CN114553426B - Signature verification method, key management platform, security terminal and electronic equipment - Google Patents

Signature verification method, key management platform, security terminal and electronic equipment Download PDF

Info

Publication number
CN114553426B
CN114553426B CN202011344964.XA CN202011344964A CN114553426B CN 114553426 B CN114553426 B CN 114553426B CN 202011344964 A CN202011344964 A CN 202011344964A CN 114553426 B CN114553426 B CN 114553426B
Authority
CN
China
Prior art keywords
signature
key
data
management platform
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011344964.XA
Other languages
Chinese (zh)
Other versions
CN114553426A (en
Inventor
张星
韩宇龙
柳耀勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile IoT Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile IoT Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile IoT Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN202011344964.XA priority Critical patent/CN114553426B/en
Publication of CN114553426A publication Critical patent/CN114553426A/en
Application granted granted Critical
Publication of CN114553426B publication Critical patent/CN114553426B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本申请提供一种签名验证方法、密钥管理平台、安全终端及电子设备,其方法包括:通过区块链客户端向安全终端发送第一数据写入指令;通过所述区块链客户端获取所述安全终端响应于所述第一数据写入指令生成的第一随机数;通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据;通过所述区块链客户端获取所述安全终端生成的第二签名,并对所述第二签名进行验证,所述第二签名为所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成的签名。本申请可以提高数据的安全性。

The application provides a signature verification method, a key management platform, a security terminal and electronic equipment, the method comprising: sending a first data writing instruction to the security terminal through a blockchain client; The security terminal responds to the first random number generated by the first data write instruction; sends a second data write instruction to the security terminal through the block chain client, and the second data write instruction Including a second random number, a first signature and ciphertext data, the first signature is a signature generated according to the first random number, and the ciphertext data is data obtained by encrypting target data; The block chain client obtains the second signature generated by the security terminal, and verifies the second signature. Two signatures generated by random numbers. This application can improve data security.

Description

签名验证方法、密钥管理平台、安全终端及电子设备Signature verification method, key management platform, secure terminal and electronic equipment

技术领域technical field

本申请涉及区块链技术领域,并且更具体地,涉及一种签名验证方法、密钥管理平台、安全终端及电子设备。The present application relates to the technical field of blockchain, and more specifically, relates to a signature verification method, a key management platform, a security terminal and electronic equipment.

背景技术Background technique

在区块链系统中,各区块链节点通过类似电子邮件地址的地址标识来实现数据传输,同时每次数据传输时发送方都需要对发送的数据信息进行签名,接收方收到数据信息后需要进行验签,以证明数据信息的可信性,防止虚假数据业务的泛滥,但公私密钥等数据都存储在区块链节点上,数据的安全性较低。In the blockchain system, each blockchain node realizes data transmission through an address identification similar to an email address. At the same time, the sender needs to sign the data information sent every time the data is transmitted. After receiving the data information, the receiver needs to Signature verification is carried out to prove the credibility of data information and prevent the flooding of false data services. However, data such as public and private keys are stored on blockchain nodes, and the data security is low.

发明内容Contents of the invention

本申请实施例提供一种签名验证方法、密钥管理平台、安全终端及电子设备,以解决数据安全性较低的问题。Embodiments of the present application provide a signature verification method, a key management platform, a security terminal, and electronic equipment, so as to solve the problem of low data security.

第一方面,本申请实施例提供了一种签名验证方法,应用于密钥管理平台,包括:In the first aspect, the embodiment of the present application provides a signature verification method applied to a key management platform, including:

通过区块链客户端向安全终端发送第一数据写入指令;Send the first data write instruction to the security terminal through the blockchain client;

通过所述区块链客户端获取所述安全终端响应于所述第一数据写入指令生成的第一随机数;Obtaining the first random number generated by the security terminal in response to the first data write instruction through the blockchain client;

通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据;Send a second data write instruction to the security terminal through the block chain client, the second data write instruction includes a second random number, a first signature and ciphertext data, and the first signature is based on The signature generated by the first random number, the ciphertext data is data obtained by encrypting the target data;

通过所述区块链客户端获取所述安全终端生成的第二签名,并对所述第二签名进行验证,所述第二签名为所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成的签名。Obtain the second signature generated by the security terminal through the block chain client, and verify the second signature, the second signature is when the security terminal passes the verification of the first signature A signature generated according to the second random number.

第二方面,本申请实施例还提供一种签名验证方法,应用于安全终端,包括:In the second aspect, the embodiment of the present application also provides a signature verification method applied to a secure terminal, including:

通过区块链客户端接收密钥管理平台发送的第一数据写入指令;Receive the first data write instruction sent by the key management platform through the blockchain client;

响应于所述第一数据写入指令生成第一随机数,将所述第一随机数通过所述区块链客户端发送给所述密钥管理平台;generating a first random number in response to the first data write instruction, and sending the first random number to the key management platform through the blockchain client;

通过所述区块链客户端接收所述密钥管理平台发送的第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为所述密钥管理平台根据所述第一随机数生成的签名,所述密文数据为所述密钥管理平台对目标数据进行加密得到的数据;Receive the second data writing instruction sent by the key management platform through the block chain client, the second data writing instruction includes the second random number, the first signature and ciphertext data, the first The signature is a signature generated by the key management platform according to the first random number, and the ciphertext data is data obtained by encrypting target data by the key management platform;

对所述第一签名进行验证,在验证所述第一签名通过的情况下,将所述密文数据写入,并根据所述第二随机数生成第二签名;Verifying the first signature, and writing the ciphertext data when verifying that the first signature is passed, and generating a second signature according to the second random number;

通过所述区块链客户端将所述第二签名发送给所述密钥管理平台。Send the second signature to the key management platform through the block chain client.

第三方面,本申请实施例还提供一种密钥管理平台,包括:In the third aspect, the embodiment of the present application also provides a key management platform, including:

第一发送模块,用于通过区块链客户端向安全终端发送第一数据写入指令;The first sending module is used to send the first data writing instruction to the security terminal through the block chain client;

第一获取模块,用于通过所述区块链客户端获取所述安全终端响应于所述第一数据写入指令生成的第一随机数;A first obtaining module, configured to obtain, through the blockchain client, a first random number generated by the security terminal in response to the first data write instruction;

第二发送模块,用于通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据;The second sending module is configured to send a second data writing instruction to the security terminal through the block chain client, the second data writing instruction includes a second random number, a first signature and ciphertext data, The first signature is a signature generated according to the first random number, and the ciphertext data is data obtained by encrypting target data;

第二获取模块,用于通过所述区块链客户端获取所述安全终端生成的第二签名,并对所述第二签名进行验证,所述第二签名为所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成的签名。The second obtaining module is used to obtain the second signature generated by the security terminal through the block chain client, and verify the second signature, and the second signature is that the security terminal is verifying the A signature generated according to the second random number when the first signature is passed.

第四方面,本申请实施例还提供一种安全终端,包括:In the fourth aspect, the embodiment of the present application further provides a security terminal, including:

第一发送模块,用于通过区块链客户端接收密钥管理平台发送的第一数据写入指令;The first sending module is used to receive the first data writing instruction sent by the key management platform through the block chain client;

生成模块,用于响应于所述第一数据写入指令生成第一随机数,将所述第一随机数通过所述区块链客户端发送给所述密钥管理平台;A generating module, configured to generate a first random number in response to the first data write instruction, and send the first random number to the key management platform through the blockchain client;

接收模块,用于通过所述区块链客户端接收所述密钥管理平台发送的第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为所述密钥管理平台根据所述第一随机数生成的签名,所述密文数据为所述密钥管理平台对目标数据进行加密得到的数据;A receiving module, configured to receive a second data write instruction sent by the key management platform through the block chain client, the second data write instruction includes a second random number, a first signature and ciphertext data , the first signature is a signature generated by the key management platform according to the first random number, and the ciphertext data is data obtained by encrypting target data by the key management platform;

验证模块,用于对所述第一签名进行验证,在验证所述第一签名通过的情况下,将所述密文数据写入,并根据所述第二随机数生成第二签名;A verification module, configured to verify the first signature, write the ciphertext data in the case of passing the verification of the first signature, and generate a second signature according to the second random number;

第二发送模块,用于通过所述区块链客户端将所述第二签名发送给所述密钥管理平台。The second sending module is configured to send the second signature to the key management platform through the block chain client.

第五方面,本申请实施例还提供一种电子设备,包括处理器、存储器及存储在所述存储器上并在所述处理器上运行的程序或指令,所述程序或指令被所述处理器执行时实现本申请实施例第一方面公开的所述签名验证方法中的步骤,或者,所述程序或指令被所述处理器执行时实现本申请实施例第二方面公开的所述签名验证方法中的步骤。In the fifth aspect, the embodiment of the present application also provides an electronic device, including a processor, a memory, and a program or instruction stored in the memory and running on the processor, and the program or instruction is executed by the processor When executed, the steps in the signature verification method disclosed in the first aspect of the embodiment of the present application are realized, or, when the program or instruction is executed by the processor, the signature verification method disclosed in the second aspect of the embodiment of the present application is realized in the steps.

这样,本实施例中,所述密钥管理平台通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据,可以使所述密文数据存储在所述安全终端中,所述目标数据对于区块链所有节点不可见,从而实现了提高目标数据安全性的技术效果。In this way, in this embodiment, the key management platform sends a second data write instruction to the security terminal through the blockchain client, and the second data write instruction includes the second random number, the first signature and ciphertext data, the first signature is a signature generated according to the first random number, the ciphertext data is data obtained by encrypting target data, and the ciphertext data can be stored in the safe In the terminal, the target data is invisible to all nodes of the block chain, thereby achieving the technical effect of improving the security of the target data.

附图说明Description of drawings

为了更清楚地说明本申请实施例的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions of the embodiments of the present application, the following will briefly introduce the accompanying drawings that need to be used in the description of the embodiments or prior art. Obviously, the accompanying drawings in the following description are only some of the present application. Embodiments, for those of ordinary skill in the art, other drawings can also be obtained according to these drawings without paying creative labor.

图1是本申请实施例提供的一种签名验证方法的流程示意图;FIG. 1 is a schematic flow diagram of a signature verification method provided in an embodiment of the present application;

图2是本申请实施例提供的另一种签名验证方法的流程示意图;Fig. 2 is a schematic flowchart of another signature verification method provided by the embodiment of the present application;

图3是本申请实施例提供的一种密钥下发系统的结构示意图;FIG. 3 is a schematic structural diagram of a key distribution system provided by an embodiment of the present application;

图4是本申请实施例提供的一种安全终端的结构示意图;FIG. 4 is a schematic structural diagram of a security terminal provided by an embodiment of the present application;

图5是本申请实施例提供的一种安全模块的结构示意图;Fig. 5 is a schematic structural diagram of a security module provided by an embodiment of the present application;

图6是本申请实施例提供的另一种签名验证方法的流程示意图;Fig. 6 is a schematic flowchart of another signature verification method provided by the embodiment of the present application;

图7是本申请实施例提供的另一种签名验证方法的流程示意图;Fig. 7 is a schematic flowchart of another signature verification method provided by the embodiment of the present application;

图8是本申请实施例提供的一种密钥管理平台的结构示意图;FIG. 8 is a schematic structural diagram of a key management platform provided by an embodiment of the present application;

图9是本申请实施例提供的另一种密钥管理平台的结构示意图;FIG. 9 is a schematic structural diagram of another key management platform provided by the embodiment of the present application;

图10是本申请实施例提供的另一种密钥管理平台的结构示意图;FIG. 10 is a schematic structural diagram of another key management platform provided by the embodiment of the present application;

图11是本申请实施例提供的一种安全终端的结构示意图;FIG. 11 is a schematic structural diagram of a security terminal provided by an embodiment of the present application;

图12是本申请实施例提供的另一种安全终端的结构示意图;Fig. 12 is a schematic structural diagram of another security terminal provided by an embodiment of the present application;

图13是本申请实施例提供的一种电子设备的结构示意图。FIG. 13 is a schematic structural diagram of an electronic device provided by an embodiment of the present application.

具体实施方式Detailed ways

下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。The following will clearly and completely describe the technical solutions in the embodiments of the present application with reference to the drawings in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of this application.

请参阅图1,图1是本申请实施例提供的一种签名验证方法的流程示意图,应用于密钥管理平台,如图1所示,包括以下步骤:Please refer to Figure 1, Figure 1 is a schematic flow diagram of a signature verification method provided in the embodiment of this application, which is applied to the key management platform, as shown in Figure 1, including the following steps:

步骤101、通过区块链客户端向安全终端发送第一数据写入指令。Step 101. Send the first data writing instruction to the security terminal through the blockchain client.

其中,上述区块链客户端与上述安全终端可以是对应关系,例如:上述安全终端可以作为区块链使用方节点的可信载体,上述区块链客户端相应的密钥等敏感数据可以存储在对应的安全终端中,而对其他区块链节点不可见。Among them, the above-mentioned blockchain client and the above-mentioned security terminal may have a corresponding relationship, for example: the above-mentioned security terminal can be used as a trusted carrier of the blockchain user node, and the sensitive data such as the corresponding key of the above-mentioned blockchain client can be stored In the corresponding security terminal, but not visible to other blockchain nodes.

其中,上述第一数据写入指令可以是触发上述安全终端发送随机数的指令,例如:在签名验证过程中,上述密钥管理平台可以通过上述安全终端生成的第一随机数生成第一签名,而上述安全终端可以通过上述第一签名对上述密钥管理平台身份的合法性进行验证。Wherein, the above-mentioned first data writing instruction may be an instruction that triggers the above-mentioned security terminal to send a random number, for example: during the signature verification process, the above-mentioned key management platform may generate a first signature through the first random number generated by the above-mentioned security terminal, The security terminal can verify the legitimacy of the identity of the key management platform through the first signature.

步骤102、通过所述区块链客户端获取所述安全终端响应于所述第一数据写入指令生成的第一随机数。Step 102. Obtain the first random number generated by the security terminal in response to the first data write instruction through the blockchain client.

其中,上述第一随机数可以是上述安全终端中的安全模块生成的,上述安全终端的身份信息(如私钥)可以存储在上述安全模块中,并且上述安全模块可以提供签名能力。Wherein, the first random number may be generated by a security module in the security terminal, identity information (such as a private key) of the security terminal may be stored in the security module, and the security module may provide a signature capability.

步骤103、通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据。Step 103: Send a second data write instruction to the security terminal through the blockchain client, the second data write instruction includes a second random number, a first signature and ciphertext data, and the first The signature is a signature generated according to the first random number, and the ciphertext data is data obtained by encrypting target data.

其中,上述目标数据可以是上述安全终端需要存储的敏感数据,例如:安全模块的身份密钥、业务密钥、数据消费方的唯一标识等敏感数据。另外,上述目标数据可以是基于上述安全终端分散出对应的目标数据,从而上述目标数据可以与上述安全终端形成映射关系。Wherein, the above-mentioned target data may be sensitive data that needs to be stored by the above-mentioned security terminal, for example: sensitive data such as identity key of the security module, service key, and unique identifier of the data consumer. In addition, the target data may be based on the security terminal distributing corresponding target data, so that the target data may form a mapping relationship with the security terminal.

其中,上述加密可以在加密机中完成,例如:上述密钥管理平台与加密机对接,所有密钥的分散和生成等动作可以在加密机中完成,这样不会对外暴露明文数据。Among them, the above-mentioned encryption can be completed in the encryption machine, for example: the above-mentioned key management platform is connected with the encryption machine, and all actions such as distribution and generation of keys can be completed in the encryption machine, so that the plaintext data will not be exposed to the outside world.

步骤104、通过所述区块链客户端获取所述安全终端生成的第二签名,并对所述第二签名进行验证,所述第二签名为所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成的签名。Step 104, obtain the second signature generated by the security terminal through the block chain client, and verify the second signature, the second signature is that the security terminal passes the verification of the first signature In the case of the signature generated according to the second random number.

其中,上述第二签名可以用于验证上述安全终端身份的合法性,在上述安全终端通过上述第一签名验证上述密钥管理平台身份合法的情况下,生成上述第二签名传输给上述密钥管理平台,以使上述密钥管理平台和上述安全终端可以双向认证。Wherein, the above-mentioned second signature can be used to verify the legitimacy of the identity of the above-mentioned security terminal. When the above-mentioned security terminal verifies that the identity of the above-mentioned key management platform is legal through the above-mentioned first signature, the above-mentioned second signature is generated and transmitted to the above-mentioned key management platform. platform, so that the above-mentioned key management platform and the above-mentioned security terminal can conduct two-way authentication.

另外,上述第二签名验证通过的情况下,即上述密钥管理平台与上述安全终端之间建立了安全通道,上述密钥管理平台可以重复上述步骤以实现所有数据的分发。In addition, when the second signature verification is passed, that is, a secure channel is established between the key management platform and the security terminal, the key management platform may repeat the above steps to realize the distribution of all data.

本实施例中,所述密钥管理平台通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据,可以使所述密文数据存储在所述安全终端中,所述目标数据对于区块链所有节点不可见,从而实现了提高目标数据安全性的技术效果。In this embodiment, the key management platform sends a second data writing instruction to the security terminal through the blockchain client, and the second data writing instruction includes a second random number, a first signature and Ciphertext data, the first signature is a signature generated according to the first random number, the ciphertext data is data obtained by encrypting target data, and the ciphertext data can be stored in the security terminal , the target data is invisible to all nodes in the blockchain, thereby achieving the technical effect of improving the security of the target data.

另外,所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成所述第二签名,通过所述区块链客户端获取所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成的所述第二签名,并对所述第二签名进行验证,可以互相验证双方合法身份后完成数据的下发,从而提高数据传输的安全性和保密性。In addition, the security terminal generates the second signature according to the second random number when the first signature is verified, and obtains the security terminal's verification of the first signature through the blockchain client. When the signature is passed, the second signature is generated according to the second random number, and the second signature is verified, and the legal identity of both parties can be verified each other to complete the data delivery, thereby improving the security of data transmission and confidentiality.

可选的,所述通过所述区块链客户端向所述安全终端发送第二数据写入指令之前,所述方法还包括:Optionally, before sending the second data writing instruction to the security terminal through the blockchain client, the method further includes:

通过所述区块链客户端获取所述安全终端支持的功能列表,根据所述功能列表判断所述安全终端是否支持密钥协商;Obtaining a function list supported by the security terminal through the blockchain client, and judging whether the security terminal supports key negotiation according to the function list;

在所述安全终端不支持密钥协商的情况下,使用预设密钥对所述目标数据进行加密得到所述密文数据;If the secure terminal does not support key negotiation, encrypt the target data with a preset key to obtain the ciphertext data;

在所述安全终端支持密钥协商的情况下,与所述安全终端进行协商得到会话密钥,使用所述会话密钥对所述目标数据进行加密得到所述密文数据。If the security terminal supports key negotiation, negotiate with the security terminal to obtain a session key, and use the session key to encrypt the target data to obtain the ciphertext data.

其中,上述预设密钥可以是预置在上述安全终端中的管理密钥,例如:在上述安全终端中的身份认证密钥和相应业务密钥装载时,通过预置的密钥完成上述密钥管理平台和上述安全终端之间安全通道的建立,可以减少资源开销,提高效率。Wherein, the aforementioned preset key may be a management key preset in the aforementioned security terminal, for example: when the identity authentication key and the corresponding service key in the aforementioned security terminal are loaded, the aforementioned encryption key is completed through the preset key. The establishment of a secure channel between the key management platform and the above-mentioned secure terminal can reduce resource overhead and improve efficiency.

其中,上述判断所述安全终端是否支持密钥协商可以通过上述安全终端中是否存在协商密钥来判断,例如:协商密钥的私钥可以在上述安全终端生产过程中预置在上述安全终端的安全模块中,若上述安全终端有上述协商密钥,则可以与上述密钥管理平台进行协商得到上述会话密钥。Wherein, the above-mentioned judging whether the security terminal supports key negotiation can be judged by whether there is a negotiation key in the security terminal, for example: the private key of the negotiation key can be preset in the security terminal during the production process of the security terminal In the security module, if the security terminal has the negotiation key, it can negotiate with the key management platform to obtain the session key.

该实施方式中,根据所述功能列表判断所述安全终端是否支持密钥协商,选择使用所述预设密钥或者会话密钥对目标数据进行加密,在所述安全终端不支持密钥协商的情况下,使用所述预设密钥建立上述密钥管理平台与上述安全终端之间的安全通道可以减少资源开销,提高效率和用户体验;在所述安全终端支持密钥协商的情况下,与所述安全终端进行协商得到会话密钥,使用所述会话密钥对所述目标数据进行加密得到所述密文数据,可以确保数据的完整性和保密性。In this embodiment, it is judged according to the function list whether the security terminal supports key negotiation, and the target data is encrypted using the preset key or session key, and if the security terminal does not support key negotiation In some cases, using the preset key to establish a secure channel between the key management platform and the secure terminal can reduce resource overhead, improve efficiency and user experience; in the case that the secure terminal supports key negotiation, and The security terminal negotiates to obtain a session key, and uses the session key to encrypt the target data to obtain the ciphertext data, which can ensure data integrity and confidentiality.

可选的,所述与所述安全终端进行协商得到会话密钥,包括:Optionally, the negotiating with the secure terminal to obtain the session key includes:

通过所述区块链客户端向所述安全终端发送密钥协商指令,所述密钥协商指令包括第三随机数、会话密钥因子密文和第三签名,所述会话密钥因子密文为对生成的会话密钥因子加密得到的数据;Send a key agreement instruction to the security terminal through the block chain client, the key agreement instruction includes a third random number, a session key factor ciphertext, and a third signature, and the session key factor ciphertext The data obtained by encrypting the generated session key factor;

通过所述区块链客户端接收所述安全终端响应于所述密钥协商指令发送的第四签名,所述第四签名为所述安全终端在验证所述第三签名通过的情况下,解密所述会话密钥因子密文生成会话密钥,并根据所述会话密钥和所述第三随机数生成的签名;Receive the fourth signature sent by the security terminal in response to the key agreement instruction through the blockchain client, where the fourth signature is decrypted by the security terminal after verifying that the third signature passes The session key factor ciphertext generates a session key, and generates a signature based on the session key and the third random number;

验证所述第四签名,在验证所述第四签名通过的情况下基于所述会话密钥因子获取所述会话密钥。Verifying the fourth signature, and obtaining the session key based on the session key factor when the fourth signature is verified to pass.

其中,上述会话密钥因子加密可以通过预置的密钥进行加密,例如:在上述安全终端支持密钥协商的情况下,上述安全终端存储有协商密钥的私钥,上述密钥管理平台对应存储有上述协商密钥的公钥,可以使用上述协商密钥的公钥对生成的会话密钥因子进行加密得到上述会话密钥因子密文。Wherein, the above-mentioned session key factor encryption can be encrypted by a preset key. For example, if the above-mentioned secure terminal supports key negotiation, the above-mentioned secure terminal stores the private key of the negotiated key, and the above-mentioned key management platform corresponds to The public key of the negotiation key is stored, and the generated session key factor may be encrypted using the public key of the negotiation key to obtain the ciphertext of the session key factor.

其中,上述第四签名验证通过的情况可以理解为上述密钥管理平台与上述安全终端协商完毕,上述密钥管理平台与上述安全终端都可以根据上述会话密钥因子得到相同的会话密钥。Wherein, the fact that the fourth signature verification is passed can be understood as that the key management platform and the security terminal have finished negotiating, and both the key management platform and the security terminal can obtain the same session key according to the session key factor.

该实施方式中,通过使用协商后的会话密钥对目标数据进行加密并计算签名,可以保证数据的完整性和保密性,从而实现目标数据从密钥管理平台到区块链客户端对应的安全终端的安全下发。In this embodiment, by using the negotiated session key to encrypt the target data and calculate the signature, the integrity and confidentiality of the data can be guaranteed, thereby realizing the corresponding security of the target data from the key management platform to the blockchain client Terminal security delivery.

可选的,所述通过区块链客户端向对应的安全终端发送第二数据写入指令之前,所述方法还包括:Optionally, before sending the second data writing instruction to the corresponding security terminal through the blockchain client, the method further includes:

获取所述安全终端标识,根据所述安全终端标识生成所述目标数据。Acquire the security terminal identifier, and generate the target data according to the security terminal identifier.

其中,上述目标数据可以通过分散生成方法得到,例如:使用安全终端标识、版本号和填充字节的方法分散得到目标数据,形成一个区块链客户端映射一组目标数据,每个区块链使用方节点的目标数据对其他节点都不可见。Among them, the above-mentioned target data can be obtained through a decentralized generation method, for example: use the method of secure terminal identification, version number and filling bytes to disperse the target data to form a block chain client to map a set of target data, each block chain The target data of the consumer node is not visible to other nodes.

该实施方式中,使用所述安全终端标识生成所述目标数据,可以形成一个区块链使用方节点对应一组目标数据的映射关系,不同用户具有不同加解密密钥,在权限许可的情况下可以对不同区块链使用方节点上链的密文数据进行解密,提高数据的安全性和保密性。In this embodiment, using the security terminal identifier to generate the target data can form a mapping relationship between a block chain user node corresponding to a group of target data, and different users have different encryption and decryption keys. It can decrypt the ciphertext data on the chain of different blockchain user nodes to improve data security and confidentiality.

请参阅图2,图2是本申请实施例提供的另一种签名验证方法的流程示意图,应用于安全终端,如图2所示,包括以下步骤:Please refer to Figure 2, Figure 2 is a schematic flow diagram of another signature verification method provided by the embodiment of this application, which is applied to a security terminal, as shown in Figure 2, including the following steps:

步骤201、通过区块链客户端接收密钥管理平台发送的第一数据写入指令。Step 201: Receive the first data writing instruction sent by the key management platform through the blockchain client.

步骤202、响应于所述第一数据写入指令生成第一随机数,将所述第一随机数通过所述区块链客户端发送给所述密钥管理平台。Step 202: Generate a first random number in response to the first data write instruction, and send the first random number to the key management platform through the blockchain client.

步骤203、通过所述区块链客户端接收所述密钥管理平台发送的第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为所述密钥管理平台根据所述第一随机数生成的签名,所述密文数据为所述密钥管理平台对目标数据进行加密得到的数据。Step 203: Receive the second data writing instruction sent by the key management platform through the blockchain client, the second data writing instruction includes the second random number, the first signature and ciphertext data, so The first signature is a signature generated by the key management platform according to the first random number, and the ciphertext data is data obtained by encrypting target data by the key management platform.

其中,上述密钥管理平台可以与加密机对接,上述加密可以在加密机中完成,所有密钥的分散和生成等动作可以在加密机中完成。Wherein, the above-mentioned key management platform can be connected with the encryption machine, the above-mentioned encryption can be completed in the encryption machine, and all operations such as distribution and generation of keys can be completed in the encryption machine.

步骤204、对所述第一签名进行验证,在验证所述第一签名通过的情况下,将所述密文数据写入,并根据所述第二随机数生成第二签名。Step 204: Verify the first signature, and if the first signature is verified, write the ciphertext data, and generate a second signature according to the second random number.

其中,上述对第一签名的验证可以用于验证上述密钥管理平台的身份合法性,上述第二签名可以用于上述密钥管理平台验证上述安全终端的身份合法性。Wherein, the above verification of the first signature may be used to verify the legality of the identity of the key management platform, and the second signature may be used by the key management platform to verify the legality of the identity of the security terminal.

其中,上述写入可以是将上述密文数据存储在上述安全终端的安全模块中,例如:在对上述第一签名验证通过的情况下,上述安全模块中可以写入上述密文数据,上述安全模块还可以存储上述区块链客户端或者上述安全终端的身份信息(如私钥),并提供数字签名能力、加解密的硬件算法实现能力等。Wherein, the above-mentioned writing may be storing the above-mentioned ciphertext data in the security module of the above-mentioned security terminal. The module can also store the identity information (such as private key) of the above-mentioned blockchain client or the above-mentioned security terminal, and provide digital signature capabilities, hardware algorithm implementation capabilities for encryption and decryption, etc.

步骤205、通过所述区块链客户端将所述第二签名发送给所述密钥管理平台。Step 205, sending the second signature to the key management platform through the blockchain client.

本实施例中,通过对所述第一签名进行验证,在验证所述第一签名通过的情况下,将所述密文数据写入,并通过所述区块链客户端将所述第二签名发送给所述密钥管理平台,可以存储所述目标数据加密后的密文数据,使得所述目标数据对于区块链所有节点不可见,从而实现了提高目标数据安全性的技术效果。In this embodiment, by verifying the first signature, if the verification of the first signature is passed, the ciphertext data is written, and the second The signature is sent to the key management platform, which can store the encrypted ciphertext data of the target data, so that the target data is invisible to all nodes in the blockchain, thereby achieving the technical effect of improving the security of the target data.

并且,所述安全终端通过所述第一签名进行验证所述密钥管理平台身份的合法性,所述密钥管理平台通过所述第二签名进行验证所述安全终端身份的合法性,通过所述密钥管理平台与所述安全终端之间的双向认证,可以提高数据传输的安全性,防止存在恶意一方的情况。In addition, the security terminal verifies the legitimacy of the identity of the key management platform through the first signature, and the key management platform verifies the legitimacy of the identity of the security terminal through the second signature. The two-way authentication between the key management platform and the security terminal can improve the security of data transmission and prevent the existence of a malicious party.

另外,通过安全终端存储区块链客户端的身份信息和实现数字签名、加解密的硬件算法实现,相对于传统软件、TEE(Trusted Execution Environment,可信任执行环境)等存储和加解密算法,能够防止SPA(Simple power analysis,简单功率分析)或DPA(Differential Power Analysis,差分功率分析)等测信道攻击和物理攻击,可以实现更高的存储安全性和更高的算法执行效率。In addition, through the security terminal to store the identity information of the blockchain client and realize the hardware algorithm of digital signature and encryption and decryption, it can prevent Channel attacks and physical attacks such as SPA (Simple power analysis) or DPA (Differential Power Analysis) can achieve higher storage security and higher algorithm execution efficiency.

可选的,所述通过所述区块链客户端接收所述密钥管理平台发送的第二数据写入指令之前,所述方法还包括:Optionally, before receiving the second data write instruction sent by the key management platform through the blockchain client, the method further includes:

通过所述区块链客户端向所述密钥管理平台发送支持的功能列表,以使所述密钥管理平台根据所述功能列表判断是否支持密钥协商;sending a supported function list to the key management platform through the blockchain client, so that the key management platform can determine whether to support key negotiation according to the function list;

在支持密钥协商的情况下,与所述密钥管理平台进行协商得到会话密钥。In the case of supporting key negotiation, negotiate with the key management platform to obtain the session key.

其中,上述功能列表可以包括上述安全终端是否支持密钥协商功能,例如:在上述安全终端装载身份认证密钥和相应的业务密钥时,上述安全终端无法支持上述密钥协商功能。Wherein, the above-mentioned function list may include whether the above-mentioned security terminal supports the key agreement function, for example: when the above-mentioned security terminal is loaded with an identity authentication key and a corresponding service key, the above-mentioned security terminal cannot support the above-mentioned key agreement function.

该实施方式中,在支持密钥协商的情况下,与所述密钥管理平台进行协商得到会话密钥,使用协商得到的所述会话密钥对所述目标数据进行加密,可以确保目标数据的完整性和保密性,完成目标数据从所述密钥管理平台到所述安全终端的安全下发。In this embodiment, when key negotiation is supported, a session key is obtained through negotiation with the key management platform, and the target data is encrypted using the session key obtained through negotiation, which can ensure the security of the target data. Integrity and confidentiality, completing the safe delivery of target data from the key management platform to the security terminal.

可选的,所述与所述密钥管理平台进行协商得到会话密钥,包括:Optionally, the negotiation with the key management platform to obtain the session key includes:

通过所述区块链客户端接收所述密钥管理平台发送的密钥协商指令,所述密钥协商指令包括第三随机数、会话密钥因子密文和第三签名,所述会话密钥因子密文为所述密钥管理平台对生成的会话密钥因子进行加密得到的数据;The key agreement instruction sent by the key management platform is received by the block chain client, the key agreement instruction includes a third random number, a session key factor ciphertext and a third signature, and the session key The factor ciphertext is the data obtained by encrypting the generated session key factor by the key management platform;

响应于所述密钥协商指令验证所述第三签名,在验证所述第三签名通过的情况下,解密所述会话密钥因子密文生成会话密钥,并根据所述会话密钥和所述第三随机数生成第四签名;Verifying the third signature in response to the key agreement instruction, if the verification of the third signature is passed, decrypting the ciphertext of the session key factor to generate a session key, and according to the session key and the The third random number generates the fourth signature;

通过所述区块链客户端向所述密钥管理平台发送所述第四签名。Sending the fourth signature to the key management platform through the block chain client.

该实施方式中,通过使用协商后的会话密钥对目标数据进行加密并计算签名,可以保证数据的完整性和保密性,从而实现目标数据从密钥管理平台到区块链客户端对应的安全终端的安全下发。In this embodiment, by using the negotiated session key to encrypt the target data and calculate the signature, the integrity and confidentiality of the data can be guaranteed, thereby realizing the corresponding security of the target data from the key management platform to the blockchain client Terminal security delivery.

作为一种具体的实施例,请参阅图3,图3示出了一种可以应用于本申请实施例中签名验证方法的密钥分发系统,如图3所示,系统300包括区块链系统301、密钥管理平台302、密码机303、安全终端系统304和身份认证系统305。As a specific embodiment, please refer to Figure 3. Figure 3 shows a key distribution system that can be applied to the signature verification method in the embodiment of this application. As shown in Figure 3, the system 300 includes a blockchain system 301 , key management platform 302 , cipher machine 303 , security terminal system 304 and identity authentication system 305 .

其中,区块链系统301包括区块链客户端SDK(Software Development Kit,软件开发工具包)和HTTP REST(Representation State Transfer,表现层状态转化)接口,安全终端系统304包括多个安全终端。Among them, the blockchain system 301 includes a blockchain client SDK (Software Development Kit, software development kit) and HTTP REST (Representation State Transfer, presentation layer state conversion) interface, and the security terminal system 304 includes multiple security terminals.

如图4所示,安全终端为配有基带通信计算机最小系统401、触摸屏402、安全模块403、信息采集模块404、通信模块405、电源模块406等硬件,并运行图形界面操作系统及软件的嵌入式设备。安全终端能够通过接触或非接触方式(摄像扫码、感应、有线连接或无线通信等)可以获得物品、物资具有唯一标识码或在安全终端间交换信息。安全终端可以生成物权流转登记信息并直接向区块链系统申请上链。安全终端是物权转出方和物权转入方都应具有的登记设备。所述基带通信计算机最小系统401主要由基带芯片、射频芯片、时钟、非挥发性存储器和挥发性存储器等组成基本功能包括运行操作系统管理任务调度、具备蜂窝网移动通信能力、数据库、外设通信接口及IO(Input/Output,输入/输出)等。所述触摸屏402可以为电容或电阻式触摸屏,一方面提供图形显示能力,一方面提供触控控制能力。所述信息采集模块404可以包括摄像头、NFC(Near Field Communication,近场通信)或红外扫描等信息采集设备。所述通信模块405可以提供Bluetooth(蓝牙)、WIFI(WirelessFidelity,无线保真)等近距离通信能力。所述电源模块406可以由电池、充电电路和接口等组成。安全终端内部装备有安全模块,安全模块的安全单元存储所述安全终端的身份信息(如私钥)并提供签名能力,外部可以通过接口调用安全模块对输入数据使用安全模块保存的私钥进行数字签名,但是外部无法通过接口直接获得私钥信息;安全模块403的SIM(Subscriber Identity Module,用户识别模块)单元提供蜂窝网通信能力。As shown in Figure 4, the security terminal is equipped with hardware such as a baseband communication computer minimum system 401, a touch screen 402, a security module 403, an information collection module 404, a communication module 405, and a power supply module 406, and runs a graphical interface operating system and embedded software. equipment. Security terminals can obtain items and materials with unique identification codes or exchange information between security terminals through contact or non-contact methods (camera code scanning, induction, wired connection or wireless communication, etc.). The security terminal can generate property rights transfer registration information and directly apply for chaining to the blockchain system. The security terminal is a registration device that both the party that transfers the property rights and the party that transfers the property rights should have. The minimum baseband communication computer system 401 is mainly composed of a baseband chip, a radio frequency chip, a clock, a non-volatile memory, and a volatile memory. Interface and IO (Input/Output, input/output), etc. The touch screen 402 can be a capacitive or resistive touch screen, which provides graphic display capability on the one hand and touch control capability on the other hand. The information collection module 404 may include information collection devices such as cameras, NFC (Near Field Communication, near field communication) or infrared scanning. The communication module 405 can provide Bluetooth (Bluetooth), WIFI (Wireless Fidelity, wireless fidelity) and other short-distance communication capabilities. The power module 406 may be composed of a battery, a charging circuit, an interface and the like. The security terminal is equipped with a security module inside, and the security unit of the security module stores the identity information (such as a private key) of the security terminal and provides a signature capability, and the security module can be called externally through the interface to digitalize the input data using the private key stored in the security module. signature, but the outside cannot directly obtain private key information through the interface; the SIM (Subscriber Identity Module, Subscriber Identity Module) unit of the security module 403 provides cellular network communication capabilities.

其中,如图5所示,安全模块403可以是包括安全存储介质4031、MCU(Microcontroller Unit,微控制单元)4032、控制电路逻辑4033、通信模块4034、显示模块4035的最小安全计算单元,安全存储介质4031基于防测信道攻击、激光攻击、物理破坏等的安全设计,安全存储介质4031可以是FLASH(快闪记忆体)、ROM(Read-Only Memory,只读存储器)、EEPROM(Electrically Erasable Programmable ROM,带电可擦可编程只读存储器)、OTP(One Time Programmable,一次性可编程)等非挥发性存储器件,可以安全存储敏感数据,有效防止泄露。MCU4032和控制电路逻辑4033配合完成片上嵌入式操作系统的运行,对外提供签名和加解密等安全服务。通信模块4034主要是用于与账户权限管理系统完成对接,提供硬件交互接口,同时为安全模块提供电源,主要是USB(Universal SerialBus,通用串行总线)接口形式。显示模块4035可以是LCD(Liquid Crystal Display,液晶显示器),LCD用于安全模块当前状态的提示,主要包括上电、正常、异常等。Wherein, as shown in FIG. 5 , the security module 403 may be a minimum security computing unit including a security storage medium 4031, an MCU (Microcontroller Unit, micro control unit) 4032, a control circuit logic 4033, a communication module 4034, and a display module 4035. The medium 4031 is based on the safety design of anti-channel attack, laser attack, physical destruction, etc., and the safe storage medium 4031 can be FLASH (flash memory), ROM (Read-Only Memory, read-only memory), EEPROM (Electrically Erasable Programmable ROM) , Chargeable Erasable Programmable Read-Only Memory), OTP (One Time Programmable, One Time Programmable) and other non-volatile storage devices, which can safely store sensitive data and effectively prevent leakage. MCU4032 and control circuit logic 4033 cooperate to complete the operation of the on-chip embedded operating system, and provide external security services such as signature and encryption and decryption. The communication module 4034 is mainly used to complete the docking with the account authority management system, provide a hardware interaction interface, and provide power for the security module at the same time, mainly in the form of a USB (Universal Serial Bus, Universal Serial Bus) interface. The display module 4035 may be an LCD (Liquid Crystal Display, liquid crystal display), and the LCD is used for prompting the current status of the security module, mainly including power-on, normal, abnormal and so on.

密钥管理平台302跟密码机303配合组成完整的密钥管理系统,是由后台、数据库等技术构成的服务器应用,主要用于完成安全模块标识采集、密钥分散、密钥下发和数据管理等功能。安全模块需要装载或者更新密钥时,区块链使用者客户端SDK会发送密钥装载或更新申请,密钥管理平台302通过双向鉴权,鉴权通过后响应申请完成密钥的装载和下发。The key management platform 302 cooperates with the cipher machine 303 to form a complete key management system, which is a server application composed of background, database and other technologies, and is mainly used to complete security module identification collection, key distribution, key distribution and data management and other functions. When the security module needs to load or update the key, the blockchain user client SDK will send a key loading or updating application, and the key management platform 302 will pass the two-way authentication. After the authentication is passed, it will respond to the application to complete the loading and downloading of the key. hair.

身份认证系统305包括身份认证平台和配套的安全模块。身份认证平台是由Web前台、Web后台、数据库等技术构成的服务器应用。身份认证系统305一方面提供账户权限管理能力(如管理员或者运营方将授权的安全终端的公钥和ID存证到区块链,管理员或者运营方将授权的安全模块的公钥和ID存证到区块链等);身份认证系统305的使用者包括管理员、业务角色(如联盟内相关业务的企业和组织)等都需要使用安全模块才能登陆身份认证系统。这是由于安全模块内保存了所述使用者的私钥和ID,所述使用者使用身份认证系统执行请求时都使用了所述私钥签名;区块链系统接收到请求时,会用区块链存储的对应公钥和ID做验签;验签通过的请求区块链才会受理。The identity authentication system 305 includes an identity authentication platform and a supporting security module. The identity authentication platform is a server application composed of Web front-end, Web back-end, database and other technologies. On the one hand, the identity authentication system 305 provides account rights management capabilities (for example, the administrator or operator stores the public key and ID of the authorized security terminal in the blockchain, and the administrator or operator stores the public key and ID of the authorized security module Store certificates in the block chain, etc.); users of the identity authentication system 305, including administrators, business roles (such as enterprises and organizations of related businesses in the alliance), etc., all need to use the security module to log in to the identity authentication system. This is because the user's private key and ID are stored in the security module, and the user uses the identity authentication system to execute the request using the private key signature; when the block chain system receives the request, it will use the block The corresponding public key and ID stored in the block chain are verified for signature; the request block chain that passes the verification will only be accepted.

其中,密钥管理平台302用于产生1024bit的RSA公私钥对作为数据消费方的授权公私钥对,同时产生数据消费方唯一标识DCID,并对应存储在数据库进行统一管理;通过区块链客户端SDK与密钥管理平台302之间建立的线上安全通道,将数据消费方唯一标识DCID、对称密钥、私钥和授权有效期写入安全终端的安全模块中;数据消费方唯一标识DCID和公钥存证与区块链;区块链使用者的客户端SDK跟安全模块配套使用,检查授权有效期,如果过期,则安全模块失效。签名验证方法可以包括以下过程:Among them, the key management platform 302 is used to generate a 1024-bit RSA public-private key pair as the authorized public-private key pair of the data consumer, and at the same time generate the data consumer’s unique identifier DCID, and store it in the database for unified management; through the blockchain client The online security channel established between the SDK and the key management platform 302 writes the data consumer's unique identifier DCID, symmetric key, private key and authorization validity period into the security module of the security terminal; the data consumer's unique identifier DCID and public key Key storage certificate and blockchain; the client SDK of blockchain users is used in conjunction with the security module to check the validity period of the authorization. If it expires, the security module will become invalid. Signature verification methods can include the following procedures:

安全模块在第一次启动的时候,区块链使用者客户端SDK询问所述安全模块是否存在业务密钥或者身份认证密钥,得到询问信息,并将所述询问信息告知密钥管理中心;When the security module is started for the first time, the blockchain user client SDK inquires whether the security module has a business key or an identity authentication key, obtains the query information, and informs the key management center of the query information;

密钥管理中心获取所述安全模块的唯一标识和功能列表,所述功能列表包括所述安全模块是否支持密钥协商等功能;The key management center obtains the unique identifier and function list of the security module, and the function list includes whether the security module supports functions such as key negotiation;

根据是否存在密钥,向密钥管理平台提出密钥装载或者密钥更新申请;According to whether there is a key, submit a key loading or key update application to the key management platform;

所述安全模块接收所述密钥更新申请;The security module receives the key update application;

所述安全模块生成随机数SARand作为响应,返回给密钥管理平台;The security module generates a random number SARand as a response and returns to the key management platform;

所述密钥管理平台根据所述安全模块支持的功能列表选择合理的方式将密钥进行加密形成密文数据,同时密钥管理平台生成随机数SPRand,使用SARand生成签名,将密文数据、SPRand和签名数据级联后下发数据更新安全模块密钥;The key management platform selects a reasonable method according to the function list supported by the security module to encrypt the key to form ciphertext data, and at the same time the key management platform generates a random number SPRand, uses SARand to generate a signature, and converts the ciphertext data, SPRand After cascading with the signature data, send the data to update the security module key;

区块链客户端SDK收到下发数据后转发给安全模块,安全模块对密钥管理平台的签名结果进行验证确认密钥管理平台身份,验证通过后写入本次密钥数据。同时使用SPRand生成签名并上传;After the blockchain client SDK receives the delivered data, it forwards it to the security module, and the security module verifies the signature result of the key management platform to confirm the identity of the key management platform, and writes the current key data after the verification is passed. At the same time, use SPRand to generate a signature and upload it;

所述密钥管理平台收到签名数据后,进行验证确认安全模块是否合法,从而重复上述步骤完成所有密钥的分发和写入。After the key management platform receives the signature data, it verifies whether the security module is legal, and then repeats the above steps to complete the distribution and writing of all keys.

其中,随机数SARand表示上述第一随机数,随机数SPRand表示上述第二随机数,使用SARand生成的签名表示上述第一签名,使用SPRand生成的签名表示上述第二签名。Wherein, the random number SARand represents the above-mentioned first random number, the random number SPRand represents the above-mentioned second random number, the signature generated by using SARand represents the above-mentioned first signature, and the signature generated by using SPRand represents the above-mentioned second signature.

其中,上述区块链使用者可以包括运营方、金融服务方和监管方等需要查看满足相应公钥权限的链上数据的一方,参与方的敏感数据需要存储在安全模块中,参与方需要存储的敏感数据要求如下表:Among them, the above-mentioned blockchain users may include operators, financial service providers, regulators and other parties who need to view the data on the chain that meets the corresponding public key authority. The sensitive data of the participants need to be stored in the security module, and the participants need to store The sensitive data requirements are as follows:

表1Table 1

其中,密钥的结构以“密钥头+密钥体”的形式存储,密钥头主要定义密钥相关属性,密钥体指密钥值。具体定义如下表:Among them, the structure of the key is stored in the form of "key header + key body". The key header mainly defines key-related attributes, and the key body refers to the key value. The specific definition is as follows:

表2Table 2

密钥类型key type 密钥IDkey ID 密钥版本key version 密钥尝试次数key attempts 密钥长度key length 密钥值key value

如果密钥错误次数超过尝试次数,则会锁定安全模块,需要运营方进行解锁操作,否则安全模块功能无法正常使用。If the number of key errors exceeds the number of attempts, the security module will be locked, and the operator needs to perform an unlocking operation, otherwise the security module function cannot be used normally.

本业务中,对称密钥(除数据加密根密钥外)的管理采用根密钥->子密钥的分散方式进行管理,即服务器管理根密钥,而安全模块上的子密钥则由根密钥通过一定的参数运算得到。密钥的分散层次及相关要求如下:In this service, the management of symmetric keys (except the data encryption root key) adopts the root key -> sub-key decentralized management, that is, the server manages the root key, while the sub-key on the security module is managed by The root key is obtained through certain parameter operations. The decentralization level and related requirements of keys are as follows:

管理密钥必须在安全模块生产的时候预置,管理密钥类型包括ISD密钥(安全模块为Java平台)和主控密钥(安全模块为Native平台),采用二级结构,说明如下:The management key must be preset when the security module is produced. The management key types include ISD key (the security module is the Java platform) and the master control key (the security module is the Native platform). The two-level structure is used, as follows:

二级结构:管理根密钥->子密钥;Secondary structure: manage root key -> subkey;

分散参数:DCID+版本号;Decentralized parameters: DCID+version number;

各级密钥的分布情况如下表所示:The distribution of keys at all levels is shown in the table below:

表3table 3

根密钥root key 密钥管理系统key management system 子密钥subkey 安全模块security module

子密钥需要在安全模块生产过程中预置,其他密钥可以通过线上和线下的方式进行授权和更新。The subkey needs to be preset during the production process of the security module, and other keys can be authorized and updated online and offline.

锁定密钥采用二级结构,说明如下:The lock key adopts a two-level structure, which is described as follows:

二级结构:锁定根密钥->子密钥;Secondary structure: lock root key -> subkey;

分散参数:SEID+版本号;Decentralized parameters: SEID+version number;

各级密钥的分布情况如下表所示:The distribution of keys at all levels is shown in the table below:

表4Table 4

根密钥root key 密钥管理系统key management system 子密钥subkey 安全模块security module

解锁密钥采用二级结构,说明如下:The unlock key adopts a two-level structure, which is described as follows:

二级结构:解锁根密钥->子密钥;Secondary structure: unlock root key -> subkey;

分散参数:SEID+版本号;Decentralized parameters: SEID+version number;

各级密钥的分布情况如下表所示:The distribution of keys at all levels is shown in the table below:

表5table 5

根密钥root key 密钥管理系统key management system 子密钥subkey 安全模块security module

数据加密根密钥采用一级管理结构,说明如下:The data encryption root key adopts a one-level management structure, which is described as follows:

一级结构:将安全芯片中数据加密密钥对应的根密钥直接写入安全模块,在解密数据时,根密钥通过链上的数据“SEID+版本号”先分散得到解密子密钥,然后再解密链上的密文数据;One-level structure: the root key corresponding to the data encryption key in the security chip is directly written into the security module. When decrypting data, the root key is first dispersed to obtain the decryption sub-key through the data "SEID+version number" on the chain, and then Then decrypt the ciphertext data on the chain;

各级密钥的分布情况如下表所示:The distribution of keys at all levels is shown in the table below:

表6Table 6

根密钥root key 密钥管理系统key management system 根密钥root key 安全模块security module

签名密钥是由密钥管理系统生成的1024bit长度的RSA公私钥对;The signature key is a 1024bit RSA public-private key pair generated by the key management system;

密钥的分布情况如下表所示:The distribution of keys is shown in the table below:

表7Table 7

私钥private key 安全模块security module 公钥public key 密钥管理系统key management system

协商密钥是由密钥管理系统生成的1024bit长度的RSA公私钥对;The negotiation key is a 1024bit RSA public-private key pair generated by the key management system;

密钥的分布情况如下表所示:The distribution of keys is shown in the table below:

表8Table 8

私钥private key 安全模块security module 公钥public key 密钥管理系统key management system

协商密钥在安全模块生产过程中在安全模块中预置。The negotiated key is preset in the security module during the production process of the security module.

其中,对称密钥的子密钥分散方法可以包括以下过程:Among them, the subkey distribution method of the symmetric key may include the following process:

密钥的分散参数为16字节(如不足16字节则先补0x80,如不足16字节则再补0x00至16字节);The dispersal parameter of the key is 16 bytes (if it is less than 16 bytes, first add 0x80, if it is less than 16 bytes, then add 0x00 to 16 bytes);

对于128Bit密钥,使用根密钥采用该密钥对应算法的ECB(Electronic Codebook,电码本)算法对分散参数进行加密,得到子密钥;对于256Bit密钥,将以上的16字节分散参数与该参数取反后的数值连接,构成32字节分散参数,并使用根密钥采用该密钥对应算法的ECB算法对分散参数进行加密,得到子密钥。例如:如果移动授权密钥分组中的加密密钥(根密钥)为AES-128Bit密钥KeyRoot,某安全芯片的SEID为11223344556677889900,密钥版本号为01,则安全芯片的子密钥KeySub按如下方式得到:For a 128Bit key, use the ECB (Electronic Codebook) algorithm corresponding to the key to encrypt the dispersed parameters using the root key to obtain a subkey; for a 256Bit key, combine the above 16-byte dispersed parameters with The value after the parameter is reversed is connected to form a 32-byte distributed parameter, and the root key is used to encrypt the distributed parameter with the ECB algorithm corresponding to the key to obtain a subkey. For example: if the encryption key (root key) in the mobile authorization key group is AES-128Bit key KeyRoot, the SEID of a security chip is 11223344556677889900, and the key version number is 01, then the subkey KeySub of the security chip is pressed Obtained as follows:

填充SEID到16字节:11223344556677889900018000000000;Fill SEID to 16 bytes: 11223344556677889900018000000000;

计算子密钥SubKey=Calculate the subkey SubKey=

AES-28-EncECB(KeyRoot)[11223344556677889900018000000000]。AES-28-EncECB(KeyRoot)[11223344556677889900018000000000].

其中,基于非对称密钥的密钥协商算法可以包括以下过程:Among them, the key agreement algorithm based on asymmetric key may include the following process:

对于会话双方采用非对称密钥进行单向协商的情况下,可以采用基于非对称密钥的会话密钥计算方式,得到会话密钥。In the case that the two parties in the session use an asymmetric key for one-way negotiation, the session key can be obtained by using the session key calculation method based on the asymmetric key.

128Bit会话密钥计算方式如下:The 128Bit session key is calculated as follows:

SessionKeyEnc=LEFT16[HASH256[会话密钥因子||‘ENC&MAC’||安全平台随机数]];SessionKeyEnc=LEFT16[HASH256[session key factor||‘ENC&MAC’||secure platform random number]];

SessionKeyMac=RIGHT16[HASH256[会话密钥因子||‘ENC&MAC’||安全平台随机数]];SessionKeyMac=RIGHT16[HASH256[session key factor||'ENC&MAC'||security platform random number]];

256Bit会话密钥计算方式如下:The 256Bit session key is calculated as follows:

SessionKeyEnc=HASH256[会话密钥因子||‘ENC’||安全平台随机数]SessionKeyMac=HASH256[会话密钥因子||‘MAC’||安全平台随机数];SessionKeyEnc=HASH256[session key factor||‘ENC’||secure platform random number] SessionKeyMac=HASH256[session key factor||‘MAC’||secure platform random number];

其中,会话密钥因子长度16字节,由安全平台生成并采用安全模块的公钥加密传输给安全模块;HASH256可以表示256位摘要算法,可以根据实际情况选择SHA256;LEFT16/RIGHT16可以表示取参数的左16字节和右16字节。Among them, the length of the session key factor is 16 bytes, which is generated by the security platform and encrypted with the public key of the security module and transmitted to the security module; HASH256 can represent a 256-bit digest algorithm, and SHA256 can be selected according to the actual situation; LEFT16/RIGHT16 can represent parameters The left 16 bytes and right 16 bytes.

如图6所示,签名验证方法可以具体包括以下过程:As shown in Figure 6, the signature verification method may specifically include the following processes:

密钥管理平台应用向区块链客户端SDK发送第一数据写入指令;The key management platform application sends the first data write command to the blockchain client SDK;

区块链客户端SDK向安全模块OS发送第一数据写入指令;The blockchain client SDK sends the first data write command to the security module OS;

安全模块OS返回响应到区块链客户端SDK,其中,响应包括随机数SARand;The security module OS returns a response to the blockchain client SDK, wherein the response includes the random number SARand;

区块链客户端SDK返回响应到密钥管理平台应用;The blockchain client SDK returns a response to the key management platform application;

密钥管理平台应用向密钥管理平台发送数据写入请求报文,数据写入报文请求包括随机数SARand;The key management platform application sends a data write request message to the key management platform, and the data write message request includes a random number SARand;

密钥管理平台生成第二数据写入指令,第二数据写入指令包括DATA(数据)密文、随机数SPRand和签名SPMAC;The key management platform generates a second data write instruction, and the second data write instruction includes DATA (data) ciphertext, random number SPRand and signature SPMAC;

密钥管理平台向密钥管理平台应用发送第二数据写入指令;The key management platform sends a second data write instruction to the key management platform application;

密钥管理平台应用向区块链客户端SDK发送第二数据写入指令;The key management platform application sends the second data write command to the blockchain client SDK;

区块链客户端SDK向安全模块OS发送第二数据写入指令;The blockchain client SDK sends a second data write command to the security module OS;

安全模块OS验证密钥管理平台身份,并执行数据写入操作;The security module OS verifies the identity of the key management platform and performs data writing operations;

安全模块OS向区块链客户端SDK返回结果,返回结果包括签名SAMAC;The security module OS returns the result to the blockchain client SDK, and the returned result includes the signature SAMAC;

区块链客户端SDK向密钥管理平台应用返回结果;The blockchain client SDK returns the result to the key management platform application;

密钥管理平台应用向密钥管理平台返回结果;The key management platform application returns the result to the key management platform;

密钥管理平台验证安全模块OS身份,数据写入完成。The key management platform verifies the OS identity of the security module, and the data writing is completed.

其中,随机数SARand表示上述第一随机数,随机数SPRand表示上述第二随机数,签名SPMAC表示上述第一签名,签名SAMAC表示上述第二签名,DATA密文表示上述密文数据,如图7所示,在上述安全终端支持密钥协商的情况下,上述密钥管理平台与上述安全终端直接的密钥协商流程如下:Among them, the random number SARand represents the above-mentioned first random number, the random number SPRand represents the above-mentioned second random number, the signature SPMAC represents the above-mentioned first signature, the signature SAMAC represents the above-mentioned second signature, and the DATA ciphertext represents the above-mentioned ciphertext data, as shown in Figure 7 As shown, in the case that the above-mentioned security terminal supports key negotiation, the direct key negotiation process between the above-mentioned key management platform and the above-mentioned security terminal is as follows:

密钥管理平台生成随机数SPRand、会话密钥因子,采用安全模块公钥加密会话密钥因子得到会话密钥因子密文,并计算密钥管理平台签名SPMAC;The key management platform generates the random number SPRand and the session key factor, encrypts the session key factor with the public key of the security module to obtain the ciphertext of the session key factor, and calculates the key management platform signature SPMAC;

密钥管理平台发送会话密钥报文给密钥管理平台应用,会话密钥报文包括随机数SPRand、会话密钥因子密文和签名SPMAC;The key management platform sends a session key message to the key management platform application, and the session key message includes a random number SPRand, a session key factor ciphertext, and a signature SPMAC;

密钥管理平台应用调用区块链客户端SDK,向区块链客户端SDK发送密钥协商指令,密钥协商指令包括随机数SPRand、会话密钥因子密文和签名SPMAC;The key management platform application calls the blockchain client SDK, and sends a key agreement instruction to the blockchain client SDK. The key agreement instruction includes random number SPRand, session key factor ciphertext, and signature SPMAC;

区块链客户端SDK向安全模块OS发送密钥协商指令;The blockchain client SDK sends key negotiation instructions to the security module OS;

安全模块OS验证签名SPMAC,解密会话密钥因子密文并生成会话密钥,采用会话密钥和随机数SPRand计算签名SAMAC;The security module OS verifies the signature SPMAC, decrypts the ciphertext of the session key factor and generates a session key, and calculates the signature SAMAC by using the session key and the random number SPRand;

安全模块接口向区块链客户端SDK发送响应,响应包括签名SAMAC;The security module interface sends a response to the blockchain client SDK, and the response includes the signature SAMAC;

区块链客户端SDK向密钥管理平台应用发送响应;The blockchain client SDK sends a response to the key management platform application;

密钥管理平台应用向密钥管理平台发送响应;The key management platform application sends a response to the key management platform;

密钥管理平台验证签名SAMAC并生成会话密钥。The key management platform verifies the signature SAMAC and generates a session key.

其中,随机数SPRand表示上述第三随机数,安全模块公钥为预置在安全模块中协商密钥的公钥,签名SPMAC表示上述第三签名,签名SAMAC表示上述第四签名。Wherein, the random number SPRand represents the above-mentioned third random number, the public key of the security module is the public key preset in the security module for negotiating keys, the signature SPMAC represents the above-mentioned third signature, and the signature SAMAC represents the above-mentioned fourth signature.

其中,上述密钥管理平台生成的会话密钥可以直接根据上述会话密钥因子得到,上述会话密钥在上述密钥管理平台验证签名SAMAC通过的情况下生成。Wherein, the session key generated by the above-mentioned key management platform can be directly obtained according to the above-mentioned session key factor, and the above-mentioned session key is generated when the above-mentioned key management platform verifies that the signature SAMAC passes.

本实施例中,通过密钥管理平台进行密钥的统一管理和分发,通过非对称密钥对生成以及对称密钥的分散,跟用户标识(或安全模块标识)形成映射关系,可以提高数据的安全性,并且密钥的分散和生成等动作都在与密钥管理平台对接的密码机中完成,可以避免明文数据的暴露。同时通过密钥管理平台与区块链使用方节点对应的硬件安全模块建立安全通道,通过安全通道密文更新密钥的方式进行密钥分发,保证数据的安全。In this embodiment, the unified management and distribution of keys is carried out through the key management platform, and a mapping relationship is formed with user IDs (or security module IDs) through the generation of asymmetric key pairs and the dispersion of symmetric keys, which can improve data security. Security, and the distribution and generation of keys are all completed in the cipher machine connected with the key management platform, which can avoid the exposure of plaintext data. At the same time, a security channel is established through the key management platform and the hardware security module corresponding to the blockchain user node, and the key distribution is performed by updating the key through the security channel ciphertext to ensure data security.

另外,通过安全模块存储区块链使用者或者安全终端的身份信息,基于区块链目前主流角色划分,明确提出了身份认证系统的操作者如管理员、授权组织、监管组织等的角色,存储所述存储区块链使用者或者安全终端的身份信息(如私钥)并提供签名能力,为区块链应用提供硬件安全保障,可以扩展区块链的应用场景。In addition, the identity information of blockchain users or security terminals is stored through the security module. Based on the current mainstream role division of the blockchain, the roles of operators of the identity authentication system, such as administrators, authorized organizations, and regulatory organizations, are clearly proposed. The identity information (such as private key) of the storage block chain user or security terminal is provided and signature capability is provided, which provides hardware security guarantee for the block chain application and can expand the application scenarios of the block chain.

请参阅图8,图8是本申请实施例提供的一种密钥管理平台的结构示意图,如图8所示,密钥管理平台800包括:Please refer to FIG. 8. FIG. 8 is a schematic structural diagram of a key management platform provided by an embodiment of the present application. As shown in FIG. 8, the key management platform 800 includes:

第一发送模块801,用于通过区块链客户端向安全终端发送第一数据写入指令;The first sending module 801 is used to send the first data writing instruction to the security terminal through the block chain client;

第一获取模块802,用于通过所述区块链客户端获取所述安全终端响应于所述第一数据写入指令生成的第一随机数;A first obtaining module 802, configured to obtain, through the blockchain client, a first random number generated by the security terminal in response to the first data write instruction;

第二发送模块803,用于通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据;The second sending module 803 is configured to send a second data writing instruction to the security terminal through the block chain client, the second data writing instruction includes a second random number, a first signature and ciphertext data , the first signature is a signature generated according to the first random number, and the ciphertext data is data obtained by encrypting target data;

第二获取模块804,用于通过所述区块链客户端获取所述安全终端生成的第二签名,并对所述第二签名进行验证,所述第二签名为所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成的签名。The second obtaining module 804 is used to obtain the second signature generated by the security terminal through the block chain client, and verify the second signature, and the second signature is the verification of the security terminal. A signature generated according to the second random number when the first signature is passed.

可选的,如图9所示,密钥管理平台800还可以包括:Optionally, as shown in Figure 9, the key management platform 800 may also include:

第三获取模块805,用于通过所述区块链客户端获取所述安全终端支持的功能列表,根据所述功能列表判断所述安全终端是否支持密钥协商;The third acquiring module 805 is configured to acquire a function list supported by the security terminal through the blockchain client, and determine whether the security terminal supports key negotiation according to the function list;

第一加密模块806,用于在所述安全终端不支持密钥协商的情况下,使用预设密钥对所述目标数据进行加密得到所述密文数据;The first encryption module 806 is configured to use a preset key to encrypt the target data to obtain the ciphertext data when the security terminal does not support key negotiation;

第二加密模块807,用于在所述安全终端支持密钥协商的情况下,与所述安全终端进行协商得到会话密钥,使用所述会话密钥对所述目标数据进行加密得到所述密文数据。The second encryption module 807 is configured to negotiate with the security terminal to obtain a session key when the security terminal supports key negotiation, and use the session key to encrypt the target data to obtain the encryption key. text data.

可选的,所述第二加密模块807中与所述安全终端进行协商得到会话密钥,包括:Optionally, the second encryption module 807 negotiates with the security terminal to obtain a session key, including:

通过所述区块链客户端向所述安全终端发送密钥协商指令,所述密钥协商指令包括第三随机数、会话密钥因子密文和第三签名,所述会话密钥因子密文为对生成的会话密钥因子加密得到的数据;Send a key agreement instruction to the security terminal through the block chain client, the key agreement instruction includes a third random number, a session key factor ciphertext, and a third signature, and the session key factor ciphertext The data obtained by encrypting the generated session key factor;

通过所述区块链客户端接收所述安全终端响应于所述密钥协商指令发送的第四签名,所述第四签名为所述安全终端在验证所述第三签名通过的情况下,解密所述会话密钥因子密文生成会话密钥,并根据所述会话密钥和所述第三随机数生成的签名;Receive the fourth signature sent by the security terminal in response to the key agreement instruction through the blockchain client, where the fourth signature is decrypted by the security terminal after verifying that the third signature passes The session key factor ciphertext generates a session key, and generates a signature based on the session key and the third random number;

验证所述第四签名,在验证所述第四签名通过的情况下基于所述会话密钥因子获取所述会话密钥。Verifying the fourth signature, and obtaining the session key based on the session key factor when the fourth signature is verified to pass.

可选的,如图10所示,密钥管理平台800还可以包括:Optionally, as shown in Figure 10, the key management platform 800 may also include:

第四获取模块808,用于获取所述安全终端标识,根据所述安全终端标识生成所述目标数据。The fourth acquiring module 808 is configured to acquire the security terminal identifier, and generate the target data according to the security terminal identifier.

密钥管理平台800能够实现图1的方法实施例中密钥管理平台实现的各个过程,为避免重复,这里不再赘述。密钥管理平台800可以达到提高数据安全性的技术效果。The key management platform 800 can implement various processes implemented by the key management platform in the method embodiment in FIG. 1 , and details are not repeated here to avoid repetition. The key management platform 800 can achieve the technical effect of improving data security.

请参阅图11,图11是本申请实施例提供一种安全终端的结构示意图,如图11所示,安全终端1100包括:Please refer to FIG. 11. FIG. 11 is a schematic structural diagram of a security terminal provided by an embodiment of the present application. As shown in FIG. 11, the security terminal 1100 includes:

第一发送模块1101,用于通过区块链客户端接收密钥管理平台发送的第一数据写入指令;The first sending module 1101 is used to receive the first data writing instruction sent by the key management platform through the blockchain client;

生成模块1102,用于响应于所述第一数据写入指令生成第一随机数,将所述第一随机数通过所述区块链客户端发送给所述密钥管理平台;A generating module 1102, configured to generate a first random number in response to the first data write instruction, and send the first random number to the key management platform through the blockchain client;

接收模块1103,用于通过所述区块链客户端接收所述密钥管理平台发送的第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为所述密钥管理平台根据所述第一随机数生成的签名,所述密文数据为所述密钥管理平台对目标数据进行加密得到的数据;The receiving module 1103 is configured to receive the second data writing instruction sent by the key management platform through the blockchain client, the second data writing instruction includes a second random number, a first signature and a ciphertext data, the first signature is a signature generated by the key management platform according to the first random number, and the ciphertext data is data obtained by encrypting target data by the key management platform;

验证模块1104,用于对所述第一签名进行验证,在验证所述第一签名通过的情况下,将所述密文数据写入,并根据所述第二随机数生成第二签名;A verification module 1104, configured to verify the first signature, and write the ciphertext data when the first signature is verified to pass, and generate a second signature according to the second random number;

第二发送模块1105,用于通过所述区块链客户端将所述第二签名发送给所述密钥管理平台。The second sending module 1105 is configured to send the second signature to the key management platform through the blockchain client.

可选的,如图12所示,安全终端1100还可以包括:Optionally, as shown in Figure 12, the security terminal 1100 may also include:

第三发送模块1106,用于通过所述区块链客户端向所述密钥管理平台发送支持的功能列表,以使所述密钥管理平台根据所述功能列表判断是否支持密钥协商;The third sending module 1106 is configured to send a supported function list to the key management platform through the blockchain client, so that the key management platform can determine whether to support key negotiation according to the function list;

协商模块1107,用于在支持密钥协商的情况下,与所述密钥管理平台进行协商得到会话密钥。The negotiation module 1107 is configured to negotiate with the key management platform to obtain a session key when key negotiation is supported.

可选的,所述协商模块1107中所述与所述密钥管理平台进行协商得到会话密钥,包括:Optionally, the negotiating with the key management platform in the negotiation module 1107 to obtain the session key includes:

通过所述区块链客户端接收所述密钥管理平台发送的密钥协商指令,所述密钥协商指令包括第三随机数、会话密钥因子密文和第三签名,所述会话密钥因子密文为所述密钥管理平台对生成的会话密钥因子进行加密得到的数据;The key agreement instruction sent by the key management platform is received by the block chain client, the key agreement instruction includes a third random number, a session key factor ciphertext and a third signature, and the session key The factor ciphertext is the data obtained by encrypting the generated session key factor by the key management platform;

响应于所述密钥协商指令验证所述第三签名,在验证所述第三签名通过的情况下,解密所述会话密钥因子密文生成会话密钥,并根据所述会话密钥和所述第三随机数生成第四签名;Verifying the third signature in response to the key agreement instruction, if the verification of the third signature is passed, decrypting the ciphertext of the session key factor to generate a session key, and according to the session key and the The third random number generates the fourth signature;

通过所述区块链客户端向所述密钥管理平台发送所述第四签名。Sending the fourth signature to the key management platform through the block chain client.

安全终端1100能够实现图2的方法实施例中安全终端实现的各个过程,为避免重复,这里不再赘述。安全终端1100可以达到提高数据安全性的技术效果。The security terminal 1100 can implement various processes implemented by the security terminal in the method embodiment in FIG. 2 , and details are not repeated here to avoid repetition. The security terminal 1100 can achieve the technical effect of improving data security.

请参阅图13,本申请实施例还提供一种电子设备,该电子设备1300包括处理器1301,存储器1302,存储在存储器1302上并可在处理器1301上运行的程序或指令,该程序或指令被处理器1301执行时实现上述签名验证方法实施例的各个过程,且能达到相同的技术效果,为避免重复,这里不再赘述。Please refer to FIG. 13 , the embodiment of the present application also provides an electronic device, the electronic device 1300 includes a processor 1301, a memory 1302, a program or instruction stored in the memory 1302 and operable on the processor 1301, the program or instruction When executed by the processor 1301, each process of the foregoing signature verification method embodiment can be realized, and the same technical effect can be achieved. To avoid repetition, details are not repeated here.

需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者装置不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者装置所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括该要素的过程、方法、物品或者装置中还存在另外的相同要素。此外,需要指出的是,本申请实施方式中的方法和装置的范围不限按示出或讨论的顺序来执行功能,还可包括根据所涉及的功能按基本同时的方式或按相反的顺序来执行功能,例如,可以按不同于所描述的次序来执行所描述的方法,并且还可以添加、省去、或组合各种步骤。另外,参照某些示例所描述的特征可在其他示例中被组合。It should be noted that, in this document, the term "comprising", "comprising" or any other variation thereof is intended to cover a non-exclusive inclusion such that a process, method, article or apparatus comprising a set of elements includes not only those elements, It also includes other elements not expressly listed, or elements inherent in the process, method, article, or device. Without further limitations, an element defined by the phrase "comprising a ..." does not preclude the presence of additional identical elements in the process, method, article, or apparatus comprising that element. In addition, it should be pointed out that the scope of the methods and devices in the embodiments of the present application is not limited to performing functions in the order shown or discussed, and may also include performing functions in a substantially simultaneous manner or in reverse order according to the functions involved. Functions are performed, for example, the described methods may be performed in an order different from that described, and various steps may also be added, omitted, or combined. Additionally, features described with reference to certain examples may be combined in other examples.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本申请各个实施例的方法。Through the description of the above embodiments, those skilled in the art can clearly understand that the methods of the above embodiments can be implemented by means of software plus a necessary general-purpose hardware platform, and of course also by hardware, but in many cases the former is better implementation. Based on such an understanding, the technical solution of the present application can be embodied in the form of a software product in essence or the part that contributes to the prior art, and the computer software product is stored in a storage medium (such as ROM/RAM, disk, CD-ROM), including several instructions to make a terminal (which may be a mobile phone, computer, server, air conditioner, or network device, etc.) execute the method of each embodiment of the present application.

上面结合附图对本申请的实施例进行了描述,但是本申请并不局限于上述的具体实施方式,上述的具体实施方式仅仅是示意性的,而不是限制性的,本领域的普通技术人员在本申请的启示下,在不脱离本申请宗旨和权利要求所保护的范围情况下,还可做出很多形式,均属于本申请的保护之内。The embodiments of the present application have been described above in conjunction with the accompanying drawings, but the present application is not limited to the above-mentioned specific implementations. The above-mentioned specific implementations are only illustrative and not restrictive. Those of ordinary skill in the art will Under the inspiration of this application, without departing from the purpose of this application and the scope of protection of the claims, many forms can also be made, all of which belong to the protection of this application.

Claims (10)

1.一种签名验证方法,其特征在于,应用于密钥管理平台,包括:1. A signature verification method, characterized in that it is applied to a key management platform, comprising: 通过区块链客户端向安全终端发送第一数据写入指令;Send the first data write instruction to the security terminal through the blockchain client; 通过所述区块链客户端获取所述安全终端响应于所述第一数据写入指令生成的第一随机数;Obtaining the first random number generated by the security terminal in response to the first data write instruction through the blockchain client; 通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据;Send a second data write instruction to the security terminal through the block chain client, the second data write instruction includes a second random number, a first signature and ciphertext data, and the first signature is based on The signature generated by the first random number, the ciphertext data is data obtained by encrypting the target data; 通过所述区块链客户端获取所述安全终端生成的第二签名,并对所述第二签名进行验证,所述第二签名为所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成的签名。Obtain the second signature generated by the security terminal through the block chain client, and verify the second signature, the second signature is when the security terminal passes the verification of the first signature A signature generated according to the second random number. 2.如权利要求1所述的方法,其特征在于,所述通过所述区块链客户端向所述安全终端发送第二数据写入指令之前,所述方法还包括:2. The method according to claim 1, wherein, before sending the second data writing instruction to the security terminal through the blockchain client, the method further comprises: 通过所述区块链客户端获取所述安全终端支持的功能列表,根据所述功能列表判断所述安全终端是否支持密钥协商;Obtaining a function list supported by the security terminal through the blockchain client, and judging whether the security terminal supports key negotiation according to the function list; 在所述安全终端不支持密钥协商的情况下,使用预设密钥对所述目标数据进行加密得到所述密文数据;If the secure terminal does not support key negotiation, encrypt the target data with a preset key to obtain the ciphertext data; 在所述安全终端支持密钥协商的情况下,与所述安全终端进行协商得到会话密钥,使用所述会话密钥对所述目标数据进行加密得到所述密文数据。If the security terminal supports key negotiation, negotiate with the security terminal to obtain a session key, and use the session key to encrypt the target data to obtain the ciphertext data. 3.如权利要求2所述的方法,其特征在于,所述与所述安全终端进行协商得到会话密钥,包括:3. The method according to claim 2, wherein said negotiating with said security terminal to obtain a session key comprises: 通过所述区块链客户端向所述安全终端发送密钥协商指令,所述密钥协商指令包括第三随机数、会话密钥因子密文和第三签名,所述会话密钥因子密文为对生成的会话密钥因子加密得到的数据;Send a key agreement instruction to the security terminal through the block chain client, the key agreement instruction includes a third random number, a session key factor ciphertext, and a third signature, and the session key factor ciphertext The data obtained by encrypting the generated session key factor; 通过所述区块链客户端接收所述安全终端响应于所述密钥协商指令发送的第四签名,所述第四签名为所述安全终端在验证所述第三签名通过的情况下,解密所述会话密钥因子密文生成会话密钥,并根据所述会话密钥和所述第三随机数生成的签名;Receive the fourth signature sent by the security terminal in response to the key agreement instruction through the blockchain client, where the fourth signature is decrypted by the security terminal after verifying that the third signature passes The session key factor ciphertext generates a session key, and generates a signature based on the session key and the third random number; 验证所述第四签名,在验证所述第四签名通过的情况下基于所述会话密钥因子获取所述会话密钥。Verifying the fourth signature, and obtaining the session key based on the session key factor when the fourth signature is verified to pass. 4.如权利要求1所述的方法,其特征在于,所述通过区块链客户端向对应的安全终端发送第二数据写入指令之前,所述方法还包括:4. The method according to claim 1, wherein, before sending the second data writing instruction to the corresponding security terminal through the block chain client, the method further comprises: 获取所述安全终端标识,根据所述安全终端标识生成所述目标数据。Acquire the security terminal identifier, and generate the target data according to the security terminal identifier. 5.一种签名验证方法,其特征在于,应用于安全终端,包括:5. A signature verification method, characterized in that it is applied to a security terminal, comprising: 通过区块链客户端接收密钥管理平台发送的第一数据写入指令;Receive the first data write instruction sent by the key management platform through the blockchain client; 响应于所述第一数据写入指令生成第一随机数,将所述第一随机数通过所述区块链客户端发送给所述密钥管理平台;generating a first random number in response to the first data write instruction, and sending the first random number to the key management platform through the blockchain client; 通过所述区块链客户端接收所述密钥管理平台发送的第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为所述密钥管理平台根据所述第一随机数生成的签名,所述密文数据为所述密钥管理平台对目标数据进行加密得到的数据;Receive the second data writing instruction sent by the key management platform through the block chain client, the second data writing instruction includes the second random number, the first signature and ciphertext data, the first The signature is a signature generated by the key management platform according to the first random number, and the ciphertext data is data obtained by encrypting target data by the key management platform; 对所述第一签名进行验证,在验证所述第一签名通过的情况下,将所述密文数据写入,并根据所述第二随机数生成第二签名;Verifying the first signature, and writing the ciphertext data when verifying that the first signature is passed, and generating a second signature according to the second random number; 通过所述区块链客户端将所述第二签名发送给所述密钥管理平台。Send the second signature to the key management platform through the block chain client. 6.如权利要求5所述的方法,其特征在于,所述通过所述区块链客户端接收所述密钥管理平台发送的第二数据写入指令之前,所述方法还包括:6. The method according to claim 5, wherein before receiving the second data write instruction sent by the key management platform through the blockchain client, the method further comprises: 通过所述区块链客户端向所述密钥管理平台发送支持的功能列表,以使所述密钥管理平台根据所述功能列表判断是否支持密钥协商;sending a supported function list to the key management platform through the blockchain client, so that the key management platform can determine whether to support key negotiation according to the function list; 在支持密钥协商的情况下,与所述密钥管理平台进行协商得到会话密钥。In the case of supporting key negotiation, negotiate with the key management platform to obtain the session key. 7.如权利要求6所述的方法,其特征在于,所述与所述密钥管理平台进行协商得到会话密钥,包括:7. The method according to claim 6, wherein said negotiating with said key management platform to obtain a session key comprises: 通过所述区块链客户端接收所述密钥管理平台发送的密钥协商指令,所述密钥协商指令包括第三随机数、会话密钥因子密文和第三签名,所述会话密钥因子密文为所述密钥管理平台对生成的会话密钥因子进行加密得到的数据;The key agreement instruction sent by the key management platform is received by the block chain client, the key agreement instruction includes a third random number, a session key factor ciphertext and a third signature, and the session key The factor ciphertext is the data obtained by encrypting the generated session key factor by the key management platform; 响应于所述密钥协商指令验证所述第三签名,在验证所述第三签名通过的情况下,解密所述会话密钥因子密文生成会话密钥,并根据所述会话密钥和所述第三随机数生成第四签名;Verifying the third signature in response to the key agreement instruction, if the verification of the third signature is passed, decrypting the ciphertext of the session key factor to generate a session key, and according to the session key and the The third random number generates the fourth signature; 通过所述区块链客户端向所述密钥管理平台发送所述第四签名。Sending the fourth signature to the key management platform through the block chain client. 8.一种密钥管理平台,其特征在于,包括:8. A key management platform, characterized in that it comprises: 第一发送模块,用于通过区块链客户端向安全终端发送第一数据写入指令;The first sending module is used to send the first data writing instruction to the security terminal through the block chain client; 第一获取模块,用于通过所述区块链客户端获取所述安全终端响应于所述第一数据写入指令生成的第一随机数;A first obtaining module, configured to obtain, through the blockchain client, a first random number generated by the security terminal in response to the first data write instruction; 第二发送模块,用于通过所述区块链客户端向所述安全终端发送第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为根据所述第一随机数生成的签名,所述密文数据为对目标数据进行加密得到的数据;The second sending module is configured to send a second data writing instruction to the security terminal through the block chain client, the second data writing instruction includes a second random number, a first signature and ciphertext data, The first signature is a signature generated according to the first random number, and the ciphertext data is data obtained by encrypting target data; 第二获取模块,用于通过所述区块链客户端获取所述安全终端生成的第二签名,并对所述第二签名进行验证,所述第二签名为所述安全终端在验证所述第一签名通过的情况下根据所述第二随机数生成的签名。The second obtaining module is used to obtain the second signature generated by the security terminal through the block chain client, and verify the second signature, and the second signature is that the security terminal is verifying the A signature generated according to the second random number when the first signature is passed. 9.一种安全终端,其特征在于,包括:9. A security terminal, characterized in that it comprises: 第一发送模块,用于通过区块链客户端接收密钥管理平台发送的第一数据写入指令;The first sending module is used to receive the first data writing instruction sent by the key management platform through the block chain client; 生成模块,用于响应于所述第一数据写入指令生成第一随机数,将所述第一随机数通过所述区块链客户端发送给所述密钥管理平台;A generating module, configured to generate a first random number in response to the first data write instruction, and send the first random number to the key management platform through the blockchain client; 接收模块,用于通过所述区块链客户端接收所述密钥管理平台发送的第二数据写入指令,所述第二数据写入指令包括第二随机数、第一签名和密文数据,所述第一签名为所述密钥管理平台根据所述第一随机数生成的签名,所述密文数据为所述密钥管理平台对目标数据进行加密得到的数据;A receiving module, configured to receive a second data write instruction sent by the key management platform through the block chain client, the second data write instruction includes a second random number, a first signature and ciphertext data , the first signature is a signature generated by the key management platform according to the first random number, and the ciphertext data is data obtained by encrypting target data by the key management platform; 验证模块,用于对所述第一签名进行验证,在验证所述第一签名通过的情况下,将所述密文数据写入,并根据所述第二随机数生成第二签名;A verification module, configured to verify the first signature, write the ciphertext data in the case of passing the verification of the first signature, and generate a second signature according to the second random number; 第二发送模块,用于通过所述区块链客户端将所述第二签名发送给所述密钥管理平台。The second sending module is configured to send the second signature to the key management platform through the block chain client. 10.一种电子设备,其特征在于,包括处理器、存储器及存储在所述存储器上并在所述处理器上运行的程序或指令,所述程序或指令被所述处理器执行时实现如权利要求1至4中任一项所述的签名验证方法中的步骤,或者,所述程序或指令被所述处理器执行时实现如权利要求5至7中任一项所述的签名验证方法中的步骤。10. An electronic device, characterized in that it includes a processor, a memory, and a program or instruction stored on the memory and run on the processor, when the program or instruction is executed by the processor, the following The steps in the signature verification method according to any one of claims 1 to 4, or, when the program or instruction is executed by the processor, the signature verification method according to any one of claims 5 to 7 is realized in the steps.
CN202011344964.XA 2020-11-26 2020-11-26 Signature verification method, key management platform, security terminal and electronic equipment Active CN114553426B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011344964.XA CN114553426B (en) 2020-11-26 2020-11-26 Signature verification method, key management platform, security terminal and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011344964.XA CN114553426B (en) 2020-11-26 2020-11-26 Signature verification method, key management platform, security terminal and electronic equipment

Publications (2)

Publication Number Publication Date
CN114553426A CN114553426A (en) 2022-05-27
CN114553426B true CN114553426B (en) 2023-08-15

Family

ID=81659189

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011344964.XA Active CN114553426B (en) 2020-11-26 2020-11-26 Signature verification method, key management platform, security terminal and electronic equipment

Country Status (1)

Country Link
CN (1) CN114553426B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115941682B (en) * 2022-10-27 2024-08-02 中国电子科技集团公司第三十研究所 Multi-platform blockchain infrastructure management method
CN116055188B (en) * 2023-01-28 2023-07-14 紫光同芯微电子有限公司 Bidirectional authentication method, bidirectional authentication device and bidirectional authentication system for equipment

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102413132A (en) * 2011-11-16 2012-04-11 北京数码视讯软件技术发展有限公司 Two-way-security-authentication-based data downloading method and system
CN104852911A (en) * 2015-04-27 2015-08-19 小米科技有限责任公司 Safety verification method, device and system
CN107888382A (en) * 2017-11-24 2018-04-06 中钞信用卡产业发展有限公司杭州区块链技术研究院 A kind of methods, devices and systems of the digital identity checking based on block chain
CN107980216A (en) * 2017-05-26 2018-05-01 深圳前海达闼云端智能科技有限公司 Communication means, device, system, electronic equipment and computer-readable recording medium
CN109076058A (en) * 2016-05-27 2018-12-21 华为技术有限公司 A kind of authentication method and device of mobile network
CN110048842A (en) * 2019-05-30 2019-07-23 全链通有限公司 Session key processing method, equipment and computer readable storage medium
CN111262852A (en) * 2020-01-14 2020-06-09 杭州趣链科技有限公司 Business card signing and issuing method and system based on block chain

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9118467B2 (en) * 2013-03-13 2015-08-25 Atmel Corporation Generating keys using secure hardware
CN111602161B (en) * 2018-12-21 2023-08-22 创新先进技术有限公司 Blockchain Data Protection Based on Universal Account Model and Homomorphic Encryption
CN114884659B (en) * 2022-07-08 2022-10-25 北京智芯微电子科技有限公司 Key agreement method, gateway, terminal device and storage medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102413132A (en) * 2011-11-16 2012-04-11 北京数码视讯软件技术发展有限公司 Two-way-security-authentication-based data downloading method and system
CN104852911A (en) * 2015-04-27 2015-08-19 小米科技有限责任公司 Safety verification method, device and system
CN109076058A (en) * 2016-05-27 2018-12-21 华为技术有限公司 A kind of authentication method and device of mobile network
CN107980216A (en) * 2017-05-26 2018-05-01 深圳前海达闼云端智能科技有限公司 Communication means, device, system, electronic equipment and computer-readable recording medium
CN107888382A (en) * 2017-11-24 2018-04-06 中钞信用卡产业发展有限公司杭州区块链技术研究院 A kind of methods, devices and systems of the digital identity checking based on block chain
CN110048842A (en) * 2019-05-30 2019-07-23 全链通有限公司 Session key processing method, equipment and computer readable storage medium
CN111262852A (en) * 2020-01-14 2020-06-09 杭州趣链科技有限公司 Business card signing and issuing method and system based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Bin Liu ; Lijun Xiao.Secure Digital Certificate-Based Data Access Control Scheme in Blockchain. IEEE Access .2020,全文. *

Also Published As

Publication number Publication date
CN114553426A (en) 2022-05-27

Similar Documents

Publication Publication Date Title
US12086259B2 (en) Secure over-the-air firmware upgrade
CN109479049B (en) System, apparatus and method for key provisioning delegation
CN102595404B (en) For storing and executing the method and device of access control clients
AU2011309758B2 (en) Mobile handset identification and communication authentication
JP6896940B2 (en) Symmetrical mutual authentication method between the first application and the second application
JP7292263B2 (en) Method and apparatus for managing digital certificates
JP7300529B2 (en) Anonymous device authentication
CN108566381A (en) A kind of security upgrading method, device, server, equipment and medium
CN107852405A (en) The content security of service layer
JP2004180280A (en) Method and system for adaptive authorization
CN101455053A (en) Authenticating an application
CN112311543B (en) GBA key generation method, terminal and NAF network element
JP5992535B2 (en) Apparatus and method for performing wireless ID provisioning
CN114553426B (en) Signature verification method, key management platform, security terminal and electronic equipment
CN109005032A (en) A routing method and device
ES2926968T3 (en) A first entity, a second entity, an intermediate node, methods for establishing a secure session between a first and a second entity, and software products
Ok et al. SIMSec: A key exchange protocol between SIM card and service provider
CN114765544B (en) Trusted execution environment data offline migration method and device
JP4499575B2 (en) Network security method and network security system
Yoon et al. Security enhancement scheme for mobile device using H/W cryptographic module
Hossain et al. A Smart Contract Based Blockchain Approach Integrated with Elliptic Curve Cryptography for Secure Email Application
CN112751664B (en) An Internet of Things networking method, device and computer-readable storage medium
Li et al. A cloud based dual-root trust model for secure mobile online transactions
Nguyen et al. A three-way energy efficient authentication protocol using bluetooth low energy
CN115987597A (en) Key updating method and system based on software, terminal equipment and virtual server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant