CN114022259B - Bidding method and device based on public key assignment and identity verification - Google Patents
Bidding method and device based on public key assignment and identity verification Download PDFInfo
- Publication number
- CN114022259B CN114022259B CN202111334121.6A CN202111334121A CN114022259B CN 114022259 B CN114022259 B CN 114022259B CN 202111334121 A CN202111334121 A CN 202111334121A CN 114022259 B CN114022259 B CN 114022259B
- Authority
- CN
- China
- Prior art keywords
- sub
- public key
- bidding
- root
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
- G06Q30/08—Auctions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The application discloses a bid-inviting method based on public key assignment and identity verification, which comprises the following steps: generating a pair of root public key R and root private key V which correspond to each other by using a hierarchical deterministic method; generating a plurality of sub-private keys Vi on a signer through a root private key V and a secret key generation tool; the bidding party is controlled to generate a plurality of sub-public keys Ri through a root public key R and a secret key generating tool respectively, wherein the sub-private keys Vi and the sub-public keys Ri are in one-to-one correspondence; designating a number i, signing the number i, and controlling a bidder to verify the accuracy of the number i according to the signature: the bidding party is controlled to select one sub-public key Ri to encrypt the bidding document according to the appointed number i, and the sub-public key Ri is transmitted to the bidding party; and the signer decrypts the bidding document through the sub-private key Vi to obtain the bidding document. The sub public key Ri of the scheme is not issued directly, but generated and selected by a bidder, and when the sub public key Ri is designated, the number i of the designated sub public key Ri is subjected to signature verification and is correspondingly selected, so that the reliability of the bidding process is improved.
Description
Technical Field
The application relates to the technical field of bidding, in particular to a public key random bidding method, a device, computer equipment and a storage medium.
Background
The conventional bidding is generally that after the bidding party sends out notices, the bidding party makes a bidding book and delivers the bidding book to the bidding party, the bidding party uniformly opens the bidding on the bidding date organization, and the bidding book is submitted to expert group for review to give a ranking, so that behaviors of string bidding, malicious modification of the bidding book and the like affecting fairness in the bidding process are avoided. The technical development promotes the improvement of bidding work efficiency, the existing bidding work is widely transferred to an on-line environment for carrying out, and under the on-line environment, the true accuracy and confidentiality of the bidding are ensured by an encryption system.
The conventional bidding scheme realizes the encryption of a bidding document by an asymmetric encryption method, a specific bidding party encrypts the bidding document by a public key and delivers the bidding document to the bidding party, the bidding party stores a private key and decrypts the bidding document by the private key.
On the basis, some schemes provide a method for generating a plurality of groups of corresponding public keys and private keys based on a hierarchical deterministic method, and obtaining a bidding document by decrypting the private keys corresponding to the public keys used by bidders in a manner that one private key is prevented from being stolen, and all bidding documents of the bidders are dangerous, however, encryption in this manner requires a number i of a designated sub-private key Vi, the number i has relatively small information content and is possibly stolen, and a determination mechanism for the number i is required to ensure that the number i is indeed designated by the bidders.
Disclosure of Invention
The embodiment of the application aims to provide a bid-posting method for improving the reliability of bidding document delivery by a bid-posting encryption mode for verifying a number i.
In order to solve the technical problems, the embodiment of the application provides a random public key bidding method, which adopts the following technical scheme:
a public key assignment and identity verification based bidding method, comprising the steps of:
generating a pair of root public key R and root private key V which correspond to each other by using a hierarchical deterministic method;
generating a plurality of sub-private keys Vi on a signer through a root private key V and a secret key generation tool;
the bidding party is controlled to generate a plurality of sub-public keys Ri through a root public key R and a secret key generating tool respectively, wherein the sub-private keys Vi and the sub-public keys Ri are in one-to-one correspondence;
designating a number i, signing the number i, and controlling a bidder to verify the accuracy of the number i according to the signature:
the bidding party is controlled to select one sub-public key Ri to encrypt the bidding document according to the appointed number i, and the sub-public key Ri is transmitted to the bidding party;
and the signer decrypts the bidding document through the sub-private key Vi to obtain the bidding document.
