CN115396087B - Identity authentication method, device, equipment and medium based on temporary identity certificate - Google Patents

Identity authentication method, device, equipment and medium based on temporary identity certificate Download PDF

Info

Publication number
CN115396087B
CN115396087B CN202210700339.7A CN202210700339A CN115396087B CN 115396087 B CN115396087 B CN 115396087B CN 202210700339 A CN202210700339 A CN 202210700339A CN 115396087 B CN115396087 B CN 115396087B
Authority
CN
China
Prior art keywords
blockchain
participation node
node
identity certificate
temporary
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210700339.7A
Other languages
Chinese (zh)
Other versions
CN115396087A (en
Inventor
李朝霞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Unicom Digital Technology Co Ltd
Unicom Cloud Data Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Unicom Digital Technology Co Ltd
Unicom Cloud Data Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd, Unicom Digital Technology Co Ltd, Unicom Cloud Data Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202210700339.7A priority Critical patent/CN115396087B/en
Publication of CN115396087A publication Critical patent/CN115396087A/en
Application granted granted Critical
Publication of CN115396087B publication Critical patent/CN115396087B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The application provides an identity authentication method, device, equipment and medium based on a temporary identity certificate, wherein the method is applied to a first blockchain participation node and comprises the following steps: responding to an authentication request sent by a second blockchain participation node, and acquiring a first biological characteristic of a first user; generating a temporary encryption key; performing third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature to obtain authentication information, and sending the authentication information to a third party blockchain node so that the third party blockchain node can issue a temporary identity certificate to the first blockchain participation node and broadcast the temporary identity certificate to the blockchain; and acquiring a temporary identity certificate, and sending the temporary identity certificate to a second blockchain participation node so that the second blockchain participation node performs identity authentication on the first blockchain participation node according to the temporary identity certificate.

Description

Identity authentication method, device, equipment and medium based on temporary identity certificate
Technical Field
The present application relates to the field of communications technologies, and in particular, to an identity authentication method, apparatus, device, and medium based on a temporary identity certificate.
Background
A blockchain is a chain of blocks one by one. Each block holds certain information which is linked in a chain according to the time sequence of their respective generation. This chain is kept in all servers, and the entire blockchain is secure as long as one server in the entire system can work. These servers, referred to as nodes in the blockchain system, provide storage space and computational support for the entire blockchain system.
User authentication in current blockchains relies on the private key of the user who owns the private key corresponding to the public key claiming the identity of the user, who is the correct user, the user must protect the security of the private key tightly, and once the private key is lost or compromised, all assets in the blockchain cannot be retrieved. Currently, in a blockchain identity authentication mode, a password is generally used as a private key for authentication.
However, the password is easily revealed or cracked as a private key, and the authentication method in the prior art has a technical problem of low security.
Disclosure of Invention
The application provides an identity authentication method, device, equipment and medium based on a temporary identity certificate, which are used for solving the technical problems that a password is taken as a private key in the prior art to be easily revealed or cracked, and the authentication mode has low safety.
In a first aspect, the present application provides an identity authentication method based on a temporary identity certificate, applied to a first blockchain participating node, including:
responding to an authentication request sent by a second blockchain participation node, and acquiring a first biological characteristic of a first user;
Generating a temporary encryption key;
Performing third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature to obtain authentication information, and sending the authentication information to a third party blockchain node so that the third party blockchain node decrypts the authentication information through a third party private key after the first private key signature is successfully verified to obtain the first blockchain participation node identifier and the first biological feature, compares the first biological feature according to a preset biological feature library, and if the comparison is successful, signs a temporary identity certificate for the first blockchain participation node and broadcasts the temporary identity certificate to a blockchain;
and acquiring the temporary identity certificate, and sending the temporary identity certificate to the second blockchain participation node so that the second blockchain participation node performs identity authentication on the first blockchain participation node according to the temporary identity certificate.
The application provides an identity authentication method based on a temporary identity certificate, aiming at nodes in a blockchain, an authoritative and trusted third party is adopted to participate in authentication, and safe and reliable authentication can be provided for other nodes by issuing the temporary identity certificate. Specifically, if the second blockchain participation node needs to authenticate the first blockchain participation node, the second blockchain participation node initiates an authentication request to the first blockchain participation node, the first blockchain participation node can request a temporary identity certificate to an authoritative third party, namely a third party blockchain node, based on the authentication request, the third party blockchain participation node can issue the temporary identity certificate based on the temporary encryption key, the first blockchain participation node identification, the second blockchain participation node identification, the first biological characteristics and other information sent by the first blockchain participation node, and the first blockchain participation node can acquire the temporary identity certificate on the blockchain and send the temporary identity certificate to the second blockchain participation node to achieve authentication, so that the method of achieving identity authentication under the condition that the private key is not needed is achieved, and the safety of identity authentication of participants in the blockchain is improved.
Optionally, before the acquiring the temporary identity certificate, the method further includes:
initiating a query fee payment application in the blockchain;
accordingly, after the sending the temporary identity certificate to the second blockchain participation node, the method further includes:
And acquiring inquiry fees in the blockchain, and carrying out payment processing according to the inquiry fees.
The blockchain participant can initiate a query fee payment application in the blockchain in the authentication request process so as to realize automatic payment of identity authentication, thereby improving user experience.
Optionally, before the obtaining the first biological feature of the first user in response to the authentication request sent by the second blockchain participation node, the method further includes:
And registering verification information in a third-party blockchain node, wherein the verification information comprises the corresponding relation between the biological characteristic data and the identity information of the first user.
Before the identity authentication, each blockchain participant may first register its own biometric data (such as fingerprint and iris) and identity information (the identity information may be a virtual identity on the blockchain, such as a blockchain identifier and a public key, to represent the blockchain participant) in an authoritative trusted third party (a third party blockchain node), so that the third party blockchain node can perform authentication according to the registered information.
Optionally, after the authentication information registration at the third party blockchain node, the method further includes:
And receiving a third party blockchain identification and a third party public key sent by the third party blockchain node.
In a second aspect, the present application provides an identity authentication method based on a temporary identity certificate, applied to a third party blockchain node, including:
Receiving authentication information sent by a first blockchain participation node, wherein the authentication information is a first biological characteristic of a first user obtained by the first blockchain participation node in response to an authentication request sent by a second blockchain participation node; generating a temporary encryption key; the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature are subjected to third party public key encryption processing and first private key signature processing to obtain the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature;
After the first private key signature is successfully verified, decrypting the authentication information through a third-party private key to obtain a first blockchain participation node identifier and a first biological characteristic;
Comparing the first biological characteristics according to a preset biological characteristic library;
If the comparison is successful, a temporary identity certificate is issued to the first blockchain participation node, the temporary identity certificate is broadcasted to the blockchain, so that the first blockchain participation node acquires the temporary identity certificate, the temporary identity certificate is sent to the second blockchain participation node, and the temporary identity certificate is used for the second blockchain participation node to carry out identity authentication on the first blockchain participation node.
The identity authentication method based on the temporary identity certificate is applied to a third party blockchain node, namely an authoritative third party, the third party blockchain node centrally stores biological characteristics, provides biological characteristic comparison service for all users, and issues the temporary identity certificate for other blockchain participation nodes after the comparison is successful, so that the identity authentication is completed without having a private key, and the accuracy and the safety of the identity authentication in the blockchain are improved.
Optionally, the comparing the first biological feature according to a preset biological feature library includes:
Inquiring in a preset biological characteristic library according to a first blockchain participation node identifier in the authentication information, and determining a preset biological characteristic corresponding to the first blockchain participation node identifier;
Comparing the preset biological characteristic with the first biological characteristic.
The third-party blockchain participation node can determine the preset biological characteristics corresponding to the first blockchain participation node in the preset biological characteristics library based on the first blockchain participation node identification in the authentication information, so that the identity of the first blockchain participation node is identified, accurate and efficient identity identification and authentication are realized, the safety and stability of identity authentication are further improved, and the safety of blockchain information transmission is improved.
Optionally, the issuing a temporary identity certificate to the first blockchain participating node includes:
Issuing a temporary identity certificate signed by the third party blockchain participation node to the first blockchain participation node, wherein the temporary identity certificate comprises the first blockchain participation node identification, the second blockchain participation node identification, current time information, a random number and an encryption result obtained by encrypting the random number through the temporary encryption key.
When the third-party blockchain node issues the temporary identity certificate for the first blockchain participation node, the temporary identity certificate comprises the first blockchain participation node identification, the second blockchain participation node identification, the current time information, the random number and an encryption result obtained by encrypting the random number through the temporary encryption key, so that the second blockchain participation node can be conveniently and accurately authenticated.
In a third aspect, the present application provides an identity authentication method based on a temporary identity certificate, applied to a second blockchain participating node, including:
Sending an authentication request to a first blockchain participation node so that the first blockchain participation node responds to the authentication request to acquire a first biological characteristic of a first user; generating a temporary encryption key; performing third-party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature to obtain authentication information, and sending the authentication information to a third-party blockchain node; acquiring a temporary identity certificate, and sending the temporary identity certificate to a second blockchain participation node, wherein the authentication information is used for decrypting the authentication information through a third party private key after the third party blockchain node successfully verifies the first private key signature to obtain a first blockchain participation node identifier and a first biological characteristic, comparing the first biological characteristic according to a preset biological characteristic library, if the comparison is successful, issuing the temporary identity certificate to the first blockchain participation node, and broadcasting the temporary identity certificate to a blockchain;
Receiving a temporary identity certificate sent by the first blockchain participation node;
And authenticating the identity of the first blockchain participation node according to the temporary identity certificate.
The identity authentication method based on the temporary identity certificate is applied to the second blockchain participation node initiating authentication, when the second blockchain participation node needs to initiate identity authentication to other nodes, namely the first blockchain participation node, an authentication request is sent to the first blockchain participation node, the first blockchain participation node can request the temporary identity certificate to the third-party blockchain node according to the authentication request, the second blockchain participation node can conduct identity authentication to the first blockchain participation node according to the temporary identity certificate, identity authentication can be achieved without having a private key of the first blockchain participation node, and safety and reliability of the identity authentication are improved.
Optionally, the temporary identity certificate includes the first blockchain participation node identifier, the second blockchain participation node identifier, current time information, a random number and an encryption result obtained by encrypting the random number by the temporary encryption key;
Correspondingly, receiving the temporary identity certificate sent by the first blockchain participation node comprises the following steps:
receiving a temporary identity certificate and the temporary encryption key sent by the first blockchain participation node;
The step of authenticating the identity of the first blockchain participation node according to the temporary identity certificate comprises the following steps:
Encrypting the random number in the temporary identity certificate according to the temporary encryption key to obtain an authentication encryption result;
And authenticating the identity of the first blockchain participation node according to the authentication encryption result and the encryption result obtained by encrypting the random number by the temporary encryption key.
The second blockchain participation node provided by the application can authenticate the temporary identity certificate, so that the identity authentication of the first blockchain participation node is realized, the encryption result obtained by encrypting the random number through the temporary encryption key in the temporary identity certificate is compared with the encryption result obtained by encrypting the random number through the temporary encryption key, the private key of the first blockchain participation node is not required to be acquired, and the security of the identity authentication is further improved.
In a fourth aspect, the present application provides an identity authentication method based on a temporary identity certificate, applied to an identity authentication system including a first blockchain participation node, a second blockchain participation node and a third party blockchain node, the method comprising:
the second blockchain participation node sends an authentication request to the first blockchain participation node;
the first blockchain participation node responds to an authentication request sent by the second blockchain participation node to acquire a first biological characteristic of a first user;
The first blockchain participating node generates a temporary encryption key;
The first blockchain participation node carries out third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identification, the second blockchain participation node identification and the first biological feature to obtain authentication information;
The first blockchain participation node sends the authentication information to a third party blockchain node;
after the first private key signature is successfully verified, the third-party blockchain node decrypts the authentication information through the third-party private key to obtain a first blockchain participation node identifier and a first biological characteristic;
The third-party blockchain node compares the first biological characteristics according to a preset biological characteristic library;
If the third-party blockchain node successfully compares, a temporary identity certificate is issued to the first blockchain participation node, and the temporary identity certificate is broadcasted to the blockchain;
the first blockchain participation node acquires the temporary identity certificate and sends the temporary identity certificate to the second blockchain participation node;
The second blockchain participation node receives the temporary identity certificate sent by the first blockchain participation node;
And the second blockchain participation node performs identity authentication on the first blockchain participation node according to the temporary identity certificate.
In a fifth aspect, the present application provides an identity authentication device based on a temporary identity certificate, applied to a first blockchain participating node, including:
The first acquisition module is used for responding to an authentication request sent by the second blockchain participation node to acquire a first biological characteristic of the first user;
The generation module is used for generating a temporary encryption key;
The first processing module is used for carrying out third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature to obtain authentication information, sending the authentication information to a third party blockchain node, decrypting the authentication information through a third party private key after the first private key signature is successfully verified by the third party blockchain node, obtaining the first blockchain participation node identifier and the first biological feature, comparing the first biological feature according to a preset biological feature library, if the comparison is successful, issuing a temporary identity certificate to the first blockchain participation node, and broadcasting the temporary identity certificate to a blockchain;
the second processing module is used for acquiring the temporary identity certificate, sending the temporary identity certificate to the second blockchain participation node, and enabling the second blockchain participation node to conduct identity authentication on the first blockchain participation node according to the temporary identity certificate.
Optionally, before the second processing module obtains the temporary identity certificate, the apparatus further includes:
the payment initiating module is used for initiating a query fee payment application in the blockchain;
accordingly, after the second processing module sends the temporary identity certificate to the second blockchain participation node, the apparatus further includes:
And the payment processing module is used for acquiring the inquiry cost from the blockchain and carrying out payment processing according to the inquiry cost.
Optionally, before the first obtaining module obtains the first biological feature of the first user in response to the authentication request sent by the second blockchain participation node, the apparatus further includes:
And the registration module is used for registering verification information in the third-party blockchain node, wherein the verification information comprises the corresponding relation between the biological characteristic data and the identity information of the first user.
Optionally, after the registration module performs authentication information registration at the third party blockchain node, the method further includes:
and the first receiving module is used for receiving the third-party blockchain identification and the third-party public key sent by the third-party blockchain node.
In a sixth aspect, the present application provides an identity authentication device based on a temporary identity certificate, applied to a third party blockchain node, including:
the second receiving module is used for receiving authentication information sent by the first blockchain participation node, wherein the authentication information is that the first blockchain participation node responds to an authentication request sent by the second blockchain participation node to acquire a first biological characteristic of the first user; generating a temporary encryption key; the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature are subjected to third party public key encryption processing and first private key signature processing to obtain the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature;
the third processing module is used for decrypting the authentication information through a third party private key after the first private key signature is successfully verified, so as to obtain a first blockchain participation node identifier and a first biological characteristic;
The comparison module is used for comparing the first biological characteristics according to a preset biological characteristic library;
And the fourth processing module is used for issuing a temporary identity certificate to the first blockchain participation node if the comparison is successful, broadcasting the temporary identity certificate to the blockchain, so that the first blockchain participation node acquires the temporary identity certificate and sends the temporary identity certificate to the second blockchain participation node, wherein the temporary identity certificate is used for the second blockchain participation node to authenticate the identity of the first blockchain participation node.
Optionally, the comparison module is specifically configured to:
Inquiring in a preset biological characteristic library according to a first blockchain participation node identifier in the authentication information, and determining a preset biological characteristic corresponding to the first blockchain participation node identifier;
Comparing the preset biological characteristic with the first biological characteristic.
Optionally, the fourth processing module is specifically configured to:
Issuing a temporary identity certificate signed by the third party blockchain participation node to the first blockchain participation node, wherein the temporary identity certificate comprises the first blockchain participation node identification, the second blockchain participation node identification, current time information, a random number and an encryption result obtained by encrypting the random number through the temporary encryption key.
In a seventh aspect, the present application provides an identity authentication device based on a temporary identity certificate, applied to a second blockchain participating node, including:
The first sending module is used for sending an authentication request to a first blockchain participation node so that the first blockchain participation node responds to the authentication request to acquire a first biological characteristic of a first user; generating a temporary encryption key; performing third-party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature to obtain authentication information, and sending the authentication information to a third-party blockchain node; acquiring a temporary identity certificate, and sending the temporary identity certificate to a second blockchain participation node, wherein the authentication information is used for decrypting the authentication information through a third party private key after the third party blockchain node successfully verifies the first private key signature to obtain a first blockchain participation node identifier and a first biological characteristic, comparing the first biological characteristic according to a preset biological characteristic library, if the comparison is successful, issuing the temporary identity certificate to the first blockchain participation node, and broadcasting the temporary identity certificate to a blockchain;
The third receiving module is used for receiving the temporary identity certificate sent by the first blockchain participation node;
and the authentication module is used for carrying out identity authentication on the first blockchain participation node according to the temporary identity certificate.
Optionally, the temporary identity certificate includes the first blockchain participation node identifier, the second blockchain participation node identifier, current time information, a random number and an encryption result obtained by encrypting the random number by the temporary encryption key;
Correspondingly, the third receiving module is specifically configured to:
receiving a temporary identity certificate and the temporary encryption key sent by the first blockchain participation node;
The authentication module is specifically configured to:
Encrypting the random number in the temporary identity certificate according to the temporary encryption key to obtain an authentication encryption result;
And authenticating the identity of the first blockchain participation node according to the authentication encryption result and the encryption result obtained by encrypting the random number by the temporary encryption key.
In an eighth aspect, the present application provides an authentication apparatus based on a temporary identity certificate, comprising: at least one processor and memory;
The memory stores computer-executable instructions;
the at least one processor executes computer-executable instructions stored by the memory, causing the at least one processor to perform the temporary identity certificate-based authentication method as described above in the first aspect and the various possible designs of the first aspect.
In a ninth aspect, the present application provides an authentication apparatus based on a temporary identity certificate, comprising: at least one processor and memory;
The memory stores computer-executable instructions;
the at least one processor executes computer-executable instructions stored by the memory, causing the at least one processor to perform the temporary identity certificate-based identity authentication method as described in the above second aspect and the various possible designs of the second aspect.
In a tenth aspect, the present application provides an authentication apparatus based on a temporary identity certificate, comprising: at least one processor and memory;
The memory stores computer-executable instructions;
The at least one processor executes computer-executable instructions stored by the memory, causing the at least one processor to perform the temporary identity certificate based authentication method as described above in the third aspect and the various possible designs of the third aspect.
In an eleventh aspect, the present application provides a computer readable storage medium, where computer executable instructions are stored, which when executed by a processor, implement the temporary identity certificate based identity authentication method according to the first aspect and the various possible designs of the first aspect.
In a twelfth aspect, the present application provides a computer-readable storage medium, where computer-executable instructions are stored, which when executed by a processor, implement the temporary identity certificate-based identity authentication method according to the above second aspect and the various possible designs of the second aspect.
In a thirteenth aspect, the present application provides a computer-readable storage medium, where computer-executable instructions are stored, which when executed by a processor, implement the temporary identity certificate-based identity authentication method according to the above third aspect and the various possible designs of the third aspect.
In a fourteenth aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the temporary identity certificate based identity authentication method as described in the first aspect and the various possible designs of the first aspect.
In a fifteenth aspect, the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the temporary identity certificate based identity authentication method as described in the above second aspect and the various possible designs of the second aspect.
In a sixteenth aspect, the present application provides a computer program product comprising a computer program which, when being executed by a processor, implements the temporary identity certificate based identity authentication method as described in the above third aspect and the various possible designs of the third aspect.
The method, the device, the server and the storage medium for authenticating the identity based on the temporary identity certificate are provided, the method is used for authenticating the identity based on the temporary identity certificate, the authority trusted third party is adopted for authenticating the node in the blockchain, safe and reliable authentication can be provided, and particularly, if the second blockchain participated node needs to authenticate the first blockchain participated node, the second blockchain participated node initiates an authentication request to the first blockchain participated node, the first blockchain participated node can request the temporary identity certificate to the authority third party, namely the third party blockchain node, based on the authentication request, the third party blockchain participated node can issue the temporary identity certificate based on the temporary encryption key sent by the first blockchain participated node, the first blockchain participated node identifier, the second blockchain participated node identifier, the first biological characteristic and the like, and the first blockchain participated node can acquire the temporary identity certificate on the blockchain participated node to authenticate the second blockchain participated node so as to achieve authentication, and therefore the method for achieving identity authentication under the condition that the participator in the private key is not needed is achieved, and the safety of the participator in the identity authentication is improved.
Drawings
In order to more clearly illustrate the embodiments of the application or the technical solutions of the prior art, the drawings which are used in the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the description below are only some embodiments of the application, and that other drawings can be obtained according to these drawings without inventive faculty for a person skilled in the art.
Fig. 1 is a schematic diagram of an authentication system architecture based on a temporary identity certificate according to an embodiment of the present application;
fig. 2 is a schematic flow chart of an identity authentication method based on a temporary identity certificate according to an embodiment of the present application;
FIG. 3 is a schematic flow chart of another authentication method based on temporary identity credentials according to an embodiment of the present application;
fig. 4 is a schematic flow chart of another identity authentication method based on temporary identity credentials according to an embodiment of the present application;
FIG. 5 is a flowchart of another method for authenticating an identity based on a temporary identity certificate according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an identity authentication device based on a temporary identity certificate according to an embodiment of the present application;
Fig. 7 is a schematic structural diagram of an identity authentication device based on a temporary identity certificate according to an embodiment of the present application;
FIG. 8 is a schematic diagram of another identity authentication device based on temporary identity credentials according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of another identity authentication device based on temporary identity credentials according to an embodiment of the present application.
Specific embodiments of the present disclosure have been shown by way of the above drawings and will be described in more detail below. These drawings and the written description are not intended to limit the scope of the disclosed concepts in any way, but rather to illustrate the disclosed concepts to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present disclosure as detailed in the accompanying claims.
The terms "first," "second," "third," and "fourth" and the like in the description and in the claims and in the above drawings, if any, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the application described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In the technical scheme of the application, the related information such as user data and the like is collected, stored, used, processed, transmitted, provided, disclosed and the like, which are all in accordance with the regulations of related laws and regulations and do not violate the popular public order.
A blockchain is a special distributed database. Blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, consensus mechanism, encryption algorithm and the like, and is essentially a decentralised database. Firstly, the main function of the blockchain is to store information, and any information needing to be stored can be written into the blockchain or read from the blockchain, so that the blockchain is a database; secondly, anyone can build a server and join the blockchain network to become a node. The world of the blockchain has no central node, each node is equal, the whole database is stored, and data can be written into or read from any node, because all nodes are synchronous finally, the blockchain consistency is ensured. A blockchain is a string of data blocks that are generated in association using cryptographic methods, each of which contains information of a network transaction for verifying the validity (anti-counterfeit) of the information and generating the next block. In a narrow sense, a blockchain is a distributed ledger that combines blocks of data in a sequential manner in time order into a chain data structure, and that is cryptographically secured against tampering and counterfeiting. In broad terms, blockchain technology is a completely new distributed infrastructure and computing paradigm that utilizes blockchain data structures to validate and store data, distributed node consensus algorithms to generate and update data, cryptography to secure data transfer and access, and intelligent contracts composed of automated script code to program and manipulate data. The design of blockchain is a protective measure, such as (applied to) highly fault tolerant distributed computing systems. Blockchains enable hybrid consistency. This adapts the blockchain to record events, titles, medical records, and other activities requiring listing data, identification management, transaction flow management, and provenance management.
User authentication in the current blockchain relies on the private key of the user who owns the private key corresponding to the public key claiming the identity of the user, who is the correct user. However, the user is required to protect the private key in a particularly tight manner, and once the private key is lost or compromised, all the assets in the blockchain cannot be retrieved. However, the conventional password is easy to memorize and crack, and is expected to be based on the fingerprint/iris and other biological characteristics, but the biological characteristics are only suitable for local authentication, and once the password is sent to an authentication party, the password means that the biological characteristics are mastered by the other party, and the password is easy to be used maliciously, so that the biological characteristics are revealed.
In order to solve the technical problems, the embodiment of the application provides an identity authentication method, an identity authentication device, a server and a storage medium based on a temporary identity certificate, aiming at nodes in a blockchain, an authoritative and trusted third party is adopted to participate in authentication, safe and reliable authentication can be provided for other nodes by issuing the temporary identity certificate, and if a second blockchain participation node needs to authenticate a first blockchain participation node, the private key of the first blockchain participation node is not required to be mastered, so that the security is improved.
Optionally, fig. 1 is a schematic diagram of an authentication system architecture based on a temporary identity certificate according to an embodiment of the present application. As shown in fig. 1, the architecture described above includes a first blockchain participating node 101, a third party blockchain node 102, and a second blockchain participating node 103.
It will be appreciated that the number of the first blockchain participating node 101, the third party blockchain node 102 and the second blockchain participating node 103 may be determined according to practical situations, and fig. 1 is merely schematic, and the number of the nodes is not specifically limited in the embodiment of the present application.
The first blockchain participation node 101, the third party blockchain node 102 and the second blockchain participation node 103 are nodes in the blockchain, and communication can be achieved between any two nodes (in the present application, communication connection between nodes with different properties is needed, for example, the third party blockchain node broadcasts information to the first blockchain participation node and the second blockchain participation node, and in fig. 1, the communication connection between the nodes with different properties is only shown by using a connection line).
The user can realize information interaction with the first blockchain participation node, the third-party blockchain node or the second blockchain participation node through input/output equipment.
It will be appreciated that the architecture illustrated by embodiments of the present application does not constitute a specific limitation on the architecture of an authentication system based on temporary identity certificates. In other possible embodiments of the present application, the architecture may include more or less components than those illustrated, or some components may be combined, some components may be split, or different component arrangements may be specifically determined according to the actual application scenario, and the present application is not limited herein. The components shown in fig. 1 may be implemented in hardware, software, or a combination of software and hardware.
In addition, the network architecture and the service scenario described in the embodiments of the present application are for more clearly describing the technical solution of the embodiments of the present application, and do not constitute a limitation on the technical solution provided by the embodiments of the present application, and as a person of ordinary skill in the art can know, with evolution of the network architecture and occurrence of a new service scenario, the technical solution provided by the embodiments of the present application is also applicable to similar technical problems.
The following description of the present application is given by taking several embodiments as examples, and the same or similar concepts or processes may not be described in detail in some embodiments.
Fig. 2 is a schematic flow chart of an identity authentication method based on a temporary identity certificate according to an embodiment of the present application, where the embodiment of the present application may be applied to the first blockchain participating node 101 in fig. 1, where the first blockchain participating node 101 may be a server, and a specific execution body may be determined according to an actual application scenario. As shown in fig. 2, the method comprises the steps of:
s201: and responding to the authentication request sent by the second blockchain participation node, and acquiring the first biological characteristic of the first user.
In embodiments of the present application, for ease of illustration, the second blockchain participating node may also be referred to as blockchain participant B and the first blockchain participating node may also be referred to as blockchain participant a.
In one possible implementation, the second blockchain participation node is a blockchain participant B and the first blockchain participation node is a blockchain participant a, and the blockchain participant B initiates an authentication request to the blockchain participant a when the blockchain participant B needs to authenticate the identity of the blockchain participant a.
Optionally, the first user is a home user of the first blockchain participating node, for example, the first blockchain participating node is a terminal, and is a user of the terminal, and if the first blockchain node is a server, the first user is a server operator.
Optionally, the first biometric feature herein is a biometric feature of the first user acquired by the first blockchain participating node, and may be a fingerprint feature or an iris feature, or may be a facial image or the like.
Alternatively, the biometric characteristic of the first user may be acquired by a terminal or an acquisition device, in particular, the biometric characteristic may be acquired by a camera, a sensor or the like.
In one possible implementation, if blockchain participant a is the first blockchain participating node, blockchain participant a collects its own biometric such as FINGERPRINTA'.
Optionally, before the first biometric of the first user is obtained in response to the authentication request sent by the second blockchain participation node, the method further includes:
And registering verification information in the third-party blockchain node, wherein the verification information comprises the corresponding relation between the biological characteristic data and the identity information of the first user.
Before the identity authentication, each blockchain participant may first register its own biometric data (such as fingerprint and iris) and identity information (the identity information may be a virtual identity on the blockchain, such as a blockchain identifier and a public key, to represent the blockchain participant) in an authoritative trusted third party (a third party blockchain node), so that the third party blockchain node can perform authentication according to the registered information.
The verification information comprises the corresponding relation between the biometric data of the first user and the identity information.
In one possible implementation, each blockchain participant first registers its own biometric data (e.g., fingerprint, iris) and identity information (which may be virtual identities on the blockchain, such as blockchain identification and public key, to represent the blockchain participant) with an authoritative trusted third party.
Alternatively, the registration may be performed off-line or on-line, and for security, it is preferable to perform the collection of biometric data (e.g., fingerprint, iris) off-line.
Optionally, after the authentication information registration at the third party blockchain node, the method further includes:
And receiving a third party blockchain identification and a third party public key sent by the third party blockchain node.
S202: a temporary encryption key is generated.
Optionally, the first blockchain participating node randomly generates the temporary encryption Key.
S201: and carrying out third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological characteristic to obtain authentication information, sending the authentication information to a third party blockchain node so that the third party blockchain node decrypts the authentication information through the third party private key after successful verification of the first private key signature to obtain the first blockchain participation node identifier and the first biological characteristic, comparing the first biological characteristic according to a preset biological characteristic library, if the comparison is successful, issuing a temporary identity certificate to the first blockchain participation node, and broadcasting the temporary identity certificate to the blockchain.
In one possible implementation, the blockchain participant a encrypts the Key and IDa, IDb, fingerPrintA 'with the public Key of the authoritative third party and then signs it to the authoritative third party using the blockchain participant a's own private Key (the first private Key). The IDa and IDb are identifiers in the blockchain corresponding to the blockchain participant a and the blockchain participant B, respectively, that is, a first blockchain participation node identifier and a second blockchain participation node identifier.
S204: and acquiring a temporary identity certificate, and sending the temporary identity certificate to a second blockchain participation node so that the second blockchain participation node performs identity authentication on the first blockchain participation node according to the temporary identity certificate.
Optionally, the temporary identity certificate may be sent to the second blockchain participation node, or the address of the second blockchain participation node may be sent to the second blockchain participation node.
In one possible implementation, the blockchain participant a obtains the temporary identity certificate from the blockchain and sends it to the blockchain participant B along with the Key, or sends the address of the temporary identity certificate issued by the authoritative third party on the blockchain to the blockchain participant B for self-fetching by the blockchain participant B.
Optionally, before acquiring the temporary identity certificate, the method further comprises:
initiating a query fee payment application in the blockchain;
accordingly, after sending the temporary identity certificate to the second blockchain participating node, further comprises:
and acquiring the query cost in the blockchain, and carrying out payment processing according to the query cost.
The blockchain participant can initiate a query fee payment application in the blockchain in the authentication request process so as to realize automatic payment of identity authentication, thereby improving user experience.
In one possible implementation, blockchain participant a initiates a query fee payment application in the blockchain. After the temporary identity certificate is issued by the third-party blockchain participation node, the third-party blockchain participation node signature confirmation is carried out on the temporary identity certificate on the blockchain, and if the verification is passed, the inquiry cost of the blockchain participant A to the authoritative third party is written into the blockchain, and the payment is successful.
The blockchain participant can initiate a query fee payment application in the blockchain in the authentication request process so as to realize automatic payment of identity authentication, thereby improving user experience.
Optionally, fig. 3 is a schematic flow chart of another identity authentication method based on a temporary identity certificate according to an embodiment of the present application. The execution subject of the embodiment of the present application is the third party blockchain node 102 in fig. 1, and the specific execution subject can be determined according to the actual application scenario. As shown in fig. 3, the method comprises the steps of:
S301: authentication information sent by a first blockchain participating node is received.
The authentication information is that a first blockchain participation node responds to an authentication request sent by a second blockchain participation node to acquire a first biological characteristic of a first user; generating a temporary encryption key; and carrying out third-party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological characteristic.
S302: after the first private key signature is successfully verified, the authentication information is decrypted through the third-party private key, and the first blockchain participation node identifier and the first biological characteristic are obtained.
Alternatively the third party blockchain node may publish its blockchain identification and the third party public key (the public key of the third party blockchain node) in the form of a broadcast message signed by a private key on the blockchain. Anyone on the blockchain can use its public key to verify his issued identity certificate.
In one possible implementation, after receiving the above information, the third party blockchain node verifies the private key signature of the blockchain participant a, and if the verification is passed, decrypts the above encrypted information by using the private key of the authoritative third party (the third party private key), and after decrypting, obtains FINGERPRINTA by indexing in the biometric library through IDa, and then compares FINGERPRINTA' with the comparison FINGERPRINTA in the biometric library.
S303: and comparing the first biological characteristics according to a preset biological characteristic library.
Optionally, the comparing the first biological feature according to the preset biological feature library includes:
Inquiring in a preset biological characteristic library according to the first blockchain participation node identification in the authentication information, and determining a preset biological characteristic corresponding to the first blockchain participation node identification; the preset biological characteristics are compared with the first biological characteristics.
The third-party blockchain participation node in the embodiment of the application can determine the preset biological characteristics corresponding to the first blockchain participation node in the preset biological characteristics library based on the first blockchain participation node identification in the authentication information, thereby identifying the identity of the first blockchain participation node, realizing accurate and efficient identity identification and authentication, further improving the safety and stability of identity authentication and improving the safety of blockchain information transmission.
S304: if the comparison is successful, a temporary identity certificate is issued to the first blockchain participation node, the temporary identity certificate is broadcasted to the blockchain, so that the first blockchain participation node acquires the temporary identity certificate, the temporary identity certificate is sent to the second blockchain participation node, and the temporary identity certificate is used for the second blockchain participation node to carry out identity authentication on the first blockchain participation node.
Optionally, issuing a temporary identity certificate to the first blockchain participating node includes:
And issuing a temporary identity certificate signed by the third-party blockchain participation node to the first blockchain participation node, wherein the temporary identity certificate comprises a first blockchain participation node identifier, a second blockchain participation node identifier, current time information, a random number and an encryption result obtained by encrypting the random number by a temporary encryption key.
In one possible implementation, once the comparison is passed, the authoritative third party issues a temporary identity certificate to the blockchain participant a, including IDa, IDb, information of the current time, and confirms the identity of IDa to IDb, and issues the above information in the blockchain by means of a broadcast message signed by the authoritative third party using a private Key, with the encryption result 1 obtained by including a Random number Random and encrypting the Random number Random with Key.
Here, when the third party blockchain node in the embodiment of the application issues the temporary identity certificate for the first blockchain participation node, the temporary identity certificate comprises the first blockchain participation node identifier, the second blockchain participation node identifier, the current time information, the random number and an encryption result obtained by encrypting the random number through the temporary encryption key, so that the second blockchain participation node can conveniently and accurately and safely authenticate.
The identity authentication method based on the temporary identity certificate is applied to a third party blockchain node, namely an authoritative third party, the third party blockchain node centrally stores biological characteristics, provides biological characteristic comparison service for all users, and issues the temporary identity certificate for other blockchain participation nodes after the comparison is successful, so that the identity authentication is completed without having a private key, and the accuracy and the safety of the identity authentication in the blockchain are improved.
Optionally, fig. 4 is a schematic flow chart of another identity authentication method based on a temporary identity certificate according to an embodiment of the present application. The execution body of the embodiment of the present application is the second blockchain participation node 103 in fig. 1, which may be a server, and the specific execution body may be determined according to an actual application scenario. As shown in fig. 4, the method comprises the steps of:
s401: sending an authentication request to a first blockchain participation node so that the first blockchain participation node responds to the authentication request to acquire a first biological characteristic of a first user; generating a temporary encryption key; performing third-party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological characteristic to obtain authentication information, and sending the authentication information to a third-party blockchain node; and acquiring the temporary identity certificate and sending the temporary identity certificate to the second blockchain participation node.
The authentication information is used for decrypting the authentication information through a third-party private key after the third-party blockchain node successfully verifies the first private key signature to obtain a first blockchain participation node identifier and a first biological characteristic, the first biological characteristic is compared according to a preset biological characteristic library, if the comparison is successful, a temporary identity certificate is issued to the first blockchain participation node, and the temporary identity certificate is broadcasted to the blockchain.
S402: and receiving the temporary identity certificate sent by the first blockchain participation node.
S403: and authenticating the identity of the first blockchain participating node according to the temporary identity certificate.
Optionally, the temporary identity certificate includes a first blockchain participation node identification, a second blockchain participation node identification, current time information, a random number, and an encryption result obtained by encrypting the random number with the temporary encryption key.
Correspondingly, receiving the temporary identity certificate sent by the first blockchain participation node includes: and receiving the temporary identity certificate and the temporary encryption key sent by the first blockchain participation node.
According to the temporary identity certificate, carrying out identity authentication on the first blockchain participation node, wherein the method comprises the following steps: encrypting the random number in the temporary identity certificate according to the temporary encryption key to obtain an authentication encryption result; and carrying out identity authentication on the first blockchain participating node according to the authentication encryption result and the encryption result obtained by encrypting the random number by the temporary encryption key.
The second blockchain participating node provided by the embodiment of the application can authenticate the temporary identity certificate, so that the identity authentication of the first blockchain participating node is realized, the encryption result obtained by encrypting the random number through the temporary encryption key and the temporary encryption key in the temporary identity certificate is compared, the private key of the first blockchain participating node is not required to be acquired, and the security of the identity authentication is further improved.
In one possible implementation, blockchain participant B encrypts Random in the certificate with the Key and validates the identity of blockchain participant a if the calculation result is the same as the information in the temporary identity certificate. And finishing the authentication.
The identity authentication method based on the temporary identity certificate is applied to the second blockchain participation node initiating authentication, when the second blockchain participation node needs to initiate identity authentication to other nodes, namely the first blockchain participation node, an authentication request is sent to the first blockchain participation node, the first blockchain participation node can request the temporary identity certificate to the third-party blockchain node according to the authentication request, the second blockchain participation node can conduct identity authentication to the first blockchain participation node according to the temporary identity certificate, identity authentication can be achieved without having a private key of the first blockchain participation node, and safety and reliability of the identity authentication are improved.
Optionally, fig. 5 is a schematic flow chart of another identity authentication method based on a temporary identity certificate according to an embodiment of the present application. The execution main body of the embodiment of the application is a system comprising a first blockchain participation node, a second blockchain participation node and a third-party blockchain node, and can be a server, and the specific execution main body can be determined according to an actual application scene. As shown in fig. 5, the method comprises the steps of:
s501: the second blockchain participating node sends an authentication request to the first blockchain participating node.
S502: the first blockchain participation node responds to an authentication request sent by the second blockchain participation node to acquire a first biological characteristic of the first user.
S503: the first blockchain participating node generates a temporary encryption key.
S504: the first blockchain participation node carries out third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identification, the second blockchain participation node identification and the first biological feature to obtain authentication information.
S505: the first blockchain participating node sends authentication information to the third party blockchain node.
S506: after the first private key signature is successfully verified, the third-party blockchain node decrypts the authentication information through the third-party private key to obtain the first blockchain participation node identifier and the first biological characteristic.
S507: and the third-party blockchain node compares the first biological characteristics according to a preset biological characteristic library.
S508: if the third-party blockchain node successfully compares, a temporary identity certificate is issued to the first blockchain participation node, and the temporary identity certificate is broadcast to the blockchains.
S509: the first blockchain participation node acquires a temporary identity certificate and sends the temporary identity certificate to the second blockchain participation node.
S510: the second blockchain participating node receives the temporary identity certificate sent by the first blockchain participating node.
S511: and the second blockchain participation node performs identity authentication on the first blockchain participation node according to the temporary identity certificate.
One possible specific authentication method is as follows:
When the blockchain participant B needs to carry out identity authentication on the blockchain participant A, the blockchain participant B initiates an authentication request to the blockchain participant A; the blockchain participant A collects own biological characteristics such as FINGERPRINTA', and randomly generates a temporary encryption Key Key; meanwhile, the block chain participant A encrypts the Key and IDa, IDb, fingerPrintA' through the public Key of the authoritative third party and then uses the private Key of the block chain participant A to sign and send the Key to the authoritative third party. The block chain participant A initiates a query fee payment application in the block chain; after receiving the information, the authoritative third party verifies the private key signature of the blockchain participant A, and if the verification is passed, the encrypted information is decrypted by using the private key of the authoritative third party, and FINGERPRINTA is obtained by indexing in a biological feature library through IDa and FINGERPRINTA' after decryption; once the comparison is passed, the authoritative third party issues a temporary identity certificate signed by the authoritative third party to the blockchain participant a, including IDa, IDb, information of the current time, and confirms the identity of IDa to IDb, and the above information is published in the blockchain by means of a broadcast message signed by the authoritative third party using a private Key, and the encrypted result 1 obtained by encrypting the Random number Random with Key. The blockchain miner confirms the authority third party subscription of the temporary certificate on the blockchain, if the temporary certificate passes the verification, the query fee of the blockchain participant A to the authority third party is written into the blockchain, and the payment is successful. The blockchain participant A obtains the temporary certificate from the blockchain and sends the temporary certificate and the Key to the blockchain participant B together, or sends an address of the authority third party for issuing the temporary certificate on the blockchain to the blockchain participant B, and the blockchain participant B performs self-fetching. And the blockchain participant B encrypts Random in the certificate through the Key, and if the calculation result is the same as the information in the temporary identity certificate, the identity of the blockchain participant A is confirmed. And finishing the authentication.
Fig. 6 is a schematic structural diagram of an identity authentication device based on a temporary identity certificate, which is applied to a first blockchain participating node according to an embodiment of the present application, as shown in fig. 6, where the device according to the embodiment of the present application includes: a first acquisition module 601, a generation module 602, a first processing module 603 and a second processing module 604. The temporary identity certificate-based identity authentication means may be a blockchain server or a chip or integrated circuit implementing the functions of the server. Here, the division of the first acquisition module 601, the generation module 602, the first processing module 603, and the second processing module 604 is just a division of a logic function, and both may be integrated or independent physically.
The first acquisition module is used for responding to an authentication request sent by the second blockchain participation node to acquire a first biological characteristic of the first user;
The generation module is used for generating a temporary encryption key;
The first processing module is used for carrying out third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological characteristic to obtain authentication information, sending the authentication information to the third party blockchain node so that the third party blockchain node decrypts the authentication information through the third party private key after the first private key signature is successfully verified to obtain the first blockchain participation node identifier and the first biological characteristic, comparing the first biological characteristic according to a preset biological characteristic library, if the comparison is successful, issuing a temporary identity certificate to the first blockchain participation node, and broadcasting the temporary identity certificate to the blockchain;
The second processing module is used for acquiring the temporary identity certificate, and sending the temporary identity certificate to the second blockchain participation node so that the second blockchain participation node can perform identity authentication on the first blockchain participation node according to the temporary identity certificate.
Optionally, before the second processing module obtains the temporary identity certificate, the apparatus further includes:
the payment initiating module is used for initiating a query fee payment application in the blockchain;
Accordingly, after the second processing module sends the temporary identity certificate to the second blockchain participation node, the apparatus further includes:
And the payment processing module is used for acquiring the inquiry cost from the blockchain and carrying out payment processing according to the inquiry cost.
Optionally, before the first obtaining module obtains the first biological feature of the first user in response to the authentication request sent by the second blockchain participation node, the apparatus further includes:
And the registration module is used for registering verification information in the third-party blockchain node, wherein the verification information comprises the corresponding relation between the biological characteristic data and the identity information of the first user.
Optionally, after the registration module performs authentication information registration at the third party blockchain node, the method further includes:
and the first receiving module is used for receiving the third-party blockchain identification and the third-party public key sent by the third-party blockchain node.
Fig. 7 is a schematic structural diagram of an identity authentication device based on a temporary identity certificate according to an embodiment of the present application. The apparatus may be a server applied to the first blockchain participating node, the components shown herein, their connections and relationships, and their functions are meant to be exemplary only, and not limiting to implementations of the application described and/or claimed herein.
As shown in fig. 7, the temporary identity certificate-based identity authentication apparatus includes: the processor 701 and the memory 702, the respective components are connected to each other using different buses, and may be mounted on a common motherboard or in other manners as appropriate. The processor 701 may process instructions executed within the terminal, including instructions stored in or on memory for display of graphical information on an external input/output device, such as a display device coupled to an interface. In other embodiments, multiple processors and/or multiple buses may be used, if desired, along with multiple memories and multiple memories. One processor 701 is illustrated in fig. 7.
The memory 702 is used as a non-transitory computer readable storage medium, and may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules (e.g., the first acquisition module 601, the generation module 602, the first processing module 603, and the second processing module 604 shown in fig. 6) corresponding to a method for authenticating an apparatus based on temporary identity credentials in an embodiment of the present application. The processor 701 executes various functional applications and data processing of the temporary identity certificate-based authentication device by running non-transitory software programs, instructions, and modules stored in the memory 702, i.e., implements the method of the temporary identity certificate-based authentication device in the above-described method embodiments.
The temporary identity certificate-based identity authentication device may further include: an input device 703 and an output device 704. The processor 701, the memory 702, the input device 703 and the output device 704 may be connected by a bus or otherwise, in fig. 7 by way of example.
The input device 703 may receive input numeric or character information and generate key signal inputs related to user settings and function control of the temporary identity certificate based authentication apparatus, such as a touch screen, a keypad, a mouse, or a plurality of mouse buttons, a trackball, a joystick, etc. The output means 704 may be an output device such as a display device of an authentication device based on the temporary identity certificate. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device may be a touch screen.
The identity authentication device based on the temporary identity certificate in the embodiment of the application can be used for executing the technical scheme in the above method embodiments of the application, and the implementation principle and the technical effect are similar, and are not repeated here.
The embodiment of the application also provides a computer readable storage medium, wherein computer execution instructions are stored in the computer readable storage medium, and the computer execution instructions are used for realizing the temporary identity certificate-based identity authentication method when being executed by a processor.
The embodiment of the application also provides a computer program product, which comprises a computer program, wherein the computer program is used for realizing the temporary identity certificate-based identity authentication method of any one of the above steps when being executed by a processor.
Fig. 8 is a schematic structural diagram of another identity authentication device based on temporary identity credentials according to an embodiment of the present application, which is applied to a third party blockchain node, as shown in fig. 8, where the device according to the embodiment of the present application includes: a second receiving module 801, a third processing module 802, a comparison module 803, and a fourth processing module 804. The temporary identity certificate-based identity authentication means may be a blockchain server or a chip or integrated circuit implementing the functions of the server. Here, the division of the second receiving module 801, the third processing module 802, the comparison module 803, and the fourth processing module 804 is just one logical function division, and both may be integrated or independent physically.
The second receiving module is used for receiving authentication information sent by the first blockchain participation node, wherein the authentication information is obtained by the first blockchain participation node in response to an authentication request sent by the second blockchain participation node; generating a temporary encryption key; the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological characteristic are subjected to third party public key encryption processing and first private key signature processing to obtain the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological characteristic;
The third processing module is used for decrypting the authentication information through a third party private key after the first private key signature is successfully verified, so as to obtain a first blockchain participation node identifier and a first biological characteristic;
the comparison module is used for comparing the first biological characteristics according to a preset biological characteristic library;
And the fourth processing module is used for issuing a temporary identity certificate to the first blockchain participation node if the comparison is successful, broadcasting the temporary identity certificate to the blockchain so that the first blockchain participation node acquires the temporary identity certificate and sending the temporary identity certificate to the second blockchain participation node, wherein the temporary identity certificate is used for the second blockchain participation node to carry out identity authentication on the first blockchain participation node.
Optionally, the comparison module is specifically configured to:
Inquiring in a preset biological characteristic library according to the first blockchain participation node identification in the authentication information, and determining a preset biological characteristic corresponding to the first blockchain participation node identification;
the preset biological characteristics are compared with the first biological characteristics.
Optionally, the fourth processing module is specifically configured to:
And issuing a temporary identity certificate signed by the third-party blockchain participation node to the first blockchain participation node, wherein the temporary identity certificate comprises a first blockchain participation node identifier, a second blockchain participation node identifier, current time information, a random number and an encryption result obtained by encrypting the random number by a temporary encryption key.
The embodiment of the application also provides the identity authentication equipment based on the temporary identity certificate, which is applied to the third-party blockchain node and can be a server. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not limiting of the implementations of the application described and/or claimed in this document.
The identity authentication device based on the temporary identity certificate comprises: the processor and memory, the various components are interconnected using different buses, and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions executed within the temporary identity certificate-based identity authentication device, including instructions stored in or on memory to display graphical information on an external input/output apparatus, such as a display device coupled to the interface. In other embodiments, multiple processors and/or multiple buses may be used, if desired, along with multiple memories and multiple memories.
The memory is used as a non-transitory computer readable storage medium for storing a non-transitory software program, a non-transitory computer executable program, and modules, such as program instructions/modules (e.g., the second receiving module 801, the third processing module 802, the comparing module 803, and the fourth processing module 804 shown in fig. 8) corresponding to the method of the temporary identity certificate-based authentication device in the embodiment of the present application. The processor executes various functional applications and temporary identity certificate-based authentication methods, i.e., methods of implementing the temporary identity certificate-based authentication device in the above-described method embodiments, by running non-transitory software programs, instructions, and modules stored in the memory.
The temporary identity certificate-based identity authentication device may further include: input means and output means. The processor, memory, input devices, and output devices may be connected by a bus or other means.
The input means may receive entered numeric or character information and generate key signal inputs related to user settings and function control of the temporary identity based authentication device, such as a touch screen, a keypad, a mouse, or a plurality of mouse buttons, a trackball, a joystick, etc. The output means may be an output device such as a display device of an authentication device based on the temporary identity certificate. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device may be a touch screen.
The identity authentication device based on the temporary identity certificate in the embodiment of the application can be used for executing the technical scheme in the above method embodiments of the application, and the implementation principle and the technical effect are similar, and are not repeated here.
The embodiment of the application also provides a computer readable storage medium, wherein computer execution instructions are stored in the computer readable storage medium, and the computer execution instructions are used for realizing the identity authentication method based on the temporary identity certificate when being executed by a processor.
The embodiment of the application also provides a computer program product, which comprises a computer program, wherein the computer program is used for realizing the temporary identity certificate-based identity authentication method of any one of the above steps when being executed by a processor.
Fig. 9 is a schematic structural diagram of another identity authentication device based on temporary identity credentials, which is applied to a second blockchain participating node according to an embodiment of the present application, where, as shown in fig. 9, the device according to an embodiment of the present application includes: a first transmitting module 901, a third receiving module 902 and an authenticating module 903. The temporary identity certificate-based identity authentication means may be a blockchain server or a chip or integrated circuit implementing the functions of the server. Here, the division of the first transmitting module 901, the third receiving module 902, and the authentication module 903 is merely a division of logic functions, and both may be integrated or independent physically.
The first sending module is used for sending an authentication request to the first blockchain participation node so that the first blockchain participation node responds to the authentication request to acquire a first biological characteristic of the first user; generating a temporary encryption key; performing third-party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological characteristic to obtain authentication information, and sending the authentication information to a third-party blockchain node; acquiring a temporary identity certificate, sending the temporary identity certificate to a second blockchain participation node, wherein the authentication information is used for decrypting the authentication information through a third party private key after the third party blockchain node successfully verifies the first private key signature to obtain a first blockchain participation node identifier and a first biological characteristic, comparing the first biological characteristic according to a preset biological characteristic library, if the comparison is successful, issuing the temporary identity certificate to the first blockchain participation node, and broadcasting the temporary identity certificate to a blockchain;
The third receiving module is used for receiving the temporary identity certificate sent by the first blockchain participation node;
and the authentication module is used for carrying out identity authentication on the first blockchain participation node according to the temporary identity certificate.
Optionally, the temporary identity certificate includes a first blockchain participation node identifier, a second blockchain participation node identifier, current time information, a random number, and an encryption result obtained by encrypting the random number by a temporary encryption key;
Correspondingly, the third receiving module is specifically configured to:
Receiving a temporary identity certificate and a temporary encryption key sent by a first blockchain participation node;
the authentication module is specifically used for:
Encrypting the random number in the temporary identity certificate according to the temporary encryption key to obtain an authentication encryption result;
and carrying out identity authentication on the first blockchain participating node according to the authentication encryption result and the encryption result obtained by encrypting the random number by the temporary encryption key.
The embodiment of the application also provides the identity authentication equipment based on the temporary identity certificate, which is applied to the second blockchain participation node and can be a server. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not limiting of the implementations of the application described and/or claimed in this document.
The identity authentication device based on the temporary identity certificate comprises: the processor and memory, the various components are interconnected using different buses, and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions executed within the temporary identity certificate-based identity authentication device, including instructions stored in or on memory to display graphical information on an external input/output apparatus, such as a display device coupled to the interface. In other embodiments, multiple processors and/or multiple buses may be used, if desired, along with multiple memories and multiple memories.
The memory is used as a non-transitory computer readable storage medium for storing a non-transitory software program, a non-transitory computer executable program, and modules, such as program instructions/modules (e.g., the first transmitting module 901, the third receiving module 902, and the authenticating module 903 shown in fig. 9) corresponding to the method of the temporary identity certificate-based authentication device in the embodiment of the present application. The processor executes various functional applications and temporary identity certificate-based authentication methods, i.e., methods of implementing the temporary identity certificate-based authentication device in the above-described method embodiments, by running non-transitory software programs, instructions, and modules stored in the memory.
The temporary identity certificate-based identity authentication device may further include: input means and output means. The processor, memory, input devices, and output devices may be connected by a bus or other means.
The input means may receive entered numeric or character information and generate key signal inputs related to user settings and function control of the temporary identity based authentication device, such as a touch screen, a keypad, a mouse, or a plurality of mouse buttons, a trackball, a joystick, etc. The output means may be an output device such as a display device of an authentication device based on the temporary identity certificate. The display device may include, but is not limited to, a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display, and a plasma display. In some implementations, the display device may be a touch screen.
The identity authentication device based on the temporary identity certificate in the embodiment of the application can be used for executing the technical scheme in the above method embodiments of the application, and the implementation principle and the technical effect are similar, and are not repeated here.
The embodiment of the application also provides a computer readable storage medium, wherein computer execution instructions are stored in the computer readable storage medium, and the computer execution instructions are used for realizing the identity authentication method based on the temporary identity certificate when being executed by a processor.
The embodiment of the application also provides a computer program product, which comprises a computer program, wherein the computer program is used for realizing the temporary identity certificate-based identity authentication method of any one of the above steps when being executed by a processor.
In the several embodiments provided in the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of elements is merely a logical functional division, and there may be additional divisions of actual implementation, e.g., multiple elements or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the application disclosed herein. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (13)

1. An identity authentication method based on a temporary identity certificate is characterized by being applied to a first blockchain participation node and comprising the following steps:
responding to an authentication request sent by a second blockchain participation node, and acquiring a first biological characteristic of a first user;
Generating a temporary encryption key;
Performing third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature to obtain authentication information, and sending the authentication information to a third party blockchain node so that the third party blockchain node decrypts the authentication information through a third party private key after the first private key signature is successfully verified to obtain the first blockchain participation node identifier and the first biological feature, compares the first biological feature according to a preset biological feature library, and if the comparison is successful, signs a temporary identity certificate for the first blockchain participation node and broadcasts the temporary identity certificate to a blockchain;
and acquiring the temporary identity certificate, and sending the temporary identity certificate to the second blockchain participation node so that the second blockchain participation node performs identity authentication on the first blockchain participation node according to the temporary identity certificate.
2. The method of claim 1, further comprising, prior to said obtaining said temporary identity certificate:
initiating a query fee payment application in the blockchain;
accordingly, after the sending the temporary identity certificate to the second blockchain participation node, the method further includes:
And acquiring inquiry fees in the blockchain, and carrying out payment processing according to the inquiry fees.
3. The method of claim 1 or 2, further comprising, prior to the obtaining the first biometric of the first user in response to the authentication request sent by the second blockchain participating node:
And registering verification information in a third-party blockchain node, wherein the verification information comprises the corresponding relation between the biological characteristic data and the identity information of the first user.
4. The method of claim 3, further comprising, after the authentication information registration at the third party blockchain node:
And receiving a third party blockchain identification and a third party public key sent by the third party blockchain node.
5. The identity authentication method based on the temporary identity certificate is characterized by being applied to a third-party blockchain node and comprising the following steps of:
Receiving authentication information sent by a first blockchain participation node, wherein the authentication information is a first biological characteristic of a first user obtained by the first blockchain participation node in response to an authentication request sent by a second blockchain participation node; generating a temporary encryption key; the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature are subjected to third party public key encryption processing and first private key signature processing to obtain the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature;
After the first private key signature is successfully verified, decrypting the authentication information through a third-party private key to obtain a first blockchain participation node identifier and a first biological characteristic;
Comparing the first biological characteristics according to a preset biological characteristic library;
If the comparison is successful, a temporary identity certificate is issued to the first blockchain participation node, the temporary identity certificate is broadcasted to the blockchain, so that the first blockchain participation node acquires the temporary identity certificate, the temporary identity certificate is sent to the second blockchain participation node, and the temporary identity certificate is used for the second blockchain participation node to carry out identity authentication on the first blockchain participation node.
6. The method of claim 5, wherein the comparing the first biometric characteristic according to a pre-set biometric characteristic library comprises:
Inquiring in a preset biological characteristic library according to a first blockchain participation node identifier in the authentication information, and determining a preset biological characteristic corresponding to the first blockchain participation node identifier;
Comparing the preset biological characteristic with the first biological characteristic.
7. The method according to claim 5 or 6, wherein said issuing a temporary identity certificate to the first blockchain participating node comprises:
Issuing a temporary identity certificate signed by the third party blockchain participation node to the first blockchain participation node, wherein the temporary identity certificate comprises the first blockchain participation node identification, the second blockchain participation node identification, current time information, a random number and an encryption result obtained by encrypting the random number through the temporary encryption key.
8. An identity authentication method based on a temporary identity certificate, which is applied to a second blockchain participation node, comprises the following steps:
Sending an authentication request to a first blockchain participation node so that the first blockchain participation node responds to the authentication request to acquire a first biological characteristic of a first user; generating a temporary encryption key; performing third-party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identifier, the second blockchain participation node identifier and the first biological feature to obtain authentication information, and sending the authentication information to a third-party blockchain node; acquiring a temporary identity certificate, and sending the temporary identity certificate to a second blockchain participation node, wherein the authentication information is used for decrypting the authentication information through a third party private key after the third party blockchain node successfully verifies the first private key signature to obtain a first blockchain participation node identifier and a first biological characteristic, comparing the first biological characteristic according to a preset biological characteristic library, if the comparison is successful, issuing the temporary identity certificate to the first blockchain participation node, and broadcasting the temporary identity certificate to a blockchain;
Receiving a temporary identity certificate sent by the first blockchain participation node;
And authenticating the identity of the first blockchain participation node according to the temporary identity certificate.
9. The method of claim 8, wherein the temporary identity certificate comprises the first blockchain participation node identification, the second blockchain participation node identification, current time information, a random number, and an encryption result obtained by encrypting the random number with the temporary encryption key;
Correspondingly, receiving the temporary identity certificate sent by the first blockchain participation node comprises the following steps:
receiving a temporary identity certificate and the temporary encryption key sent by the first blockchain participation node;
The step of authenticating the identity of the first blockchain participation node according to the temporary identity certificate comprises the following steps:
Encrypting the random number in the temporary identity certificate according to the temporary encryption key to obtain an authentication encryption result;
And authenticating the identity of the first blockchain participation node according to the authentication encryption result and the encryption result obtained by encrypting the random number by the temporary encryption key.
10. An identity authentication method based on a temporary identity certificate, which is applied to an identity authentication system comprising a first blockchain participation node, a second blockchain participation node and a third party blockchain node, the method comprising:
the second blockchain participation node sends an authentication request to the first blockchain participation node;
the first blockchain participation node responds to an authentication request sent by the second blockchain participation node to acquire a first biological characteristic of a first user;
The first blockchain participating node generates a temporary encryption key;
The first blockchain participation node carries out third party public key encryption processing and first private key signature processing on the temporary encryption key, the first blockchain participation node identification, the second blockchain participation node identification and the first biological feature to obtain authentication information;
The first blockchain participation node sends the authentication information to a third party blockchain node;
after the first private key signature is successfully verified, the third-party blockchain node decrypts the authentication information through the third-party private key to obtain a first blockchain participation node identifier and a first biological characteristic;
The third-party blockchain node compares the first biological characteristics according to a preset biological characteristic library;
If the third-party blockchain node successfully compares, a temporary identity certificate is issued to the first blockchain participation node, and the temporary identity certificate is broadcasted to the blockchain;
the first blockchain participation node acquires the temporary identity certificate and sends the temporary identity certificate to the second blockchain participation node;
The second blockchain participation node receives the temporary identity certificate sent by the first blockchain participation node;
And the second blockchain participation node performs identity authentication on the first blockchain participation node according to the temporary identity certificate.
11. An authentication device based on a temporary identity certificate, comprising:
at least one processor; and
A memory communicatively coupled to the at least one processor; wherein,
The memory stores instructions executable by the at least one processor to enable the at least one processor to perform any one of claims 1 to 4, any one of claims 5 to 7, or any one of claims 8 or 9.
12. A computer readable storage medium, characterized in that the computer readable storage medium has stored therein computer executable instructions for implementing the temporary identity certificate based identity authentication method according to any one of claims 1 to 4, any one of claims 5 to 7 or any one of claims 8 or 9 when executed by a processor.
13. A computer program product comprising a computer program, characterized in that the computer program, when executed by a processor, implements the method of any one of claims 1 to 4, any one of claims 5 to 7, or any one of claims 8 or 9.
CN202210700339.7A 2022-06-20 2022-06-20 Identity authentication method, device, equipment and medium based on temporary identity certificate Active CN115396087B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210700339.7A CN115396087B (en) 2022-06-20 2022-06-20 Identity authentication method, device, equipment and medium based on temporary identity certificate

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210700339.7A CN115396087B (en) 2022-06-20 2022-06-20 Identity authentication method, device, equipment and medium based on temporary identity certificate

Publications (2)

Publication Number Publication Date
CN115396087A CN115396087A (en) 2022-11-25
CN115396087B true CN115396087B (en) 2024-04-30

Family

ID=84116571

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210700339.7A Active CN115396087B (en) 2022-06-20 2022-06-20 Identity authentication method, device, equipment and medium based on temporary identity certificate

Country Status (1)

Country Link
CN (1) CN115396087B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682378A (en) * 2017-11-22 2018-02-09 国民认证科技(北京)有限公司 A kind of real name identification method and system based on block chain
CN108876374A (en) * 2018-06-29 2018-11-23 全链通有限公司 The network identity certificate authentication method and system of block chain
CN109067801A (en) * 2018-09-29 2018-12-21 平安科技(深圳)有限公司 A kind of identity identifying method, identification authentication system and computer-readable medium
CN109359691A (en) * 2018-10-24 2019-02-19 全链通有限公司 Auth method and system based on block chain
CN110569658A (en) * 2019-09-12 2019-12-13 腾讯科技(深圳)有限公司 User information processing method and device based on block chain network, electronic equipment and storage medium
CN110611569A (en) * 2019-09-24 2019-12-24 腾讯科技(深圳)有限公司 Authentication method and related equipment
CN112688786A (en) * 2021-03-19 2021-04-20 中企链信(北京)科技有限公司 Evidence construction and real-name identity authentication method based on block chain
CN113438212A (en) * 2021-06-08 2021-09-24 广州酷风技术开发有限公司 Block chain node-based communication security management method and block chain security system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106487511B (en) * 2015-08-27 2020-02-04 阿里巴巴集团控股有限公司 Identity authentication method and device
WO2020082078A1 (en) * 2018-10-19 2020-04-23 Digital Asset (Switzerland) GmbH Privacy preserving validation and commit architecture

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107682378A (en) * 2017-11-22 2018-02-09 国民认证科技(北京)有限公司 A kind of real name identification method and system based on block chain
CN108876374A (en) * 2018-06-29 2018-11-23 全链通有限公司 The network identity certificate authentication method and system of block chain
CN109067801A (en) * 2018-09-29 2018-12-21 平安科技(深圳)有限公司 A kind of identity identifying method, identification authentication system and computer-readable medium
CN109359691A (en) * 2018-10-24 2019-02-19 全链通有限公司 Auth method and system based on block chain
CN110569658A (en) * 2019-09-12 2019-12-13 腾讯科技(深圳)有限公司 User information processing method and device based on block chain network, electronic equipment and storage medium
CN110611569A (en) * 2019-09-24 2019-12-24 腾讯科技(深圳)有限公司 Authentication method and related equipment
CN112688786A (en) * 2021-03-19 2021-04-20 中企链信(北京)科技有限公司 Evidence construction and real-name identity authentication method based on block chain
CN113438212A (en) * 2021-06-08 2021-09-24 广州酷风技术开发有限公司 Block chain node-based communication security management method and block chain security system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Blockchain Based Mutual Authentication for VoIP Applications with Biometric Signatures;Mustafa Kara等;2021 6th International Conference on Computer Science and Engineering (UBMK);20211013;全文 *
基于区块链和多因子结合的身份认证方案;缪文豪等;计算机仿真;20220515;全文 *

Also Published As

Publication number Publication date
CN115396087A (en) 2022-11-25

Similar Documents

Publication Publication Date Title
CN110086608B (en) User authentication method, device, computer equipment and computer readable storage medium
CN109067801B (en) Identity authentication method, identity authentication device and computer readable medium
JP6547079B1 (en) Registration / authorization method, device and system
US20190199535A1 (en) Secure processing of an authorization verification request
EP2732400B1 (en) Method and system for verifying an access request
CN111435913B (en) Identity authentication method and device for terminal of Internet of things and storage medium
KR101571225B1 (en) Method and device for anonymous entity identification
CN103716167A (en) Method and device for safely collecting and distributing transmission keys
CN102098317A (en) Data transmitting method and system applied to cloud system
JPWO2020050390A1 (en) Right holder terminal, user terminal, right holder program, user program, content use system and content use method
CN112910660B (en) Certificate issuing method, adding method and transaction processing method of blockchain system
WO2020115748A1 (en) Secure consensus over a limited connection
CN110944301A (en) Intelligent cell equipment monitoring system based on block chain and key management method
CN111989892B (en) Authentication system and computer-readable recording medium
CN107248997B (en) Authentication method based on intelligent card under multi-server environment
CN115150072A (en) Cloud network issuing authentication method, equipment, device and storage medium
CN101873328A (en) Multipartite contract signing method based on aggregated signature
CN111937348B (en) Authentication system and computer-readable recording medium
KR20200016506A (en) Method for Establishing Anonymous Digital Identity
CN115150071A (en) Identity authentication method, device, equipment and storage medium
CN116915480A (en) Electric power internet of things safety management method and system
CN115396087B (en) Identity authentication method, device, equipment and medium based on temporary identity certificate
Vakarjuk et al. Russian federal remote E-voting scheme of 2021–protocol description and analysis
CN112507369B (en) Service processing method and device based on block chain, readable medium and electronic equipment
CN115150086A (en) Identity authentication method and equipment of public key based on biological characteristics of cloud service

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant