CN114401118A - A login password verification system based on smart contracts - Google Patents

A login password verification system based on smart contracts Download PDF

Info

Publication number
CN114401118A
CN114401118A CN202111609521.3A CN202111609521A CN114401118A CN 114401118 A CN114401118 A CN 114401118A CN 202111609521 A CN202111609521 A CN 202111609521A CN 114401118 A CN114401118 A CN 114401118A
Authority
CN
China
Prior art keywords
verification
values
login
polynomial
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111609521.3A
Other languages
Chinese (zh)
Other versions
CN114401118B (en
Inventor
张金琳
俞学劢
高航
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Shuqin Technology Co Ltd
Original Assignee
Zhejiang Shuqin Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Shuqin Technology Co Ltd filed Critical Zhejiang Shuqin Technology Co Ltd
Priority to CN202111609521.3A priority Critical patent/CN114401118B/en
Publication of CN114401118A publication Critical patent/CN114401118A/en
Application granted granted Critical
Publication of CN114401118B publication Critical patent/CN114401118B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/255Maintenance or indexing of mapping tables
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/3026Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to polynomials generation, e.g. generation of irreducible polynomials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention relates to the technical field of information, in particular to a login password verification system based on an intelligent contract, which comprises a password generation module, a login module and a password verification module, wherein the password generation module generates an n-element polynomial, issues a verification intelligent contract on a block chain, generates a characteristic sequence, periodically and randomly generates a plurality of groups of values of n' element variables by the verification intelligent contract, a user calculates the value of the n-element polynomial according to the characteristic sequence and the value of the variable disclosed by the verification intelligent contract, sends the value of the login name associated with the n-element polynomial to the login module to write in the verification intelligent contract, if the verification passes, the login name and the timestamp of a signature user of the intelligent contract are verified, the login module inquires the block chain, and if a signature exists in a verification result column, the user is allowed to log in. The substantial effects of the invention are as follows: the passwords input by the user during login are different every time, and the rule among multiple password inputs is difficult to reversely derive, so that the security of the login password of the user is effectively improved.

Description

一种基于智能合约的登录密码验证系统A login password verification system based on smart contracts

技术领域technical field

本发明涉及信息技术领域,具体涉及一种基于智能合约的登录密码验证系统。The invention relates to the field of information technology, in particular to a login password verification system based on a smart contract.

背景技术Background technique

密码安全一直是信息技术领域的重要研究课题。随着互联网的发展,人们在虚拟的互联网上参与的事务越来越多,在互联网上拥有的权益也越来越多,且越来越重要。用户在互联网上的权益通常包括网站账户权益、网站会员权益、资产权益以及在互联网上办理的各种民生事务权益等。这些权益的权属通常仅有用户登录网站的登录密码进行界定和保护。一旦密码泄露,将会带来难以预测的损失,使用户权益面临巨大的威胁。目前出现了采用加盐哈希值代替密码明文传输的方式,虽然有助于向服务端保密用户的密码明文,但窃取者若窃取到加盐哈希值,则直接通过加盐哈希值也仍然能够非法登录。因而还需要继续研究用户密码的保护方案。Cryptographic security has always been an important research topic in the field of information technology. With the development of the Internet, people participate in more and more affairs on the virtual Internet, and the rights and interests they have on the Internet are more and more important. The rights and interests of users on the Internet usually include website account rights and interests, website membership rights and interests, asset rights and interests, and rights and interests of various livelihood affairs handled on the Internet. The ownership of these rights is usually defined and protected only by the user's login password for logging in to the website. Once the password is leaked, it will bring unpredictable losses and make users' rights and interests face a huge threat. At present, there is a method of using salted hash value instead of password plaintext transmission. Although it is helpful to keep the user's password plaintext secret from the server, if the thief steals the salted hash value, it will directly pass the salted hash value. Still able to log in illegally. Therefore, it is necessary to continue to study the protection scheme of user password.

如中国专利CN103118022A,公开日2013年5月22日,公开了一种无密码异端登录验证方法,为了确保帐号、密码在不同平台上进行隔离输入,首先需要对移动设备进行对应帐号的绑定过程,这个过程需要使用移动设备硬件信息进行对应帐号密码的绑定,这样生成的本地验证数据库是不能脱离绑定的设备,避免移动设备端数据库被盗取使用,在绑定过程中移动设备的硬件信息同时会提交给绑定服务器和验证服务器,以便生成对应帐号的服务器端设备验证绑定数据,此过程只会出现一次,验证过程是每次登录都要执行的,在绑定过程中用户只需要输入一次帐号密码,其他自动完成,验证登录过程中用户只需要确认登录,一键完成,其他自动完成,使用本发明后,用户再也不用记住复杂的密码。其技术方案需要借助移动设备的绑定,当移动设备丢失或损坏时,就需要再次进行绑定,较为繁琐。且需要向服务端提交移动设备的硬件信息,造成了新的数据安全隐患。For example, Chinese patent CN103118022A, published on May 22, 2013, discloses a password-free heresy login verification method. In order to ensure that the account number and password are input in isolation on different platforms, it is first necessary to perform the binding process of the corresponding account number on the mobile device. , this process requires the use of mobile device hardware information to bind the corresponding account password, so that the generated local verification database cannot be separated from the bound device, so as to avoid the mobile device database from being stolen and used. During the binding process, the mobile device hardware information At the same time, it will be submitted to the binding server and the verification server, so as to generate the server-side device corresponding to the account to verify the binding data. This process will only occur once. The verification process is performed every time you log in. During the binding process, the user only needs to Input the account password once, and the other is completed automatically. In the process of verifying the login, the user only needs to confirm the login, one key is completed, and the other is completed automatically. After using the present invention, the user no longer has to remember the complex password. The technical solution needs to be bound by the mobile device, and when the mobile device is lost or damaged, it needs to be bound again, which is cumbersome. In addition, the hardware information of the mobile device needs to be submitted to the server, resulting in a new hidden danger of data security.

发明内容SUMMARY OF THE INVENTION

本发明要解决的技术问题是:目前登录密码验证方式安全程度较低的技术问题。提出了一种基于智能合约的登录密码验证系统,能够提高登录密码验证的安全程度。The technical problem to be solved by the present invention is: the technical problem of the low security degree of the current login password verification method. This paper proposes a login password verification system based on smart contracts, which can improve the security of login password verification.

为解决上述技术问题,本发明所采取的技术方案为:一种基于智能合约的登录密码验证系统,包括密码生成模块、登录模块和密码验证模块,所述密码生成模块为用户生成n元多项式,将n 元多项式的系数向量发送给用户和密码验证模块,所述密码验证模块在区块链上发布验证智能合约,所述验证智能合约包括登录名、特征序列、系数序列、若干个验证栏、验证结果栏和验证程序段,所述密码验证模块为验证智能合约随机选择若干个变量,选中的变量取值为非零常数值,为验证智能合约生成特征序列,被选中的变量在特征序列中的值为对应常数值,其余变量在特征序列中取值为零,将非零常数值代入n元多项式,得到n’元多项式的系数序列,所述验证程序段根据特征序列和系数序列复原n’元多项式,周期性随机生成若干组n’元变量的值,计算出n’元多项式的值,公开特征序列和若干组n’元变量的值,用户复原n元多项式,根据验证智能合约公开的特征序列和若干组n’元变量的值,计算获得若干个n元多项式的值,将登录名关联若干个n元多项式的值发送给登录模块,登录模块将n元多项式的值写入验证智能合约的验证栏,若干个n元多项式的值与n’元多项式的值能够匹配相等,则验证通过,所述验证智能合约签名用户的登录名和时间戳写入验证结果栏,登录模块查询区块链,若验证结果栏存在签名且时间戳距离当前时间在预设阈值范围内,则允许本次用户登录。In order to solve the above-mentioned technical problems, the technical solution adopted in the present invention is: a login password verification system based on a smart contract, comprising a password generation module, a login module and a password verification module, and the password generation module generates an n-element polynomial for the user, Send the coefficient vector of the n-ary polynomial to the user and the password verification module, and the password verification module publishes a verification smart contract on the blockchain, and the verification smart contract includes a login name, a feature sequence, a coefficient sequence, several verification columns, Verification result column and verification program segment, the password verification module randomly selects several variables for verifying the smart contract, the selected variable takes a non-zero constant value, and generates a feature sequence for verifying the smart contract, and the selected variable is in the feature sequence The value of is the corresponding constant value, and the other variables take the value of zero in the characteristic sequence, and the non-zero constant value is substituted into the n-element polynomial to obtain the coefficient sequence of the n'-element polynomial. The verification program segment restores n according to the characteristic sequence and the coefficient sequence. 'Element polynomial, periodically and randomly generate the values of several groups of n'-element variables, calculate the value of the n'-element polynomial, disclose the feature sequence and the values of several groups of n'-element variables, the user restores the n-element polynomial, and discloses it according to the verification smart contract The feature sequence and the values of several groups of n'-variable variables are calculated to obtain the values of several n-variable polynomials, and the login name is associated with the values of several n-variable polynomials and sent to the login module. The login module writes the values of the n-variable polynomials for verification In the verification column of the smart contract, if the values of several n-element polynomials can match the value of the n'-element polynomials, the verification is passed, and the login name and timestamp of the verification smart contract signature user are written into the verification result column, and the login module query area Blockchain, if there is a signature in the verification result column and the timestamp is within the preset threshold range from the current time, the user will be allowed to log in this time.

作为优选,所述验证智能合约随机生成若干组n’元变量的值时,执行以下步骤:所述验证智能合约随机选择至少一个变量,被选择的变量在预设时长内的取值为固定值,超过预设时长后取值另一个随机生成的固定值;未被选择的变量取值随机值,全部变量的值构成一组n’元变量的值。Preferably, when the verification smart contract randomly generates values of several groups of n' variables, the following steps are performed: the verification smart contract randomly selects at least one variable, and the selected variable takes a fixed value within a preset time period , another randomly generated fixed value is taken after the preset time period is exceeded; the unselected variable takes a random value, and the values of all variables constitute the value of a group of n' variables.

作为优选,为变量设置排序权重,获得变量的最高的指数值,将每个变量均取所述指数值作为n元多项式的次数,补足n元多项式系数为0的单项式,n元多项式的单项式每个变量的次数与对应变量的排序权重相乘后再求和,作为单项式的排序值,按照排序值降序排列n元多项式的单项式,依次获取排序后n元多项式的单项式的系数,构成n元多项式的系数向量。Preferably, the sorting weight is set for the variable, the highest index value of the variable is obtained, the index value is taken as the degree of the n-element polynomial for each variable, and the monomial whose coefficient of the n-element polynomial is 0 is supplemented. The times of the variables are multiplied by the sorting weights of the corresponding variables and then summed up. As the sorting value of the monomial, the monomial of the n-element polynomial is sorted in descending order according to the sorting value, and the coefficients of the monomial of the n-element polynomial after sorting are obtained in turn to form an n-element polynomial. The coefficient vector of .

作为优选,所述验证模块将非零常数值代入n元多项式,得到n’元多项式,n’元多项式的单项式每个变量的次数与对应变量的排序权重相乘后再求和,作为单项式的排序值,依次获取排序后n’元多项式的单项式的系数,构成n’元多项式的系数向量。Preferably, the verification module substitutes a non-zero constant value into an n-element polynomial to obtain an n'-element polynomial, and the degree of each variable of the monomial of the n'-element polynomial is multiplied by the sorting weight of the corresponding variable and then summed, as the monomial of the Sort value, obtain the coefficients of the monomial of the n'-element polynomial after sorting, and form the coefficient vector of the n'-element polynomial.

作为优选,所述验证模块在区块链上发布多个验证智能合约,验证智能合约具有合约编号,用户将登录名及若干组关联有合约编号的n元多项式的值发送给登录模块,所述登录模块将n元多项式的值发送给合约编号对应的验证智能合约,所述登录模块查询区块链,多个所述验证智能合约的验证结果栏均存在签名且时间戳距离当前时间在预设阈值范围内,则允许本次用户登录。Preferably, the verification module publishes multiple verification smart contracts on the blockchain, and the verification smart contracts have contract numbers. The login module sends the value of the n-ary polynomial to the verification smart contract corresponding to the contract number, the login module queries the blockchain, and the verification result columns of multiple verification smart contracts all have signatures and the timestamp is preset from the current time. Within the threshold range, the user is allowed to log in this time.

作为优选,当若干个n元多项式的值与n’元多项式的值能够匹配相等的比例超过预设百分比阈值,则所述验证智能合约判定验证通过,所述验证智能合约签名用户的登录名和时间戳写入验证结果栏。Preferably, when the value of several n-element polynomials and the value of n'-element polynomials can match an equal ratio exceeding the preset percentage threshold, the verification smart contract determines that the verification is passed, and the verification smart contract signs the user's login name and time. The stamp is written into the verification result column.

本发明的实质性效果是:通过验证智能合约,使每次用户登录时输入的密码均不相同,且多次密码输入之间的规律难以反向推导出,窃取者即使窃取到若干次密码明文,也无法登录用户的账户;不需要借助硬件绑定,推广使用的成本低廉。The substantial effect of the present invention is: by verifying the smart contract, the passwords entered by the user each time they log in are not the same, and the rules between multiple password inputs are difficult to reversely deduce. , and can not log in to the user's account; no hardware binding is required, and the cost of promotion and use is low.

附图说明Description of drawings

图1为实施例一登录密码验证系统构成示意图。FIG. 1 is a schematic diagram of the structure of a login password verification system according to the first embodiment.

图2为实施例一生成变量值过程示意图。FIG. 2 is a schematic diagram of a process of generating variable values in the first embodiment.

图3为实施例一获得系数向量过程示意图。FIG. 3 is a schematic diagram of a process of obtaining a coefficient vector according to the first embodiment.

其中:10、密码生成模块,11、系数向量,20、用户,30、密码验证模块,31、验证智能合约,40、登录模块,50、区块链。Among them: 10, password generation module, 11, coefficient vector, 20, user, 30, password verification module, 31, verification smart contract, 40, login module, 50, blockchain.

具体实施方式Detailed ways

下面通过具体实施例,并结合附图,对本发明的具体实施方式作进一步具体说明。The specific embodiments of the present invention will be further described in detail below through specific embodiments and in conjunction with the accompanying drawings.

实施例一:Example 1:

一种基于智能合约的登录密码验证系统,请参阅附图1,包括密码生成模块10、登录模块40和密码验证模块30,密码生成模块10为用户20生成n元多项式,将n 元多项式的系数向量11发送给用户20和密码验证模块30,密码验证模块30在区块链50上发布验证智能合约31,验证智能合约31包括登录名、特征序列、系数序列、若干个验证栏、验证结果栏和验证程序段,密码验证模块30为验证智能合约31随机选择若干个变量,选中的变量取值为非零常数值,为验证智能合约31生成特征序列,被选中的变量在特征序列中的值为对应常数值,其余变量在特征序列中取值为零,将非零常数值代入n元多项式,得到n’元多项式的系数序列,验证程序段根据特征序列和系数序列复原n’元多项式,周期性随机生成若干组n’元变量的值,计算出n’元多项式的值,公开特征序列和若干组n’元变量的值,用户20复原n元多项式,根据验证智能合约31公开的特征序列和若干组n’元变量的值,计算获得若干个n元多项式的值,将登录名关联若干个n元多项式的值发送给登录模块40,登录模块40将n元多项式的值写入验证智能合约31的验证栏,若干个n元多项式的值与n’元多项式的值能够匹配相等,则验证通过,验证智能合约31签名用户20的登录名和时间戳写入验证结果栏,登录模块40查询区块链50,若验证结果栏存在签名且时间戳距离当前时间在预设阈值范围内,则允许本次用户20登录。A login password verification system based on a smart contract, please refer to FIG. 1, including a password generation module 10, a login module 40 and a password verification module 30, the password generation module 10 generates an n-element polynomial for the user 20, and the coefficients of the n-element polynomial are The vector 11 is sent to the user 20 and the password verification module 30. The password verification module 30 publishes the verification smart contract 31 on the blockchain 50. The verification smart contract 31 includes the login name, feature sequence, coefficient sequence, several verification columns, and verification result columns. And the verification program segment, the password verification module 30 randomly selects several variables for verifying the smart contract 31, the selected variable takes a non-zero constant value, and generates a feature sequence for verifying the smart contract 31. The value of the selected variable in the feature sequence In order to correspond to the constant value, the other variables take the value of zero in the characteristic sequence, and the non-zero constant value is substituted into the n-element polynomial to obtain the coefficient sequence of the n'-element polynomial. The verification program segment restores the n'-element polynomial according to the characteristic sequence and coefficient sequence, Periodically and randomly generate the values of several sets of n'-variable variables, calculate the values of the n'-variable polynomials, disclose the feature sequence and the values of several sets of n'-variable variables, the user 20 restores the n-variable polynomials, and validates the features disclosed by the smart contract 31 The sequence and the values of several groups of n'-variable variables are calculated to obtain the values of several n-variable polynomials, and the login name is associated with the values of several n-variable polynomials and sent to the login module 40. The login module 40 writes the values of the n-variable polynomials for verification In the verification column of the smart contract 31, if the values of several n-element polynomials can be matched and equal to the values of the n'-element polynomials, the verification is passed, and the login name and time stamp of the verification smart contract 31 signature user 20 are written into the verification result column, and the login module 40 The blockchain 50 is queried, and if there is a signature in the verification result column and the time stamp is within a preset threshold range from the current time, the user 20 is allowed to log in this time.

区块链上的智能合约是以二进制机器码形式存在和执行的,不具有可读性,也不能由二进制机器码复原出源代码,因而不会导致n’元多项式的泄露。The smart contracts on the blockchain exist and execute in the form of binary machine code, which is not readable, nor can the source code be recovered from the binary machine code, so it will not lead to the leakage of n'-variable polynomials.

验证智能合约31随机生成若干组n’元变量的值时,请参阅附图2,执行以下步骤:步骤A01)验证智能合约31随机选择至少一个变量,被选择的变量在预设时长内的取值为固定值,超过预设时长后取值另一个随机生成的固定值;步骤A02)未被选择的变量取值随机值,全部变量的值构成一组n’元变量的值。When verifying that the smart contract 31 randomly generates the values of several groups of n' variables, please refer to Figure 2, and perform the following steps: Step A01) Verify that the smart contract 31 randomly selects at least one variable, and the selected variable is selected within a preset time period. The value is a fixed value, and another randomly generated fixed value is taken after the preset time period; Step A02) The unselected variable takes a random value, and the values of all variables constitute a group of n' variable values.

请参阅附图3,获得系数向量11的过程包括:步骤B01)为变量设置排序权重;步骤B02)获得变量的最高的指数值,将每个变量均取指数值作为n元多项式的次数,补足n元多项式系数为0的单项式;步骤B03)n元多项式的单项式每个变量的次数与对应变量的排序权重相乘后再求和,作为单项式的排序值;步骤B04)按照排序值降序排列n元多项式的单项式,依次获取排序后n元多项式的单项式的系数,构成n元多项式的系数向量11。Referring to Figure 3, the process of obtaining the coefficient vector 11 includes: step B01) setting a sorting weight for the variable; step B02) obtaining the highest index value of the variable, taking the index value for each variable as the degree of the n-variable polynomial, and making up A monomial with an n-element polynomial coefficient of 0; Step B03) The degree of each variable of the monomial of the n-element polynomial is multiplied by the sorting weight of the corresponding variable and then summed, as the sorting value of the monomial; Step B04) Arrange n in descending order according to the sorting value The coefficients of the monomial of the n-element polynomial are obtained in sequence, and the coefficient vector 11 of the n-element polynomial is formed.

验证模块将非零常数值代入n元多项式,得到n’元多项式,n’元多项式的单项式每个变量的次数与对应变量的排序权重相乘后再求和,作为单项式的排序值,依次获取排序后n’元多项式的单项式的系数,构成n’元多项式的系数向量11。The verification module substitutes the non-zero constant value into the n-variable polynomial to obtain the n'-variable polynomial. The degree of each variable of the monomial of the n'-variable polynomial is multiplied by the sorting weight of the corresponding variable and then summed, as the sorting value of the monomial, obtained in turn The coefficients of the monomial of the n'-variable polynomial after sorting constitute the coefficient vector 11 of the n'-variable polynomial.

作为替换实施方式,验证模块在区块链50上发布多个验证智能合约31,验证智能合约31具有合约编号,用户20将登录名及若干组关联有合约编号的n元多项式的值发送给登录模块40,登录模块40将n元多项式的值发送给合约编号对应的验证智能合约31,登录模块40查询区块链50,多个验证智能合约31的验证结果栏均存在签名且时间戳距离当前时间在预设阈值范围内,则允许本次用户20登录。As an alternative embodiment, the verification module publishes a plurality of verification smart contracts 31 on the blockchain 50, the verification smart contracts 31 have contract numbers, and the user 20 sends the login name and the values of several sets of n-ary polynomials associated with the contract numbers to the login Module 40, the login module 40 sends the value of the n-ary polynomial to the verification smart contract 31 corresponding to the contract number, the login module 40 queries the blockchain 50, and the verification result columns of multiple verification smart contracts 31 all have signatures and the time stamp is far from the current value. If the time is within the preset threshold range, the user 20 is allowed to log in this time.

作为本实施例的替换实施方式,当若干个n元多项式的值与n’元多项式的值能够匹配相等的比例超过预设百分比阈值,则验证智能合约31判定验证通过,验证智能合约31签名用户20的登录名和时间戳写入验证结果栏。As an alternative implementation of this embodiment, when the value of several n-element polynomials and the values of n'-element polynomials can match an equal ratio exceeding the preset percentage threshold, the verification smart contract 31 determines that the verification is passed, and the verification smart contract 31 signs the user 20's login name and timestamp are written in the verification result column.

本实施例的有益技术效果是:通过验证智能合约31,使每次用户20登录时输入的密码均不相同,且多次密码输入之间的规律难以反向推导出,窃取者即使窃取到若干次密码明文,也无法登录用户20的账户;不需要借助硬件绑定,推广使用的成本低廉。The beneficial technical effect of this embodiment is: by verifying the smart contract 31, the passwords entered by the user 20 each time they log in are not the same, and it is difficult to reversely deduce the law between multiple password inputs, even if the thief steals several It is also impossible to log in to the account of the user 20 even if the password is in plain text; no hardware binding is required, and the cost of promotion and use is low.

实施例二:Embodiment 2:

本实施例中n取值为3,用户20S注册有账户,密码生成模块10为用户20S生成3元多项式:f(x,y,z)=7*x^3*y*z^2+13*x^2*y^3*z+5*x^2*y^2*z^2,获得3元多项式的系数向量11。In this embodiment, n is 3, the user 20S has registered an account, and the password generation module 10 generates a 3-element polynomial for the user 20S: f(x,y,z)=7*x^3*y*z^2+13 *x^2*y^3*z+5*x^2*y^2*z^2, get the coefficient vector 11 of the 3-variable polynomial.

获得系数向量11的过程为:获得变量的最高的指数值为3,3元多项式的次数为9,即最高次数的单项式为0*x^3*y^3*z^3。补全系数为0的单项式。补全后f(x,y,z)=The process of obtaining the coefficient vector 11 is as follows: the highest exponent value of the variable is 3, and the degree of the 3-variable polynomial is 9, that is, the monomial of the highest degree is 0*x^3*y^3*z^3. Complete monomials with coefficients of 0. After completion f(x,y,z)=

0*x^3*y^3*z^3+0*x^3*y^3*z^2+0*x^3*y^3*z^1+0*x^3*y^3*z^00*x^3*y^3*z^3+0*x^3*y^3*z^2+0*x^3*y^3*z^1+0*x^3*y^ 3*z^0

++

0*x^3*y^2*z^3+0*x^3*y^2*z^2+0*x^3*y^2*z^1+0*x^3*y^2*z^00*x^3*y^2*z^3+0*x^3*y^2*z^2+0*x^3*y^2*z^1+0*x^3*y^ 2*z^0

++

0*x^3*y^1*z^3+7*x^3*y^1*z^2+0*x^3*y^1*z^1+0*x^3*y^1*z^00*x^3*y^1*z^3+ 7*x^3*y^1*z^2 +0*x^3*y^1*z^1+0*x^3*y^ 1*z^0

++

++

0*x^2*y^3*z^3+0*x^2*y^3*z^2+13*x^2*y^3*z+0*x^2*y^3*z^00*x^2*y^3*z^3+0*x^2*y^3*z^2+ 13*x^2*y^3*z +0*x^2*y^3* z^0

++

++

0*x^2*y^2*z^3+5*x^2*y^2*z^2+0*x^2*y^2*z^1+0*x^2*y^2*z^00*x^2*y^2*z^3+ 5*x^2*y^2*z^2 +0*x^2*y^2*z^1+0*x^2*y^ 2*z^0

++

++

0*x^0*y^0*z^3+0*x^0*y^0*z^20*x^0*y^0*z^1+0*x^0*y^0*z^0 。0*x^0*y^0*z^3+0*x^0*y^0*z^20*x^0*y^0*z^1+0*x^0*y^0* z^0 .

为变量x,y及z设置排序权重。本实施例中x的排序权重为13,y的排序权重为4,z的排序权重为1。连同系数为0的单项式,计算每个单项式的排序值。其中系数非0的单项式由下划线标出。举例计算系数非0的排序值如下:Set sorting weights for variables x, y and z. In this embodiment, the sorting weight of x is 13, the sorting weight of y is 4, and the sorting weight of z is 1. Along with the monomials with coefficient 0, the rank value of each monomial is calculated. Monomials with non-zero coefficients are underlined. For example, the sorting value of the non-zero coefficient is calculated as follows:

单项式0*x^3*y^3*z^3的排序值为:13*3+4*3+1*3=54;The order value of the monomial 0*x^3*y^3*z^3 is: 13*3+4*3+1*3=54;

单项式7*x^3*y*z^2的排序值为:13*3+4*1+2=45;The sorting value of the monomial 7*x^3*y*z^2 is: 13*3+4*1+2=45;

单项式13*x^2*y^3*z的排序值为:13*2+4*3+1=39;The sorting value of the monomial 13*x^2*y^3*z is: 13*2+4*3+1=39;

单项式5*x^2*y^2*z^2的排序值为:13*2+4*2+1*2=36。The order value of the monomial 5*x^2*y^2*z^2 is: 13*2+4*2+1*2=36.

系数为0的单项式的排序值的计算在此省略。按照排序值降序排序,则对应的系数排序为0、0、…、7、…、13、…、5、…、0,因而系数向量11为<0,0,…,7、…、13,…,5,…,0>,系数7之前共有9个0,系数向量11的长度为64。用户20端按照同样的单项式排序,匹配系数向量11即可复原f(x,y,z) 。排序权重设置的方法为:首先将变量排序,将最后一个变量的排序权重设为1,计算最高指数值与1的乘积,将乘积加1作为倒数第二个变量的排序权重。而后计算倒数第二个变量的排序权重与最高指数值的乘积,将乘积加1作为倒数第三个变量的排序权重。以此计算,获得全部变量的排序权重。The calculation of the rank value of the monomial with coefficient 0 is omitted here. According to the descending order of the sorting value, the corresponding coefficients are sorted as 0, 0, ..., 7, ..., 13, ..., 5, ..., 0, so the coefficient vector 11 is <0, 0, ..., 7, ..., 13, ...,5,...,0>, there are 9 0s before the coefficient 7, and the length of the coefficient vector 11 is 64. The user 20 sorts according to the same monomial, and matches the coefficient vector 11 to restore f(x,y,z) . The method of setting the sorting weight is: first sort the variables, set the sorting weight of the last variable to 1, calculate the product of the highest index value and 1, and add 1 to the product as the sorting weight of the penultimate variable. Then calculate the product of the ranking weight of the second-to-last variable and the highest index value, and add 1 to the product as the ranking weight of the third-to-last variable. Based on this calculation, the ranking weights of all variables are obtained.

密码验证模块30在区块链50上发布验证智能合约31。为验证智能合约31选定取常数值的变量为x,则特征序列为(3,0,0)。特征序列(3,0,0)表示x必须取值为3,其余变量的取值不限。The cryptographic verification module 30 publishes the verification smart contract 31 on the blockchain 50 . For the verification of the smart contract 31, the variable with a constant value is selected as x, and the feature sequence is (3,0,0). The feature sequence (3,0,0) means that x must be 3, and the values of other variables are not limited.

密码验证模块30将x取值3代入f(x,y,z),获得f’(y,z)=189*y*z^2+117*y^3*z+45*y^2*z^2,验证智能合约31随机生成3组变量的取值:(3,16)、(3,9)和(3,32)。其中y取值随机的常数,y取值周期性更换为另一个常数值。则对应的多项式值分别为:The password verification module 30 substitutes the value 3 of x into f(x,y,z) to obtain f'(y,z)=189*y*z^2+117*y^3*z+45*y^2* z^2, verify that the smart contract 31 randomly generates the values of three sets of variables: (3,16), (3,9) and (3,32). The y value is a random constant, and the y value is periodically replaced with another constant value. The corresponding polynomial values are:

f’(3,16)=189*3*16^2+117*3^3*16+45*3^2*16^2=299,376;f'(3,16)=189*3*16^2+117*3^3*16+45*3^2*16^2=299,376;

f’(3,9)=189*3*9^2+117*3^3*9+45*3^2*9^2=107,163;f'(3,9)=189*3*9^2+117*3^3*9+45*3^2*9^2=107,163;

f’(3,32)=189*3*32^2+117*3^3*32+45*3^2*32^2=1,096,416。f’(3,32)=189*3*32^2+117*3^3*32+45*3^2*32^2=1,096,416.

验证智能合约31公开(3,0,0)、(3,16)、(3,9)和(3,32)。The verification smart contract 31 exposes (3,0,0), (3,16), (3,9) and (3,32).

用户20根据根据系数向量11复原出f(x,y,z)=7*x^3*y*z^2+13*x^2*y^3*z+5*x^2*y^2*z^2,根据验证智能合约31公开的数值,计算f(3,3,16)=299,376、f(3,3,9)=107,163及f(3,3,32)=1,096,416。用户20将登录名及(299,376、107,163、1,096,416)发送给登录模块40。登录模块40将(299,376、107,163、1,096,416)写入验证智能合约31,验证智能合约31检验通过。而后验证智能合约31签名用户20的登录名和时间戳写入验证结果栏。登录模块40查询区块链50,使用验证智能合约31的公钥解密签名即可获得登录名和时间戳。验证登录名并验证时间戳距离当前时间在预设阈值范围内,因而允许用户20本次登录。The user 20 restores f(x,y,z)=7*x^3*y*z^2+13*x^2*y^3*z+5*x^2*y^ according to the coefficient vector 11 2*z^2, calculate f(3,3,16)=299,376, f(3,3,9)=107,163 and f(3,3,32)=1,096,416 according to the values disclosed in the verification smart contract 31. The user 20 sends the login name and (299,376, 107,163, 1,096,416) to the login module 40 . The login module 40 writes (299,376, 107,163, 1,096,416) into the verification smart contract 31, and the verification smart contract 31 passes the verification. Then, the login name and time stamp of the user 20 that is signed by the smart contract 31 are written into the verification result column. The login module 40 queries the blockchain 50 and decrypts the signature using the public key of the verification smart contract 31 to obtain the login name and timestamp. Verifying the login name and verifying that the timestamp is within a preset threshold from the current time, thus allowing the user 20 to log in this time.

当若干个n元多项式的值与n’元多项式的值能够匹配相等的比例超过预设百分比阈值,则验证智能合约31判定验证通过,验证智能合约31签名用户20的登录名和时间戳写入验证结果栏。本实施例中用户20可以将(299,376、107,163、1,096,416)中故意填错一个数值。如填写成(299,376、501,162、1,096,416),验证智能合约31验证后其中有两个是正确的,因而也判断验证通过,签名用户20的登录名和时间戳写入验证结果栏。窃取者窃取到(299,376、501,162、1,096,416)后,由于无法确定是否存在错误值,也不能确定哪个值是错误值,因而更加难以反推3元多项式的表达式,进一步提高用户20密码的安全性。验证智能合约31周期性生成新的随机值作为y的值。When the value of several n-element polynomials and the value of the n'-element polynomial can match an equal ratio exceeding the preset percentage threshold, the verification smart contract 31 determines that the verification is passed, and the verification smart contract 31 signs the user 20's login name and timestamp write verification Results column. In this embodiment, the user 20 may intentionally fill in a wrong value in (299,376, 107,163, 1,096,416). If filled in as (299,376, 501,162 , 1,096,416), two of them are correct after the verification of the smart contract 31, so it is also judged that the verification is passed, and the login name and timestamp of the signing user 20 are written into the verification result column. After stealing (299,376, 501,162 , 1,096,416), the thief cannot determine whether there is an error value or which value is an error value, so it is more difficult to reverse the expression of the 3-variable polynomial, which further improves the security of the user's 20 password . The verification smart contract 31 periodically generates a new random value as the value of y.

以上所述的实施例只是本发明的一种较佳的方案,并非对本发明作任何形式上的限制,在不超出权利要求所记载的技术方案的前提下还有其它的变体及改型。The above-mentioned embodiment is only a preferred solution of the present invention, and does not limit the present invention in any form, and there are other variations and modifications under the premise of not exceeding the technical solution recorded in the claims.

Claims (6)

1. A login password verification system based on an intelligent contract is characterized in that,
comprises a password generating module, a login module and a password verification module,
the password generation module generates an n-element polynomial for the user, sends the coefficient vector of the n-element polynomial to the user and the password verification module,
the password verification module issues a verification intelligent contract on a block chain, the verification intelligent contract comprises a login name, a characteristic sequence, a coefficient sequence, a plurality of verification columns, a verification result column and a verification program section, the password verification module randomly selects a plurality of variables for verifying the intelligent contract, the selected variables take nonzero constant values, the characteristic sequence is generated for verifying the intelligent contract, the values of the selected variables in the characteristic sequence are corresponding constant values, the other variables take zero values in the characteristic sequence, the nonzero constant values are substituted into an n-element polynomial to obtain the coefficient sequence of the n ' -element polynomial, the verification program section restores the n ' -element polynomial according to the characteristic sequence and the coefficient sequence, the values of a plurality of groups of n ' -element variables are periodically and randomly generated, the values of the n ' -element polynomial are calculated, the characteristic sequence and the values of a plurality of groups of n ' -element variables are disclosed,
the method comprises the steps that a user restores an n-element polynomial, values of a plurality of n-element polynomials are obtained through calculation according to a feature sequence disclosed by a verification intelligent contract and values of a plurality of groups of n '-element variables, a login name is associated with the values of the n-element polynomials and sent to a login module, the login module writes the values of the n-element polynomials into a verification column of the verification intelligent contract, the values of the n-element polynomials and the values of the n' -element polynomials can be matched and equal, verification is passed, the login name and a timestamp of a user who signs the verification intelligent contract are written into a verification result column, the login module inquires a block chain, and if a signature exists in the verification result column and the timestamp is within a preset threshold range from the current time, the user is allowed to log in.
2. A login password verification system according to claim 1, wherein,
when the verification intelligent contract randomly generates a plurality of groups of values of n' element variables, the following steps are executed:
the verification intelligent contract randomly selects at least one variable, the value of the selected variable in the preset time length is a fixed value, and another randomly generated fixed value is taken after the preset time length is exceeded;
the unselected variables take on random values, and the values of all variables form a set of n' element variables.
3. A login password verification system according to claim 1 or 2, wherein,
setting sorting weight for variables, obtaining the highest index value of the variables, taking the index value of each variable as the number of times of an n-element polynomial, complementing the single-element polynomial with the coefficient of 0 of the n-element polynomial, multiplying the number of times of each variable of the single-element polynomial of the n-element polynomial by the sorting weight of the corresponding variable, then summing the multiplied numbers to be used as the sorting value of the single-element polynomial, sorting the single-element polynomials of the n-element polynomial according to the sorting value in a descending order mode, sequentially obtaining the coefficients of the single-element polynomials of the n-element polynomial after sorting, and forming the coefficient vector of the n-element polynomial.
4. A login password verification system according to claim 3, wherein,
the verification module substitutes a non-zero constant value into the n-element polynomial to obtain an n '-element polynomial, the times of each variable of the monomials of the n' -element polynomial are multiplied by the sorting weight of the corresponding variable and then summed to serve as the sorting value of the monomials, and the coefficients of the monomials of the n '-element polynomial after sorting are sequentially obtained to form the coefficient vector of the n' -element polynomial.
5. The block chain-based carbon emission rights trading center account management system according to claim 1 or 2,
the verification module issues a plurality of verification intelligent contracts on a block chain, the verification intelligent contracts are provided with contract numbers, a user sends a login name and a plurality of groups of values of n-element polynomials associated with the contract numbers to the login module, the login module sends the values of the n-element polynomials to the verification intelligent contracts corresponding to the contract numbers, the login module inquires the block chain, and if signatures exist in verification result columns of the plurality of verification intelligent contracts and the distance between a timestamp and the current time is within a preset threshold range, the user is allowed to login.
6. The block chain-based carbon emission rights trading center account management system according to claim 1 or 2,
when the ratio that the values of the n-element polynomials and the values of the n' -element polynomials can be matched and equal exceeds a preset percentage threshold value, the verification intelligent contract is judged to pass verification, and the login name and the time stamp of the verification intelligent contract signature user are written into a verification result column.
CN202111609521.3A 2021-12-27 2021-12-27 Login password verification system based on intelligent contract Active CN114401118B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111609521.3A CN114401118B (en) 2021-12-27 2021-12-27 Login password verification system based on intelligent contract

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111609521.3A CN114401118B (en) 2021-12-27 2021-12-27 Login password verification system based on intelligent contract

Publications (2)

Publication Number Publication Date
CN114401118A true CN114401118A (en) 2022-04-26
CN114401118B CN114401118B (en) 2024-04-30

Family

ID=81226775

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111609521.3A Active CN114401118B (en) 2021-12-27 2021-12-27 Login password verification system based on intelligent contract

Country Status (1)

Country Link
CN (1) CN114401118B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107967608A (en) * 2017-12-21 2018-04-27 北京智帮帮科技有限公司 A kind of intelligent contract system based on block chain technology
CN109359978A (en) * 2018-10-08 2019-02-19 全链通有限公司 Intelligent contract method of commerce and system based on block chain network
US20190164153A1 (en) * 2017-11-30 2019-05-30 Shashank Agrawal Blockchain system for confidential and anonymous smart contracts
CN110728576A (en) * 2019-08-19 2020-01-24 湖南科技学院 A Decentralized Anonymous Data Transaction Method Based on Zero-knowledge Proof
CN111125245A (en) * 2019-11-21 2020-05-08 深圳壹账通智能科技有限公司 Blockchain-based data processing method, device and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190164153A1 (en) * 2017-11-30 2019-05-30 Shashank Agrawal Blockchain system for confidential and anonymous smart contracts
CN107967608A (en) * 2017-12-21 2018-04-27 北京智帮帮科技有限公司 A kind of intelligent contract system based on block chain technology
CN109359978A (en) * 2018-10-08 2019-02-19 全链通有限公司 Intelligent contract method of commerce and system based on block chain network
CN110728576A (en) * 2019-08-19 2020-01-24 湖南科技学院 A Decentralized Anonymous Data Transaction Method Based on Zero-knowledge Proof
CN111125245A (en) * 2019-11-21 2020-05-08 深圳壹账通智能科技有限公司 Blockchain-based data processing method, device and storage medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
吴芷菡 等: "基于区块链的安全电子选举方案", 《计算机应用》, vol. 40, no. 07 *
张凡 等: "一种高效的范围证明方案", 《密码学报》, no. 02 *
李东星: ""基于区块链的网络实体身份认证技术研究"", 《中国优秀硕士学位论文全文数据库》, no. 12 *

Also Published As

Publication number Publication date
CN114401118B (en) 2024-04-30

Similar Documents

Publication Publication Date Title
US9977918B2 (en) Method and system for verifiable searchable symmetric encryption
CN107423632B (en) Customizable sensitive data desensitization method and system
CN108292341B (en) Method for checking execution integrity of application in target device
CN106776904A (en) The fuzzy query encryption method of dynamic authentication is supported in a kind of insincere cloud computing environment
CN106936771A (en) A kind of secure cloud storage method and system based on graded encryption
CN106407822A (en) Keyword or multi-keyword based searchable encryption method and system
CN105072086A (en) Cloud-storage batch auditing method based on MapReduce
CN110222081A (en) Data cryptogram search method based on fine granularity sequence under multi-user environment
CN104052740A (en) Verifiable dictionary-based searchable encryption method in cloud storage
CN113704357A (en) Smart city data sharing method and system based on block chain
US11856095B2 (en) Apparatus and methods for validating user data by using cryptography
CN113065151A (en) Relational database information security enhancement method, system, terminal and storage medium
CN109088850B (en) Batch cloud auditing method based on Lucas sequence to locate wrong files
CN114710357A (en) Dynamic searchable encryption method supporting block verification in editable block chain
Sun et al. Public data integrity auditing without homomorphic authenticators from indistinguishability obfuscation
CN106612274A (en) Homogeneity-based shared data verification algorithm in cloud computing
He et al. Enabling Decentralized and Dynamic Data Integrity Verification for Secure Cloud Storage via T‐Merkle Hash Tree Based Blockchain
CN114219479A (en) Blockchain redaction system and method for distributed environment
CN113362065A (en) Online signature transaction implementation method based on distributed private key
CN114401118B (en) Login password verification system based on intelligent contract
CN115865330B (en) Method and medium for supervising modification of information on chain based on block chain
CN114417272B (en) A blockchain-based carbon emission trading center account management system
Du et al. Secure and verifiable keyword search in multiple clouds
CN112948847B (en) Block chain-based data sharing system and data correctness verification method
Zhou et al. Integrity preserving multi-keyword searchable encryption for cloud computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
PE01 Entry into force of the registration of the contract for pledge of patent right
PE01 Entry into force of the registration of the contract for pledge of patent right

Denomination of invention: A login password verification system based on smart contracts

Granted publication date: 20240430

Pledgee: Bank of Beijing Co.,Ltd. Hangzhou Yuhang sub branch

Pledgor: ZHEJIANG SHUQIN TECHNOLOGY CO.,LTD.

Registration number: Y2024330002485