Further, the signing step specifically includes:
signing the number i through a sub-private key Vi corresponding to the designated number i;
the step of verifying the accuracy of the number i specifically comprises the following steps:
and controlling the bidder to verify the signature by specifying the sub-public key Ri corresponding to the number i so as to determine that the number i is signed by the corresponding sub-private key Vi.
Further, the step of signing the number i specifically includes: combining the number i with a random number to obtain an intermediate number, and signing the intermediate number by the child private key Vi;
the step of verifying the signature specifically comprises the following steps: and selecting the sub public key Ri to decrypt the intermediate number according to the plaintext of the number i, and verifying the decrypted intermediate number according to the plaintext of the intermediate number to determine that the intermediate number is sent by a bidding party, wherein the plaintext of the number i and the plaintext of the intermediate number are sent to a bidding party through the bidding party.
Further, the step of verifying the signature further includes verifying whether the decrypted intermediate number is correct based on a combination of the plaintext of the random number and the plaintext of the number i.
Further, the step of verifying the signature further includes: and obtaining a decrypted number i according to the decrypted intermediate number and the plaintext of the random number, and verifying the decrypted number i through the plaintext of the number i to determine that the number i is sent by a signer.
Further, the method for acquiring the intermediate number specifically comprises negotiating a combination position of the random number and the number i with the signer;
the number i is inserted into the negotiated binding location to obtain an intermediate number.
Further, the step of obtaining the decrypted number i according to the decrypted intermediate number and the plaintext of the random number specifically includes: and separating the plaintext of the random number from the decrypted intermediate number according to the combination position to obtain a decrypted number i.
In order to solve the technical problems, the embodiment of the application also provides a bidding device based on public key assignment and identity verification, which adopts the following technical scheme:
a public key assignment and authentication based bidding appliance, comprising:
the root secret key generation module is used for generating a pair of root public key R and root private key V which correspond to each other by using a hierarchical deterministic method;
the sub private key generation module is used for generating a plurality of sub private keys Vi on the bidding party through the root private key V and the secret key generation tool;
the sub public key generation module is used for controlling a bidding party to generate a plurality of sub public keys Ri through a root public key R and a secret key generation tool respectively, wherein the sub private keys Vi and the sub public keys Ri are in one-to-one correspondence;
the verification and assigned number module is used for assigning a number i, signing the number i and controlling a bidder to verify the accuracy of the number i according to the signature:
the encryption module is used for controlling the bidding party to select one sub-public key Ri to encrypt the bidding document according to the appointed number i and transmitting the sub-public key Ri to the bidding party;
and the decryption module is used for decrypting the bidding document by the bidding party through the sub-private key Vi so as to obtain the bidding document.
In order to solve the above technical problems, the embodiment of the present application further provides a computer device, which adopts the following technical schemes:
a computer device comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of a public key assignment and identity verification based bidding method as described above.
In order to solve the above technical problems, an embodiment of the present application further provides a computer readable storage medium, which adopts the following technical schemes:
a computer readable storage medium having stored thereon a computer program which when executed by a processor implements the steps of a public key assignment and identity verification based bidding method as described above.
Compared with the prior art, the embodiment of the application has the following main beneficial effects: generating a root public key and a root private key V, wherein the root private key V is kept secret to ensure the security of a password system;
the root public key R and the secret key generating tool are issued outwards, so that a bidder can generate a plurality of sub public keys according to the root public key R and the secret key generating tool; then, the bidder selects a designated sub-public key Ri from a plurality of sub-public keys Ri, wherein the sub-public key Ri is designated by a number i;
before the number i is transmitted, a designated party signature is made, and after the designated number i is received, the bidding party verifies the signature so as to ensure the authenticity of the number i and prevent the stealer from tampering.
The sub public key Ri of the scheme is not directly issued to a bidder, but generated and selected by the bidder, and when the sub public key Ri is specified, the number i of the specified sub public key Ri is subjected to signature verification, so that the authenticity of the number i is ensured, and the reliability of the bidding process is improved.
Drawings
In order to more clearly illustrate the solution of the present application, a brief description will be given below of the drawings required for the description of the embodiments of the present application, it being apparent that the drawings in the following description are some embodiments of the present application, and that other drawings may be obtained from these drawings without the exercise of inventive effort for a person of ordinary skill in the art.
FIG. 1 is an exemplary system architecture diagram in which the present application may be applied;
FIG. 2 is a flow chart of one embodiment of a method of bidding based on public key assignment and authentication in accordance with the present application;
FIG. 3 is a schematic diagram illustrating the construction of one embodiment of a public key assignment and authentication based bidding appliance, in accordance with the present application;
FIG. 4 is a schematic structural diagram of one embodiment of a computer device in accordance with the present application.
Detailed Description
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs; the terminology used in the description of the applications herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the application; the terms "comprising" and "having" and any variations thereof in the description of the application and the claims and the description of the drawings above are intended to cover a non-exclusive inclusion. The terms first, second and the like in the description and in the claims or in the above-described figures, are used for distinguishing between different objects and not necessarily for describing a sequential or chronological order.
Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment may be included in at least one embodiment of the application. The appearances of such phrases in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. Those of skill in the art will explicitly and implicitly appreciate that the embodiments described herein may be combined with other embodiments.
In order to make the person skilled in the art better understand the solution of the present application, the technical solution of the embodiment of the present application will be clearly and completely described below with reference to the accompanying drawings.
As shown in fig. 1, the method described in the embodiment of the present application may be applied to a system architecture that may include a terminal device 11, a terminal device 12, a terminal device 13, a network 14, and a server 15. The network 14 is a medium used to provide communication links between the terminal devices 11, 12, 13 and the server 15. The network 14 may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
The user may interact with the server 15 via the network 14 using the terminal device 11, the terminal device 12, the terminal device 13, to receive or send messages or the like. Various communication client applications, such as a web browser application, a shopping class application, a search class application, an instant messaging tool, a mailbox client, social platform software, etc., may be installed on the terminal devices 11, 12, 13.
The terminal devices 11, 12, 13 may be various electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablet computers, e-book readers, MP3 players (Moving Picture Experts Group Audio Layer III, dynamic video expert compression standard audio plane 3), MP4 (Moving Picture Experts Group Audio Layer IV, dynamic video expert compression standard audio plane 4) players, laptop and desktop computers, and the like.
The server 15 may be a server providing various services, such as a background server providing support for pages displayed on the terminal device 11, the terminal device 12, the terminal device 13.
It should be understood that the number of terminal devices, networks and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
Referring to fig. 2, a flow chart of one embodiment of a public key random bidding method in accordance with the present application is illustrated.
In this embodiment, an electronic device (e.g., a server/terminal device shown in fig. 1) operated by a public key random bidding method may request or receive data and information through a wired connection manner or a wireless connection manner. It should be noted that the wireless connection may include, but is not limited to, 3G/4G connections, wiFi connections, bluetooth connections, wiMAX connections, zigbee connections, UWB (ultra wideband) connections, and other now known or later developed wireless connection means.
A public key assignment and identity verification based bidding method, comprising the steps of:
step S100: generating a pair of root public key R and root private key V which correspond to each other by using a hierarchical deterministic method;
generating a root public key R and a root private key V, wherein the root private key V is kept secret to ensure the security of a password system;
the hierarchical deterministic method can generate a root private key V and a chain code, a root public key R which corresponds to the root private key V one by one is generated through the root private key V and a secret key generation tool, the root public key R and the chain code are matched, a plurality of sub public keys Ri can be generated through the secret key generation tool, the root private key V and the chain code are matched, a sub private key Vi can be generated through the secret key generation tool, and the quantity of the sub private keys Vi and the sub public keys Ri is controlled through parameters introduced in the secret key generation tool. The generated sub public key Ri and the generated sub private key Vi are in one-to-one correspondence through a number i.
Step S200: generating a plurality of sub-private keys Vi on a signer through a root private key V and a secret key generation tool;
step S300: the bidding party is controlled to generate a plurality of sub-public keys Ri through a root public key R and a secret key generating tool respectively, wherein the sub-private keys Vi and the sub-public keys Ri are in one-to-one correspondence;
the root public key R and the secret key generating tool are issued outwards, so that a bidder can generate a plurality of sub-public keys Ri according to the root public key R and the secret key generating tool; then, the bidder selects a designated sub-public key Ri from a plurality of sub-public keys Ri, wherein the sub-public key Ri is designated by a number i;
step S400: designating a number i, signing the number i, and controlling a bidder to verify the accuracy of the number i according to the signature:
before the number i is transmitted, a designated party signature is made, and after the designated number i is received, the bidding party verifies the signature so as to ensure the authenticity of the number i and prevent the stealer from tampering.
Step S500: the bidding party is controlled to select one sub-public key Ri to encrypt the bidding document according to the appointed number i, and the sub-public key Ri is transmitted to the bidding party;
step S600: and the signer decrypts the bidding document through the sub-private key Vi to obtain the bidding document.
The sub public key Ri of the scheme is not directly issued to a bidder, but generated and selected by the bidder, and when the sub public key Ri is specified, the number i of the specified sub public key Ri is subjected to signature verification, so that the authenticity of the number i is ensured, and the reliability of the bidding process is improved.
On the basis, the root public key R, the key generation tool, the number n of bidders and the formulated number i can be respectively sent to bidders to improve the security of the subkeys, if a stealer wants to forge the bidder information in the form of intercepting the subkeys, the same group of subpublic keys R can be generated by intercepting the root public key R, the key generation tool and the number n of bidders at the same time i And selects the correct sub-public key R i The counterfeit encryption of the label is carried out, and the counterfeit difficulty is greatly improved.
Further, the signing step specifically includes:
step S401: signing the number i through a sub-private key Vi corresponding to the designated number i;
the sub-private key Vi, the sub-public key Ri and the number i are corresponding, the number i is signed by the sub-private key Vi corresponding to the designated number i, and the signature needs to be untangling by using the sub-public key Ri corresponding to the number i.
The step of verifying the accuracy of the number i specifically comprises the following steps:
step S402: and controlling the bidder to verify the signature by specifying the sub-public key Ri corresponding to the number i so as to determine that the number i is signed by the corresponding sub-private key Vi.
The signature is decrypted by selecting the sub public key Ri corresponding to the number i, the signature can be successfully decrypted to verify the signature of the Vi, and the content of the signature is the number i, so that the number i received by a bidder is proved to be accurate, and the forging and falsification difficulty of a third party is extremely high.
Further, the step of signing the number i specifically includes: combining the number i with a random number to obtain an intermediate number, and signing the intermediate number by the child private key Vi;
the step of verifying the signature specifically comprises the following steps: and selecting the sub public key Ri to decrypt the intermediate number according to the plaintext of the number i, and verifying the decrypted intermediate number according to the plaintext of the intermediate number to determine that the intermediate number is sent by a bidding party, wherein the plaintext of the number i and the plaintext of the intermediate number are sent to a bidding party through the bidding party.
Specifically, the complexity of the number i is low, a random number is combined to obtain an intermediate number, and the intermediate number is signed and verified through the sub-private key Vi and the sub-public key Ri corresponding to the number i, so that the signature can be prevented from being forged by a stealer.
Further, the step of verifying the signature further includes verifying whether the decrypted intermediate number is correct based on a combination of the plaintext of the random number and the plaintext of the number i.
Specifically, in order to specify the sub-public key Ri to the bidding party, the plaintext of the number i is sent to the bidding party before verification, and then a random number is sent to the bidding party independently, so that the number of information which needs to be monitored and stolen when the signature is forged by the stealer is increased, the difficulty of the signature forging is enhanced, and the success rate of a bidding system is improved.
Further, the step of verifying the signature further includes: and obtaining a decrypted number i according to the decrypted intermediate number and the plaintext of the random number, and verifying the decrypted number i through the plaintext of the number i to determine that the number i is sent by a signer.
In another embodiment, the contents except the number i in the decrypted intermediate number are removed according to the intermediate number decrypted by the public key Ri and the plaintext of the random number, so as to verify whether the number i in the intermediate number is consistent with the number i corresponding to the public key Ri.
Further, the method for acquiring the intermediate number specifically comprises negotiating a combination position of the random number and the number i with the signer;
the number i is inserted into the negotiated binding location to obtain an intermediate number.
The scheme controls the structure of the intermediate number after the number i is combined with the random number to be more definite, and prevents confusion caused by the consistency of the number of the random number in the intermediate number and the numerical value of the number i.
Further, the step of obtaining the decrypted number i according to the decrypted intermediate number and the plaintext of the random number specifically includes: and separating the plaintext of the random number from the decrypted intermediate number according to the combination position to obtain a decrypted number i.
And particularly, separating the plaintext of the random number according to the verification result of the intermediate number and the combination position, and verifying the accuracy of the random number on the one hand and the number i after separation on the other hand so as to verify the validity of the signature.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored in a computer-readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. The storage medium may be a nonvolatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a random access Memory (Random Access Memory, RAM).
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the flowcharts of the figures may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily being sequential, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.
With further reference to fig. 4, as an implementation of the method shown in fig. 2, the present application provides an embodiment of a public key random bidding apparatus, which corresponds to the method embodiment shown in fig. 2, and the apparatus is particularly applicable to various electronic devices.
A public key assignment and authentication based bidding appliance, comprising:
a root key generation module 100, configured to generate a pair of root public key R and root private key V that correspond to each other using a hierarchical deterministic method;
the sub private key generation module 200 is configured to generate a plurality of sub private keys Vi on the signer through the root private key V and the key generation tool;
the sub public key generation module 300 is configured to control a bidder to generate a plurality of sub public keys Ri through a root public key R and a secret key generation tool, where the sub private keys Vi and the sub public keys Ri are in one-to-one correspondence;
the verification and assigned number module 400 is configured to assign a number i, sign the number i, and control a bidder to verify the accuracy of the number i according to the signature:
the encryption module 500 is used for controlling the bidding party to select one sub-public key Ri to encrypt the bidding document according to the appointed number i and transmitting the sub-public key Ri to the bidding party;
and the decryption module 600 is configured to decrypt the taggant through the child private key Vi to obtain the taggant.
Generating a root public key and a root private key, wherein the security keeping of the root private key V ensures the security of a password system;
the root public key R and the secret key generating tool are issued outwards, so that a bidder can generate a plurality of sub public keys according to the root public key R and the secret key generating tool; then, the bidder selects a designated sub-public key Ri from a plurality of sub-public keys Ri, wherein the sub-public key Ri is designated by a number i;
before the number i is transmitted, a designated party signature is made, and after the designated number i is received, the bidding party verifies the signature so as to ensure the authenticity of the number i and prevent the stealer from tampering.
The sub public key Ri of the scheme is not directly issued to a bidder, but generated and selected by the bidder, and when the sub public key Ri is specified, the number i of the specified sub public key Ri is subjected to signature verification, so that the authenticity of the number i is ensured, and the reliability of the bidding process is improved.
In order to solve the technical problems, the embodiment of the application also provides computer equipment. Referring specifically to fig. 4, fig. 4 is a basic structural block diagram of a computer device according to the present embodiment.
The computer device 6 comprises a memory 61, a processor 62, a network interface 63 communicatively connected to each other via a system bus. It is noted that only computer device 6 having components 61-63 is shown in the figures, but it should be understood that not all of the illustrated components are required to be implemented and that more or fewer components may be implemented instead. It will be appreciated by those skilled in the art that the computer device herein is a device capable of automatically performing numerical calculations and/or information processing in accordance with predetermined or stored instructions, the hardware of which includes, but is not limited to, microprocessors, application specific integrated circuits (Application Specific Integrated Circuit, ASICs), programmable gate arrays (fields-Programmable Gate Array, FPGAs), digital processors (Digital Signal Processor, DSPs), embedded devices, etc.
The computer equipment can be a desktop computer, a notebook computer, a palm computer, a cloud server and other computing equipment. The computer equipment can perform man-machine interaction with a user through a keyboard, a mouse, a remote controller, a touch pad or voice control equipment and the like.
The memory 61 includes at least one type of readable storage media including flash memory, hard disk, multimedia card, card memory (e.g., SD or DX memory, etc.), random Access Memory (RAM), static Random Access Memory (SRAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), programmable Read Only Memory (PROM), magnetic memory, magnetic disk, optical disk, etc. In some embodiments, the storage 61 may be an internal storage unit of the computer device 6, such as a hard disk or a memory of the computer device 6. In other embodiments, the memory 61 may also be an external storage device of the computer device 6, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash Card (Flash Card) or the like, which are provided on the computer device 6. Of course, the memory 61 may also comprise both an internal memory unit of the computer device 6 and an external memory device. In this embodiment, the memory 61 is generally used to store an operating system and various application software installed on the computer device 6, such as a program code of a public key random bidding method. Further, the memory 61 may be used to temporarily store various types of data that have been output or are to be output.
The processor 62 may be a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip in some embodiments. The processor 62 is typically used to control the overall operation of the computer device 6. In this embodiment, the processor 62 is configured to execute the program code stored in the memory 61 or process data, such as the program code of the public key random bidding method.
The network interface 63 may comprise a wireless network interface or a wired network interface, which network interface 63 is typically used for establishing a communication connection between the computer device 6 and other electronic devices.
The present application also provides another embodiment, namely, a computer-readable storage medium storing a public-key random signup program executable by at least one processor to cause the at least one processor to perform the steps of a public-key random signup method as described above.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present application.
It is apparent that the above-described embodiments are only some embodiments of the present application, but not all embodiments, and the preferred embodiments of the present application are shown in the drawings, which do not limit the scope of the patent claims. This application may be embodied in many different forms, but rather, embodiments are provided in order to provide a thorough and complete understanding of the present disclosure. Although the application has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments described in the foregoing description, or equivalents may be substituted for elements thereof. All equivalent structures made by the content of the specification and the drawings of the application are directly or indirectly applied to other related technical fields, and are also within the scope of the application.
Claims (9)
1. The bidding method based on public key assignment and identity verification is characterized by comprising the following steps:
step 1, generating a pair of root public key R and root private key V which correspond to each other by using a hierarchical deterministic method;
the method comprises the following steps: firstly, generating the root private key V and a chain code by a hierarchical deterministic method;
then, generating the root public key R in one-to-one correspondence with the root private key V through the root private key V and a secret key generation tool;
step 2, generating a plurality of sub private keys Vi at the signer through the root private key V and the key generation tool;
the method comprises the following steps: the root private key V is matched with the chain code, and the sub private key Vi is generated through the secret key generation tool;
step 3, the root public key R and the secret key generating tool are issued outwards,
controlling bidders to generate a plurality of sub-public keys Ri through the root public key R, the secret key generating tool and the number n of bidders,
the sub public key Ri, the sub private key Vi and the serial number i are mutually corresponding;
step 4, designating a number by the bidding party, and signing the designated number;
after receiving the designated number, the bidder is controlled to verify the accuracy of the designated number according to the signature,
that is, the bidder is controlled to verify the signature through the sub-public key corresponding to the designated number to determine that the designated number is signed through the corresponding sub-private key;
the step 4 specifically comprises the following steps:
step 401, a signer combines a designated number with a random number to obtain an intermediate number, and signs the intermediate number through a sub private key corresponding to the designated number;
step 402, sending the designated numbered plaintext and the plaintext of the middle number to the bidder through the tenderer;
step 403, the bidder selects the sub public key to decrypt the intermediate number according to the plaintext of the designated number to obtain a decrypted intermediate number, and verifies the decrypted intermediate number according to the plaintext of the intermediate number to determine that the decrypted intermediate number is sent by the bidder;
step 404, the bidder obtains the decrypted number according to the plaintext of the decrypted intermediate number and the random number, and verifies the decrypted number through the plaintext of the designated number to determine that the decrypted number is sent by the bidder;
step 5, based on the root public key R, the secret key generating tool and the number n of bidders, controlling bidders to select corresponding sub public keys to encrypt the bidding documents according to the appointed number, and transmitting the bidding documents to bidding tenderers;
and 6, decrypting the bidding document by the bidding party through the sub-private key to obtain the bidding document.
2. The method for signing on based on public key assignment and identity verification as set forth in claim 1,
the step of verifying the signature further comprises:
and the bidder verifies whether the decrypted intermediate number is correct according to the combination of the plaintext of the random number and the plaintext of the designated number.
3. The method for signing on based on public key assignment and identity verification as set forth in claim 1,
the random number is generated by a bidding agency of a third party and transmitted to the bidding party and bidding party, respectively.
4. The method for signing on based on public key assignment and identity verification as set forth in claim 1,
before the step of signature verification, a random number is sent to the bidder alone to increase the amount of information that needs to be intercepted when the signer counterfeits the signature.
5. The method for signing on based on public key assignment and identity verification as defined in claim 1, wherein the step of obtaining the intermediate number comprises,
negotiating a combination position of the random number and the designated number with a signer;
the designated number is inserted into the negotiated binding location to obtain an intermediate number.
6. The method for signing on based on public key assignment and identity verification as set forth in claim 5,
the step of obtaining the decrypted number specifically includes:
and separating the plaintext of the random number from the decrypted intermediate number according to the combination position to obtain a decrypted number.
7. A public key assignment and authentication based bidding device, comprising:
the root secret key generation module is used for generating a pair of root public key R and root private key V which correspond to each other by using a hierarchical deterministic method;
the method is particularly used for: firstly, generating the root private key V and a chain code by a hierarchical deterministic method;
then, generating the root public key R in one-to-one correspondence with the root private key V through the root private key V and a secret key generation tool;
the secondary private key generation module is used for controlling the signer to generate a plurality of secondary private keys Vi on the signer through the root private key V and the secret key generation tool;
the method is particularly used for: the root private key V is matched with the chain code, and the sub private key Vi is generated through the secret key generation tool;
the sub public key generation module is used for controlling the root public key R and the secret key generation tool to issue outwards and controlling a bidder to generate a plurality of sub public keys Ri through the root public key R, the secret key generation tool and the bidder number n respectively, wherein the sub private key Vi, the sub public key Ri and the serial number i are mutually corresponding;
a verification and appointed number module for controlling the bidder to verify the accuracy of the appointed number according to the signature after receiving the appointed number,
that is, the bidder is controlled to verify the signature through the sub-public key corresponding to the designated number to determine that the designated number is signed through the corresponding sub-private key;
the verification and assigned numbering module is specifically configured to:
the signer is controlled to combine the appointed number with a random number to obtain an intermediate number, and the intermediate number is signed by a sub private key corresponding to the appointed number;
transmitting the plaintext of the designated number and the plaintext of the intermediate number to the bidder through the signer;
the bidding party is controlled to select the sub public key to decrypt the intermediate number according to the plaintext of the designated number to obtain a decrypted intermediate number, and the decrypted intermediate number is verified according to the plaintext of the intermediate number so as to determine that the decrypted intermediate number is sent out by the bidding party;
the bidding party is controlled to acquire a decrypted number according to the decrypted intermediate number and the plaintext of the random number, and the decrypted number is verified through the plaintext of the designated number so as to determine that the decrypted number is sent by the bidding party;
the encryption module is used for controlling a bidding party to encrypt a bidding document according to a designated number based on the root public key R, the secret key generation tool and the number n of bidders, and selecting one sub public key Ri to transmit the bidding document to a bidding party;
and the decryption module is used for controlling the bidding party to decrypt the bidding document through the sub-private key Vi so as to obtain the bidding document.
8. A computer device comprising a memory and a processor, the memory having a computer program stored therein, characterized by: the processor, when executing the computer program, implements the steps of a public key assignment and identity verification based bidding method as claimed in any one of claims 1 to 6.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, implements the steps of a public key assignment and identity verification based bidding method as claimed in any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111334121.6A CN114022259B (en) | 2021-11-11 | 2021-11-11 | Bidding method and device based on public key assignment and identity verification |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111334121.6A CN114022259B (en) | 2021-11-11 | 2021-11-11 | Bidding method and device based on public key assignment and identity verification |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114022259A CN114022259A (en) | 2022-02-08 |
| CN114022259B true CN114022259B (en) | 2023-08-25 |
Family
ID=80063630
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111334121.6A Active CN114022259B (en) | 2021-11-11 | 2021-11-11 | Bidding method and device based on public key assignment and identity verification |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114022259B (en) |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106603236A (en) * | 2015-10-15 | 2017-04-26 | 收付宝科技有限公司 | Method and device for generating signature |
| WO2018076365A1 (en) * | 2016-10-31 | 2018-05-03 | 美的智慧家居科技有限公司 | Key negotiation method and device |
| CN109039639A (en) * | 2018-08-01 | 2018-12-18 | 国网江苏招标有限公司 | Bidding system based on layering certainty cryptological technique |
| WO2019001061A1 (en) * | 2017-06-26 | 2019-01-03 | 深圳市文鼎创数据科技有限公司 | Payment verification method and system, and mobile device and security authentication device |
| CN111262707A (en) * | 2020-01-16 | 2020-06-09 | 余志刚 | Digital signature method, verification method, device and storage medium |
| CN111614469A (en) * | 2020-05-27 | 2020-09-01 | 深圳壹账通智能科技有限公司 | Digital signature generation method, device, equipment and storage medium |
| CN111800262A (en) * | 2020-07-01 | 2020-10-20 | 北京金山云网络技术有限公司 | Digital asset processing method and device and electronic equipment |
| CN112184216A (en) * | 2020-08-20 | 2021-01-05 | 深圳华数云计算技术有限公司 | Digital currency transaction method, device, digital currency transaction system and storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11296872B2 (en) * | 2019-11-07 | 2022-04-05 | Micron Technology, Inc. | Delegation of cryptographic key to a memory sub-system |
-
2021
- 2021-11-11 CN CN202111334121.6A patent/CN114022259B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106603236A (en) * | 2015-10-15 | 2017-04-26 | 收付宝科技有限公司 | Method and device for generating signature |
| WO2018076365A1 (en) * | 2016-10-31 | 2018-05-03 | 美的智慧家居科技有限公司 | Key negotiation method and device |
| WO2019001061A1 (en) * | 2017-06-26 | 2019-01-03 | 深圳市文鼎创数据科技有限公司 | Payment verification method and system, and mobile device and security authentication device |
| CN109039639A (en) * | 2018-08-01 | 2018-12-18 | 国网江苏招标有限公司 | Bidding system based on layering certainty cryptological technique |
| CN111262707A (en) * | 2020-01-16 | 2020-06-09 | 余志刚 | Digital signature method, verification method, device and storage medium |
| CN111614469A (en) * | 2020-05-27 | 2020-09-01 | 深圳壹账通智能科技有限公司 | Digital signature generation method, device, equipment and storage medium |
| CN111800262A (en) * | 2020-07-01 | 2020-10-20 | 北京金山云网络技术有限公司 | Digital asset processing method and device and electronic equipment |
| CN112184216A (en) * | 2020-08-20 | 2021-01-05 | 深圳华数云计算技术有限公司 | Digital currency transaction method, device, digital currency transaction system and storage medium |
Non-Patent Citations (1)
| Title |
|---|
| 电子招投标系统的安全体系设计与应用;李福 等;科学技术与工程(第13期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114022259A (en) | 2022-02-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109951489B (en) | Digital identity authentication method, equipment, device, system and storage medium | |
| CN111080295B (en) | Electronic contract processing method and device based on blockchain | |
| CN113537984A (en) | Content verification method and device based on block chain and electronic equipment | |
| CN111835511A (en) | Data security transmission method and device, computer equipment and storage medium | |
| CN110290102A (en) | Service security system and method based on application | |
| TW201002012A (en) | Techniques for ensuring authentication and integrity of communications | |
| CN109361508A (en) | Data transmission method, electronic equipment and computer readable storage medium | |
| CN111177735A (en) | Identity authentication method, device, system and equipment and storage medium | |
| CN110471908A (en) | A kind of joint modeling method and device | |
| CN116226289A (en) | Electronic certificate management method, device, equipment and storage medium based on blockchain | |
| JP2013115522A (en) | Link access control method, program, and system | |
| CN117561508A (en) | Cross-session issuance of verifiable credentials | |
| CN113434882A (en) | Communication protection method and device of application program, computer equipment and storage medium | |
| CN116506134B (en) | Digital certificate management method, device, equipment, system and readable storage medium | |
| CN113783690B (en) | Authentication-based bidding method and device | |
| CN112862484A (en) | Secure payment method and device based on multi-terminal interaction | |
| US8904508B2 (en) | System and method for real time secure image based key generation using partial polygons assembled into a master composite image | |
| CN110414269B (en) | Processing method, related device, storage medium and system of application installation package | |
| CN109768969B (en) | Authority control method, Internet of things terminal and electronic equipment | |
| CN114022259B (en) | Bidding method and device based on public key assignment and identity verification | |
| CN111050326A (en) | Short message verification method, device, equipment and medium based on block chain | |
| CN112150151B (en) | Secure payment method, apparatus, electronic device and storage medium | |
| CN115378609A (en) | Electronic certificate display method, verification method, terminal and server | |
| CN115085934A (en) | Contract management method based on block chain and combined key and related equipment | |
| CN111343170B (en) | Electronic signing method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |