CN115118441B - Identity verification system based on block chain - Google Patents
Identity verification system based on block chain Download PDFInfo
- Publication number
- CN115118441B CN115118441B CN202211042331.2A CN202211042331A CN115118441B CN 115118441 B CN115118441 B CN 115118441B CN 202211042331 A CN202211042331 A CN 202211042331A CN 115118441 B CN115118441 B CN 115118441B
- Authority
- CN
- China
- Prior art keywords
- target
- event
- block chain
- information
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The application provides an identity verification system based on a block chain, comprising: the system comprises a processing server, a block chain platform, a plurality of verification devices and a plurality of clients; the processing server is in communication connection with the block chain platform, and the plurality of clients and the plurality of verification devices are in communication connection with the processing server and the block chain platform; the processing server is used for executing the following steps: receiving a position selection request aiming at a target event to be executed sent by a target client; acquiring ciphertext identity information g (M); sending the first target information B1= (g (M), F, J, N, K) to the blockchain platform; f is an event identifier of a target event to be executed, J is a device identifier of target verification equipment, N is a position number, and K is a client identifier of a target client. And according to K, sending g (M) to the target client. According to the method and the device, identity verification can be completed under the condition that the target verification device and the block chain platform do not acquire the plaintext identity information M.
Description
Technical Field
The application relates to the field of block chains, in particular to an identity verification system based on a block chain.
Background
Nowadays, the identity of a user needs to be verified in many scenarios, such as lodging, boarding a train, an airplane, and the like. However, the existing identity authentication method, whether using online authentication or offline authentication, needs to collect and authenticate the identity information (such as name and identification number) of the authenticator. In this case, if the person or equipment of the checking party is unreliable, the risk of leakage of user information is easily generated.
Disclosure of Invention
In view of the above, the present application provides a block chain based identity verification system, which at least partially solves the problems in the prior art.
In one aspect, the present application provides a blockchain-based authentication system, including: the system comprises a processing server, a block chain platform, a plurality of verification devices and a plurality of clients; the processing server is in communication connection with the block chain platform, and the plurality of clients and the plurality of verification devices are in communication connection with the processing server and the block chain platform;
the processing server is used for executing the following steps:
s100, receiving a position selection request aiming at a target event to be executed, which is sent by a target client; the position selection request comprises a position number N and a client identification K of the target client; event information a = (M, F, J) of the target event to be executed is stored in the processing server and the target client at the same time, where M is plaintext identity information of a user corresponding to the target client, F is an event identifier of the target event to be executed, and J is an equipment identifier of target verification equipment corresponding to the target event to be executed;
s110, acquiring ciphertext identity information g (M); wherein, g () is a preset target encryption function;
s120, sending the first target information B1= (g (M), F, J, N, K) to the blockchain platform;
s130, according to K, g (M) is sent to the target client;
after receiving the B1, the blockchain platform is configured to perform the following steps:
s200, generating a unique homomorphic public key PK and a homomorphic private key SK according to F, N, J and a preset homomorphic algorithm;
s210, carrying out homomorphic encryption on the H by using the PK to obtain verification information PK (H); wherein H = g (M) + F;
s220, generating second target information B2= (PK (H), F, N), and storing B2 to the blockchain;
s230, according to the K, sending the PK to the target client;
s240, according to J, sending third target information B3= (SK, F, N) to the target verification device; to cause the target authentication device to store B3 in local memory;
the target verification device is used for executing the following steps to complete identity verification:
s300, receiving fourth target information B4= (PK (g (M)), N, F) sent by the target client; the PK (g (M)) is the information to be verified obtained by homomorphic encryption of the g (M) by the target client according to the PK;
s310, taking N and F as indexes, and obtaining PK (H) from the block chain;
s320, taking N and F as indexes, and obtaining SK from a local memory;
s330, obtaining ciphertext result information P = PK (H) -PK (g (M));
s340, decrypting the P through the SK to obtain plaintext result information Q;
and S350, if Q = F, the identity verification is passed.
According to the identity authentication system based on the block chain, when a user corresponding to a target client needs to perform identity authentication, g (M) can be encrypted in a homomorphic manner according to PK to obtain PK (g (M)). And generates fourth target information B4 together with the event identification F of the target to-be-executed event to be verified and the position number N of the selected position, and transmits it to the target verification device. The target authentication device may retrieve PK (H) and SK from the block chain and local storage, respectively, using N and F as indices. Q is then calculated. If Q = F, the identity verification is passed. In this process, the block chain platform always obtains the ciphertext identity information g (M), only can know that the user corresponding to the ciphertext identity information g (M) has an association relationship with the target to-be-executed event corresponding to F, and selects the position corresponding to N, but cannot obtain the plaintext identity information M. The verification device can only acquire F in the plaintext in the whole process, but cannot acquire the identity information in the plaintext. During identity authentication, only the user corresponding to PK (g (M)) can be determined to have the association relation with F, but the plaintext identity information M cannot be acquired, so that the identity authentication can be completed, and the M is kept secret in the authentication process. Therefore, the identity verification system based on the block chain can complete identity verification under the condition that the block chain platform and the target verification device cannot acquire plaintext identity information of the user, and the leakage risk of the user information is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings required to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a block diagram of an identity verification system based on a blockchain according to the present invention.
Detailed Description
The embodiments of the present application will be described in detail below with reference to the accompanying drawings.
It should be noted that, in the case of no conflict, the features in the following embodiments and examples may be combined with each other; moreover, all other embodiments that can be derived by one of ordinary skill in the art from the embodiments disclosed herein without making any creative effort fall within the scope of the present disclosure.
It is noted that various aspects of the embodiments are described below within the scope of the appended claims. It should be apparent that the aspects described herein may be embodied in a wide variety of forms and that any specific structure and/or function described herein is merely illustrative. Based on the disclosure, one skilled in the art should appreciate that one aspect described herein may be implemented independently of any other aspects and that two or more of these aspects may be combined in various ways. For example, an apparatus may be implemented and/or a method practiced using any number of the aspects set forth herein. Additionally, such an apparatus may be implemented and/or such a method may be practiced using other structure and/or functionality in addition to one or more of the aspects set forth herein.
Referring to fig. 1, in an aspect of the present application, there is provided an identity verification system based on a blockchain, including: the system comprises a processing server, a block chain platform, a plurality of verification devices and a plurality of clients; the processing server is in communication connection with the block chain platform, and the plurality of clients and the plurality of verification devices are in communication connection with the processing server and the block chain platform. The client may be an APP installed on the electronic device, and may communicate with the external device by using the electronic device where the client is located. The processing server may be a server for generation and management of the target to-be-executed event, such as a navigation server. The verification device is arranged in each geographic area, such as each airport and the like, for executing the target event to be executed or the associated event or the identity verification event thereof. Specifically, each authentication device may correspond to a geographic area, and one geographic area may correspond to a plurality of authentication devices.
The processing server is configured to perform the steps of:
s100, receiving a position selection request aiming at a target event to be executed sent by a target client. The location selection request may be generated when the user selects a candidate location corresponding to the target event to be executed on the target client. And determining the candidate position selected by the user as a target position, wherein the position number corresponding to the target position is N carried in the position selection request. Each candidate position of the event to be executed can be associated with only one user, so that the unique corresponding user can be determined through F and N. The target client is any one of the clients.
The position selection request comprises a position number N and a client identification K of the target client, wherein the K can be a unique account ID of a user; event information a = (M, F, J) of the target to-be-executed event is stored in the processing server and the target client at the same time, where M is plaintext identity information of a user corresponding to the target client, F is an event identifier of the target to-be-executed event, and J is an equipment identifier of a target verification device corresponding to the target to-be-executed event. In this embodiment, the processing server may correspond to multiple events to be executed, and the target event to be executed is an event to be identified, which has an association relationship with a user corresponding to the target client. The association relation means that the user confirms to participate in the execution of the target event to be executed, and if the event to be executed is a flight, the association relation means that the user purchases a ticket. If the event to be performed is nucleic acid detection, having an association indicates that nucleic acid detection is reserved. M in the processing server may be obtained from the target client when the association relationship between the target client or the corresponding user and the event to be executed is established. The plaintext identity information M in the target client may be filled in by the user on the target client.
Specifically, a is event information having an association relationship with a user corresponding to the target client. For example, if the target to-be-executed event is a flight, M may be identity information of a user who purchases a ticket (i.e., a user corresponding to the target client), F may be a flight number, and J may be a device identifier of a verification device at a departure airport of the flight. At this time, the location selection request may be a request for seat selection by the user.
S110, acquiring ciphertext identity information g (M); wherein g () is a preset target encryption function.
Specifically, a plurality of mutually different encryption functions may be preset in the processing server. The plurality of encryption functions may be hash encryption functions different from each other. The M can be subjected to hash processing and converted into a hash value, and the hash value has unique correspondence, so that the uniqueness of the M can be ensured while the M is encrypted to be changed into a ciphertext, and the M can be used for identity verification.
The step S110 includes:
s111, randomly selecting a target encryption function g () from a plurality of encryption functions to encrypt M, and obtaining ciphertext identity information g (M). A plurality of encryption functions are set and randomly selected each time the current plaintext identity information is encrypted, so that a malicious user can hardly determine the encryption function used by the processing server by reversely deducing and collecting certain or some ciphertext identity information.
S120, sending the first target information B1= (g (M), F, J, N, K) to the blockchain platform.
S130, according to the K, g (M) is sent to the target client, so that the target client stores the g (M).
After receiving the B1, the blockchain platform is configured to perform the following steps:
s200, generating a unique homomorphic public key PK and a homomorphic private key SK according to the F, the N and the J and a preset homomorphic algorithm.
S210, carrying out homomorphic encryption on H by using PK to obtain verification information PK (H). Wherein, H = g (M) + F, H is obtained by performing accumulation processing on g (M) and F, and the accumulation processing conforms to the accumulation rule of homomorphic encryption. PK (H) is obtained by directly using homomorphic encryption of H.
The data encrypted by using the homomorphism has the following characteristics:
if a =3,b =2, PK (a) -PK (b) = PK (a-b) = PK (c), and c =1 a-b obtained by decrypting PK (c) using SK.
The homomorphic algorithm in this embodiment may be a homomorphic addition algorithm or a fully homomorphic algorithm.
S220, second target information B2= (PK (H), F, N) is generated, and B2 is stored to the block chain. Since the corresponding user can be uniquely identified by F and N, B2 only needs to be stored in the blockchain.
And S230, sending the PK to the target client according to the K.
S240, according to J, sending the third target information B3= (SK, F, N) to the target authentication device, so that the target authentication device stores B3 in the local storage.
The target verification device is used for executing the following steps to complete identity verification:
s300, the fourth destination information B4= (PK (g (M)), N, F) sent by the destination client is received. And the PK (g (M)) is to-be-verified information obtained by homomorphically encrypting the g (M) according to the PK by the target client. Specifically, the target client may convert PK (g (M)) into a two-dimensional code or other recognizable identifier, so that the target verification device may obtain B4 through identification.
S310, taking N and F as indexes, acquiring PK (H) from the block chain.
S320, taking N and F as indexes, and obtaining SK from a local memory.
S330, ciphertext result information P = PK (H) -PK (g (M)) is obtained.
S340, decrypting P through SK to obtain plaintext result information Q.
And S350, if Q = F, the identity verification is passed. Here, Q = F indicates F which can finally obtain plaintext by B4. Therefore, on one hand, the user corresponding to the target client and the event to be executed can be proved to have an association relationship (only the ciphertext identity information g (M) of the user can be calculated and decrypted with the PK (H) to obtain F), and which event to be executed corresponding to the user is can also be determined through the F.
In the identity authentication system based on the block chain provided in this embodiment, when a user corresponding to a target client wants to perform identity authentication, g (M) may be encrypted in a homomorphic manner according to PK, so as to obtain PK (g (M)). And generating fourth target information B4 together with the event identification F of the target to-be-executed event to be verified and the position number N of the selected position, and sending the fourth target information B4 to the target verification device. The target authentication device, indexed by N and F, may retrieve PK (H) and SK from the blockchain and local memory, respectively. Q is then calculated. If Q = F, the identity verification is passed. In this process, the block chain platform always obtains the ciphertext identity information g (M), only can know that the user corresponding to the ciphertext identity information g (M) has an association relationship with the target to-be-executed event corresponding to F, and selects the position corresponding to N, but cannot obtain the plaintext identity information M. The verification device can only acquire F in the plaintext in the whole process, but cannot acquire the identity information in the plaintext. During identity authentication, only the user corresponding to PK (g (M)) can be determined to have the association relation with F, but the plaintext identity information M cannot be acquired, so that the identity authentication can be completed, and the M is kept secret in the authentication process. Therefore, the identity verification system based on the block chain provided by the embodiment can complete identity verification under the condition that the block chain platform and the target verification device cannot acquire the plaintext identity information of the user, and reduces the risk of user information leakage.
In an exemplary embodiment of the application, before the step S100, the processing server is further configured to perform the following steps:
and S010, generating a target event to be executed and an event identifier F of the target event to be executed.
S020, sending the F to the block chain platform; so that the blockchain platform establishes a block on the blockchain that uniquely corresponds to F.
The step S220 includes:
s221, the second target information B2= (PK (H), F, N) is generated.
S222, storing the B2 into the block corresponding to the F in the block chain.
That is, each event to be executed has a unique corresponding block in the block chain, so that when the block chain platform stores B2, B2 can be placed into the corresponding block according to F, and the block can be quickly determined by F when the subsequent target verification device acquires PK (H), thereby improving the retrieval efficiency.
In an exemplary embodiment of the present application, the target event to be executed has a corresponding event execution time and an event end time. If the event to be executed is a flight, the event execution time is the takeoff time of the airplane, and the event end time is the landing event of the airplane. The PK and SK have a validity period, the start time of the validity period may be the time at which the PK and SK are generated, and the end time of the validity period is the same as the event end time. Since B2 is always stored in the block chain, but many users will reduce the security awareness after the event to be executed is finished, and easily cause the PK or SK to be lost, in this embodiment, the PK and SK will automatically fail after the event to be executed is finished, thereby avoiding the above problems and improving the security of user information.
Moreover, although the steps of the methods of the present disclosure are depicted in the drawings in a particular order, this does not require or imply that the steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken into multiple step executions, etc.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, and may also be implemented by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, an electronic device capable of implementing the above method is also provided.
As will be appreciated by one skilled in the art, aspects of the present application may be embodied as a system, method or program product. Accordingly, various aspects of the present application may be embodied in the form of: an entirely hardware embodiment, an entirely software embodiment (including firmware, microcode, etc.) or an embodiment combining hardware and software aspects that may all generally be referred to herein as a "circuit," module "or" system.
An electronic device according to this embodiment of the present application. The electronic device is only an example, and should not bring any limitation to the function and the scope of use of the embodiments of the present application.
The electronic device is in the form of a general purpose computing device. Components of the electronic device may include, but are not limited to: the at least one processor, the at least one memory, and a bus connecting the various system components (including the memory and the processor).
Wherein the storage stores program code executable by the processor to cause the processor to perform steps according to various exemplary embodiments of the present application described in the "exemplary methods" section above.
The memory may include readable media in the form of volatile memory, such as Random Access Memory (RAM) and/or cache memory, and may further include Read Only Memory (ROM).
The storage may also include a program/utility having a set (at least one) of program modules including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The bus may be any of several types of bus structures including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, a processor, or a local bus using any of a variety of bus architectures.
The electronic device may also communicate with one or more external devices (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device to communicate with one or more other computing devices. Such communication may be through an input/output (I/O) interface. Also, the electronic device may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) through a network adapter. The network adapter communicates with other modules of the electronic device over the bus. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device, including but not limited to: microcode, device drivers, redundant processors, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.
In an exemplary embodiment of the present disclosure, there is also provided a computer readable storage medium having stored thereon a program product capable of implementing the above-described method of the present specification. In some possible embodiments, the various aspects of the present application may also be implemented in the form of a program product comprising program code for causing a terminal device to perform the steps according to various exemplary embodiments of the present application described in the above section "exemplary method" of this specification, when said program product is run on the terminal device.
The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
Furthermore, the above-described figures are merely schematic illustrations of processes involved in methods according to exemplary embodiments of the present application, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.
It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present application should be covered within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (8)
1. An identity verification system based on a blockchain, comprising: the system comprises a processing server, a block chain platform, a plurality of verification devices and a plurality of clients; the processing server is in communication connection with the block chain platform, and the plurality of clients and the plurality of verification devices are in communication connection with the processing server and the block chain platform;
the processing server is used for executing the following steps:
s100, receiving a position selection request aiming at a target event to be executed and sent by a target client; the position selection request comprises a position number N and a client identification K of the target client; event information a = (M, F, J) of the target event to be executed is stored in the processing server and the target client at the same time, where M is plaintext identity information of a user corresponding to the target client, F is an event identifier of the target event to be executed, and J is an equipment identifier of target verification equipment corresponding to the target event to be executed;
s110, acquiring ciphertext identity information g (M); wherein, g () is a preset target encryption function;
s120, sending the first target information B1= (g (M), F, J, N, K) to the blockchain platform;
s130, according to K, g (M) is sent to the target client;
after receiving the B1, the blockchain platform is configured to perform the following steps:
s200, generating a unique homomorphic public key PK and a homomorphic private key SK according to F, N, J and a preset homomorphic algorithm;
s210, carrying out homomorphic encryption on the H by using the PK to obtain verification information PK (H); wherein H = g (M) + F;
s220, generating second target information B2= (PK (H), F, N), and storing B2 to the blockchain;
s230, according to the K, sending the PK to the target client;
s240, according to J, sending third target information B3= (SK, F, N) to the target authentication device, so that the target authentication device stores B3 in a local storage;
the target verification device is used for executing the following steps to complete identity verification:
s300, receiving fourth target information B4= (PK (g (M)), N, F) sent by the target client; the PK (g (M)) is to-be-verified information obtained by homomorphically encrypting the g (M) according to the PK by the target client;
s310, taking N and F as indexes, and acquiring PK (H) from the block chain;
s320, taking N and F as indexes, and obtaining SK from a local memory;
s330, obtaining ciphertext result information P = PK (H) -PK (g (M));
s340, decrypting the P through the SK to obtain plaintext result information Q;
and S350, if Q = F, the identity authentication is passed.
2. The identity verification system of claim 1, wherein before the step S100, the processing server is further configured to perform the following steps:
s010, generating a target event to be executed and an event identifier F of the target event to be executed;
and S020, sending the F to the block chain platform, so that the block chain platform establishes a block which is uniquely corresponding to the F on the block chain.
3. The system according to claim 2, wherein the step S220 comprises:
s221, generating second target information B2= (PK (H), F, N);
s222, storing the B2 into the block corresponding to the F in the block chain.
4. The identity authentication system according to claim 1, wherein a plurality of mutually different encryption functions are preset in the processing server;
the step S110 includes:
s111, randomly selecting a target encryption function g () from a plurality of encryption functions to encrypt M, and obtaining ciphertext identity information g (M).
5. The identity verification system of claim 1, wherein the target event to be executed has a corresponding event execution time and event end time; PK and SK have a validity period whose end time is the same as the event end time.
6. The authentication system according to claim 1, wherein g () is a preset hash encryption algorithm.
7. The identity verification system of claim 1, wherein the homomorphic algorithm is a homomorphic addition algorithm.
8. The authentication system according to claim 1, wherein the homomorphic algorithm is a fully homomorphic algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211042331.2A CN115118441B (en) | 2022-08-29 | 2022-08-29 | Identity verification system based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211042331.2A CN115118441B (en) | 2022-08-29 | 2022-08-29 | Identity verification system based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115118441A CN115118441A (en) | 2022-09-27 |
| CN115118441B true CN115118441B (en) | 2022-11-04 |
Family
ID=83335375
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211042331.2A Active CN115118441B (en) | 2022-08-29 | 2022-08-29 | Identity verification system based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115118441B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115460017B (en) * | 2022-10-27 | 2023-01-31 | 中航信移动科技有限公司 | Block chain-based digital identity authority verification system |
| CN116244676B (en) * | 2023-05-09 | 2023-07-07 | 中航信移动科技有限公司 | Block chain-based secure identity verification system |
| CN116436965B (en) * | 2023-06-13 | 2023-09-01 | 中国人民大学 | Event processing system based on block chain |
| CN116866034B (en) * | 2023-07-11 | 2024-03-08 | 吉客印(郑州)数字科技有限公司 | Distributed node authentication method, electronic equipment and storage medium |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107579817A (en) * | 2017-09-12 | 2018-01-12 | 广州广电运通金融电子股份有限公司 | User ID authentication method, apparatus and system based on block chain |
| CN109862041A (en) * | 2019-03-27 | 2019-06-07 | 深圳市网心科技有限公司 | A kind of digital identification authentication method, unit, system and storage medium |
| CN110990827A (en) * | 2019-10-28 | 2020-04-10 | 上海隔镜信息科技有限公司 | Identity information verification method, server and storage medium |
| CN111010372A (en) * | 2019-11-20 | 2020-04-14 | 国家信息中心 | Block chain network identity authentication system, data processing method and gateway equipment |
| CN111159750A (en) * | 2020-04-07 | 2020-05-15 | 南京邮电大学 | Automobile maintenance data storage method based on alliance chain |
| WO2020235782A1 (en) * | 2019-05-20 | 2020-11-26 | (주)누리텔레콤 | Method for authenticating personal identify in distributed environment |
| CN112926092A (en) * | 2021-03-30 | 2021-06-08 | 支付宝(杭州)信息技术有限公司 | Privacy-protecting identity information storage and identity authentication method and device |
| WO2021174927A1 (en) * | 2020-03-03 | 2021-09-10 | 支付宝实验室(新加坡)有限公司 | Blockchain-based identity verification method and apparatus, device, and storage medium |
| CN113743939A (en) * | 2021-09-16 | 2021-12-03 | 中国银行股份有限公司 | Identity authentication method, device and system based on block chain |
| WO2022082893A1 (en) * | 2020-10-22 | 2022-04-28 | 香港中文大学(深圳) | Privacy blockchain-based internet of vehicles protection method, and mobile terminal |
| CN114629713A (en) * | 2022-03-25 | 2022-06-14 | 阿里云计算有限公司 | Identity verification method, device and system |
| CN114679319A (en) * | 2022-03-25 | 2022-06-28 | 南京邮电大学 | Block chain based distributed data synchronous encryption method |
| CN114944937A (en) * | 2022-04-19 | 2022-08-26 | 网易(杭州)网络有限公司 | Distributed digital identity verification method, system, electronic device and storage medium |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10749687B2 (en) * | 2018-03-15 | 2020-08-18 | Microsoft Technology Licensing, Llc | Binding version stamp for smart contracts |
| US10997251B2 (en) * | 2018-10-15 | 2021-05-04 | Bao Tran | Smart device |
-
2022
- 2022-08-29 CN CN202211042331.2A patent/CN115118441B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107579817A (en) * | 2017-09-12 | 2018-01-12 | 广州广电运通金融电子股份有限公司 | User ID authentication method, apparatus and system based on block chain |
| CN109862041A (en) * | 2019-03-27 | 2019-06-07 | 深圳市网心科技有限公司 | A kind of digital identification authentication method, unit, system and storage medium |
| WO2020235782A1 (en) * | 2019-05-20 | 2020-11-26 | (주)누리텔레콤 | Method for authenticating personal identify in distributed environment |
| CN110990827A (en) * | 2019-10-28 | 2020-04-10 | 上海隔镜信息科技有限公司 | Identity information verification method, server and storage medium |
| CN111010372A (en) * | 2019-11-20 | 2020-04-14 | 国家信息中心 | Block chain network identity authentication system, data processing method and gateway equipment |
| WO2021174927A1 (en) * | 2020-03-03 | 2021-09-10 | 支付宝实验室(新加坡)有限公司 | Blockchain-based identity verification method and apparatus, device, and storage medium |
| CN111159750A (en) * | 2020-04-07 | 2020-05-15 | 南京邮电大学 | Automobile maintenance data storage method based on alliance chain |
| WO2022082893A1 (en) * | 2020-10-22 | 2022-04-28 | 香港中文大学(深圳) | Privacy blockchain-based internet of vehicles protection method, and mobile terminal |
| CN112926092A (en) * | 2021-03-30 | 2021-06-08 | 支付宝(杭州)信息技术有限公司 | Privacy-protecting identity information storage and identity authentication method and device |
| CN113743939A (en) * | 2021-09-16 | 2021-12-03 | 中国银行股份有限公司 | Identity authentication method, device and system based on block chain |
| CN114629713A (en) * | 2022-03-25 | 2022-06-14 | 阿里云计算有限公司 | Identity verification method, device and system |
| CN114679319A (en) * | 2022-03-25 | 2022-06-28 | 南京邮电大学 | Block chain based distributed data synchronous encryption method |
| CN114944937A (en) * | 2022-04-19 | 2022-08-26 | 网易(杭州)网络有限公司 | Distributed digital identity verification method, system, electronic device and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115118441A (en) | 2022-09-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN115118441B (en) | Identity verification system based on block chain | |
| CN108712395B (en) | Account management method, device, server and storage medium based on block chain | |
| CN110083610B (en) | Data processing method, device, system, trusted computing device, equipment and medium | |
| CN110061846B (en) | Method, device and computer readable storage medium for identity authentication and confirmation of user node in block chain | |
| US10833859B2 (en) | Automating verification using secure encrypted phone verification | |
| US20210234857A1 (en) | Authentication system, authentication method, and application providing method | |
| CN113487042B (en) | Federal learning method, device and federal learning system | |
| US9509672B1 (en) | Providing seamless and automatic access to shared accounts | |
| US11070371B2 (en) | Detection and protection of data in API calls | |
| CN110268406B (en) | Password security | |
| CN112632521B (en) | Request response method and device, electronic equipment and storage medium | |
| CN110070300B (en) | Data auditing and acquiring method, device, system, equipment and medium | |
| JP2018517982A (en) | Automatic recharge system, method and server | |
| US11683301B2 (en) | Automatically obtaining a signed digital certificate from a trusted certificate authority | |
| CN109150898B (en) | Method and apparatus for processing information | |
| CN112463454B (en) | Data recovery method, server, terminal device and storage medium | |
| CN108322886B (en) | Authentication method and device for terminal positioning data | |
| CN116015900B (en) | Data self-storage self-verification method, device, equipment and storage medium | |
| CN115460017B (en) | Block chain-based digital identity authority verification system | |
| CN116996408A (en) | Data transmission monitoring method and device, electronic equipment and storage medium | |
| CN114880397B (en) | Decentralised data storage method and device, computer medium and electronic equipment | |
| CN110995454A (en) | Service verification method and system | |
| CN114363094B (en) | Data sharing method, device, equipment and storage medium | |
| CN112926047A (en) | Authorization control method and device for localized deployment product, electronic equipment and medium | |
| CN115118507B (en) | Log evidence-storing and log verification method and device suitable for privacy calculation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |