CN115964755B

CN115964755B - Data authorization and verification method, device, equipment and storage medium

Info

Publication number: CN115964755B
Application number: CN202310257660.7A
Authority: CN
Inventors: 荆博
Original assignee: Beijing Baidu Netcom Science and Technology Co Ltd
Current assignee: Beijing Baidu Netcom Science and Technology Co Ltd
Priority date: 2023-03-09
Filing date: 2023-03-09
Publication date: 2023-05-26
Anticipated expiration: 2043-03-09
Also published as: CN115964755A

Abstract

The present disclosure provides a method, an apparatus, a device, and a storage medium for data authorization and verification, which relate to the field of computer technology, and in particular, to a blockchain technology. The specific implementation scheme is as follows: acquiring a data authorization request aiming at target data and sent by a data demand party; generating a standard decentralised identity DID document in response to the data authorization request; the standard DID document comprises a standard attribute root, and each attribute field and corresponding attribute value of the target data under different application scenes; the attribute field is in a hidden state or a display state; the standard attribute root is the root of a standard merck tree constructed based on hash values of the attribute values corresponding to the attribute fields. According to the technology disclosed by the invention, the reliability of the DID document and the safety of carried data are improved.

Description

Data authorization and verification method, device, equipment and storage medium

Technical Field

The present disclosure relates to the field of computer technology, and in particular, to blockchain technology.

Background

With the continuous development of the information age, the data volume held by different data holders is increasing, and the data communication demands between the data holders are increasing. The development of computer network technology provides convenience for data interaction among different data holders, and also provides a test for the security of the data interaction process.

Disclosure of Invention

The present disclosure provides a data authorization and verification method, apparatus, device and storage medium.

According to an aspect of the present disclosure, there is provided a data authorization method applied to an identity authority, including:

acquiring a data authorization request aiming at target data and sent by a data demand party;

generating a standard decentralised identity DID document in response to the data authorization request;

the standard DID document comprises a standard attribute root, and each attribute field and corresponding attribute value of the target data under different application scenes; the attribute field is in a hidden state or a display state;

the standard attribute root is the root of a standard merck tree constructed based on hash values of the corresponding attribute values of the attribute fields.

According to another aspect of the present disclosure, there is also provided a data verification method applied to a data demander, including:

acquiring a standard decentralised identity DID document generated by an identity authority for target data; the standard DID document is generated by adopting any data authorization method provided by the embodiment of the disclosure;

constructing a reference merck tree according to hash values of attribute values corresponding to all attribute fields in the standard DID document;

Determining hidden attribute fields in a hidden state and display attribute fields in a display state in all attribute fields according to actual application scenes;

hiding attribute values corresponding to the hidden attribute fields in the standard DID document to obtain a reference DID document comprising attribute values corresponding to the display attribute fields;

and sending the data to be verified, which comprises the reference DID document, the reference merck tree and the hash value of the attribute value corresponding to the hidden attribute field, to an identity verifier for verifying the standard attribute root in the reference DID document.

According to another aspect of the present disclosure, there is also provided a data authentication method applied to an authentication party, including:

acquiring data to be verified sent by a data requiring party; the data to be verified is generated by adopting any data verification method provided by the embodiment of the disclosure;

and verifying the standard attribute root in the reference decentralised identity DID document in the data to be verified according to the reference merck tree in the data to be verified, the hash value of the attribute value corresponding to the hidden attribute field and the attribute value corresponding to the display attribute field.

According to another aspect of the present disclosure, there is also provided an electronic apparatus including:

at least one processor; and

A memory communicatively coupled to the at least one processor; wherein, the liquid crystal display device comprises a liquid crystal display device,

the memory stores instructions executable by the at least one processor to enable the at least one processor to perform at least one of the data authorization method and the data verification method provided by embodiments of the present disclosure.

According to another aspect of the present disclosure, there is also provided a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform at least one of the data authorization method and the data verification method provided according to the embodiments of the present disclosure.

According to the technology disclosed by the invention, the reliability of the DID document and the safety of carried data are improved.

It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following specification.

Drawings

The drawings are for a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:

FIG. 1A is a block diagram of a data processing system provided by an embodiment of the present disclosure;

FIG. 1B is a flow chart of a method of data authorization provided by an embodiment of the present disclosure;

FIG. 2 is a flow chart of a data verification method provided by an embodiment of the present disclosure;

FIG. 3 is a flow chart of another data verification method provided by an embodiment of the present disclosure;

FIG. 4A is a flow chart of a method of data authorization interaction provided by an embodiment of the present disclosure;

FIG. 4B is a block diagram of a standard DID document provided by an embodiment of the disclosure;

FIG. 4C is a flow chart of a data verification interaction method provided by an embodiment of the present disclosure;

FIG. 4D is a schematic diagram of a reference merck tree provided by an embodiment of the present disclosure;

FIG. 4E is a schematic diagram of a current merck tree provided by an embodiment of the present disclosure;

fig. 5 is a block diagram of a data authorization apparatus provided in an embodiment of the present disclosure;

fig. 6 is a block diagram of a data verification apparatus provided in an embodiment of the present disclosure;

FIG. 7 is a block diagram of another data verification device provided by an embodiment of the present disclosure;

fig. 8 is a block diagram of an electronic device for implementing a data authorization method and/or a data verification method of an embodiment of the present disclosure.

Detailed Description

Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and should be considered as merely exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.

For clarity of presentation of the technical solutions of the present disclosure, a detailed description of a data processing system related to the present disclosure is first provided.

Referring to the data processing system shown in fig. 1A, there is shown an identity authority 10, a data demander 20 and an identity verifier 30. Wherein the data consumer 20 is communicatively connected to the identity authority 10 and the identity verifier 30, respectively.

Wherein the identity authority 10 issues a DID (Decentralized Identification, de-centralized identity) document for the target data to the data demander 20 to enable the data demander to have the use authority of the target data; the data demander 20 generates data to be verified according to the DID document, and sends the data to be verified to the identity verifier 30; the authentication party 30 authenticates the data to be authenticated, thereby determining whether the data demander 30 has the right to use the target data.

The identity authority 10 may be a data holder of the target data, or may supervise the data holder of the target data, and may perform identity authorization of data usage to the data requiring party 20 or further revoke the authorized identity with respect to the target data held by the data holder by the identity authority 10.

The data demander 20 can be understood as a service processor that performs setting service processing based on target data. In an alternative embodiment, the data demander 20 may be a member node of a computing network constructed according to a convention for performing unified distributed computing. In a particular embodiment, the computing network may be a multiparty collaborative computing network and, accordingly, the data demander 20 may be a computing node in the multiparty collaborative computing network to adapt the multiparty collaborative computing scenario. Alternatively, the multiparty collaborative computing network may be used to perform at least one of multiparty data collaborative computing and decentralised machine learning, etc.

The authentication party 30 may be a data encryption partition for storing the target data itself or splitting the target data.

On the basis of the data processing system, the present disclosure provides data interaction methods corresponding to different execution subjects, including a data authorization method corresponding to an identity authorizer, a data demander, and a data verification method corresponding to an identity verifier, which will be described in detail below.

First, each data authorization method provided by the present disclosure will be described.

The data authorization method provided by the disclosure is suitable for a data authorization scene that an identity authorization party performs target data on a data demand party, and the method can be executed by a data authorization device which can be realized by software and/or hardware and is specifically configured in electronic equipment.

Referring to fig. 1B, the data authorization method is applied to an identity authorizer, and includes:

s101, acquiring a data authorization request for target data sent by a data requiring party.

It should be noted that, the specific presentation form, the sending mode and the obtaining mode of the data authorization request are not limited in this disclosure, and only the data authorization request is ensured to be capable of representing the data requiring party and the data authorization requirement for the target data is required.

S102, generating a standard DID document in response to the data authorization request.

The DID may be understood as a digital identity implemented based on a blockchain technology that enables users to own and manage autonomously. The DID document refers to a description document of the DID for recording at least one identity attribute of the DID. The standard DID document may be understood as a DID document that is specifically generated by the identity authority for the data demander and is specific to the usage right of the target data.

Alternatively, the standard DID document may include at least one of a base attribute, an interaction attribute, a standard attribute root, and other attributes, etc.

The basic attribute may include at least one of DID identification, version information, creation time, verification manner, and the like. The DID identifier is used for uniquely representing the content of the DID document, and can be a digital abstract for example; version information for distinguishing versions of different DID documents; creation time, which characterizes the generation time of the DID document. The verification mode is used for limiting a verification mechanism of the DID document, and can be set or adjusted by a technician according to needs or experience, and the specific verification mode is not limited in the disclosure. For example, the verification method may be to verify the signature of the DID document based on ECDSA (Elliptic Curve Digital Signature Algorithm ).

The interaction attribute is used for representing attribute information required in the data interaction process after the DID document is authorized for certain interaction behavior. The interaction behavior may include at least one of a communication connection behavior, a data extraction behavior, a data inspection behavior, and the like. Application scenes corresponding to different interaction behaviors are different; correspondingly, the attribute fields adapted in different application scenarios are also different. The attribute field may be in a hidden state or a display state. Wherein, the attribute field in the hidden state corresponds to the attribute value to be hidden or not to be displayed, and the attribute field in the hidden state can be normally displayed, hidden or not to be displayed; the attribute field in the display state and the attribute value thereof are normally displayed.

It can be understood that by setting the hidden state and the display state, the attribute values corresponding to different attribute fields in the standard DID document can be displayed as required, so that the condition of attribute value leakage is avoided, and the safety of the attribute values in the standard DID document is improved.

For example, the interaction attribute may include communication key information for establishing a secure communication connection in a communication connection scenario; accordingly, the attribute value of the communication key information may be a communication key ciphertext.

For example, the interaction attribute may include data restoration information for performing target data restoration in the data extraction scenario; accordingly, the attribute value of the data restoration information may include at least one of storage location information of the data encryption fragment of the target data, a reverse restoration method of restoring the target data based on the data encryption fragment, and the like.

By way of example, the interaction attribute may include business identification information, audit flow information, etc. in a data audit scenario for business verification and audit flow verification, etc. by the auditor.

It can be understood that by setting different interaction attributes for different application scenes and adding the interaction attributes to the standard DID document, the expandability and the universality of the standard DID document are improved.

The standard attribute root may be a root of a merck tree that is built based on hash values of attribute values corresponding to attribute fields in the interaction attribute. When any attribute value in the standard DID document changes, the standard attribute root is caused to change, so that the standard attribute root can be used as a verification basis for the attribute value corresponding to the attribute field.

Other attributes can be used as an attribute expansion interface of the standard DID document, so that attribute expansion of the standard DID document can be conveniently carried out subsequently.

By way of example, other attributes may include a declaration attribute for making additional notes to the present DID document, a previously generated DID document, or a DID document specified by a preset field by way of adding a preset declaration field. For example, the preset declaration field may be a revocation field, in which revocation declaration information is added for characterizing revocation of an authorized identity for the present DID document, the previously generated DID document, or the DID document specified by the preset field, thereby indicating that the corresponding DID document is invalid. In a specific example, a revocation field may be added to a standard DID document to declare that the authorized identity of the latest DID document generated in advance is revoked, so that the method of directly modifying the DID document itself is replaced by a method of newly adding the DID document, so that the granted identity is effectively revoked, the non-modifiable property of the DID document is ensured, and meanwhile, the identity revocation capability is reserved, so that timely grant of the expired DID is facilitated, and the security of the DID is further improved.

By way of example, other attributes may include a validity period attribute for defining a validity period of the present DID document by adding a validity period field. Wherein the validity period field may include at least two of a valid start time, a valid end time, and a valid duration. By the method, timeliness of the DID document is guaranteed, and meanwhile convenience and flexibility are better.

According to the embodiment of the disclosure, the hidden state or the display state of the attribute field is introduced, so that the on-demand display of the attribute field in the standard DID document can be realized, the excessive display of the attribute value in the standard DID document is avoided, and the safety of the attribute value in the standard DID document is improved. Meanwhile, the root of the standard merck tree constructed based on the hash value of the attribute value corresponding to each attribute field is added in the standard DID document, so that the accuracy verification of the attribute value corresponding to the attribute field can be realized, and the reliability and accuracy of the standard DID document are improved.

In an alternative embodiment, the root signature of the standard attribute root may also be included in the standard DID document; the root signature is identical to the public signature verification key employed for document signatures of standard DID documents. When signature verification is carried out on the standard DID document, the integral validity of the standard DID document is ensured by verifying the document signature; and verifying the root signature to ensure the local validity of the attribute value corresponding to the attribute field in the standard DID document.

In an alternative embodiment, a standard merck tree may be constructed in the following manner: determining hash values of attribute values corresponding to all attribute fields in the standard DID document; hash the hash value corresponding to each attribute field in pairs to construct a standard merck tree.

Because the corresponding hash values of different attribute fields have different node orders in the merck tree, the result of the finally constructed standard merck tree is different, and the standard attribute root of the standard merck tree is affected.

In a specific implementation manner, the total attribute fields and the sequence of the attribute fields in the standard DID document can be unified in advance, the sequence of the attribute fields unified in advance is adopted in the follow-up, hash values corresponding to the corresponding attribute fields are hashed in pairs, and a standard merck tree is constructed, so that the reproducibility of the standard merck tree is ensured.

In another specific implementation manner, the standard DID document also comprises ordering parameter information; correspondingly, determining the hash value corresponding to each attribute field according to the ordering parameter information, and determining the standard node rank in the standard merck tree; and constructing a standard merck tree according to the standard node level of each attribute field and the hash value of the corresponding attribute value.

The sorting parameter information is used for indicating the sorting order of the attribute fields. Alternatively, the ordering parameter information may include ordering, such as positive or negative ordering, etc. Or alternatively, the ordering parameter information may include a sequence of ordering orders of the attribute fields.

The standard node rank is used for representing the node position or the node sequence of the hash value corresponding to each attribute field in the node corresponding to the constructed standard merck tree.

Illustratively, determining the ordering order of the attribute fields according to the ordering parameter information, and taking the ordering order as the standard node rank of each attribute field; sorting hash values of attribute values corresponding to the attribute fields according to standard node orders of the attribute fields; and carrying out hash on each hash value in the sequence every two, and constructing a standard merck tree.

It can be understood that by introducing the ordering parameter information to assist in constructing the standard merck tree, the reproducibility of the standard merck tree is ensured, and meanwhile, the full attribute fields and the sequence of the attribute fields in the standard DID document are not required to be unified in advance, so that the flexibility of the standard DID document is improved, the data volume of the ordering parameter information in the standard DID document is reduced, the weight of the standard DID document is ensured, and the bandwidth loss in the transmission process of the subsequent standard DID document is reduced.

In an alternative embodiment, standard merck tree construction may be performed using a pre-agreed hash algorithm when constructing standard DID documents. The hash algorithm may include a first hash algorithm used for determining a hash value of the attribute value corresponding to the attribute field, and/or a second hash algorithm used for performing pairwise hash on the attribute value. The first hash algorithm and the second hash algorithm may be the same or different, and the present disclosure is not limited in any way.

In another alternative embodiment, the standard DID document may also include a preset hash algorithm used in building the standard merck tree. Wherein the preset hash algorithm may include at least one, and the number of the preset hash algorithms may be at least one among different ones. The preset hash algorithm may include a first hash algorithm used for determining a hash value of the attribute value corresponding to the attribute field, and/or a second hash algorithm used for performing pairwise hash on the attribute value. Wherein, the first hash algorithm adopted by the attribute values corresponding to the attribute fields can be the same or at least partially different; the second hash algorithm used for the pairwise hashing may be the same or at least partially different, and this disclosure is not limited in any way. Correspondingly, a preset hash algorithm is adopted, and a standard merck tree is constructed according to hash values of attribute values corresponding to all attribute fields in the standard DID document.

It can be understood that by introducing the preset hash algorithm into the standard DID document, the diversity of the hash algorithms adopted by different standard DID documents is ensured, so that the determination difficulty of the hash algorithm of the standard DID document is increased, the derivation difficulty of the standard attribute root is further improved, and the safety and reliability of the standard DID document are improved.

Because the range of the attribute values corresponding to part of the attribute fields is relatively fixed, the attribute values can be back calculated in a permutation and combination mode and the like, so that the standard attribute root corresponding to the standard merck tree can be deduced. In order to increase the derivation difficulty of the standard attribute root, derivative parameter information can be introduced into the standard DID document to assist in constructing a standard merck tree.

In an alternative embodiment, standard derived parameter values for each attribute field are determined separately from the derived parameter information; updating the hash value of the corresponding attribute field according to the standard derivative parameter value of the attribute field; and constructing a standard merck tree according to the updated hash value corresponding to each attribute field.

The derived parameter information is used as a generation basis of hash values adopted in the construction of the standard merck tree, and certain randomness is introduced on the basis of the hash values of the attribute values, so that the derivation difficulty of the standard merck tree is increased. Optionally, the derived parameter information may be a parameter sequence including standard derived parameter values corresponding to different attribute fields, for assisting in updating hash values of the different attribute fields; or alternatively, the derived parameter information may include basic derived data for uniformly deriving standard derived parameter values corresponding to different attribute fields, and for updating hash values of the corresponding attribute fields.

In a specific implementation, the derived parameter information may include a random seed ciphertext corresponding to the random seed plaintext; correspondingly, standard derived parameters of each attribute field are respectively generated according to the random seed plaintext. The method has the advantages that the data quantity of the derived parameter information in the standard DID document is reduced, the weight reduction of the standard DID document is ensured, and the bandwidth loss in the transmission process of the subsequent standard DID document is reduced.

Alternatively, a data deriving algorithm that is uniformly agreed in advance may be adopted, and standard derived parameters of each attribute field are respectively generated according to the random seed plaintext. Wherein the data derivation algorithms adopted in the generation of different standard DID documents are the same. Wherein the data-derived algorithm may be implemented using at least one algorithm of the prior art, which is not limited in any way by the present disclosure. For example, a random number generation algorithm may be used.

Or alternatively, the derived parameter information may further include a preset derived algorithm; and respectively generating standard derivative parameter values of each attribute field according to the random seed plaintext by adopting the preset derivative algorithm. The preset derivative algorithms adopted in the generation of the DID documents with different standards are set by themselves and can be the same or different. The preset deriving algorithm may be implemented by at least one algorithm in the prior art, which is not limited in this disclosure. For example, a random number generation algorithm may be used.

It can be understood that by introducing a preset derivative algorithm into the standard DID document, the diversity of derivative algorithms adopted by different standard DID documents is ensured, so that the randomness of the hash algorithm of the standard DID document is increased, the deducing difficulty of the standard attribute root is further improved, and the safety and reliability of the standard DID document are improved.

It should be noted that, the random seed adopted in the derived parameter information is stored in a manner of ciphertext to replace plaintext, so that potential safety hazards caused by leakage of the random seed are avoided.

Alternatively, the random seed ciphertext may be generated based on the public key of the data demander; accordingly, the data requesting party may obtain based on its own private key for subsequent use.

Or alternatively, the random seed ciphertext can be obtained by encrypting the random seed plaintext by the identity authority according to an encryption key generated by the identity authority according to the private key of the identity authority and the public key of the data requiring party. Correspondingly, the data requiring party can decrypt the random seed ciphertext according to the decryption key generated by the private key and the public key of the identity authority to obtain a random seed plaintext for subsequent use.

Illustratively, the identity authority may generate a symmetric encryption key based on an ECDH (Elliptic Curve Diffie-Hellman key Exchange ) algorithm according to a private key of the identity authority and a public key of the data demander, and use the generated result as the encryption key to encrypt a random seed plaintext to obtain a random seed ciphertext. Correspondingly, the data demander can generate a symmetric encryption key based on the ECDH algorithm according to the private key of the data demander and the public key of the identity authority, and the generated result is used as a decryption key for decrypting the random seed ciphertext to obtain the random seed plaintext.

It can be understood that by introducing the private key of the identity authority and the public key of the data demand party, the encryption key which can be obtained only by the data demand party is generated, so that the encryption key is prevented from being cracked by other parties, the security of the encryption key is improved, the security of a random seed plaintext is improved, and the deducing difficulty of a standard attribute root is further improved. Meanwhile, the encryption key and the decryption key adopted in the subsequent decryption are symmetric keys, so that convenience in the encryption and decryption process is improved.

Optionally, for each attribute field, a standard derivative parameter value of the attribute field may be adopted to update a corresponding attribute value, and a hash value of the updated result is used as a standard attribute hash of the attribute field; and hashing each standard attribute in every two hash, and constructing to obtain a standard merck tree. The updating manner may adopt at least one of the existing technologies, such as data splicing or function operation, and the disclosure does not limit the adopted specific updating manner. The hash algorithm adopted in the construction of the standard merck tree can be pre-agreed or added in the standard DID document.

Or alternatively, for each attribute field, the hash value of the corresponding attribute value may be updated by using the standard derivative parameter value of the attribute field, and the hash value of the updated result is used as the standard attribute hash of the attribute field; and carrying out hash on each standard attribute in pairs to construct a standard merck tree. The updating manner may adopt at least one of the existing technologies, such as data splicing or function operation, and the disclosure does not limit the adopted specific updating manner. The hash algorithm adopted in the construction of the standard merck tree can be pre-agreed or added in the standard DID document.

According to the embodiment of the disclosure, the derived parameter information is introduced into the standard DID document to generate the standard derived parameter values of all attribute fields, so that after the hash value of the corresponding attribute value is updated through the standard derived parameter values of all attribute fields, a standard merck tree is constructed, instead of directly adopting the hash value of the attribute value corresponding to the attribute field to construct the standard merck tree, the randomness of the generation process of the hash value corresponding to all attribute fields in the standard merck tree is increased, the derivation difficulty of the standard attribute root corresponding to the standard merck tree is increased, and the reliability and safety of the standard DID document are further improved.

The above description has been made in detail on the data authorization method using the identity authorized party as the execution subject. Hereinafter, the data verification process will be described in detail with the data demander as an execution subject.

The data verification method provided by the disclosure is suitable for the scene that the identity verification party performs DID document verification in the process that the data demand party uses target data based on the DID document. The method may be performed by a data verification device, which may be implemented in software and/or hardware and which is specifically configured in an electronic device. It should be noted that, in the embodiments of the present disclosure, details not described in detail may be referred to in related descriptions of other embodiments, which are not described herein.

Referring to fig. 2, a data verification method is applied to a data demander, and includes:

s201, acquiring a standard DID document generated by an identity authority for target data.

The standard DID document is generated by any data authorization method provided by the embodiment of the disclosure.

S202, constructing a reference merck tree according to hash values of attribute values corresponding to all attribute fields in the standard DID document.

Determining hash values of attribute values corresponding to all attribute fields in the standard DID document; hash the hash value corresponding to each attribute field by two, and construct a reference merck tree to serve as a verification basis of the subsequent DID document. Because the data and the construction mode adopted in the construction process of the reference merck tree are the same as those in the construction process of the standard merck tree, the constructed reference merck tree is the same as that of the standard merck tree.

S203, determining hidden attribute fields in a hidden state and display attribute fields in a display state in all attribute fields according to the actual application scene.

S204, hiding attribute values corresponding to the hidden attribute fields in the standard DID document to obtain a reference DID document comprising attribute values corresponding to the display attribute fields.

The actual application scene may be at least one of application scenes corresponding to attribute fields contained in the standard DID document. Because the attribute fields adapted under different application scenes are different, each attribute field in the standard DID document can be divided into a hidden attribute field in a hidden state and a display attribute field in a display state by determining the attribute field adapted under the actual application scene. Wherein, the hidden attribute field in the hidden state corresponds to the attribute value, and is displayed or not displayed, and the hidden attribute field in the hidden state can be displayed normally, abnormally or not; the display attribute field in the display state and the attribute value thereof are normally displayed.

In an alternative embodiment, an attribute field related to an actual application scenario may be used as the display attribute field; and taking the attribute field irrelevant to the actual application scene as a hidden attribute field. Correspondingly, hiding the attribute values corresponding to the hidden attribute fields in the standard DID document, and/or displaying the attribute values corresponding to the display attribute fields in the standard DID document only to obtain the reference DID document.

For example, if the actual application scenario includes a communication connection scenario, the display attribute field may include communication key information for establishing a secure communication connection; accordingly, the attribute value of the communication key information may be a communication key ciphertext.

For example, if the actual application scenario includes a data extraction scenario, the display attribute field may include data restoration information for performing target data restoration; accordingly, the attribute value of the data restoration information may include at least one of storage location information of the data encryption fragment of the target data, a reverse restoration method of restoring the target data based on the data encryption fragment, and the like.

For example, if the actual application scenario includes a data review scenario, the display attribute field may include service identification information, review flow information, and the like, for the reviewer to perform service verification, review flow verification, and the like.

It can be understood that the display attribute field and the hidden attribute field are determined according to different actual application scene settings and are used for indicating part of attribute values in the hidden standard DID document, so that the on-demand display of the attribute values in the standard DID document is realized, and the security of the attribute values corresponding to the attribute fields in the standard DID document is improved.

S205, sending to-be-verified data comprising the reference DID document, the reference Merker tree and the hash value of the attribute value corresponding to the hidden attribute field to an identity verifier for verifying the standard attribute root in the reference DID document.

The data demander generates data to be verified, including a reference DID document, a reference merck tree, and a hash value of an attribute value corresponding to a hidden attribute field, and sends the data to be verified to the identity verifier in combination with a service request when a service process related to the target data needs to be executed; the authentication party authenticates the standard attribute root in the reference DID document according to the hash value of the attribute value corresponding to the reference merck tree and the hidden attribute field, and responds to the service request under the condition that the authentication is passed. The service request may be a data extraction request related to the target data, a communication connection request with a data holder (here, corresponding to an authentication party) of the target data, or a data inspection request of an inspection party (here, corresponding to an authentication party) accepting the target data.

It should be noted that, for the identity verification party, only the attribute value corresponding to the display attribute field and the hash value corresponding to the hidden attribute field in the reference DID document can be known, and the attribute value of the hidden attribute field is not known, so that the security of the attribute value corresponding to the hidden attribute field is ensured.

According to the embodiment of the disclosure, the hidden attribute fields in the hidden state are determined based on the actual application scene, and the attribute values corresponding to the hidden attribute fields in the standard DID document are hidden, so that the on-demand display of the attribute values of the standard DID document is realized, the excessive display of the attribute values corresponding to the hidden attribute fields in the standard DID document is avoided, and the safety of the attribute values in the standard DID document is improved. Meanwhile, the standard merck root is reserved in the DID document to serve as a verification basis of the reference DID document, so that accuracy verification of the attribute value corresponding to any attribute field can be realized, and reliability and accuracy of a verification result are improved.

In an alternative embodiment, the root signature of the standard attribute root may also be included in the standard DID document; the root signature is identical to the public signature verification key used for document signatures in standard DID documents. Correspondingly, the reference DID document can also comprise a root signature of a standard attribute root; the root signature is identical to the public signature verification key employed for the document signature of the reference DID document (the document signature of the substantially standard DID document). When signature verification is carried out on the reference DID document, the overall effectiveness of the reference DID document is ensured by verifying the document signature; by verifying the root signature, the local validity of the attribute value corresponding to the attribute field in the reference DID document is ensured.

In the process of constructing the reference merck tree, as the node orders of the hash values corresponding to the different attribute fields in the merck tree are different, the finally constructed reference merck tree results are different, and the accuracy and reproducibility of the verification results of the subsequent reference DID document are affected.

In a specific implementation manner, the reference merck tree can be constructed by hashing the hash values corresponding to the corresponding attribute fields in pairs according to the total attribute fields and the sequence of the attribute fields in the DID document of the unified standard in advance, so that the repeatability of the reference merck tree is ensured.

In another specific implementation manner, the standard DID document also comprises ordering parameter information; corresponding hash values corresponding to all attribute fields are determined according to the ordering parameter information, and the reference node rank in the reference merck tree is used; and constructing a reference merck tree according to the reference node orders of the attribute fields and the hash values of the corresponding attribute values.

The reference node rank is used for representing the hash value corresponding to each attribute field, and the node position or the node sequence of the node corresponding to the constructed reference merck tree.

Illustratively, determining the ordering order of the attribute fields according to the ordering parameter information, and taking the ordering order as the reference node rank of each attribute field; ordering hash values of attribute values corresponding to the attribute fields according to the reference node orders of the attribute fields; and carrying out hash on the ordered hash values in pairs, and constructing a reference merck tree.

It can be understood that by introducing the ordering parameter information to assist in constructing the reference merck tree, the reproducibility of the reference merck tree is ensured, and meanwhile, the full attribute fields and the sequence of the attribute fields in the standard DID document are not required to be unified in advance, so that the flexibility of the standard DID document is improved, the data quantity of the ordering parameter information in the standard DID document and the reference DID document is reduced, the light weight of the standard DID document is ensured, namely, the light weight of the reference DID document is ensured, and the bandwidth loss in the transmission process of the subsequent reference DID document is reduced.

In an alternative embodiment, the construction of the reference merck tree may be performed using a hash algorithm that is pre-uniformly agreed to be used to construct different standard DID documents. The hash algorithm may include a first hash algorithm used for determining a hash value of the attribute value corresponding to the attribute field, and/or a second hash algorithm used for performing pairwise hash on the attribute value. The first hash algorithm and the second hash algorithm may be the same or different.

In another alternative embodiment, the standard DID document may also include a preset hash algorithm used in building the standard merck tree. Wherein the preset hash algorithm may include at least one, and the number of the preset hash algorithms may be at least one among different ones. The preset hash algorithm may include a first hash algorithm used for determining a hash value of the attribute value corresponding to the attribute field, and/or a second hash algorithm used for performing pairwise hash on the attribute value. Wherein, the first hash algorithm adopted by the attribute values corresponding to the attribute fields can be the same or at least partially different; the second hash algorithm used for the pairwise hashing may be the same or at least partially different, and this disclosure is not limited in any way. Correspondingly, a preset hash algorithm is adopted, and a reference merck tree is constructed according to hash values of attribute values corresponding to all attribute fields in the standard DID document.

It can be understood that by introducing the preset hash algorithm into the standard DID document, the diversity of the hash algorithms adopted by different standard DID documents is ensured, so that the determination difficulty of the hash algorithm of the standard DID document is increased, the derivation difficulty of the standard attribute root is further improved, the safety and reliability of the standard DID document are improved, and the safety and reliability of the reference DID document are further improved.

Because the range of the attribute values corresponding to part of the attribute fields is relatively fixed, the attribute values can be back calculated in a permutation and combination mode and the like, so that the standard attribute root corresponding to the standard merck tree can be deduced. In order to increase the derivation difficulty of the standard attribute root, derivative parameter information can be introduced into the standard DID document to assist in constructing the reference merck tree.

In an alternative embodiment, the reference derived parameter values of the attribute fields are determined separately from the derived parameter information; updating the hash value of the corresponding attribute field according to the reference derivative parameter value of the attribute field; and constructing a reference merck tree according to the updated hash value corresponding to each attribute field.

The derived parameter information is used as a generation basis of hash values adopted in the construction of the reference merck tree, and certain randomness is introduced in the generation process of the hash values of the attribute values, so that the derivation difficulty of the standard merck root is increased. Optionally, the derived parameter information may be a parameter sequence including reference derived parameter values corresponding to different attribute fields, for assisting in updating hash values of the different attribute fields; or alternatively, the derived parameter information may include basic derived data for uniformly deriving reference derived parameter values corresponding to different attribute fields, and for updating hash values of the corresponding attribute fields.

In a specific implementation, the derived parameter information may include a random seed ciphertext corresponding to the random seed plaintext; correspondingly, decrypting the random seed ciphertext to obtain a random seed plaintext; and respectively generating reference derivative parameters of each attribute field according to the random seed plaintext. The method has the advantages that the data quantity of the derived parameter information in the standard DID document is reduced, the weight reduction of the standard DID document is guaranteed, namely the weight reduction of the reference DID document is guaranteed, and therefore the bandwidth loss in the transmission process of the subsequent reference DID document is reduced.

Optionally, the random seed ciphertext is generated based on a public key of the data demander; correspondingly, the random seed ciphertext can be decrypted by adopting a private key of the data requiring party to obtain a random seed plaintext.

Or alternatively, the random seed ciphertext can be obtained by encrypting the random seed plaintext by the identity authority according to an encryption key generated by the identity authority according to the private key of the identity authority and the public key of the data requiring party. Correspondingly, the data requiring party can generate a decryption key according to the private key of the data requiring party and the public key of the identity authorizing party; and decrypting the random seed ciphertext by adopting the decryption key to obtain a random seed plaintext.

The identity authority may generate a symmetric encryption key based on an ECDH algorithm according to a private key of the identity authority and a public key of the data requiring party, and use the generated result as an encryption key to encrypt a random seed plaintext to obtain a random seed ciphertext. Correspondingly, the data demander can generate a symmetric encryption key based on the ECDH algorithm according to the private key of the data demander and the public key of the identity authority, and the generated result is used as a decryption key for decrypting the random seed ciphertext to obtain the random seed plaintext.

It can be understood that by introducing the private key of the data requiring party and the public key of the identity authorizing party, the decryption key is generated, so that the decryption key is prevented from being cracked by other parties, the security of the decryption key is improved, the security of the random seed plaintext is improved, and the deducing difficulty of the standard attribute root is further improved. In addition, the decryption key and the encryption key are symmetric keys, so that convenience in the encryption and decryption process is improved.

Alternatively, when different standard DID documents are generated, a data derivation algorithm that is unified and agreed in advance may be adopted, and according to a random seed plaintext, reference derivation parameters of each attribute field are generated respectively. Wherein the data derivation algorithms adopted in the generation of different standard DID documents are the same. Wherein the data-derived algorithm may be implemented using at least one algorithm of the prior art, which is not limited in any way by the present disclosure. For example, a random number generation algorithm may be used.

Or alternatively, the derived parameter information may further include a preset derived algorithm; and respectively generating reference derivative parameter values of each attribute field according to the random seed plaintext by adopting the preset derivative algorithm. The preset derivative algorithms adopted in the generation of the DID documents with different standards are set by themselves and can be the same or different. The preset deriving algorithm may be implemented by at least one algorithm in the prior art, which is not limited in this disclosure. For example, a random number generation algorithm may be used.

It can be understood that by introducing the preset derivative algorithm into the standard DID document, the diversity of the derivative algorithms adopted by different standard DID documents is ensured, so that the randomness of the preset derivative algorithm of the standard DID document is increased, the deducing difficulty of the standard attribute root is further improved, and the safety and reliability of the reference DID document are improved.

Optionally, for each attribute field, a reference derivative parameter value of the attribute field may be used to update a corresponding attribute value, and a hash value of the updated result is used as a reference attribute hash of the attribute field; and hashing each reference attribute by two and then hashing each reference attribute to construct a reference merck tree. The updating manner may adopt at least one of the existing technologies, such as data splicing or function operation, and the disclosure does not limit the adopted specific updating manner. The hash algorithm adopted for constructing the reference merck tree can be pre-agreed or added in a standard DID document.

Or alternatively, for each attribute field, the hash value of the corresponding attribute value may be updated by using the reference derivative parameter value of the attribute field, and the hash value of the updated result is used as the reference attribute hash of the attribute field; and hashing each reference attribute by two and then hashing each reference attribute to construct a reference merck tree. The updating manner may adopt at least one of the existing technologies, such as data splicing or function operation, and the disclosure does not limit the adopted specific updating manner. The hash algorithm adopted for constructing the reference merck tree can be pre-agreed or added in a standard DID document.

According to the embodiment of the disclosure, the derived parameter information is introduced into the standard DID document to generate the reference derived parameter value of each attribute field, so that after the hash value of the corresponding attribute value is updated through the reference derived parameter value of each attribute field, a reference merck tree is constructed, instead of directly adopting the hash value of the attribute value corresponding to the attribute field to construct the reference merck tree, the randomness of the generation process of the hash value corresponding to each attribute field in the reference merck tree is increased, the derivation difficulty of the standard attribute root is increased, and the reliability and the safety of the standard DID document are improved, namely, the reliability and the safety of the reference DID document are improved.

The data verification method using the data demand side as the execution subject is described in detail above. Hereinafter, the data authentication process will be described in detail with the authentication party as an execution subject.

Referring to the data verification method shown in fig. 3, the data verification method is applied to an identity verification party and comprises the following steps:

s301, obtaining data to be verified, which are sent by a data requiring party.

The data to be verified is generated by any data verification method provided by the embodiment of the disclosure.

The data to be verified generated by the data requiring party is sent to the identity verifying party by combining the service request when the service processing related to the target data needs to be executed; correspondingly, the identity verification party acquires corresponding data to be verified according to the received service request, so as to be verified later.

S302, verifying standard attribute roots in a reference DID document in the data to be verified according to the reference merck tree in the data to be verified, the hash value of the attribute value corresponding to the hidden attribute field and the attribute value corresponding to the display attribute field.

For example, the standard merck tree may be restored according to the reference merck tree, the hash value corresponding to the hidden attribute field, and the hash value corresponding to the attribute value corresponding to the display attribute field in the data to be verified, and the standard merck root in the reference DID document in the data to be verified is verified by restoring the obtained standard merck tree and the reference merck tree.

Further, if the data to be verified is obtained based on the service request, the service request is corresponding only if verification is passed. The service request may be a data extraction request related to the target data, a communication connection request with a data holder (here, corresponding to an authentication party) of the target data, or a data inspection request of an inspection party (here, corresponding to an authentication party) accepting the target data.

It can be understood that, because the reference DID document carries the attribute value of the display attribute field, the data to be verified carries the hash value of the attribute value corresponding to the hidden attribute field, and the identity verifier does not need to know the attribute value of the hidden attribute field, so that the verification of the reference DID document can be realized, and the security of the attribute value corresponding to the hidden attribute field is ensured.

According to the technical scheme, the reference DID document carrying the standard attribute root is verified by referring to the merck tree, the hash value of the attribute value corresponding to the hidden attribute field and the attribute value corresponding to the display attribute field. The reference DID document does not need to disclose the attribute values of all attribute fields in the standard DID document, so that the excessive display of the attribute values corresponding to the hidden attribute fields in the standard DID document is avoided, and the safety of the attribute values corresponding to the hidden attribute fields in the reference DID document is ensured. Meanwhile, a standard merck root is reserved in the DID document, so that the accuracy verification of the attribute value corresponding to any attribute field can be realized, and the reliability and accuracy of a verification result are improved.

In an alternative embodiment, a hash value of the corresponding attribute value of each display attribute field may be determined; constructing a current merck tree according to the hash value of the attribute value corresponding to each attribute field; wherein the attribute fields include a display attribute field and a hidden attribute field; and verifying the standard attribute root in the reference DID document according to the current merck tree and the reference merck tree.

Because the data to be verified carries the hash value of the attribute value corresponding to the hidden attribute field and the attribute value corresponding to the display attribute field, the hash value of the attribute value corresponding to the display attribute field needs to be determined, so that the hash value of the attribute value corresponding to each attribute field is obtained. And constructing a new merck tree as a current merck tree according to the hash value of the attribute value corresponding to each attribute field. In the case where the hash value of the attribute value corresponding to the display attribute field and the attribute value corresponding to the hidden attribute field is not falsified, the current merck tree should be the same as the reference merck tree generated by the data demander in the data to be verified. The standard attribute root carried in the reference merck tree is the same as the standard attribute root carried in the standard merck tree, so that the standard attribute root in the reference DID document can be verified according to the current merck tree and the reference merck tree.

For example, if the current merck tree is the same as the reference merck tree, and the root of the reference merck tree (equivalent to the root of the current merck tree) is the same as the standard attribute root in the reference DID document, it indicates that the verification of the standard attribute root in the reference DID document is passed; otherwise, the verification is not passed.

Illustratively, the reference merck tree is validated against the current merck tree; the standard attribute root in the reference DID document is verified from the root of the reference merck tree.

Specifically, verifying the reference merck tree according to the consistency of the current merck tree and the reference merck tree, so that the accuracy of the reference merck tree is ensured; and verifying the reference DID document according to the consistency of the root of the reference merck tree and the standard attribute root in the reference DID document, so that the accuracy of the standard attribute root carried in the reference DID document is ensured.

It can be understood that by introducing verification of the reference merck tree before verifying the standard attribute root in the reference DID document based on the reference merck tree, the situation that the verification result is inaccurate due to the fact that the reference merck tree is false is avoided, and therefore accuracy and reliability of the verification result of the reference DID document are improved.

In the process of constructing the current merck tree, as the node orders of the hash values corresponding to different attribute fields in the merck tree are different, the final result of constructing the current merck tree is different, and the accuracy of the verification result of the standard attribute root in the reference DID document is affected.

In a specific implementation manner, the current merck tree can be constructed by hashing the hash values corresponding to the corresponding attribute fields in pairs according to the total attribute fields and the sequence of the attribute fields in the DID document of the unified standard in advance, so that the reproducibility of the current merck tree is ensured.

In another specific implementation manner, the reference DID document further includes ranking parameter information; corresponding hash values corresponding to all attribute fields are determined according to the ordering parameter information, and the current node rank in the current merck tree is determined; and constructing a current merck tree according to the current node level of each attribute field and the hash value of the corresponding attribute value.

The current node rank is used for representing the hash value corresponding to each attribute field, and the node position or the node sequence of the node corresponding to the constructed current merck tree.

Illustratively, determining the ordering order of the attribute fields according to the ordering parameter information, and taking the ordering order as the current node rank of each attribute field; ordering hash values of attribute values corresponding to the attribute fields according to the current node rank of each attribute field; and carrying out hash on the ordered hash values two by two to construct the current merck tree.

It can be understood that the current merck tree is constructed in an auxiliary way by introducing the ordering parameter information, so that the reproducibility of the current merck tree is ensured, the total attribute fields and the sequence of the attribute fields in the standard DID document are not required to be unified in advance, the flexibility of the standard DID document is ensured, and the accuracy of the verification result of the standard DID document corresponding to the reference DID document is improved. In addition, the scheme also reduces the data quantity of the ordering parameter information in the standard DID document and the reference DID document, ensures the light weight of the standard DID document, namely the light weight of the reference DID document, and reduces the bandwidth loss in the transmission process of the subsequent reference DID document.

In an alternative embodiment, the current merck tree may be constructed using a hash algorithm that is pre-uniformly agreed to construct different standard DID documents. The hash algorithm may include a first hash algorithm used for determining a hash value of the attribute value corresponding to the attribute field, and/or a second hash algorithm used for performing pairwise hash on the attribute value. The first hash algorithm and the second hash algorithm may be the same or different.

In another alternative embodiment, the reference DID document may also include a preset hash algorithm employed in constructing the standard merck tree. Wherein the preset hash algorithm may include at least one, and the number of the preset hash algorithms may be at least one among different ones. The preset hash algorithm may include a first hash algorithm used for determining a hash value of the attribute value corresponding to the attribute field, and/or a second hash algorithm used for performing pairwise hash on the attribute value. Wherein, the first hash algorithm adopted by the attribute values corresponding to the attribute fields can be the same or at least partially different; the second hash algorithm used for the pairwise hashing may be the same or at least partially different, and this disclosure is not limited in any way. Correspondingly, a preset hash algorithm is adopted, and a current merck tree is constructed according to the hash value of the attribute value corresponding to each attribute field.

It can be understood that by introducing a preset hash algorithm into the reference DID document, the diversity of hash algorithms adopted by different standard DID documents is ensured, the determination difficulty of the hash algorithms of the standard DID document and the reference DID document is increased, the derivation difficulty of the standard attribute root is further improved, the accuracy of the current merck tree construction result is improved, and the reliability of the reference DID document verification result is improved.

Because the range of the attribute values corresponding to part of the attribute fields is relatively fixed, the attribute values can be back calculated in a permutation and combination mode and the like, so that the standard attribute root corresponding to the standard merck tree can be deduced. In order to increase the derivation difficulty of the standard attribute root, derivative parameter information can be introduced into the standard DID document, and correspondingly, reference derivative parameter values of attribute values corresponding to display attribute fields are introduced into the data to be verified to assist in constructing the current merck tree.

In an alternative embodiment, the data to be verified further includes reference derived parameter values for displaying attribute values corresponding to the attribute fields; the hash value of the attribute value corresponding to the hidden attribute field is an updating result based on the self corresponding reference derived parameter value; each attribute field is generated based on derived parameter information in the reference DID document corresponding to the reference derived parameter value. Correspondingly, updating the hash value of the corresponding display attribute field according to the reference derivative parameter value of the display attribute field; and constructing a current merck tree according to the hash value updated by each display attribute field and the hash value of each hidden attribute field.

It should be noted that, the reference derived parameter value and the attribute value of the display attribute field may be set in the reference merck tree, or may be set outside the reference merck tree, which is not limited in this disclosure.

In a specific implementation, the derived parameter information may include a random seed ciphertext corresponding to the random seed plaintext; correspondingly, the reference derived parameter value corresponding to each attribute field is generated based on random seed plaintext. The method has the advantages that the data quantity of the derived parameter information in the standard DID document is reduced, the weight reduction of the standard DID document is guaranteed, namely the weight reduction of the reference DID document is guaranteed, and therefore the bandwidth loss in the transmission process of the subsequent reference DID document is reduced.

Optionally, the random seed ciphertext is generated based on a public key of the data demander; correspondingly, the random seed plaintext is obtained by decrypting the random seed ciphertext based on the private key of the data requiring party.

Or alternatively, the random seed ciphertext may be obtained by encrypting the random seed plaintext by the identity authority according to an encryption key generated by the identity authority according to a private key of the identity authority and a public key of the data requiring party. Correspondingly, the random seed plaintext can be obtained by decrypting the random seed ciphertext by a data requiring party according to a decryption key generated by the data requiring party according to a private key of the data requiring party and a public key of an identity authorizing party.

It can be understood that by introducing the decryption key generated based on the private key of the data requiring party and the public key of the identity authorizing party, the random seed plaintext is obtained after the random seed ciphertext is decrypted, so that the decryption key is prevented from being decrypted by other parties, the security of the decryption key is improved, the security of the random seed plaintext is improved, and the derivation difficulty of the standard attribute root is further improved. In addition, the decryption key and the encryption key are symmetric keys, so that convenience in the encryption and decryption process is improved.

Or alternatively, the derived parameter information may further include a preset derived algorithm; accordingly, the reference derived parameter values for each attribute field are generated based on the predetermined derived algorithm and random seed plaintext. The preset derivative algorithms adopted in the generation of the DID documents with different standards are set by themselves and can be the same or different. The preset deriving algorithm may be implemented by at least one algorithm in the prior art, which is not limited in this disclosure. For example, a random number generation algorithm may be used.

It can be understood that by introducing the preset derivative algorithm into the standard DID document, the randomness of the preset derivative algorithms of the standard DID document and the reference is increased while the diversity of the derivative algorithms adopted by different standard DID documents is ensured, so that the deducing difficulty of the standard attribute root is further improved, the accuracy of the current merck tree construction result is improved, and the reliability of the reference DID document verification result is improved.

Optionally, for each attribute field, a reference derivative parameter value of the attribute field may be used to update a corresponding attribute value, and a hash value of the updated result is used as a current attribute hash of the attribute field; and carrying out hash on each current attribute in pairs to construct a current merck tree. The updating manner may adopt at least one of the existing technologies, such as data splicing or function operation, and the disclosure does not limit the adopted specific updating manner. The hash algorithm adopted in the construction of the current merck tree can be pre-agreed or added in a standard DID document.

Or alternatively, for each attribute field, the hash value of the corresponding attribute value may be updated by using the reference derivative parameter value of the attribute field, and the hash value of the updated result is used as the current attribute hash of the attribute field; and carrying out hash on each current attribute in pairs to construct a current merck tree. The updating manner may adopt at least one of the existing technologies, such as data splicing or function operation, and the disclosure does not limit the adopted specific updating manner. The hash algorithm adopted in the construction of the current merck tree can be pre-agreed or added in a standard DID document.

According to the embodiment of the disclosure, the reference derivative parameter value comprising the attribute value corresponding to the attribute display field is introduced into the data to be verified, the hash value of the display attribute field is updated, the hash value of the attribute value corresponding to the hidden attribute field is limited, the update result of the reference derivative parameter value corresponding to each attribute field is generated based on the derivative parameter information in the reference DID document, the hash value obtained by updating the corresponding attribute value through the reference derivative parameter value of each attribute field is constructed, the current merck tree is constructed instead of the method of directly adopting the hash value of the attribute value corresponding to the attribute field to construct the current merck tree, the randomness of the hash value corresponding to each attribute field in the generation process and the derivation difficulty of the standard attribute root are guaranteed, and meanwhile, the accuracy and reliability of the determination result of the current merck tree are improved, and the reliability and safety of the verification result of the reference DID document are further improved.

In an alternative embodiment, a document signature may be included in a standard DID document; accordingly, the above-described document signature (document signature of a substantially standard DID document) is also included in the reference DID document. The document signature may be verified based on the public key of the identity authority to determine whether the reference DID document is valid. Specifically, if the document signature verification is passed, the reference DID document is indicated to be valid as a whole, that is, the reference DID document is generated based on the standard DID document granted to the data requiring party by the identity authority, otherwise, the reference DID document is indicated to be invalid as a whole, that is, the reference DID document is not generated based on the standard DID document granted to the data requiring party by the identity authority.

In another alternative embodiment, the root signature of the standard attribute root may also be included in the standard DID document; the root signature is identical to the public signature verification key used for document signatures in standard DID documents. Correspondingly, the reference DID document can also comprise a root signature of a standard attribute root; the root signature is identical to the public signature verification key employed for the document signature of the reference DID document (the document signature of the substantially standard DID document). Furthermore, the root signature can be verified according to a signature verification public key adopted by the document signature in the reference DID document. If the verification is passed, the fact that the attribute values of the attribute fields corresponding to the standard attribute roots in the reference DID document are locally valid is indicated, namely the standard attribute roots in the reference DID document are generated based on the standard DID document of the data requiring party granted by the identity authorizing party; otherwise, the attribute values corresponding to the attribute fields by the standard attribute root in the reference DID document are indicated to be invalid locally, namely the standard attribute root in the reference DID document is not generated based on the standard DID document of the data requiring party granted by the identity authority.

It can be understood that the root signature of the standard attribute root generated based on the signature verification public key adopted by the document signature is introduced into the reference DID document, so that the root signature is verified according to the signature verification public key, the local validity of the attribute values corresponding to the attribute fields in the reference DID document is ensured, the condition that the attribute values are maliciously tampered is avoided, and the validity and the accuracy of the reference DID document are improved.

Based on the above technical solutions, the present disclosure further provides a preferred embodiment, in which a data interaction process based on the foregoing data processing system is described in detail. It should be noted that, in the embodiments of the present disclosure, parts not described in detail may refer to the relevant expressions of the foregoing embodiments.

Referring to fig. 4A, the data authorization interaction method includes:

s401, acquiring a data authorization request for target data sent by a data requiring party.

S402, the identity authority generates a standard DID document comprising each attribute field and corresponding attribute value of the target data under different application scenes.

S403, sorting the attribute fields according to a preset sorting mode, and respectively determining hash values of the attribute fields based on a first preset hash algorithm.

S404, adopting a preset random number algorithm, and respectively generating random numbers corresponding to each attribute field based on the random number sub-plaintext.

S405, after the hash value of the attribute field is spliced with the corresponding random number, the hash is performed again based on a second preset hash algorithm, and the target hash value of the corresponding attribute field is obtained.

S406, according to the ordering sequence of the attribute fields, the target hash values of the attribute fields are hashed in pairs based on a third preset hash algorithm, and a standard merck tree is constructed.

S407, taking the root of the standard merck tree as the standard attribute root, and signing the standard attribute root by adopting a self signature verification private key to obtain a root signature.

And S408, deriving a symmetric key according to the private key and the public key of the data demand party, using the symmetric key as an encryption key, and encrypting the random number seed by adopting the encryption key to obtain a random number seed ciphertext.

S409, adding the random number seed ciphertext, the preset random number algorithm, the standard attribute root, each preset hash algorithm, the preset ordering mode and the root signature into the standard DID document.

S410, issuing a standard DID document to a data requiring party.

The first preset hash algorithm, the second preset hash algorithm and the third preset hash algorithm adopted in different steps may be the same or different, and the disclosure is not limited in any way.

The standard DID document may be issued by directly feeding back the standard DID document to the data demander, or storing the standard DID document in another storage device, and feeding back the correspondence between the document identifier and the storage location identifier of the standard DID document to the data demander. For example, the other storage devices may be storage nodes in a decentralised storage system.

See the block diagram of a standard DID document shown in fig. 4B. The standard DID document may include basic attributes, interactive attributes, and other attributes.

The basic attribute may include at least one of DID identification, version information, creation time, verification manner, and the like. The DID identifier is used for uniquely representing the content of the DID document, and can be a digital abstract for example; version information for distinguishing versions of different DID documents; creation time, which characterizes the generation time of the DID document. The verification mode is used for limiting a verification mechanism of the DID document, and can be set or adjusted by a technician according to needs or experience, and the specific verification mode is not limited in the disclosure.

The verification mode includes document signature information corresponding to signing the standard DID document, and may include a signature algorithm, a signature content description and a signature verification public key. The verification method further includes a root signature obtained from the standard attribute root signature. Wherein the root signature is the same as the document signature corresponding public key.

The interaction attribute is used for representing attribute information required in the data interaction process after the DID document is authorized for certain interaction behavior. The interaction behavior may include at least one of a communication connection behavior, a data extraction behavior, a data inspection behavior, and the like. Application scenes corresponding to different interaction behaviors are different; correspondingly, the attribute fields adapted in different application scenarios are also different.

Wherein the other attributes may include at least one of merck tree information, random number information, and the like. The merck tree information can comprise a preset ordering mode, standard attribute roots and preset hash algorithms; the random number information may include a random number seed ciphertext and a preset random number algorithm.

Of course, other attributes are used as an attribute extension interface of the standard DID document, and other information can be set as required, which is not limited in this disclosure.

Based on the data authorization interaction method shown in fig. 4A, referring to the data verification interaction method shown in fig. 4C, the method comprises the following steps:

s411, the data demand party acquires the standard DID document generated by the identity authorization party.

And S412, deriving a symmetric key according to the private key and the public key of the identity authority, using the symmetric key as a decryption key, and decrypting the random number seed ciphertext by using the decryption key to obtain a random number seed plaintext.

S413, adopting a preset random number algorithm, and respectively generating random numbers corresponding to each attribute field based on the random number sub-plaintext.

S414, sorting the attribute fields according to a preset sorting mode, and respectively determining hash values of the attribute fields based on a first preset hash algorithm.

S415, after the hash value of the attribute field is spliced with the corresponding random number, the hash is performed again based on a second preset hash algorithm, and the target hash value of the corresponding attribute field is obtained.

S416, according to the ordering sequence of the attribute fields, the target hash values of the attribute fields are hashed in pairs based on a third preset hash algorithm, and a reference merck tree is constructed.

S417, using the attribute field matched with the actual application scene in the attribute fields as the display attribute field of the display state, and using the attribute field not matched with the actual application scene as the hidden attribute field of the hidden state.

S418, hiding attribute values corresponding to hidden attribute fields in the standard DID document to obtain the reference DID document.

Attributes S arranged in order of attribute field inclusion _i (wherein i=1, 2, …, 8), and attribute S ₄ To display the attribute fields, other examples are hidden attribute fields, and the construction process of the reference merck tree is described with reference to fig. 4D.

Based on a preset random number algorithm, generating an attribute S according to a random number seed _i Corresponding random number r _i The method comprises the steps of carrying out a first treatment on the surface of the Determining an attribute S based on a first preset hash algorithm _i Hash value h of corresponding attribute value _i The method comprises the steps of carrying out a first treatment on the surface of the Will hash value h _i And attribute S _i Corresponding random number r _i After being spliced according to the sequence numbers, the data are hashed again based on a second preset hash algorithm to obtain an attribute S _i Target hash value H of (2) _i The method comprises the steps of carrying out a first treatment on the surface of the After hashing each target hash value pairwise, constructing a reference merck tree. Wherein the Root of the reference merck tree is Root. Wherein, the attribute S corresponding to the dotted line part in the figure _j (j=i and j+.4) is a hidden attribute field, showing the attribute S to the authentication party _j Corresponding target hash value H _j Prohibiting the presentation of attribute S to an authentication party _j Attribute values and corresponding random numbers r of (2) _j . Correspondingly, due toThe reference DID document has attribute S _j Is a property value of (a).

S419, sending to an identity verifier the data to be verified, wherein the data comprise the reference DID document, the random number of the display attribute field, the target hash value of the hidden attribute field and the reference merck tree.

S420, the identity verification party respectively determines hash values of all display attribute fields based on a first preset hash algorithm in the reference DID document.

S421, after the hash value of the display attribute field is spliced with the corresponding random number, the hash is performed again based on a second preset hash algorithm, and the target hash value of the corresponding display attribute field is obtained.

S422, according to the ordering sequence of the attribute fields, the target hash values of the attribute fields are hashed in pairs based on a third preset hash algorithm, and the current merck tree is constructed.

Continuing the previous example, attribute S arranged in order is included in attribute field _i (wherein i=1, 2, …, 8), and attribute S ₄ For displaying attribute fields, other hidden attribute fields are exemplified, and the construction process of the merck tree is described with reference to fig. 4E.

Determining an attribute S based on a first preset hash algorithm ₄ Hash value h of corresponding attribute value ₄ The method comprises the steps of carrying out a first treatment on the surface of the Will hash value h ₄ And attribute S ₄ Corresponding random number r ₄ After being spliced according to the sequence numbers, the data are hashed again based on a second preset hash algorithm to obtain an attribute S ₄ Target hash value H of (2) ₄ The method comprises the steps of carrying out a first treatment on the surface of the Attribute S ₁ -S ₈ Corresponding target hash value H ₁ -H ₈ After hashing two by two, the current merck tree is constructed. Wherein the Root of the current merck tree is Root'.

S423, verifying whether the reference merck tree is correct according to the current merck tree.

S424, verifying whether the root of the current merck tree and the root of the reference merck tree are consistent with the standard attribute root in the reference DID document.

S425, signing the root signature in the reference DID document based on the signing public key in the reference DID document.

S426, if the verification passes, determining that the reference DID document passes the verification.

As an implementation of the above-mentioned data authorization methods, the present disclosure further provides an optional embodiment of an execution apparatus that implements the above-mentioned data authorization methods. Referring to fig. 5, a data authorization device 500 configured in an identity authorized party includes: a data authorization request acquisition module 501 and a standard DID document generation module 502. Wherein, the liquid crystal display device comprises a liquid crystal display device,

a data authorization request acquisition module 501, configured to acquire a data authorization request for target data sent by a data demander;

a standard DID document generation module 502, configured to generate a standard de-centralized identity DID document in response to the data authorization request;

The standard attribute root is the root of a standard merck tree constructed based on hash values of the attribute values corresponding to the attribute fields.

In an alternative embodiment, the standard DID document further includes derived parameter information; the device also comprises a standard merck tree construction module, which specifically comprises:

a standard derived parameter value determining unit, configured to determine standard derived parameter values of the attribute fields according to the derived parameter information;

a hash value updating unit, configured to update a hash value of a corresponding attribute field according to a standard derived parameter value of the attribute field;

and the standard merck tree construction unit is used for constructing the standard merck tree according to the updated hash value corresponding to each attribute field.

In an optional embodiment, the derived parameter information includes a random seed ciphertext corresponding to a random seed plaintext; the standard derived parameter value determining unit is specifically configured to:

and respectively generating standard derived parameter values of the attribute fields according to the random seed plaintext.

In an alternative embodiment, the derived parameter information further includes a preset derived algorithm; the standard derived parameter value determining unit is specifically configured to:

and respectively generating standard derivative parameter values of the attribute fields according to the random seed plaintext by adopting the preset derivative algorithm.

In an alternative embodiment, the random seed ciphertext is obtained by encrypting a random seed plaintext according to an encryption key generated by a private key of the random seed ciphertext and a public key of the data demander.

In an optional embodiment, the standard DID document further includes ranking parameter information; the device also comprises a standard merck tree construction module, which specifically comprises:

the standard node rank determining unit is used for determining the corresponding hash value of each attribute field according to the ordering parameter information, and the standard node rank in the standard merck tree;

the standard merck tree construction unit is used for constructing the standard merck tree according to the standard node rank of each attribute field and the hash value of the corresponding attribute value.

In an alternative embodiment, the standard DID document further includes a preset hash algorithm used in constructing the standard merck tree.

In an alternative embodiment, the root signature of the standard attribute root is also included in the standard DID document; the root signature is the same as the signature verification public key adopted by the document signature of the standard DID document.

In an optional embodiment, if the application scenario includes a communication connection scenario, the attribute field in the display state includes communication key information for establishing a secure communication connection;

if the application scene comprises a data extraction scene, the attribute field in the display state correspondingly comprises data restoration information for restoring target data;

and if the application scene comprises a data examination scene, the corresponding attribute field in the display state comprises service identification information and/or examination flow information.

The data authorization device can execute the data authorization method provided by any embodiment of the disclosure, and has the corresponding functional modules and beneficial effects of executing the data authorization methods.

As an implementation of the above-mentioned data verification methods, the present disclosure further provides an optional embodiment of an execution apparatus that implements the above-mentioned data verification methods. Referring to fig. 6, a data verification apparatus 600, configured on a data demander, includes: a standard DID document acquisition module 601, a reference merck tree construction module 602, an attribute field determination module 603, a reference DID document obtaining module 604, and a data transmission module to be verified 605. Wherein, the liquid crystal display device comprises a liquid crystal display device,

A standard DID document acquisition module 601, configured to acquire a standard de-centralized identity DID document generated by an identity authority for target data; wherein, the standard DID document is generated by adopting any one of the data authorization devices provided by the embodiment of the disclosure;

the reference merck tree construction module 602 is configured to construct a reference merck tree according to hash values of attribute values corresponding to attribute fields in the standard DID document;

the attribute field determining module 603 is configured to determine, according to an actual application scenario, a hidden attribute field in a hidden state and a display attribute field in a display state in each attribute field;

a reference DID document obtaining module 604, configured to hide attribute values corresponding to the hidden attribute fields in the standard DID document, to obtain a reference DID document including attribute values corresponding to the display attribute fields;

and the data to be verified sending module 605 is configured to send data to be verified, including the reference DID document, the reference merck tree, and the hash value of the attribute value corresponding to the hidden attribute field, to an identity verifier, so as to verify a standard attribute root in the reference DID document.

In an alternative embodiment, the standard DID document further includes derived parameter information; the reference merck tree building block 602 includes:

a reference derived parameter value determining unit configured to determine a reference derived parameter value of each of the attribute fields, respectively, according to the derived parameter information;

a hash value updating unit, configured to update a hash value of a corresponding attribute field according to a reference derivative parameter value of the attribute field;

the reference merck tree construction unit is used for constructing the reference merck tree according to the corresponding updated hash value of each attribute field.

In an alternative embodiment, the derived parameter information comprises a random seed ciphertext; the reference derivative parameter value determination unit includes:

a subunit for obtaining a random seed plaintext is used for decrypting the random seed ciphertext to obtain the random seed plaintext;

and the reference derived parameter value generation subunit is used for respectively generating the reference derived parameter values of the attribute fields according to the random seed plaintext.

In an alternative embodiment, the derived parameter information further includes a preset derived algorithm; the reference derived parameter value generation subunit is specifically configured to:

And respectively generating reference derivative parameter values of the attribute fields according to the random seed plaintext by adopting the preset derivative algorithm.

In an alternative embodiment, the random seed plaintext gets a subunit, specifically for:

generating a decryption key according to the private key and the public key of the identity authority;

and decrypting the random seed ciphertext by adopting the decryption key to obtain the random seed plaintext.

In an alternative embodiment, the standard DID document further includes ranking parameter information, and the reference merck tree building module 602 includes:

a reference node rank determining unit, configured to determine, according to the ordering parameter information, a hash value corresponding to each attribute field, and a reference node rank in the reference merck tree;

the reference merck tree construction unit is used for constructing the reference merck tree according to the reference node rank of each attribute field and the hash value of the corresponding attribute value.

In an optional embodiment, the standard DID document further includes a preset hash algorithm; the reference merck tree construction module 602 is specifically configured to:

and constructing the reference merck tree according to the hash value of the attribute value corresponding to each attribute field in the standard DID document by adopting the preset hash algorithm.

In an alternative embodiment, the root signature of the standard attribute root is also included in the reference DID document; the root signature is the same as the signature verification public key used for document signature in the reference DID document.

In an optional embodiment, if the actual application scenario includes a communication connection scenario, the display attribute field includes communication key information for establishing a secure communication connection;

if the actual application scene comprises a data extraction scene, the display attribute field comprises data restoration information for restoring target data;

and if the application scene comprises a data examination scene, the display attribute field comprises service identification information and/or examination flow information.

The data verification device can execute the data verification method provided by any embodiment of the disclosure, and has the corresponding functional modules and beneficial effects of executing each data authorization method.

As an implementation of the above-mentioned data verification methods, the present disclosure further provides an optional embodiment of an execution apparatus that implements the above-mentioned data verification methods. Referring to another data verification apparatus 700 shown in fig. 7, the data verification apparatus is configured on an authentication party, and includes: the data acquisition module to be verified 701 and the data verification module 702. Wherein, the liquid crystal display device comprises a liquid crystal display device,

The to-be-verified data acquisition module 701 is configured to acquire to-be-verified data sent by a data demander; the data to be verified is generated by adopting any data verification device provided by the embodiment of the disclosure;

the data verification module 702 is configured to verify a standard attribute root in a reference de-centralized identity DID document in the data to be verified according to the reference merck tree in the data to be verified, the hash value of the attribute value corresponding to the hidden attribute field, and the attribute value corresponding to the display attribute field.

In an alternative embodiment, the data verification module 702 includes:

a display hash determining unit, configured to determine hash values of attribute values corresponding to the display attribute fields;

the current merck tree construction unit is used for constructing a current merck tree according to the hash value of the attribute value corresponding to each attribute field; wherein the attribute fields include a display attribute field and a hidden attribute field;

and the standard attribute root verification unit is used for verifying the standard attribute root in the reference DID document according to the current merck tree and the reference merck tree.

In an alternative embodiment, the standard attribute root verification unit includes:

a reference merck tree verification subunit, configured to verify the reference merck tree according to the current merck tree;

and the standard attribute root verification subunit is used for verifying the standard attribute root in the reference DID document according to the root of the reference merck tree.

In an optional embodiment, the data to be verified further includes a reference derived parameter value of an attribute value corresponding to the display attribute field; the hash value of the attribute value corresponding to the hidden attribute field is an updating result based on the self corresponding reference derived parameter value; each attribute field corresponds to a reference derived parameter value generated based on derived parameter information in the reference DID document;

The current merck tree building unit includes:

a hash value updating subunit, configured to update a hash value of the corresponding display attribute field according to the reference derivative parameter value of the display attribute field;

and the current merck tree construction subunit comprises a step of constructing the current merck tree according to the hash value updated by each display attribute field and the hash value of each hidden attribute field.

In an alternative embodiment, the derived parameter information includes a random seed plaintext corresponding to a random seed ciphertext;

the reference derived parameter value for each of the attribute fields is generated based on the random seed plaintext.

In an alternative embodiment, the derived parameter information further includes a preset derived algorithm;

the reference derived parameter value for each of the attribute fields is generated based on the predetermined derived algorithm and the random seed plaintext.

In an alternative embodiment, the random seed plaintext is generated by the data demander based on a decryption key generated by the data demander based on its own private key and an identity authority public key.

In an optional embodiment, the reference DID document further includes ranking parameter information; the current merck tree building unit includes:

A current node rank determining subunit, configured to determine, according to the ordering parameter information, a hash value corresponding to each attribute field, and a current node rank in the current merck tree;

and the current merck tree construction subunit is used for constructing the current merck tree according to the current node rank of each attribute field and the hash value of the corresponding attribute value.

In an optional embodiment, the reference DID document further includes a preset hash algorithm; the current merck tree building unit is specifically configured to:

and constructing the current merck tree according to the hash value of the attribute value corresponding to each attribute field by adopting the preset hash algorithm.

In an alternative embodiment, the root signature of the standard attribute root is also included in the reference DID document; the root signature is the same as a signature verification public key adopted by a document signature in the reference DID document; the apparatus further comprises:

and the root signature verification module is used for verifying the root signature according to the signature verification public key adopted by the document signature in the reference DID document.

In the technical scheme of the disclosure, the related data authorization request, the standard DID document, the data to be verified and the like are collected, stored, used, processed, transmitted, provided, disclosed and the like, all conform to the regulations of related laws and regulations, and the public order is not violated.

According to embodiments of the present disclosure, the present disclosure also provides an electronic device, a readable storage medium and a computer program product.

Fig. 8 illustrates a schematic block diagram of an example electronic device 800 that may be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.

As shown in fig. 8, the apparatus 800 includes a computing unit 801 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 802 or a computer program loaded from a storage unit 808 into a Random Access Memory (RAM) 803. In the RAM 803, various programs and data required for the operation of the device 800 can also be stored. The computing unit 801, the ROM 802, and the RAM 803 are connected to each other by a bus 804. An input/output (I/O) interface 805 is also connected to the bus 804.

Various components in device 800 are connected to I/O interface 805, including: an input unit 806 such as a keyboard, mouse, etc.; an output unit 807 such as various types of displays, speakers, and the like; a storage unit 808, such as a magnetic disk, optical disk, etc.; and a communication unit 809, such as a network card, modem, wireless communication transceiver, or the like. The communication unit 809 allows the device 800 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.

The computing unit 801 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 801 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, etc. The computing unit 801 performs the respective methods and processes described above, such as at least one of a data authorization method and a data verification method. For example, in some embodiments, at least one of the data authorization method and the data verification method may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as the storage unit 808. In some embodiments, part or all of the computer program may be loaded and/or installed onto device 800 via ROM 802 and/or communication unit 809. When the computer program is loaded into the RAM 803 and executed by the computing unit 801, one or more steps of at least one of the data authorization method and the data verification method described above may be performed. Alternatively, in other embodiments, the computing unit 801 may be configured to perform at least one of the data authorization method and the data verification method by any other suitable means (e.g., by means of firmware).

Various implementations of the systems and techniques described here above can be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), complex Programmable Logic Devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.

Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.

In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.

The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the internet.

The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome. The server may also be a server of a distributed system or a server that incorporates a blockchain.

Artificial intelligence is the discipline of studying the process of making a computer mimic certain mental processes and intelligent behaviors (e.g., learning, reasoning, thinking, planning, etc.) of a person, both hardware-level and software-level techniques. Artificial intelligence hardware technologies generally include technologies such as sensors, dedicated artificial intelligence chips, cloud computing, distributed storage, big data processing, and the like; the artificial intelligent software technology mainly comprises a computer vision technology, a voice recognition technology, a natural language processing technology, a machine learning/deep learning technology, a big data processing technology, a knowledge graph technology and the like.

Cloud computing (cloud computing) refers to a technical system that a shared physical or virtual resource pool which is elastically extensible is accessed through a network, resources can comprise servers, operating systems, networks, software, applications, storage devices and the like, and resources can be deployed and managed in an on-demand and self-service mode. Through cloud computing technology, high-efficiency and powerful data processing capability can be provided for technical application such as artificial intelligence and blockchain, and model training.

It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps recited in the present disclosure may be performed in parallel, sequentially, or in a different order, provided that the desired results of the technical solutions provided by the present disclosure are achieved, and are not limited herein.

The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.

Claims

1. A data authorization method applied to an identity authorizer, comprising:

the standard attribute root is the root of a standard merck tree constructed based on the hash value of the attribute value corresponding to each attribute field;

if the application scene comprises a communication connection scene, the attribute field in the display state correspondingly comprises communication key information for establishing the secure communication connection;

2. The method of claim 1, wherein the standard DID document further includes derived parameter information therein; the standard merck tree is constructed in the following manner:

according to the derived parameter information, standard derived parameter values of all the attribute fields are respectively determined;

updating hash values of the corresponding attribute fields according to standard derivative parameter values of the attribute fields;

and constructing the standard merck tree according to the updated hash value corresponding to each attribute field.

3. The method of claim 2, wherein the derived parameter information comprises a random seed ciphertext corresponding to a random seed plaintext; the determining standard derived parameter values of the attribute fields according to the derived parameter information respectively includes:

4. A method according to claim 3, wherein the derived parameter information further comprises a preset derived algorithm; the generating standard derived parameter values of each attribute field according to the random seed plaintext includes:

5. The method of claim 3, wherein the random seed ciphertext is derived from encrypting random seed plaintext based on an encryption key generated by a private key of the random seed ciphertext and a public key of the data demander.

6. The method of claim 1, wherein the standard DID document further includes ranking parameter information therein; the standard merck tree is constructed in the following manner:

determining the corresponding hash value of each attribute field according to the ordering parameter information, and determining the standard node rank in the standard merck tree;

and constructing the standard merck tree according to the standard node level of each attribute field and the hash value of the corresponding attribute value.

7. The method of any of claims 1-6, wherein a preset hash algorithm employed in constructing the standard merck tree is further included in the standard DID document.

8. The method of any of claims 1-6, wherein the standard DID document further comprises a root signature of the standard attribute root; the root signature is the same as the signature verification public key adopted by the document signature of the standard DID document.

9. A data verification method is applied to a data requiring party and comprises the following steps:

acquiring a standard decentralised identity DID document generated by an identity authority for target data; wherein the standard DID document is generated using the data authorization method of any one of claims 1-8;

and sending the data to be verified, which comprises the reference DID document, the reference merck tree and the hash value of the attribute value corresponding to the hidden attribute field, to an identity verifier for verifying a standard attribute root in the reference DID document.

10. The method of claim 9, wherein the standard DID document further includes derived parameter information therein; constructing a reference merck tree according to the hash value of the attribute value corresponding to each attribute field in the standard DID document, including:

respectively determining reference derived parameter values of the attribute fields according to the derived parameter information;

updating hash values of the corresponding attribute fields according to the reference derivative parameter values of the attribute fields;

and constructing the reference merck tree according to the updated hash value corresponding to each attribute field.

11. The method of claim 10, wherein the derived parameter information comprises a random seed ciphertext; the determining the reference derived parameter value of each attribute field according to the derived parameter information includes:

decrypting the random seed ciphertext to obtain a random seed plaintext;

and respectively generating reference derivative parameter values of the attribute fields according to the random seed plaintext.

12. The method of claim 11, wherein the derived parameter information further comprises a preset derived algorithm; the generating reference derivative parameter values of each attribute field according to the random seed plaintext includes:

13. The method of claim 11, wherein decrypting the random seed ciphertext results in random seed plaintext, comprising:

14. The method of claim 9, wherein the standard DID document further includes ordering parameter information, and the constructing the reference merck tree according to the hash value of the attribute value corresponding to each attribute field in the standard DID document includes:

determining the corresponding hash value of each attribute field according to the ordering parameter information, and determining the reference node rank in the reference merck tree;

and constructing the reference merck tree according to the reference node rank of each attribute field and the hash value of the corresponding attribute value.

15. The method of any of claims 9-14, wherein the standard DID document further comprises a preset hash algorithm therein; constructing a reference merck tree according to the hash value of the attribute value corresponding to each attribute field in the standard DID document, including:

16. The method of any of claims 9-14, wherein the root signature of the standard property root is further included in the reference DID document; the root signature is the same as the signature verification public key used for document signature in the reference DID document.

17. The data verification method is applied to an identity verification party and comprises the following steps:

acquiring data to be verified sent by a data requiring party; the data to be verified is generated by the data verification method according to any one of claims 9 to 16;

18. The method of claim 17, wherein verifying the standard attribute root in the reference de-centralized identity DID document in the data to be verified according to the reference merck tree, the hash value of the hidden attribute field corresponding attribute value, and the display attribute field corresponding attribute value in the data to be verified comprises:

Determining hash values of attribute values corresponding to the display attribute fields;

constructing a current merck tree according to the hash value of the attribute value corresponding to each attribute field; wherein the attribute fields include a display attribute field and a hidden attribute field;

and verifying standard attribute roots in the reference DID document according to the current merck tree and the reference merck tree.

19. The method of claim 18, wherein the validating the standard property root in the reference DID document from the current merck tree and the reference merck tree comprises:

verifying the reference merck tree according to the current merck tree;

and verifying the standard attribute root in the reference DID document according to the root of the reference merck tree.

20. The method of claim 18, wherein the data to be verified further includes reference derived parameter values for the display attribute field corresponding attribute values; the hash value of the attribute value corresponding to the hidden attribute field is an updating result based on the self corresponding reference derived parameter value; each attribute field corresponds to a reference derived parameter value generated based on derived parameter information in the reference DID document;

The constructing a current merck tree according to the hash value of the attribute value corresponding to each attribute field comprises:

updating the hash value of the corresponding display attribute field according to the reference derivative parameter value of the display attribute field;

and constructing the current merck tree according to the hash value updated by each display attribute field and the hash value of each hidden attribute field.

21. The method of claim 20, wherein the derived parameter information comprises a random seed plaintext corresponding to a random seed ciphertext;

22. The method of claim 21, wherein the derived parameter information further comprises a preset derived algorithm;

23. The method of claim 21, wherein the random seed plaintext is derived from decrypting the random seed ciphertext by a data demander based on a decryption key generated by the data demander based on a private key of the data demander and a public key of an identity authority.

24. The method of claim 18, wherein the reference DID document further includes ranking parameter information therein; the constructing a current merck tree according to the hash value of the attribute value corresponding to each attribute field comprises:

Determining the corresponding hash value of each attribute field according to the ordering parameter information, and determining the current node rank in the current merck tree;

and constructing the current merck tree according to the current node level of each attribute field and the hash value of the corresponding attribute value.

25. The method of any of claims 18-24, wherein the reference DID document further comprises a preset hashing algorithm therein; the constructing a current merck tree according to the hash value of the attribute value corresponding to each attribute field comprises:

26. The method of any of claims 17-24, wherein the reference DID document further includes therein a root signature of a standard attribute root; the root signature is the same as a signature verification public key adopted by a document signature in the reference DID document; the method further comprises the steps of:

and verifying the root signature according to a signature verification public key adopted by the document signature in the reference DID document.

27. A data authorization device configured in an identity authority, comprising:

the data authorization request acquisition module is used for acquiring a data authorization request aiming at target data, which is sent by a data demand party;

The standard DID document generation module is used for responding to the data authorization request and generating a standard de-centralized identity DID document;

28. The apparatus of claim 27, wherein the standard DID document further includes derived parameter information therein; the device also comprises a standard merck tree construction module, which specifically comprises:

29. The apparatus of claim 28, wherein the derived parameter information comprises a random seed ciphertext corresponding to a random seed plaintext; the standard derived parameter value determining unit is specifically configured to:

30. The apparatus of claim 29, wherein the derived parameter information further comprises a preset derived algorithm; the standard derived parameter value determining unit is specifically configured to:

31. The apparatus of claim 29, wherein the random seed ciphertext is derived from encrypting random seed plaintext based on an encryption key generated by a private key of the apparatus and a public key of the data demander.

32. The apparatus of claim 27, wherein the standard DID document further includes ranking parameter information therein; the device also comprises a standard merck tree construction module, which specifically comprises:

33. The apparatus of any of claims 27-32, wherein a preset hash algorithm employed in constructing the standard merck tree is further included in the standard DID document.

34. The apparatus of any of claims 27-32, wherein the standard DID document further comprises a root signature of the standard attribute root; the root signature is the same as the signature verification public key adopted by the document signature of the standard DID document.

35. A data verification apparatus, configured on a data demander, comprising:

the standard DID document acquisition module is used for acquiring a standard decentralised identity DID document generated by an identity authority for target data; wherein the standard DID document is generated using the data authorization apparatus of any one of claims 27-34;

The reference merck tree construction module is used for constructing a reference merck tree according to the hash value of the attribute value corresponding to each attribute field in the standard DID document;

the attribute field determining module is used for determining hidden attribute fields in a hidden state and display attribute fields in a display state in the attribute fields according to actual application scenes;

the reference DID document obtaining module is used for hiding the attribute values corresponding to the hidden attribute fields in the standard DID document to obtain a reference DID document comprising the attribute values corresponding to the display attribute fields;

and the data to be verified sending module is used for sending the data to be verified, which comprises the reference DID document, the reference merck tree and the hash value of the attribute value corresponding to the hidden attribute field, to an identity verification party for verifying the standard attribute root in the reference DID document.

36. The apparatus of claim 35, wherein the standard DID document further includes derived parameter information therein; the reference merck tree building block comprises:

37. The apparatus of claim 36, wherein the derived parameter information comprises a random seed ciphertext; the reference derivative parameter value determination unit includes:

38. The apparatus of claim 37, wherein the derived parameter information further comprises a preset derived algorithm; the reference derived parameter value generation subunit is specifically configured to:

39. The apparatus of claim 37, wherein the random seed plaintext gets a subunit, in particular for:

40. The apparatus of claim 35, wherein the standard DID document further includes ranking parameter information therein, the reference merck tree building block comprising:

41. The apparatus of any one of claims 35-40, wherein the standard DID document further comprises a preset hash algorithm therein; the reference merck tree building module is specifically used for:

42. The apparatus of any of claims 35-40, wherein the root signature of the standard property root is further included in the reference DID document; the root signature is the same as the signature verification public key used for document signature in the reference DID document.

43. A data verification device configured on an identity verification party, comprising:

the data to be verified acquisition module is used for acquiring data to be verified sent by the data requiring party; the data to be verified is generated by the data verification device according to any one of claims 35-42;

and the data verification module is used for verifying the standard attribute root in the reference decentralised identity DID document in the data to be verified according to the reference merck tree, the hash value of the attribute value corresponding to the hidden attribute field and the attribute value corresponding to the display attribute field in the data to be verified.

44. The apparatus of claim 43, wherein the data verification module comprises:

45. The apparatus of claim 44, wherein the standard attribute root verification unit comprises:

46. An apparatus according to claim 44, wherein the data to be validated further comprises reference derived parameter values for the display attribute field corresponding attribute values; the hash value of the attribute value corresponding to the hidden attribute field is an updating result based on the self corresponding reference derived parameter value; each attribute field corresponds to a reference derived parameter value generated based on derived parameter information in the reference DID document;

the current merck tree building unit includes:

47. The apparatus of claim 46, wherein the derived parameter information comprises a random seed plaintext corresponding to a random seed ciphertext;

48. The apparatus of claim 47, wherein the derived parameter information further comprises a preset derived algorithm;

49. The apparatus of claim 47, wherein the random seed plaintext is derived from decrypting the random seed ciphertext by a data demander based on a decryption key generated by the data demander based on a private key of the data demander and a public key of an identity authority.

50. The apparatus of claim 44, wherein the reference DID document further includes ranking parameter information therein; the current merck tree building unit includes:

51. The apparatus of any of claims 44-50, wherein the reference DID document further comprises a preset hashing algorithm therein; the current merck tree building unit is specifically configured to:

52. The apparatus of any of claims 43-50, wherein the reference DID document further comprises a root signature of a standard attribute root; the root signature is the same as a signature verification public key adopted by a document signature in the reference DID document; the apparatus further comprises:

53. An electronic device, comprising:

at least one processor; and

the memory stores instructions executable by the at least one processor to enable the at least one processor to perform at least one of the following claims: the data authorization method of claims 1-8, the data authentication method of claims 9-16, and the data authentication method of claims 17-26.

54. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform at least one of the following claims: the data authorization method of claims 1-8, the data authentication method of claims 9-16, and the data authentication method of claims 17-26.