) | Data right determining method, device, equipment and medium based on federal learning | |
CN112801307B (en) | Block chain-based federal learning method and device and computer equipment | |
CN111065101A (en) | 5G communication information encryption and decryption method and device based on block chain and storage medium | |
CN114143108A (en) | Session encryption method, device, equipment and storage medium | |
CN114168922B (en) | User CA certificate generation method and system based on digital certificate | |
CN114168923B (en) | Group CA certificate generation method and system based on digital certificate | |
CN111199486B (en) | Data processing method, device and storage medium based on blockchain network | |
CN110166460B (en) | Service account registration method and device, storage medium and electronic device | |
CN115913677A (en) | Block chain-based collaboration edge storage data privacy protection system and method | |
CN113094675B (en) | User authentication method and device based on distributed model training | |
CN112182627A (en) | Block chain digital certificate management method and system based on mobile equipment | |
CN110851804A (en) | Alliance chain identity authentication method based on electronic contract | |
CN113094735B (en) | Privacy model training method | |
CN112350824B (en) | Key distribution method, system and computer equipment in data sharing exchange | |
CN115567203A (en) | Method, device, equipment and storage medium for recovering secret information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |