CN114065301A - Clock environment credibility verification method, device, equipment and storage medium - Google Patents
Clock environment credibility verification method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN114065301A CN114065301A CN202111381736.4A CN202111381736A CN114065301A CN 114065301 A CN114065301 A CN 114065301A CN 202111381736 A CN202111381736 A CN 202111381736A CN 114065301 A CN114065301 A CN 114065301A
- Authority
- CN
- China
- Prior art keywords
- time
- certification
- historical
- sequence
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
- G06F21/725—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits operating on a secure reference time value
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
Abstract
The application discloses a method, a device, equipment and a storage medium for verifying the credibility of a clock environment, which belong to the technical field of computers and are used for verifying whether the clock environment of each node terminal equipment is credible or not, and the method comprises the following steps: receiving clock environment certification information sent by node side equipment, wherein the clock environment certification information comprises a historical time certification sequence formed by time certifications generated by the node side equipment in a historical time period, and each time certification is obtained by taking a corresponding previous time certification as input; verifying each time certificate based on a previous time certificate of a first time certificate of the historical time certificate sequence and each time certificate in the historical time certificate sequence; determining whether the actual duration of the historical time period is consistent with the real duration or not based on the number of time proofs included in the historical time proof sequence; and if the verification result indicates that all the time certificates are verified to be passed and the actual time length is consistent with the real time length, determining that the clock environment of the node side equipment is credible.
Description
Technical Field
The application relates to the technical field of computers, and provides a method, a device, equipment and a storage medium for verifying the credibility of a clock environment.
Background
Time-sensitive products, such as web page tamper-resistant products, often require the configuration of a validation or invalidation time period in the node device that protects directory protection rules, and thus time accuracy is important for such products. If the system time of the node equipment is taken as the standard, other people can directly adjust the system time to ensure that the protection directory protection rule is always in the failure time period; however, if the time of the management-side device is taken as the standard, the problem of time reliability of the management-side device still needs to be considered, if the time of the management-side device has a problem, the node protection rules in all the node devices will have a problem at the same time, and in addition, since the effective time of the node protection capability needs to be verified, any fault of the management-side device, such as downtime or abnormal communication, may affect the file protection capability of the node-side device in real time. Besides, the core file protection service is troubled by the time problem, and event summary programs such as webpage tamper resistance are also affected. For example, the time of the management end device is not consistent with the time of the node end device, and the management end device summarizes the node event according to the time of the management end device, the event may be lost.
Similarly, such time-sensitive products generally have the above problems, and therefore, a solution for verifying the time reported by the node device is urgently needed.
Disclosure of Invention
The embodiment of the application provides a method, a device, equipment and a storage medium for verifying the credibility of a clock environment, which are used for verifying whether the clock environment of each node side equipment is credible.
In one aspect, a method for verifying the credibility of a clock environment is provided, and is applied to a management terminal device included in a distributed service system, and the method includes:
receiving clock environment certification information sent by node side equipment, wherein the clock environment certification information comprises a historical time certification sequence formed by time certifications generated by the node side equipment in a historical time period, and each time certification is obtained by taking a corresponding previous time certification as input;
verifying each time certificate based on a previous time certificate of a first time certificate of the historical time certificate sequence and each time certificate in the historical time certificate sequence to obtain a verification result; and the number of the first and second electrodes,
determining whether the actual duration of the historical time period recorded by the node side equipment conforms to the real duration or not based on the number of time proofs included in the historical time proof sequence;
and if the verification result indicates that all the time certificates are verified to be passed, and the actual time length is consistent with the real time length, determining that the clock environment of the node end equipment is credible.
Optionally, the method further includes:
if at least one of the following conditions is met, generating an initial time certificate for the node end equipment, and sending the initial time certificate and a timestamp of the current time to the node end equipment;
wherein the conditions include:
the verification result indicates that the time certificates are not verified;
the actual duration does not coincide with the real duration;
restarting the node end equipment;
and the node end equipment generates an exception.
In one aspect, a method for verifying the credibility of a clock environment is provided, and is applied to a node end device included in a distributed service system, and the method includes:
calling a set encryption method in a loop iteration mode to generate a historical time certification sequence corresponding to a historical time period; wherein, each iteration process comprises the following steps:
acquiring a latest generated historical time certificate in a historical time certificate sequence of the node;
taking the historical time certification as input, calling the encryption method to generate a current time certification corresponding to the current time, and linking the current time certification to the historical time certification sequence; when the reporting time arrives, clock environment certification information carrying a historical time certification sequence in a historical time period is sent to the management terminal equipment, so that the management terminal equipment verifies the clock environment of the node terminal equipment based on the clock environment certification information.
Optionally, the method further includes:
receiving an initial time certificate and a time stamp sent by management terminal equipment;
and taking the initial time certificate and the time stamp as input, calling the encryption method to generate a next time certificate of the initial time certificate, and linking the next time certificate to the initial time certificate to form a historical time certificate sequence.
Optionally, the invoking the encryption method to generate a current time certification corresponding to the current time with the historical time certification as an input includes:
if the current time triggers a business event, performing digital signature on the business event, and performing hash operation on a digital signature result to obtain a business event time certificate corresponding to the business event;
and calling the encryption method to generate a current time certificate corresponding to the current time by taking the historical time certificate and the service event time certificate as input.
In one aspect, a clock environment credibility verification apparatus is provided, and is applied to a management end device included in a distributed service system, where the apparatus includes:
a receiving unit, configured to receive clock environment certification information sent by a node device, where the clock environment certification information includes a historical time certification sequence composed of time certifications generated by the node device within a historical time period, and each time certification is obtained by using a corresponding previous time certification as an input;
the historical certification verifying unit is used for verifying each time certification based on the previous time certification of the first time certification of the historical time certification sequence and each time certification in the historical time certification sequence to obtain a verification result;
a historical evidence time estimation and verification unit, configured to determine, based on the number of time proofs included in the historical time proof sequence, whether the actual time length of the historical time period recorded by the node side device matches the actual time length;
and the output unit is used for determining that the clock environment of the node end equipment is credible if the verification result indicates that all the time certificates are verified to be passed and the actual time length is consistent with the real time length.
Optionally, the history certification verifying unit is specifically configured to:
carrying out fragmentation processing on the historical time certification sequence to obtain each time certification;
constructing a plurality of time credential combinations based on a previous time credential of the first time credential and the respective time credentials, each time credential combination including a first time credential and a second time credential generated with the first time credential as an input;
for the plurality of time certification combinations, performing the following operations, respectively:
aiming at one time certification combination, based on the first time certification included in the time certification combination, obtaining a third time certification by adopting the same encryption method as the node side equipment;
determining whether the third time certificate is consistent with a second time certificate included in the time certificate combination, and obtaining a determination result;
and obtaining the verification result based on the plurality of time certification combinations and the respective corresponding determination results.
Optionally, the historical evidence time estimation verification unit is specifically configured to:
determining the actual duration of the historical time period based on the number of time proofs included in the historical time proof sequence and the hash generation capacity corresponding to the node side equipment; the hash generation capability is used for representing the number of time certificates which can be generated by the node side equipment in unit time;
determining whether the difference value between the actual time length and the real time length is not greater than a set difference value threshold value; if the difference is not greater than the set difference threshold, the actual duration is consistent with the real duration, and if the difference is greater than the set difference threshold, the actual duration is not consistent with the real duration.
Optionally, the historical evidence time estimation verification unit is specifically configured to:
determining the number range of the generated time certificates in the historical time period based on the actual time length and the upper limit value and the lower limit value of the preset hash generation capacity;
determining whether the quantity is within the quantity range; and if the number is not within the number range, determining that the actual duration does not conform to the real duration.
Optionally, each time certificate includes an event time certificate, and the event time certificate is obtained by using the content of the service event and the latest time certificate when the service event occurs as input; the historical evidence time-estimation verification unit is further configured to:
determining an estimated time range of occurrence of the business event based on a number of time credentials included in the sequence of historical time credentials and a location of the time of event credentials in the sequence of historical time credentials;
and if the estimated time range is consistent with the timestamp of the service event, determining that the occurrence time of the service event is real.
Optionally, the apparatus further comprises a reset unit, configured to:
if at least one of the following conditions is met, generating an initial time certificate for the node end equipment, and sending the initial time certificate and a timestamp of the current time to the node end equipment;
wherein the conditions include:
the verification result indicates that the time certificates are not verified;
the actual duration does not coincide with the real duration;
restarting the node end equipment;
and the node end equipment generates an exception.
In one aspect, an apparatus for verifying credibility of a clock environment is provided, where the apparatus is applied to a node side device included in a distributed service system, and the apparatus includes:
the history certification generating unit is used for calling a set encryption method in a loop iteration mode to generate a history time certification sequence corresponding to a history time period; wherein, each iteration process comprises the following steps:
acquiring a latest generated historical time certificate in a historical time certificate sequence of the node;
taking the historical time certification as input, calling the encryption method to generate a current time certification corresponding to the current time, and linking the current time certification to the historical time certification sequence;
and the historical certification reporting unit is used for sending clock environment certification information carrying a historical time certification sequence in a historical time period to the management terminal equipment when the reporting timer arrives, so that the management terminal equipment verifies the clock environment of the node terminal equipment based on the clock environment certification information.
Optionally, the history certification generating unit is further configured to:
receiving an initial time certificate and a time stamp sent by management terminal equipment;
and taking the initial time certificate and the time stamp as input, calling the encryption method to generate a next time certificate of the initial time certificate, and linking the next time certificate to the initial time certificate to form a historical time certificate sequence.
Optionally, the history certification generating unit is specifically configured to:
if the current time triggers a business event, performing digital signature on the business event, and performing hash operation on a digital signature result to obtain a business event time certificate corresponding to the business event;
and calling the encryption method to generate a current time certificate corresponding to the current time by taking the historical time certificate and the service event time certificate as input.
In one aspect, a computer device is provided, comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of any of the above methods when executing the computer program.
In one aspect, a computer storage medium is provided having computer program instructions stored thereon that, when executed by a processor, implement the steps of any of the above-described methods.
In one aspect, a computer program product or computer program is provided that includes computer instructions stored in a computer-readable storage medium. The computer instructions are read by a processor of a computer device from a computer-readable storage medium, and the computer instructions are executed by the processor to cause the computer device to perform the steps of any of the methods described above.
In the embodiment of the application, the node side equipment generates time certificates by using an encryption method, the generated time certificates form a historical time certificate sequence, the generation time of each time certificate is generally fixed, and a certain time is consumed for calculating a plurality of time certificates, so that the historical time certificate sequence can represent the time lapse in the node side equipment. The calculation process of the historical time certification sequence needs to obtain a new time certification by taking the previous time certification as an input, namely the calculation process is serial, so that the specific number of the subsequent time certification cannot be predicted, and once a certain time certification is modified, the historical time certification sequence cannot pass verification, so that the historical time certification sequence is used for time verification, and the credibility of the clock environment credibility verification is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments or related technologies, the drawings needed to be used in the description of the embodiments or related technologies are briefly introduced below, it is obvious that the drawings in the following description are only the embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a schematic view of an application scenario provided in an embodiment of the present application;
fig. 2 is a schematic structural diagram of a distributed service system according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a relationship between tick and tick provided in the embodiment of the present application;
fig. 4 is a schematic flowchart of a method for verifying the trustworthiness of a clock environment according to an embodiment of the present disclosure;
fig. 5 is a schematic flowchart of another method for verifying the trustworthiness of a clock environment according to an embodiment of the present disclosure;
fig. 6 is a schematic flowchart of a method for verifying the trustworthiness of a clock environment according to an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of a clock environment credibility verifying apparatus according to an embodiment of the present disclosure;
fig. 8 is a schematic structural diagram of a clock environment credibility verifying apparatus according to an embodiment of the present disclosure;
fig. 9 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions in the embodiments of the present application will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application. In the present application, the embodiments and features of the embodiments may be arbitrarily combined with each other without conflict. Also, while a logical order is shown in the flow diagrams, in some cases, the steps shown or described may be performed in an order different than here.
For the convenience of understanding the technical solutions provided by the embodiments of the present application, some key terms used in the embodiments of the present application are explained first:
historical time proof sequence: the sequence of historical time certificates belongs to the class of historical certificates (POH), which is a computational sequence that provides a cryptographic method to verify the time lapse between two events. It uses a secure cryptographic function so that the output cannot be predicted from the input and must be fully executed to generate the output. The secure encryption function may be, for example, a SHA256 function or a RACE original integrity check information digest (ripemm) function, and when performing the calculation, the previous hash operation result is used as an input of the next hash operation, and each hash operation result is used as a time certificate, because the operation result cannot be predicted, the operation is performed using only a single core, it is impossible to create an entry that will generate a required hash in the future, and it is also impossible to create a backup history record having the same hash, so that the elapse of time is encoded in a verifiable data structure. When the verification is carried out, the verification can be carried out in a segmented and parallel mode, and therefore the verification time is very short.
In this embodiment of the application, the adopted secure encryption function may be a hash operation function, so that the generated time certificate may be understood as a hash array, which is called an entry array, and a historical time certificate sequence (PoH stream) formed by the hash arrays is a hash chain into which a timestamp is inserted.
Verifiable Delay Function (VDF): these characteristics are provided by the VDF, and first, the verification of the result of the VDF should be very efficient, with the time proof generated by the VDF being quickly verifiable (verify). Secondly, the result of a VDF is unique (Uniqueness), and for any input of a VDF, there should be a unique output that can be verified, i.e. there are no two different outputs, which have the same input. Third, VDF is a serial arithmetic algorithm, the execution time is predictable, and cannot be accelerated by parallelism. The functions satisfying these characteristics can be used as cryptographic functions in the embodiments of the present application to generate corresponding time certificates, for example, SHA256 functions can be used.
In a distributed Network architecture, for Time-sensitive products, it is very important to ensure the reliability of Time, and traditional Time synchronization may use a Network Time Protocol (NTP) -based Time server mode, but others may completely adopt a mode of modifying system Time, which interferes with system service security, and when a node-end device is not communicated with an NTP server Network and attacks the NTP server, the reliability problem of the node-end device still exists.
In view of this, the embodiments of the present application provide a method for verifying the trustworthiness of a clock environment, in which a node device generates a time certificate by using an encryption method, these generated time certificates constitute a historical time certificate sequence, and since the generation time of each time certificate is generally fixed, the calculation of multiple time certificates consumes a certain amount of time, therefore, the historical time certification sequence can represent the time lapse in the node side equipment, in addition, the node side equipment reports the historical time certification sequence of the node side equipment to the management side equipment, correspondingly, the management side equipment verifies each time certification in the historical time certification sequence, and checking the actual time length of the historical time certification sequence representation, when the actual time length passes the checking, the clock environment of the node side equipment is credible, and the corresponding service can be safely carried out. The calculation process of the historical time certification sequence needs to obtain a new time certification by taking the previous time certification as an input, namely the calculation process is serial, so that the specific number of the subsequent time certification cannot be predicted, and once a certain time certification is modified, the historical time certification sequence cannot pass verification, so that the historical time certification sequence is used for time verification, and the credibility of the clock environment credibility verification is improved.
In addition, because the node end equipment can maintain the historical time certification sequence of the node end equipment by itself, even if the network connection between the node end equipment and the management end equipment is disconnected, the node end equipment can still continue to maintain the historical time certification sequence, and only when the connection between the node end equipment and the management end equipment is repaired, the management end equipment carries out verification, so that the time credibility problem caused by different networks is solved.
In the embodiment of the application, when the time certification is generated, if the service event is triggered currently, the service time is also taken as an input and recorded in the time certification, so that the service event is equivalent to being engraved with a history record and occurs in a slot, and the reliability of the time certification is further increased.
After introducing the design concept of the embodiment of the present application, some simple descriptions are provided below for application scenarios to which the technical solution of the embodiment of the present application can be applied, and it should be noted that the application scenarios described below are only used for describing the embodiment of the present application and are not limited. In a specific implementation process, the technical scheme provided by the embodiment of the application can be flexibly applied according to actual needs.
The scheme provided by the embodiment of the application can be suitable for most distributed service scenes, and is particularly suitable for time-sensitive product scenes such as a webpage anti-tampering product scene. As shown in fig. 1, an application scenario schematic diagram provided in the embodiment of the present application may include a plurality of node-side devices 101 and a management-side device 102.
The node-side device 101 may be, for example, a mobile phone, a tablet computer (PAD), a laptop, a desktop, a smart television, a vehicle-mounted terminal smart wearable device, a server, and the like. The node-side device 101 may be installed with a service application, such as a web tamper-resistant application or a device security management application, and the service application can implement a corresponding service when the node-side device operates. The application related to the embodiment of the application may be a software client, a client such as a web page and an applet, or a service plug-in integrated in other applications, and the specific type of the application is not limited.
The management end device 102 may be a background server corresponding to a service application installed on the node end device 101, for example, an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as a cloud service, a cloud database, cloud computing, a cloud function, cloud storage, a Network service, cloud communication, a middleware service, a domain name service, a security service, a Content Delivery Network (CDN), and a big data and artificial intelligence platform, but is not limited thereto.
The management side device 102 and the node side device 101 may each include one or more processors, memories, and I/O interfaces for interacting with terminals. In addition, both the management-side device 102 and the node-side device 101 may further configure a database, and the database may be used to store data and the like involved in the embodiments of the present application. For example, the memory of the management-side device 102 may store program instructions of the clock environment credibility verification method executed by the management-side device provided in the embodiment of the present application, and when the program instructions are executed by the processor, the program instructions can be used to implement the steps of the clock environment credibility verification method provided in the embodiment of the present application, so as to verify the clock environment of each node-side device. Similarly, the memory of the node device 101 may store program instructions of the clock environment credibility verification method executed by the node device according to the embodiment of the present application, and when the program instructions are executed by the processor, the program instructions can be used to implement the steps of the clock environment credibility verification method according to the embodiment of the present application, so as to generate a time certificate of the node device, so as to enable the management device to perform clock environment credibility verification.
Taking a webpage tamper-proof scene as an example, time synchronization can be performed between the management side device 102 and the node side device 101 by using the method of the embodiment of the present application, the management side device 102 can set an effective time period of the protection directory of the node side device 101 according to the time that the verification passes, and once the historical time proves that the sequence is tampered, the verification cannot pass, so that the clock environment of the node side device is credible, and thus, in combination with the effective time period configured by the management side device, webpage tamper-proof protection can be performed in the credible effective time period.
The node side device 101 and the management side device 102 may be directly or indirectly communicatively connected via one or more networks 103. The network 103 may be a wired network or a Wireless network, for example, the Wireless network may be a mobile cellular network, or may be a Wireless-Fidelity (WIFI) network, or may also be other possible networks, which is not limited in this embodiment of the present invention.
It should be noted that, in the embodiment of the present application, the number of the node side device 101 may be one, or may be multiple, and similarly, the number of the management side device 102 may also be one, or may be multiple, that is, the number of the node side device 101 or the management side device 102 is not limited.
Of course, the method provided in the embodiment of the present application is not limited to be used in the application scenario shown in fig. 1, and may also be used in other possible application scenarios, and the embodiment of the present application is not limited. The functions that can be implemented by each device in the application scenario shown in fig. 1 will be described in the following method embodiments, and will not be described in detail herein.
Referring to fig. 2, a schematic diagram of a network architecture of a distributed service system according to an embodiment of the present application is shown. The network architecture comprises a management end and a node end.
Specifically, the management side provides a POH management (POH _ management) service for managing and recording POH information of each node side, and the POH information includes the above-described historical time certification sequence. As shown in fig. 2, the management side may specifically include three modules, namely, a historical certification timing check (check _ poh _ speed) module, a historical certification verification (poh _ validator) module, and a historical certification storage (poh _ recorder) module.
(1) Historical evidence time estimation verification module
This module is used to check the current slot. During the time estimation and verification, specifically, based on a Central Processing Unit (CPU) core, the number of hashes (i.e., time certificates) that can be generated per second is calculated, and then the number of generated hashes is divided by the number of hashes that can be generated per second, so that the number of generated hashes corresponding to the number of seconds that needs to be consumed can be calculated. Therefore, after the node side submits the POH information, the specific approximate time range of the service event of the node side can be estimated, and whether the service event reported by the node is in the reasonable time range or not is judged, so that the authenticity of the occurrence time of the service event is ensured.
(2) Historical certification verification module
The module is used for verifying POH information submitted by a node side, wherein the POH information comprises a historical time certification sequence. The historical evidence verification module can verify the correctness of each time evidence in the historical time evidence sequence through a verification method verify.
The verify method may include two input parameters, for example, the first input parameter is a start hash, the second input parameter is an entry array, and the entry array is a concrete expression of the historical time certification sequence. In practical application, the starting hash may refer to a previous time certificate of a first event certificate of a current historical time certificate sequence, or may refer to a created hash, that is, a first time certificate issued by a management end. Since the management end also records the start hash of each node end, the node end may not carry the start hash when sending the POH information.
(3) Historical evidence storage module
This module is used to store the slot that each node currently verifies for synchronizing the historical proof, i.e. if the current ticks is within a certain range, and records it in the corresponding Database (DB) after verification.
The node provides a POH service (POH _ service), and is specifically configured to implement generation and reporting of POH information, and may include a history credential generation (POH _ generator) module, a history credential reporting (POH _ send) module, and a history credential storage module.
(1) Historical evidence generation module
This module is used to perform hash chain calculations, i.e. to generate time proofs.
Referring to fig. 2, the node device further includes a service agent (agent) for implementing a service, and when the service agent triggers a service event message, the history certificate generation module further performs hash calculation based on the service event message and a last time certificate to generate a corresponding time certificate. And when the service event message is not triggered, the historical certification generation module performs hash calculation based on the last time certification to generate the time certification of the current time.
(2) Historical certification reporting module
This module is used to send ticks or entries to the poh _ manage module of the server if the current tick range is within the specified range. The POH management service module records the slot and tick value of each node and the hash of the current tick.
(3) Historical evidence storage module
The module is used for storing the POH related information generated by the node terminal.
For convenience of understanding, before describing the method of the present application, a description is given of a time environment referred to in the embodiment of the present application, for more accurate time certification, a custom network clock is used, where the clock is used to express information of a network clock of a node-side device, the clock represents a network time, and members of the clock start from 0, and the clock is composed of a tick (tick) and a slot (slot) to express a time. The definition of clock is as follows:
wherein, tick is the time minimum measurement unit of the PoH stream, and the tick divides 1 second, for example, it is defined as 160 ticks (ticks/s) per second, that is, each tick occupies 6.25 milliseconds, and of course, the value of each tick can also be defined according to the actual requirement. A slot is a time unit, and a slot includes multiple ticks, and the number of ticks included in the slot may be defined by itself, for example, 64 ticks are defined in each slot, and then each slot takes 6.25 × 64 — 400 milliseconds.
See fig. 3, which is a diagram showing the relationship between tick and tick. Specifically, fig. 3 shows that 160 ticks per second are taken as an example, each slot includes 64 ticks, as shown in fig. 3, slot _ index 0 includes 64 ticks of tick 0 to tick 63, slot _ index 1 includes 64 ticks of tick 64 to tick 127, and so on.
Next, a method flow provided by each embodiment of the present application will be described, and the method flow includes a portion executed by the node side device 101 and the management side device 102, respectively.
Referring to fig. 4, a flowchart of a method for verifying the trustworthiness of a clock environment according to an embodiment of the present disclosure is shown, where the method may be executed by a management-side device.
Step 401: and receiving a historical time certification sequence sent by the node end equipment, wherein the historical time certification sequence comprises time certifications generated by the node end equipment in a historical time period, and each time certification is obtained by taking a corresponding previous time certification as an input.
Step 402: and verifying each time certificate based on the previous time certificate of the first time certificate of the historical time certificate sequence and each time certificate in the historical time certificate sequence to obtain a verification result.
Step 403: and determining whether the actual time length of the historical time period recorded by the node side equipment is consistent with the real time length or not based on the number of the time proofs included in the historical time proof sequence.
It should be noted that, step 402 and step 403 are not in a substantial sequence, and in practical application, step 402 may be executed first, step 403 may be executed first, or step 402 and step 403 may also be executed simultaneously, which is not limited in this embodiment of the application.
Step 404: and if the verification result indicates that all the time certificates are verified to be passed and the actual time length is consistent with the real time length, determining that the clock environment of the node side equipment is credible.
In the embodiment of the application, the management terminal device verifies each time certificate in the historical time certificate sequence and verifies the actual time represented by the historical time certificate sequence, and when the verification is passed, the clock environment of the node terminal device is proved to be credible, and corresponding services can be safely carried out. The calculation process of the historical time certification sequence needs to obtain a new time certification by taking the previous time certification as an input, namely the calculation process is serial, so that the specific number of the subsequent time certification cannot be predicted, and once a certain time certification is modified, the historical time certification sequence cannot pass verification, so that the historical time certification sequence is used for time verification, and the credibility of the clock environment credibility verification is improved.
Referring to fig. 5, another flow chart of a method for verifying the trustworthiness of a clock environment according to an embodiment of the present disclosure is shown, where the method may be executed by a node-side device.
Step 501: calling a set encryption method in a loop iteration mode to generate a historical time certification sequence corresponding to a historical time period; in each iteration process, after the latest generated historical time certification in the historical time certification sequence of the node is obtained, the historical time certification is used as input, an encryption method is called to generate a current time certification corresponding to the current time, and the current time certification is linked to the historical time certification sequence.
Step 502: and when the reporting time arrives, sending a historical time certification sequence to the management terminal equipment so that the management terminal equipment verifies the clock environment of the node terminal equipment based on the historical time certification sequence.
In the embodiment of the application, the node side equipment generates time certificates by using an encryption method, the generated time certificates form a historical time certificate sequence, since the generation time of each time certificate is generally fixed, the calculation of multiple time certificates consumes a certain amount of time, so that the historical time certificate sequence characterizes the time lapse in the node-side device, and, since the calculation of the historical time series of proofs must take the previous time proof as input to get the new time proof, that is to say the calculation is serial, so that it cannot be predicted what the subsequent time certification will be, and once a certain time certification is modified, the historical time certification sequence cannot be verified, therefore, time verification is carried out by using the historical time certification sequence, and the credibility of the credibility verification of the clock environment is improved.
Since the method flows executed by the management side device and the node side device involve interaction between the management side device and the node side device, the following description is also provided in conjunction with the method flows on both sides. Referring to fig. 6, a schematic flowchart of a method for verifying the trustworthiness of a clock environment according to an embodiment of the present disclosure is shown.
Step 601: the node-side equipment installs and runs a service application integrated with a POH service Software Development Kit (SDK) to generate a node identifier (UUID) and a public and private key of the node.
In the embodiment of the present application, the POH service SDK may be integrated in the service application, so that when the service application is performed, time synchronization with the management device may be implemented by using the POH service SDK, so as to ensure that the service process is performed in a trusted clock environment.
Step 602: and the node end equipment reports the UUID and the public and private keys to the management end equipment.
The node end equipment registers at the management end equipment and reports the UUID and the public and private keys of the node.
Step 603: and the management end equipment generates an initial time certificate of the node end equipment.
Specifically, when the hash operation method is used as the encryption method, the historical time certification sequence correspondingly generated by the node side device is the hash chain, so that the initial time certification is the generative hash (genesis hash) of the node side device.
Step 604: and the management end equipment sends the initial time certification and the current time stamp to the node end equipment.
In the embodiment of the application, when the node side device is initially accessed or a clock environment is abnormal, the management side device needs to reset the time certification of the node side device, that is, the initial time certification and the time stamp are issued to the management side device, so that the node side device can restart generation of the historical time certification sequence.
Specifically, the node side device may reset the time certification of the node side device when any one of the following conditions is satisfied.
(1) If the time certification in the historical time certification sequence is not passed through by the management end device, it indicates that the clock environment of the node end device may be modified and is not trusted, and the node end device needs to be reset.
(2) When the management terminal device judges that the actual time length of the node terminal device does not accord with the real time length, the clock of the node terminal device is abnormal, the clock environment is not credible, and the node terminal device needs to be reset.
(3) When the node side device is restarted, the node side device needs to be reset.
(4) When the node side device is abnormal, for example, the node side device is abnormally hung off, and the clock environment is also untrusted, the node side device needs to be reset.
Of course, other possible conditions may be included, and the embodiment of the present application is not limited thereto.
Step 605: the node side device generates a historical time certification sequence based on the initial time certification and the current time stamp.
After the node side equipment receives the initial time certification and the time stamp sent by the management side equipment, the initial time certification and the time stamp are used as input, an encryption method is called to generate a next time certification of the initial time certification, and the next time certification is linked to the initial time certification to form a historical time certification sequence. This process may be implemented, for example, by the historical credential generation module shown in FIG. 2.
In the embodiment of the present application, for example, SHA256 is used, and SHA256 is used as a VDF function of a node device, which has irreversibility and can only perform one-way calculation. The selected SHA256 function is collision resistant, such that the historical time proof sequence can only be generated by a single computer thread in sequential computations. In the historical time certification sequence, the last output is used as the current input of the SHA256, the data to be written is added to the input, and the process is repeated in such a way that the output and the times of each SHA256 are periodically recorded, and the node-side equipment obtains the required time interval by repeating the calculation process to represent the historical time consumed by the node-side equipment, so that the recording of the time is not influenced by the local time generated by transmission and change.
Referring to table 1 below, in the first hash calculation, the created hash and the timestamp sent by the management device are used as inputs of the sha256 to obtain the hash1, the hash1 and the index ID thereof may form an entry array [1, hash1], when the 200 th hash calculation is performed, the last output, namely, the hash299 is used as an input of the sha256 to obtain the hash200, the hash200 and the index ID thereof may form an entry array [200, hash200], and other calculations are similar to this and will not be described again.
TABLE 1
Referring to table 1, if the algorithm value is not actually run 300 times from the beginning, it is unpredictable what the hash value of index 300 is, so we can deduce from the data structure that the true time between index 0 and index 300 has elapsed.
In the embodiment of the present application, the POH may have the following structure:
the hash represents the current time certification, that is, the current hash, numHashes is a hash number, and represents the number of generated time certifications, tickNumber represents the current tick number, and slotstime represents the start time of the current slot, which may be represented by the physical time of the node device.
In the embodiment of the present application, the POH structure provides 2 hash operation methods, namely tick () and record (), which respectively correspond to hash operations when no service event is triggered and when a service event is triggered.
(1) When no service event is triggered and the time certificate generation time is reached currently, tick () can be called to carry out hash operation to generate the time certificate of the current time.
Specifically, once tick () is called, the numHashes variable in the POH object is added with 1, the hash variable of the POH object is updated to the new hash generated by hash calculation, and tick number is added with 1.
(2) When a service event is triggered and the time certificate generation time is reached, record () can be called to carry out hash operation to generate the time certificate of the current time, and event message signature hash and the last hash can be mixed to carry out hash operation when the record () is called.
Specifically, if the current time triggers a service event, the service event is digitally signed, the digital signature result is subjected to hash operation, a service event hash value corresponding to the service event is obtained, the historical time certificate and the service event hash value are used as input, and an encryption method is called to generate a current time certificate corresponding to the current time.
In the embodiment of the present application, the Entry structure provides a method for generating a next hash value (nextchah), which is used to calculate a next hash according to the current hash, and separately adjusts poh instance's tick () method or record () method according to whether there is an event message in the current Entry.
The Entry structure comprises three parameters, namely startHash string, numHashes int64 and messages [ ] string, the startHash is a starting Hash, the numHash is a Hash number, the messages are event messages, such as file tampering messages, and a history certification verification module at a management end performs fragmentation and parallel verification on the Entry array. For example, an Entry array may be denoted as { numHashes, hash, message }.
Specifically, when triggering the service event message, the node device may process and assemble the service event message according to the json format, perform node signature by using a private key, perform hash256 operation on a signature result, and perform hash256 operation on the obtained event signature hash and the previous hash to serve as an input hash of the next hash calculation.
Step 606: the node side equipment sends clock environment certification information to the management side equipment, and the management side equipment receives the clock environment certification information.
In the embodiment of the application, when the reporting timer arrives, the node side device sends the clock environment certification information to the management side device, so that the management side device verifies the clock environment of the node side device based on the clock environment certification information.
The node side may report the clock environment certification information periodically, or may report the clock environment certification information when a reporting condition is satisfied, for example, an event message is triggered.
Specifically, the clock environment certification information may include at least one of the following information:
(1) historical time proof sequence
The historical time certification sequence reported by the node side device to the management side device may be reported in the form of a plurality of entry arrays, for example [ {1, hash1, null } {2, hash2, message } ], where null indicates that the time at which the hash1 is located does not trigger a service event message.
In practical application, the node-side device continuously forms the time certification, so that the number of the time certification is large, and when reporting is performed, the updated time certification can be reported, namely, the time certification which is generated after the last report and is not reported yet can be reported.
(2) Start hash
The starting hash may refer to a created hash issued by the management end device for the node end device so as to assist in verifying the identity and the clock environment of the node end device, and may also be a starting hash of a current slot or a previous hash of a historical time certification sequence sent this time.
(3) Current tick
(4) Current slot
Of course, other information may also be included, which is not limited in this application.
Step 607: and the management terminal equipment verifies each time certificate to obtain a verification result.
In the embodiment of the application, the management terminal device verifies each time certificate based on the previous time certificate of the first time certificate of the historical time certificate sequence and each time certificate in the historical time certificate sequence to obtain a verification result.
Specifically, in order to increase the verification speed, the management-side device may perform verification in a concurrent verification manner, and may also perform verification using the GPU if the conditions allow, so as to further increase the verification speed. During verification, the management-side device may perform fragmentation processing on the received historical time certification sequence to obtain each time certification, that is, the entry array, so that a plurality of time certification combinations may be constructed based on a previous time certification of the first time certification and each time certification, where each time certification combination includes the first time certification and a second time certification generated by taking the first time certification as an input.
For a plurality of time certification combinations, the following operations are respectively performed:
and aiming at one time certification combination A, taking the first time certification included in the time certification combination A as input, obtaining a third time certification by adopting the same encryption method as the node side equipment, further determining whether the third time certification is consistent with the second time certification included in the time certification combination, and obtaining a determination result.
And then, the management terminal equipment combines the respective corresponding determination results based on the plurality of time proofs to obtain a verification result, and when all the determination results indicate consistency, the verification is passed, otherwise, the verification is not passed.
In the embodiment of the application, the verification process can be realized through a history certification verification module included in the management terminal device, and the time certification can be divided into two types, one type is a time certification when the service event is not triggered, and the other type is a time certification when the service event is triggered.
Step 608: and the management end equipment determines whether the actual time length of the historical time period recorded by the node end equipment is consistent with the real time length.
In the embodiment of the present application, in addition to checking the correctness of the time certification, it is also necessary to check whether the actual duration of the node device is consistent with the actual duration. The real time length can be obtained according to the time difference between the last report and the present report, or can be calculated according to the tick or slot reported by the node device, so as to verify whether the tick or slot where the node device is currently located is correct.
Specifically, the management-side device may determine whether the actual duration of the historical time period recorded by the node-side device coincides with the actual duration based on the number of time certificates included in the historical time certificate sequence.
In one embodiment, the management-side device may estimate an actual duration of time that the node-side device has elapsed based on the number of time certificates, and further determine whether the actual duration matches the actual duration.
Specifically, the management end device may determine the actual time length of the historical time period based on the number of time certificates included in the historical time certificate sequence and the hash generation capability corresponding to the node end device, and further determine whether a difference between the actual time length and the actual time length is not greater than a set difference threshold, if the difference is not greater than the set difference threshold, the actual time length is consistent with the actual time length, and if the difference is greater than the set difference threshold, the actual time length is not consistent with the actual time length.
The hash generation capability is used to characterize the number of time certificates that can be generated by the node side device in a unit time, and generally speaking, the hash generation capability has a fixed value or range.
In an embodiment, the processing device may generate a number range of time certificates that can be generated in a historical time period based on a preset hash generation capability range, and further determine whether the reported number is within the number range. The hash generation capability range may be a limit value range or an average value range obtained by counting a large number of models.
Specifically, the management end device may determine, based on the actual duration and the upper limit and the lower limit of the preset hash generation capability, a quantity range within which the time certification that can be generated in the historical time period is obtained, and determine whether the quantity is within the quantity range, if the quantity is within the quantity range, determine that the actual duration is consistent with the actual duration, and if the quantity is not within the quantity range, determine that the actual duration is not consistent with the actual duration.
The above process can be realized by a historical evidence time estimation verification module included in the management terminal equipment.
In the embodiment of the application, when each time certificate included in the historical time certificate sequence includes an event time certificate, the event time certificate is obtained by taking the content of a service event and the latest time certificate when the service event occurs as input, and then whether the time when the service event occurs is credible can be verified.
Specifically, the management-side device may determine an estimated time range of occurrence of the business event based on the number of time certificates included in the historical time certificate sequence and the positions of the event time certificates in the historical time certificate sequence, and determine whether the time of occurrence of the business event is reliable if it is determined that the estimated time range is within the range of the real time length, such as if the estimated time range coincides with the real time stamp.
Step 609: and if the verification result indicates that all the time certificates are verified to be passed and the actual time length is consistent with the real time length, the management end equipment determines that the clock environment of the node end equipment is credible.
Step 610: and the management end equipment records the current clock information of the node end equipment.
If the management end device determines that the clock environment of the node end device is credible, the history certification storage module stores the current clock information of the node end device.
And if the management terminal equipment determines that the clock environment of the node terminal equipment is not credible, the management terminal equipment regenerates the initial time certificate and sends the initial time certificate and the timestamp of the current time to the node terminal equipment.
In summary, in the embodiment of the present application, the node-side device encodes the time by using the VDF function to generate the time certification, so as to maintain its own clock, because each node-side device maintains its own clock, and the management-side device runs the VDF to certify that it has passed through a specific time slot (slot). That is, each node verifies the lapse of time based on the amount of time certification generated per unit time to determine how much time has elapsed between events. Each hash represents a unit of time, i.e., the time it takes to compute the SHA-256 hash value), and each hash has an id associated with it, representing the order of the hash, and any device can use historical proofs to quickly verify whether the timestamp of the message is correct.
When the node end is installed and started for the first time, the management end distributes a uuid and a created hash to the node, the node performs hash chain operation based on the created hash to generate a historical certificate, and the management end verifies the historical certificate of the node at specific time intervals. The hash chain (i.e. POH) calculation of the node side is that when a file tampering event and other service events occur at the node side, the event message is signed, then the hash calculation is carried out, and the hash calculation result is mixed into POH calculation, so that the event is equivalent to being carved with a history and occurs in a slot.
In addition, the node side equipment performs hash chain calculation on a single core, and the management side equipment performs verification, so that even in the network disconnection environment of the management side equipment and the node side equipment, the node side equipment can still execute hash chain calculation, and when the network is recovered, the management side equipment performs verification, thereby solving the time credibility problem of time-sensitive products such as webpage tamper-proof and the like, such as the credibility problem of effective time of protection directory protection, and the credibility problem of node time in the scene that the node is not communicated with a time server network or the node time is modified or attacked, and providing a new time management and metering mode, so that a user can complete a service protection function in the credible clock environment.
Referring to fig. 7, based on the same inventive concept, an embodiment of the present application further provides a clock environment credibility verifying apparatus 70, which is applied to a management-side device included in a distributed service system, and includes:
a receiving unit 701, configured to receive clock environment certification information sent by a node device, where the clock environment certification information includes a historical time certification sequence formed by time certifications generated by the node device in a historical time period, and each time certification is obtained by using a corresponding previous time certification as an input;
a historical certification verifying unit 702, configured to verify each time certification based on a previous time certification of a first time certification of the historical time certification sequence and each time certification in the historical time certification sequence, so as to obtain a verification result;
a historical evidence time estimation verification unit 703, configured to determine whether the actual duration of the historical time period recorded by the node device matches the actual duration based on the number of time attests included in the historical time attestation sequence;
and the output unit 704 is configured to determine that the clock environment of the node-side device is trusted if the check result indicates that all the time certificates are checked to be passed and the actual time length is consistent with the real time length.
Optionally, the historical certification verifying unit 702 is specifically configured to:
carrying out fragmentation processing on the historical time certification sequence to obtain each time certification;
constructing a plurality of time certification combinations based on a previous time certification of the first time certification and the respective time certifications, each time certification combination comprising a first time certification and a second time certification generated with the first time certification as an input;
for a plurality of time certification combinations, the following operations are respectively performed:
aiming at one time certification combination, based on the first time certification included in the time certification combination, a third time certification is obtained by adopting the same encryption method as the node side equipment;
determining whether the third time certificate is consistent with a second time certificate included in one time certificate combination, and obtaining a determination result;
and obtaining a verification result based on the combination of the determination results corresponding to the time proofs.
Optionally, the historical evidence time estimation verification unit 703 is specifically configured to:
determining the actual duration of the historical time period based on the number of time proofs included in the historical time proof sequence and the hash generation capacity corresponding to the node side equipment; the Hash generation capacity is used for representing the number of time proofs which can be generated by the node side equipment in unit time;
determining whether the difference between the actual time length and the real time length is not greater than a set difference threshold value; if the difference is not greater than the set difference threshold, the actual time length is consistent with the real time length, and if the difference is greater than the set difference threshold, the actual time length is not consistent with the real time length.
Optionally, the historical evidence time estimation verification unit 703 is specifically configured to:
determining the quantity range of the generated time certificates in the historical time period based on the actual time length and the preset upper limit value and lower limit value of the hash generation capacity;
determining whether the quantity is within a quantity range; if the number is within the number range, the actual duration is determined to be consistent with the real duration, and if the number is not within the number range, the actual duration is determined not to be consistent with the real duration.
Optionally, each time certificate includes an event time certificate, and the event time certificate is obtained by using the content of the service event and the latest time certificate when the service event occurs as input; the historical evidence time-estimation verification unit is further configured to:
determining an estimated time range of occurrence of the business event based on the number of time proofs included in the historical time proof sequence and the location of the event time proof in the historical time proof sequence;
and if the estimated time range is consistent with the time stamp of the business event, determining that the occurrence time of the business event is real.
Optionally, the apparatus further comprises a reset unit 705 for:
if at least one of the following conditions is met, generating an initial time certificate for the node terminal equipment, and sending the initial time certificate and the timestamp of the current time to the node terminal equipment;
wherein the conditions include:
the verification result indicates that each time proves that the verification is passed;
the actual duration does not accord with the real duration;
restarting the node side equipment;
and the node side equipment generates an exception.
The apparatus may be configured to execute the method executed by the management end device in each embodiment of the present application, and therefore, for functions and the like that can be realized by each functional module of the apparatus, reference may be made to the description of the foregoing embodiment, which is not repeated here.
Referring to fig. 8, based on the same inventive concept, an embodiment of the present application further provides a clock environment credibility verifying apparatus 80, which is applied to a node side device included in a distributed service system, and includes:
a history certification generating unit 801, configured to invoke a set encryption method in a loop iteration manner, and generate a history time certification sequence corresponding to a history time period; wherein, each iteration process comprises the following steps:
acquiring a latest generated historical time certificate in a historical time certificate sequence of the node;
taking the historical time certification as input, calling an encryption method to generate a current time certification corresponding to the current time, and linking the current time certification to a historical time certification sequence;
a historical certification reporting unit 802, configured to send, to the management end device, clock environment certification information carrying a historical time certification sequence in a historical time period when a reporting time arrives, so that the management end device verifies a clock environment of the node end device based on the clock environment certification information.
Optionally, the history evidence generating unit 801 is further configured to:
receiving an initial time certificate and a time stamp sent by management terminal equipment;
and taking the initial time certificate and the time stamp as input, calling an encryption method to generate a next time certificate of the initial time certificate, and linking the next time certificate to the initial time certificate to form a historical time certificate sequence.
Optionally, the history evidence generating unit 801 is specifically configured to:
if the current time triggers the business event, the digital signature is carried out on the business event, and the hash operation is carried out on the digital signature result to obtain the business event time certificate corresponding to the business event;
and taking the historical time certification and the service event time certification as input, and calling an encryption method to generate a current time certification corresponding to the current time.
The apparatus may be configured to execute the method executed by the node side device in each embodiment of the present application, and therefore, for functions and the like that can be realized by each functional module of the apparatus, reference may be made to the description of the foregoing embodiment, which is not repeated here.
Referring to fig. 9, based on the same technical concept, an embodiment of the present application further provides a computer device 90, where the computer device 90 may be the terminal device or the server shown in fig. 1, and the computer device 90 may include a memory 901 and a processor 902.
The memory 901 is used for storing computer programs executed by the processor 902. The memory 901 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to use of the computer device, and the like. The processor 902 may be a Central Processing Unit (CPU), a digital processing unit, or the like. The specific connection medium between the memory 901 and the processor 902 is not limited in the embodiments of the present application. In the embodiment of the present application, the memory 901 and the processor 902 are connected through the bus 903 in fig. 9, the bus 903 is represented by a thick line in fig. 9, and the connection manner between other components is merely illustrative and is not limited. The bus 903 may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in FIG. 9, but this does not indicate only one bus or one type of bus.
A processor 902, configured to execute the method executed by each device in the foregoing embodiments when calling the computer program stored in the memory 901.
In some possible embodiments, various aspects of the methods provided by the present application may also be implemented in the form of a program product including program code for causing a computer device to perform the steps of the methods according to various exemplary embodiments of the present application described above in this specification when the program product is run on the computer device, for example, the computer device may perform the methods performed by the devices in the embodiments described above.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
While the preferred embodiments of the present application have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including preferred embodiments and all alterations and modifications as fall within the scope of the application.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. A clock environment credibility verification method is applied to a management end device included in a distributed service system, and comprises the following steps:
receiving clock environment certification information sent by node side equipment, wherein the clock environment certification information comprises a historical time certification sequence formed by time certifications generated by the node side equipment in a historical time period, and each time certification is obtained by taking a corresponding previous time certification as input;
verifying each time certificate based on a previous time certificate of a first time certificate of the historical time certificate sequence and each time certificate in the historical time certificate sequence to obtain a verification result; and the number of the first and second electrodes,
determining whether the actual duration of the historical time period recorded by the node side equipment conforms to the real duration or not based on the number of time proofs included in the historical time proof sequence;
and if the verification result indicates that all the time certificates are verified to be passed, and the actual time length is consistent with the real time length, determining that the clock environment of the node end equipment is credible.
2. The method of claim 1, wherein verifying each time attestation in the sequence of historical time attestations based on a previous time attestation of a first time attestation of the sequence of historical time attestations and each time attestation in the sequence of historical time attestations comprises:
carrying out fragmentation processing on the historical time certification sequence to obtain each time certification;
constructing a plurality of time credential combinations based on a previous time credential of the first time credential and the respective time credentials, each time credential combination including a first time credential and a second time credential generated with the first time credential as an input;
for the plurality of time certification combinations, performing the following operations, respectively:
aiming at one time certification combination, based on the first time certification included in the time certification combination, obtaining a third time certification by adopting the same encryption method as the node side equipment;
determining whether the third time certificate is consistent with a second time certificate included in the time certificate combination, and obtaining a determination result;
and obtaining the verification result based on the plurality of time certification combinations and the respective corresponding determination results.
3. The method of claim 1, wherein determining whether the actual duration of the historical time period recorded by the node-side device coincides with a real duration based on the number of time certificates comprised by the sequence of historical time certificates comprises:
determining the actual duration of the historical time period based on the number of time proofs included in the historical time proof sequence and the hash generation capacity corresponding to the node side equipment; the hash generation capability is used for representing the number of time certificates which can be generated by the node side equipment in unit time;
determining whether the difference value between the actual time length and the real time length is not greater than a set difference value threshold value; if the difference is not greater than the set difference threshold, the actual duration is consistent with the real duration, and if the difference is greater than the set difference threshold, the actual duration is not consistent with the real duration.
4. The method of claim 1, wherein determining whether the actual duration of the historical time period recorded by the node-side device coincides with a real duration based on the number of time certificates comprised by the sequence of historical time certificates comprises:
determining the number range of the generated time certificates in the historical time period based on the actual time length and the upper limit value and the lower limit value of the preset hash generation capacity;
determining whether the quantity is within the quantity range; and if the number is not within the number range, determining that the actual duration does not conform to the real duration.
5. The method according to any one of claims 1 to 4, wherein each time certificate comprises an event time certificate which is obtained by taking the content of a business event and the latest time certificate when the business event occurs as input; the method further comprises:
determining an estimated time range of occurrence of the business event based on a number of time credentials included in the sequence of historical time credentials and a location of the time of event credentials in the sequence of historical time credentials;
and if the estimated time range is consistent with the timestamp of the service event, determining that the occurrence time of the service event is real.
6. A clock environment credibility verification method is applied to a node end device included in a distributed service system, and the method comprises the following steps:
calling a set encryption method in a loop iteration mode to generate a historical time certification sequence corresponding to a historical time period; wherein, each iteration process comprises the following steps:
acquiring a latest generated historical time certificate in a historical time certificate sequence of the node;
taking the historical time certification as input, calling the encryption method to generate a current time certification corresponding to the current time, and linking the current time certification to the historical time certification sequence; when the reporting time arrives, clock environment certification information carrying a historical time certification sequence in a historical time period is sent to the management terminal equipment, so that the management terminal equipment verifies the clock environment of the node terminal equipment based on the clock environment certification information.
7. A clock environment credibility verification apparatus, applied to a management side device included in a distributed service system, the apparatus comprising:
a receiving unit, configured to receive clock environment certification information sent by a node device, where the clock environment certification information includes a historical time certification sequence composed of time certifications generated by the node device within a historical time period, and each time certification is obtained by using a corresponding previous time certification as an input;
the historical certification verifying unit is used for verifying each time certification based on the previous time certification of the first time certification of the historical time certification sequence and each time certification in the historical time certification sequence to obtain a verification result;
a historical evidence time estimation and verification unit, configured to determine, based on the number of time proofs included in the historical time proof sequence, whether the actual time length of the historical time period recorded by the node side device matches the actual time length;
and the output unit is used for determining that the clock environment of the node end equipment is credible if the verification result indicates that all the time certificates are verified to be passed and the actual time length is consistent with the real time length.
8. A clock environment credibility verification apparatus, applied to a node side device included in a distributed service system, the apparatus comprising:
the history certification generating unit is used for calling a set encryption method in a loop iteration mode to generate a history time certification sequence corresponding to a history time period; wherein, each iteration process comprises the following steps:
acquiring a latest generated historical time certificate in a historical time certificate sequence of the node;
taking the historical time certification as input, calling the encryption method to generate a current time certification corresponding to the current time, and linking the current time certification to the historical time certification sequence; and the historical certification reporting unit is used for sending clock environment certification information carrying a historical time certification sequence in a historical time period to the management terminal equipment when the reporting timer arrives, so that the management terminal equipment verifies the clock environment of the node terminal equipment based on the clock environment certification information.
9. A computer device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor,
the processor, when executing the computer program, performs the steps of the method of any one of claims 1 to 6 or 7.
10. A computer storage medium having computer program instructions stored thereon, wherein,
the computer program instructions, when executed by a processor, perform the steps of the method of any one of claims 1 to 6 or 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111381736.4A CN114065301A (en) | 2021-11-22 | 2021-11-22 | Clock environment credibility verification method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111381736.4A CN114065301A (en) | 2021-11-22 | 2021-11-22 | Clock environment credibility verification method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114065301A true CN114065301A (en) | 2022-02-18 |
Family
ID=80278700
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111381736.4A Pending CN114065301A (en) | 2021-11-22 | 2021-11-22 | Clock environment credibility verification method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114065301A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115021866A (en) * | 2022-05-24 | 2022-09-06 | 卡斯柯信号有限公司 | Data timeliness verification method and system applied to security coding software |
-
2021
- 2021-11-22 CN CN202111381736.4A patent/CN114065301A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115021866A (en) * | 2022-05-24 | 2022-09-06 | 卡斯柯信号有限公司 | Data timeliness verification method and system applied to security coding software |
| CN115021866B (en) * | 2022-05-24 | 2024-03-12 | 卡斯柯信号有限公司 | Data timeliness checking method and system applied to security coding software |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11429738B2 (en) | Blockchain endorsement with approximate hash verification | |
| US12003647B2 (en) | Reduced-step blockchain verification of media file | |
| US11539527B2 (en) | Peer node recovery via approximate hash verification | |
| CN111445333B (en) | Block generation method, device, computer equipment and storage medium | |
| US20230275743A1 (en) | Committing data to blockchain based on approximate hash verification | |
| US20220271960A1 (en) | Blockchain-based data processing method, apparatus, device, and readable storage medium | |
| US11689356B2 (en) | Approximate hash verification of unused blockchain output | |
| US20200382309A1 (en) | Approximate hash verification for blockchain | |
| He et al. | Securing over-the-air IoT firmware updates using blockchain | |
| US11593316B2 (en) | Database snapshot for managing state synchronization | |
| CN110597918B (en) | Account management method, account management device and computer readable storage medium | |
| CN110266872B (en) | Address book data management and control method and device, cloud address book system, computer equipment and computer readable storage medium | |
| CN111209339B (en) | Block synchronization method, device, computer and storage medium | |
| CN110659441A (en) | Information release management method and device based on block chain | |
| CN110598375A (en) | Data processing method, device and storage medium | |
| CN114564757A (en) | Data auditing method, device and equipment of block chain and readable storage medium | |
| CN111367923A (en) | Data processing method, data processing device, node equipment and storage medium | |
| Petzi et al. | {SCRAPS}: Scalable collective remote attestation for {Pub-Sub}{IoT} networks with untrusted proxy verifier | |
| CN111555860A (en) | Block link point consensus method and device, electronic equipment and storage medium | |
| CN114065301A (en) | Clock environment credibility verification method, device, equipment and storage medium | |
| Weilbach et al. | Applying distributed ledger technology to digital evidence integrity | |
| CN112713996A (en) | Fault verification method based on block chain, server and terminal | |
| CN114979109B (en) | Behavior track detection method, behavior track detection device, computer equipment and storage medium | |
| Oktian et al. | SIGNORA: A Blockchain-Based Framework for Dataflow Integrity Provisioning in an Untrusted Data Pipeline | |
| CN110597557B (en) | System information acquisition method, terminal and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |