CN116757698B - Encryption method and system for improving payment security performance - Google Patents

Encryption method and system for improving payment security performance Download PDF

Info

Publication number
CN116757698B
CN116757698B CN202310458516.XA CN202310458516A CN116757698B CN 116757698 B CN116757698 B CN 116757698B CN 202310458516 A CN202310458516 A CN 202310458516A CN 116757698 B CN116757698 B CN 116757698B
Authority
CN
China
Prior art keywords
transaction
data
encryption
executing
gaussian distribution
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310458516.XA
Other languages
Chinese (zh)
Other versions
CN116757698A (en
Inventor
李中良
丁科康
刘育荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Shengdijia Electronic Commerce Co ltd
Original Assignee
Guangdong Shengdijia Electronic Commerce Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Shengdijia Electronic Commerce Co ltd filed Critical Guangdong Shengdijia Electronic Commerce Co ltd
Priority to CN202310458516.XA priority Critical patent/CN116757698B/en
Publication of CN116757698A publication Critical patent/CN116757698A/en
Application granted granted Critical
Publication of CN116757698B publication Critical patent/CN116757698B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an encryption method and system for improving payment security performance, and belongs to the technical field of data transaction security. The method comprises the following steps: step 1, constructing a data transaction link; step 2, executing transaction activities between two transaction objects based on the data transaction link; step 3, adopting an RSA encryption and double hash function based on Gaussian distribution improvement to execute synchronous encryption operation in the process of executing transaction activities; and 4, after carrying out Gaussian distribution inversion decryption verification on the encrypted information, completing interaction of transaction data. Aiming at the requirement of the actual data interaction process on the security performance, the invention optimizes the traditional data interaction mode, and executes encryption operation on the transaction data related in the interaction process, thereby avoiding the potential safety hazard generated when a third party mechanism exists, and having good security performance and reliability.

Description

Encryption method and system for improving payment security performance
Technical Field
The invention relates to the technical field of data transaction security, in particular to an encryption method and system for improving payment security performance.
Background
In the years of the tremendous development of electronic information, digital economies have also gradually occupied a portion of the mass life, and papered transactions have also been gradually replaced with digital currency. The digital currency is used as a transaction carrier without materialization, and cryptography is adopted for anti-counterfeiting.
However, the digital currency is based on the internet as a transaction carrier, and when malicious attacks occur in the transaction process, transaction failure and even larger loss can occur.
Disclosure of Invention
The invention aims to: an encryption method and system for improving payment security are provided to solve the above problems in the prior art. Aiming at the requirement of the actual data interaction process on the security performance, the traditional data interaction mode is optimized, encryption operation is carried out on transaction data related in the interaction process, potential safety hazards generated when a third party mechanism exists are avoided, and the method has good security performance and reliability.
The technical scheme is as follows: in a first aspect, an encryption method for improving payment security is provided, and security and reliability in a data interaction process are improved by optimizing a traditional transaction mode and data encryption. The method comprises the following steps:
Step 1, constructing a data transaction link;
In the process of establishing the data transaction link, each object in the data transaction process is taken as a node, a chained storage mode is adopted, and transaction data is written in a block mode. Wherein the basic information stored in the block header comprises: the hash value, the version, the timestamp, the difficulty, the random number and the Merkel root, wherein the hash of the corresponding last block and the hash of the current block in the hash value are generated by the SHA256, and chain links are formed between the last object node and the current node and between the last object node and the next node through the hash value, so that a chain transaction data link is completed. The timestamp corresponds to the time at which the object node was created. The Merkel root is in a tree structure, and the hash value corresponding to each transaction is recorded.
Step 2, executing transaction activities between two transaction objects based on the data transaction link;
Step 3, adopting an RSA encryption step 31 based on Gaussian distribution improvement and a double hash function to execute synchronous encryption operation in the process of executing transaction activities;
And step 4, after the step 41 of carrying out Gaussian distribution inversion decryption verification on the encrypted information, the transaction data interaction is completed.
In some implementations of the first aspect, the process of generating the public key and the private key includes the steps of:
step ①, randomly generating two mutually prime numbers p and q;
step ②, obtaining N by multiplying two mutually prime numbers, wherein the corresponding expression is:
N=p*q
Step ③, constructing an intermediate number L, enabling the intermediate number L to be the least common multiple, and enabling the corresponding expression to be:
L=lcm(p-1,q-1)
wherein lcm () represents the least common multiple;
step ④, obtaining E through common divisor based on the constructed intermediate number, wherein the corresponding expression is:
wherein gcd () represents the greatest common divisor;
Step ⑤, obtaining D based on the intermediate number L and the obtained E, where the corresponding expression is:
based on the corresponding expression, the corresponding parameters are obtained, and thus the public key (E, N), the private key (D, N), and the key pair (E, D, N) are obtained.
The step 31 of RSA encryption based on gaussian distribution improvement specifically includes:
step 311, the E power is performed on the plaintext and divided by N to obtain remainder, and the corresponding expression is:
S=MEmod N
Wherein S represents ciphertext; m represents plaintext; mod represents the remainder operation;
Step 312, constructing Gaussian distributions X-N based on S and 1 (S, 1 2);
Step 313, performing n times of random sampling on the gaussian distribution X to obtain a sample set { X i |i=1, 2, …, n };
Step 314, storing the sample set { x i |i=1, 2, …, n } as a password file, wherein n is the number of samples of the sample set;
Step 315, splitting the sample set { x i |i=1, 2, …, n } into a plurality of sample subsets, and sending and transmitting the sample subsets with independent sample subsets during transmission to complete the RSA encryption based on Gaussian distribution improvement.
The gaussian distribution inversion decryption verification step 41 specifically includes:
Step 411, receiving a plurality of sample subsets, and fusing the plurality of sample subsets to obtain a synthesized sample set { x j |j=1, 2, …, m }, where m is the number of samples in the synthesized sample set;
Step 412, checking whether the synthesized sample set { x j |j=1, 2, …, m } conforms to a gaussian distribution, if yes, executing step 413; if not, sending out early warning of decryption failure;
Step 413, obtaining gaussian distributions Y to N (T, 1 2) based on the synthetic sample set { x j |j=1, 2, …, m };
step 414, performing a neighbor rounding operation on T, which satisfies:
S'=int(T)
Wherein, int () represents rounding to get S' nearest to T as inversion ciphertext;
Step 415, the remainder of dividing the inverted ciphertext S' by N after performing the D power, where the corresponding expression is:
M=S'Dmod N
Wherein M represents plaintext; s' represents an inversion ciphertext; mod represents the remainder operation.
In some implementations of the first aspect, the data transaction link adopts a distributed data recording manner, and adopts a consensus mechanism to complete consensus among different object nodes, and introduces an information signature verification mechanism into the consensus mechanism. Firstly, a sender in a transaction object assigns signature information and transaction information to be sent to a leader node; secondly, the leader node confirms the received data information; thirdly, after the leader node completes information confirmation, copying the corresponding data information to the corresponding follower node; the slave node receives the corresponding data information, then adds the data information to a local log of the slave node, and sends confirmation information to the leader node; finally, the leader node verifies the information from the follower nodes, and after receiving the confirmation information of more than half of follower nodes, sets the data information state to be synchronized, and then sends the information confirming the synchronization to the follower nodes again, so that the follower nodes are informed of synchronously executing data updating.
In the process of executing the transaction activity, when the transaction object is the condition that the transaction frequency exceeds the preset value, executing the transaction operation in an out-of-chain payment mode, and only leading and trailing balances in each transaction process to corresponding blocks in a mode of establishing a common account.
In a second aspect, an encryption system for improving payment security is provided, for implementing an encryption method for improving payment security, the system comprising the following modules:
the link construction module is used for constructing a communication link between two transaction parties;
The triggering module is used for triggering the execution of the transaction task according to the actual interaction requirement;
an encryption module for performing data encryption during execution of a transaction task;
A decryption module for performing a gaussian distribution inversion decryption verification operation on the received encrypted data;
And the execution module is used for executing transaction operation after finishing transaction data decryption and authentication.
In some implementations of the second aspect, in order to improve security performance in the payment process during execution of the payment transaction, a link construction module is first used to build a transaction communication link between different transaction objects; secondly, based on the established link, triggering transaction task execution by using a triggering module according to actual interaction requirements; thirdly, after the task triggering is completed, encrypting the transaction data by utilizing an encryption module in the process of executing the transaction task, signing the information of a transaction sender, and sending the corresponding encrypted information to a receiver; after receiving the encrypted information from the secondary side, the receiver decrypts the information absolutely received by using a decryption module and performs signature verification on the decrypted information; finally, after the transaction data decryption and the authentication are completed, the execution module is utilized to execute the transaction operation.
Based on the security performance requirement of electronic payment, the recording of transaction data is completed by adopting a chained recording mode aiming at the transaction process, and meanwhile, a decentralization mode is adopted, and transaction links are established for nodes by different transaction objects, so that the possibility that the data is tampered when encountering malicious attacks is effectively avoided, and the data security and reliability are improved.
And triggering the transaction parties to start executing the transaction process by the triggering module based on the constructed transaction link according to the actual transaction requirements. In the process of transaction, in order to improve the security of data, the encryption module adopts RSA encryption based on Gaussian distribution improvement and double hash functions to execute synchronous encryption operation.
The decryption module is used for executing Gaussian distribution inversion decryption verification on the decryption result of the encryption module and completing identity verification of both sides of the transaction according to the decryption result.
In a third aspect, there is provided an encryption device for perfecting payment security, the device comprising: a processor and a memory storing computer program instructions; the processor, when reading and executing the computer program instructions, implements the encryption method of the first aspect or of some of the realizations of the first aspect to perfect payment security.
In a fourth aspect, there is provided a computer storage medium having stored thereon computer program instructions which, when executed by a processor, implement the encryption method of the first aspect or some of the realizations of the first aspect to perfect payment security.
The beneficial effects are that:
(1) The invention provides an encryption method and an encryption system for improving payment safety performance, which optimize the traditional data interaction mode according to the requirement on the safety performance in the actual data interaction process, and execute encryption operation on transaction data related in the interaction process, thereby avoiding potential safety hazards generated when a third party mechanism exists, and having good safety performance and reliability.
(2) Compared with the traditional RSA encryption and decryption, the invention adopts Gaussian distribution for improvement, and the random characteristic of the Gaussian distribution is utilized to independently send the sub-set of the samples sampled for multiple times, thereby improving the safety, further utilizing Gaussian inversion to obtain the ciphertext, and avoiding direct leakage of the ciphertext.
Drawings
FIG. 1 is a flow chart of data processing according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of data synchronization based on a consensus mechanism according to an embodiment of the present invention.
FIG. 3 is a schematic diagram of a leader node candidate according to an embodiment of the present invention.
Detailed Description
In the following description, numerous specific details are set forth in order to provide a more thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the invention may be practiced without one or more of these details. In other instances, well-known features have not been described in detail in order to avoid obscuring the invention.
Example 1
In one embodiment, under the push of the electronic informatization age, the traditional paper transaction activity is gradually replaced by electronic payment, and as the traditional digital transaction can realize the transaction process only by relying on a third party mechanism, when a malicious attack exists, a great potential safety hazard exists. Aiming at the requirement on the security performance in the actual transaction process, the embodiment provides an encryption method for improving the payment security performance, and the security and the reliability in the data interaction process are improved by optimizing the traditional transaction mode and data encryption. As shown in fig. 1, the method comprises the steps of:
Step 1, constructing a data transaction link;
Specifically, each object in the data transaction process is taken as a node, and the storage of transaction data information is executed at the node. In the process of data information storage, chained storage is adopted, and data writing is carried out on the object nodes in a block mode. The block comprises a block head and a block body, wherein the block head contains basic information for realizing chain storage, and the block body contains specific information for executing each transaction.
Wherein the basic information stored in the block header comprises: the hash value, the version, the timestamp, the difficulty, the random number and the Merkel root, wherein the hash of the corresponding last block and the hash of the current block in the hash value are generated by the SHA256, and chain links are formed between the last object node and the current node and between the last object node and the next node through the hash value, so that a chain transaction data link is completed. The timestamp corresponds to the time at which the object node was created. The Merkel root is in a tree structure, and the hash value corresponding to each transaction is recorded.
Because the data transaction link constructed in the present example is a chain link based on front and back hash values, once malicious data tampering occurs in the transaction process, the hash value obtained by the current transaction object changes, so that abnormality can be found when the original hash value is compared later, and the situation of malicious tampering of information data is effectively avoided; meanwhile, compared with the traditional technology, the distributed structure weakens the function of the centralized organization, and avoids the defects of single-point failure, lack of privacy safety and easiness in network attack.
Step 2, executing transaction activities between two transaction objects based on the data transaction link;
Step 3, adopting an RSA encryption and double hash function based on Gaussian distribution improvement to execute synchronous encryption operation in the process of executing transaction activities;
In particular, in order to improve data security during a transaction, a symmetric encryption technique for encrypting and decrypting the same key is often used to encrypt corresponding data. When different keys are adopted for encryption and decryption, the public key can be disclosed, the private key can not be disclosed, and the other key can not be calculated through one of the public key and the private key without necessary connection, so that in order to ensure the integrity of transaction data in transmission, the encryption key is generated by adopting an RSA encryption algorithm based on Gaussian distribution improvement.
When the representation of the public key is (E, N), the representation of the private key is (D, N), and the representation of the key pair is D (E, D, N), the process of generating the public and private keys comprises the steps of:
step ①, randomly generating two mutually prime numbers p and q;
step ②, obtaining N by multiplying two mutually prime numbers, wherein the corresponding expression is:
N=p*q
Step ③, constructing an intermediate number L, enabling the intermediate number L to be the least common multiple, and enabling the corresponding expression to be:
L=lcm(p-1,q-1)
Where lcm () represents the least common multiple.
Step ④, obtaining E through common divisor based on the constructed intermediate number, wherein the corresponding expression is:
in the formula, gcd () represents the greatest common divisor.
Step ⑤, obtaining D based on the intermediate number L and the obtained E, where the corresponding expression is:
based on the obtained public key and secret key, the RSA encryption step 31 based on gaussian distribution improvement specifically comprises:
step 311, the E power is performed on the plaintext and divided by N to obtain remainder, and the corresponding expression is:
S=MEmod N
Wherein S represents ciphertext; m represents plaintext; mod represents the remainder operation;
Step 312, constructing Gaussian distributions X-N based on S and 1 (S, 1 2);
Step 313, performing n times of random sampling on the gaussian distribution X to obtain a sample set { X i |i=1, 2, …, n };
Step 314, storing the sample set { x i |i=1, 2, …, n } as a password file, wherein n is the number of samples of the sample set;
Step 315, splitting the sample set { x i |i=1, 2, …, n } into a plurality of sample subsets, and sending and transmitting the sample subsets with independent sample subsets during transmission to complete the RSA encryption based on Gaussian distribution improvement.
Step 4, after the encryption information is subjected to a Gaussian distribution inversion decryption verification step 41, transaction data interaction is completed;
the gaussian distribution inversion decryption verification step 41 specifically includes:
Step 411, receiving a plurality of sample subsets, and fusing the plurality of sample subsets to obtain a synthesized sample set { x j |j=1, 2, …, m }, where m is the number of samples in the synthesized sample set;
Step 412, checking whether the synthesized sample set { x j |j=1, 2, …, m } conforms to a gaussian distribution, if yes, executing step 413; if not, sending out early warning of decryption failure;
Step 413, obtaining gaussian distributions Y to N (T, 1 2) based on the synthetic sample set { x j |j=1, 2, …, m };
step 414, performing a neighbor rounding operation on T, which satisfies:
S'=int(T)
Wherein, int () represents rounding to get S' nearest to T as inversion ciphertext;
Step 415, the remainder of dividing the inverted ciphertext S' by N after performing the D power, where the corresponding expression is:
M=S'Dmod N
Wherein M represents plaintext; s' represents an inversion ciphertext; mod represents the remainder operation.
In a preferred embodiment, two parties in the data transaction process are defined as a sender and a receiver, and when a task of payment interaction occurs, a public key and a private key are first generated through encryption, and the public key is broadcast to the receiver. And then, carrying out hash value calculation on plaintext data by using an SHA256 hash function aiming at the generated transaction data, carrying out encryption signature on the generated hash value by using a private key, and finally, transmitting the encrypted data and the signature to a receiver by a sender. After receiving the encrypted transaction information, the receiver firstly decrypts the signature by using the public key, restores the hash value before the signature, and further confirms the identity of the sender.
In a further embodiment, since each object node needs to maintain the same account book in the data transaction link, a consensus mechanism is introduced to realize a consensus process between different nodes, and in order to avoid malicious operations of the Bayesian nodes, the embodiment further introduces an information signature verification mechanism in the consensus mechanism, thereby reducing the possibility of malicious tampering of information.
Specifically, the consensus mechanism involves three roles of a leader node, a follower node and a candidate node, wherein the leader node is used for processing the requirement of a client, managing log replication and maintaining the status of the rest leader nodes; the follower node is responsible for responding to log replication requests of the leader node and responding to election requests from candidate nodes, and all nodes are follower nodes in the beginning; the candidate nodes are responsible for initiating election and voting tasks, reinitiating the election when the leader node is in downtime, and switching the roles into the leader node after the election is successful.
In the process of executing data consistency, firstly, a leader node receives a corresponding task request, adds corresponding log information to a local log, and then assigns the corresponding information to the rest follower nodes; the follower node receives the corresponding log information, then adds the corresponding log information into a local log of the follower node, and sends confirmation information to the leader node; after receiving the confirmation information of more than half of follower nodes, the leader node sets the log state as submitted, and sends the confirmation submitted information to the follower nodes again, so that the follower nodes are informed of synchronously executing log submission.
In a preferred embodiment, a signature verification mechanism is introduced into the consensus mechanism, and as shown in fig. 2, the process of completing data consistency through the consensus mechanism comprises the following steps: firstly, a sender in a transaction object assigns signature information and transaction information to be sent to a leader node; secondly, the leader node confirms the received data information; thirdly, after the leader node completes information confirmation, copying the corresponding data information to the corresponding follower node; the slave node receives the corresponding data information, then adds the data information to a local log of the slave node, and sends confirmation information to the leader node; finally, the leader node verifies the information from the follower nodes, and after receiving the confirmation information of more than half of follower nodes, sets the data information state to be synchronized, and then sends the information confirming the synchronization to the follower nodes again, so that the follower nodes are informed of synchronously executing data updating. For example, the corresponding data processing pseudocode is:
Input:Message signature x+D Message number y
Begin
(x+D,y)→L
L→Verfication(x+D,y)
(x,y)→F
L←Verify from F
End
Wherein F represents a follower node; l represents a leader node; (x, y) represents data information to be synchronously transmitted; x+d represents data information containing a signature; verfication denotes verifying the current data information; and the corresponding data processing direction is shown. In a further embodiment, as shown in fig. 3, when the leader node goes down, or the leader node fails in the current time period, the candidate node initiates a new round of leader node selection. In the process of selecting a new leader node, when the candidate node receives more than half of the consent to select the ticket number, the candidate node is identified as the new leader node.
Aiming at the requirement of the actual data interaction process on the security performance, the embodiment optimizes the traditional data interaction mode, and executes encryption operation on the transaction data related in the interaction process, thereby avoiding the potential safety hazard generated when a third party mechanism exists, and having good security performance and reliability.
Example two
In a further embodiment based on the first embodiment, a huge computing resource overhead and a long identity time are often generated in the process of executing the payment transaction, so that in practical application, the requirement of the internet of things market cannot be completely met. Therefore, based on the chained communication link and chained transaction record mode proposed in the embodiments, an off-chained payment mode is further proposed, which is used for eliminating each submitted private transaction request, the transaction parties establish a common account for making multiple payments, only the head and tail balances need to be registered in the corresponding blocks, and the update mode of the corresponding channel balance is agreed by the transaction parties.
Specifically, based on the need for scalability, the transaction objects deposit some money into a multi-signature wallet and allocate ownership of the shares, create a payment channel between the transaction objects, and establish multi-hop payments from source to destination through intermediate nodes. After all transactions are completed, only the final share is recorded in the block of the transaction object record data, so that the occupied computing resources are effectively reduced when each transaction needs to call the block to execute the record.
The out-of-chain payment mode provided by the embodiment not only supports a quick and high-frequency payment scene, but also well hides a large amount of intermediate transaction information because only the head balance and the tail balance are recorded in the corresponding blocks according to the agreed mode, thereby meeting the actual application requirements of quantity and time.
Example III
In one embodiment, an encryption system for improving payment security is provided, for implementing an encryption method for improving payment security, the system comprising the following modules: the system comprises a link construction module, a triggering module, an encryption module, a decryption module and an execution module. The link construction module is used for constructing a communication link between payment interactions; the triggering module is used for triggering execution of the transaction task according to the actual interaction requirement; the encryption module is used for executing data encryption in the process of executing the transaction task; the decryption module is used for executing decryption operation on the received encrypted data; the execution module is used for executing transaction operation after the transaction data decryption and the authentication are completed.
In the process of executing payment transaction, in order to perfect the safety performance in the payment process, a link construction module is adopted to build transaction communication links among different transaction objects; secondly, based on the established link, triggering transaction task execution by using a triggering module according to actual interaction requirements; thirdly, after the task triggering is completed, encrypting the transaction data by utilizing an encryption module in the process of executing the transaction task, signing the information of a transaction sender, and sending the corresponding encrypted information to a receiver; after receiving the encrypted information from the secondary side, the receiver decrypts the information absolutely received by using a decryption module and performs signature verification on the decrypted information; finally, after the transaction data decryption and the authentication are completed, the execution module is utilized to execute the transaction operation.
In a further embodiment, based on the security performance requirement of electronic payment, the recording of transaction data is completed by adopting a chained recording mode aiming at the transaction process, and meanwhile, a decentralization mode is adopted, and transaction links are established to nodes by different transaction objects, so that the possibility of tampering the data when encountering malicious attacks is effectively avoided, and the data security and reliability are improved.
And triggering the transaction parties to start executing the transaction process by the triggering module based on the constructed transaction link according to the actual transaction requirements. In the process of transaction, in order to improve the security of data, the encryption module adopts RSA encryption based on Gaussian distribution improvement and double hash functions to execute synchronous encryption operation.
The decryption module is used for executing decryption on the decryption result of the encryption module and completing the identity verification of the two parties of the transaction according to the decryption result.
Example IV
In one embodiment, an encryption device for perfecting payment security is provided, the device comprising: a processor and a memory storing computer program instructions; the processor reads and executes the computer program instructions to realize an encryption method for improving the payment security performance.
Example five
In one embodiment, a computer storage medium having stored thereon computer program instructions that when executed by a processor implement an encryption method that improves payment security performance is provided.
As described above, although the present invention has been shown and described with reference to certain preferred embodiments, it is not to be construed as limiting the invention itself. Various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims (7)

1. An encryption method for perfecting payment security performance, comprising the steps of:
Step 1, constructing a data transaction link;
step 2, executing transaction activities between two transaction objects based on the data transaction link; in the process of executing the transaction activity, an encryption step S1 of transaction data and identity verification of both transaction sides are executed by generating a public key (E, N) and a private key (D, N);
the process of generating the public key and the private key comprises the steps of:
step ①, randomly generating two mutually prime numbers p and q;
step ②, obtaining N by multiplying two mutually prime numbers, wherein the corresponding expression is:
N=p*q
Step ③, constructing an intermediate number L, enabling the intermediate number L to be the least common multiple, and enabling the corresponding expression to be:
L=lcm(p-1,q-1)
wherein lcm () represents the least common multiple;
step ④, obtaining E through common divisor based on the constructed intermediate number, wherein the corresponding expression is:
wherein gcd () represents the greatest common divisor;
Step ⑤, obtaining D based on the intermediate number L and the obtained E, where the corresponding expression is:
Obtaining corresponding parameters based on the corresponding expressions, thereby obtaining a public key (E, N), a private key (D, N), and a key pair (E, D, N);
Step 3, adopting an RSA encryption step 31 based on Gaussian distribution improvement and a double hash function to execute synchronous encryption operation in the process of executing transaction activities;
The step 31 of RSA encryption based on gaussian distribution improvement specifically includes:
step 311, the E power is performed on the plaintext and divided by N to obtain remainder, and the corresponding expression is:
S=MEmod N
Wherein S represents ciphertext; m represents plaintext; mod represents the remainder operation;
Step 312, constructing Gaussian distributions X-N based on S and 1 (S, 1 2);
Step 313, performing n times of random sampling on the gaussian distribution X to obtain a sample set { X i |i=1, 2, …, n };
Step 314, storing the sample set { x i |i=1, 2, …, n } as a password file, wherein n is the number of samples of the sample set;
Step 315, splitting the sample set { x i |i=1, 2, …, n } into a plurality of sample subsets, and sending and transmitting the sample subsets with independent sample subsets during transmission to complete RSA encryption based on Gaussian distribution improvement;
Step 4, after the encryption information is subjected to a Gaussian distribution inversion decryption verification step 41, transaction data interaction is completed;
the gaussian distribution inversion decryption verification step 41 specifically includes:
Step 411, receiving a plurality of sample subsets, and fusing the plurality of sample subsets to obtain a synthesized sample set { x j |j=1, 2, …, m }, where m is the number of samples in the synthesized sample set;
Step 412, checking whether the synthesized sample set { x j |j=1, 2, …, m } conforms to a gaussian distribution, if yes, executing step 413; if not, sending out early warning of decryption failure;
Step 413, obtaining gaussian distributions Y to N (T, 1 2) based on the synthetic sample set { x j |j=1, 2, …, m };
step 414, performing a neighbor rounding operation on T, which satisfies:
S'=int(T)
Wherein, int () represents rounding to get S' nearest to T as inversion ciphertext;
Step 415, the remainder of dividing the inverted ciphertext S' by N after performing the D power, where the corresponding expression is:
M=S'Dmod N
Wherein M represents plaintext; s' represents an inversion ciphertext; mod represents the remainder operation.
2. An encryption method for perfecting payment security according to claim 1, wherein in the process of establishing said data transaction link, each object in the data transaction process is taken as a node, a chained storage mode is adopted, and the writing of transaction data is performed in the form of blocks.
3. An encryption method for perfecting payment security according to claim 1, wherein the data transaction link adopts a distributed data recording mode, and adopts a consensus mechanism to complete the consensus among different object nodes, and an information signature verification mechanism is introduced into the consensus mechanism.
4. An encryption method for perfecting payment security according to claim 1, wherein in executing transaction activities, when the transaction object is the transaction frequency exceeding the preset value, the transaction operation is executed by using an out-of-chain payment mode, and only the head and tail balance in each transaction process is transferred to the corresponding block by establishing a common account.
5. An encryption system for perfecting payment security performance for implementing an encryption method for perfecting payment security performance as defined in any one of claims 1-4, comprising the following modules:
The link construction module is arranged to build a communication link between two parties of the transaction;
the triggering module is arranged to trigger execution of the transaction task according to the actual interaction requirement;
An encryption module configured to perform data encryption during execution of a transaction task;
the decryption module is used for executing Gaussian distribution inversion decryption verification operation on the received encrypted data;
and the execution module is used for executing transaction operation after finishing transaction data decryption and identity verification.
6. An encryption device for perfecting payment security, the device comprising:
a processor and a memory storing computer program instructions;
The processor reads and executes the computer program instructions to implement an encryption method for perfecting payment security performance as defined in any one of claims 1-4.
7. A computer readable storage medium, having stored thereon computer program instructions which, when executed by a processor, implement an encryption method for perfecting payment security performance according to any one of claims 1-4.
CN202310458516.XA 2023-04-20 2023-04-20 Encryption method and system for improving payment security performance Active CN116757698B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310458516.XA CN116757698B (en) 2023-04-20 2023-04-20 Encryption method and system for improving payment security performance

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310458516.XA CN116757698B (en) 2023-04-20 2023-04-20 Encryption method and system for improving payment security performance

Publications (2)

Publication Number Publication Date
CN116757698A CN116757698A (en) 2023-09-15
CN116757698B true CN116757698B (en) 2024-05-14

Family

ID=87955987

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310458516.XA Active CN116757698B (en) 2023-04-20 2023-04-20 Encryption method and system for improving payment security performance

Country Status (1)

Country Link
CN (1) CN116757698B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117353893B (en) * 2023-10-12 2024-04-26 扬州宝科信息技术咨询有限公司 Network information security verification method and system based on blockchain technology

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012150399A (en) * 2011-01-21 2012-08-09 Nippon Telegr & Teleph Corp <Ntt> Proxy re-encryption system, transfer information generation device, transferred information generation device, conversion key generation device, ciphertext conversion device, proxy re-encryption method, and program thereof
JP2014186097A (en) * 2013-03-22 2014-10-02 Kddi Corp Solution device of shortest vector problem using parallel gauss sieve algorithm in public key encryption system, solution method and program
CN104580129A (en) * 2013-10-29 2015-04-29 杭州迪普科技有限公司 SSL asynchronization agent method based on stream processing
WO2018137316A1 (en) * 2017-01-24 2018-08-02 上海亿账通区块链科技有限公司 Secure transaction method based on block chain, electronic device, system, and storage medium
CN109040111A (en) * 2018-09-03 2018-12-18 平安普惠企业管理有限公司 Data ciphering method, device, computer equipment and storage medium
CN109298445A (en) * 2018-09-17 2019-02-01 电子科技大学 A kind of inverse model update method based on Gaussian Profile M-H sampling
CN109633546A (en) * 2018-12-18 2019-04-16 中国电子科技集团公司第四十九研究所 A kind of encryption information cluster formula high-fidelity naval target detection device
CN109949019A (en) * 2018-11-15 2019-06-28 陕西医链区块链集团有限公司 Payment system based on medical block chain
CN110545179A (en) * 2019-08-29 2019-12-06 中芯昊月(深圳)科技控股有限公司 R-LWE-based NTRU encryption method and security proving method thereof
CN113393225A (en) * 2021-06-30 2021-09-14 杭州链网科技有限公司 Digital currency encryption payment method and system
CN114219483A (en) * 2021-12-14 2022-03-22 云南财经大学 Method, equipment and storage medium for sharing block chain data based on LWE-CPBE
CN115276965A (en) * 2022-06-28 2022-11-01 中国人民武装警察部队工程大学 RSA-OAEP ciphertext indistinguishable evaluation method based on intelligent reinforcement learning

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20170293913A1 (en) * 2016-04-12 2017-10-12 The Governing Council Of The University Of Toronto System and methods for validating and performing operations on homomorphically encrypted data
US11868995B2 (en) * 2017-11-27 2024-01-09 Nok Nok Labs, Inc. Extending a secure key storage for transaction confirmation and cryptocurrency

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2012150399A (en) * 2011-01-21 2012-08-09 Nippon Telegr & Teleph Corp <Ntt> Proxy re-encryption system, transfer information generation device, transferred information generation device, conversion key generation device, ciphertext conversion device, proxy re-encryption method, and program thereof
JP2014186097A (en) * 2013-03-22 2014-10-02 Kddi Corp Solution device of shortest vector problem using parallel gauss sieve algorithm in public key encryption system, solution method and program
CN104580129A (en) * 2013-10-29 2015-04-29 杭州迪普科技有限公司 SSL asynchronization agent method based on stream processing
WO2018137316A1 (en) * 2017-01-24 2018-08-02 上海亿账通区块链科技有限公司 Secure transaction method based on block chain, electronic device, system, and storage medium
CN109040111A (en) * 2018-09-03 2018-12-18 平安普惠企业管理有限公司 Data ciphering method, device, computer equipment and storage medium
CN109298445A (en) * 2018-09-17 2019-02-01 电子科技大学 A kind of inverse model update method based on Gaussian Profile M-H sampling
CN109949019A (en) * 2018-11-15 2019-06-28 陕西医链区块链集团有限公司 Payment system based on medical block chain
CN109633546A (en) * 2018-12-18 2019-04-16 中国电子科技集团公司第四十九研究所 A kind of encryption information cluster formula high-fidelity naval target detection device
CN110545179A (en) * 2019-08-29 2019-12-06 中芯昊月(深圳)科技控股有限公司 R-LWE-based NTRU encryption method and security proving method thereof
CN113393225A (en) * 2021-06-30 2021-09-14 杭州链网科技有限公司 Digital currency encryption payment method and system
CN114219483A (en) * 2021-12-14 2022-03-22 云南财经大学 Method, equipment and storage medium for sharing block chain data based on LWE-CPBE
CN115276965A (en) * 2022-06-28 2022-11-01 中国人民武装警察部队工程大学 RSA-OAEP ciphertext indistinguishable evaluation method based on intelligent reinforcement learning

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"Analysis of RSA over Gaussian Integers Algorithm";Aleksey Koval等;Fifth International Conference on Information Technology: New Generations;20031231;第18卷(第1期);101-105 *
A Modified Variant of RSA Algorithm for Gaussian Integers;Sushma Pradhan等;International Journal of Information & Network Security;20141231;第2卷(第4期);183-187 *
An Enhanced Rsa Algorithm For Data Security Using Gaussian Interpolation Formula;John Kwao Dawson等;research square;20220216;1-15 *
ohn Kwao Dawson等.An enhanced RSA algorithm using Gaussian interpolation formula.Int. J. Computer Aided Engineering and Technology.第16卷(第4期),534-552. *

Also Published As

Publication number Publication date
CN116757698A (en) 2023-09-15

Similar Documents

Publication Publication Date Title
CN107240017B (en) Block chain transaction management system and method
US20200259800A1 (en) Fast oblivious transfers
CN110247757B (en) Block chain processing method, device and system based on cryptographic algorithm
US6125185A (en) System and method for encryption key generation
EP0292790B1 (en) Controlling the use of cryptographic keys via generating station established control values
CN112003889A (en) Distributed cross-chain system and cross-chain information interaction and system access control mechanism
CN111066285A (en) Method for recovering public key based on SM2 signature
CN107483212A (en) A kind of method of both sides&#39; cooperation generation digital signature
CN107948736A (en) A kind of audio and video preservation of evidence method and system
CN110709874A (en) Voucher generation and distribution method and system for block chain network
US11375369B2 (en) Message authentication method and communication method of communication network system, and communication network system
CN110599163B (en) Transaction record outsourcing method facing block chain transaction supervision
CN109800588B (en) Dynamic bar code encryption method and device and dynamic bar code decryption method and device
CN111429138A (en) Block link point data safety interaction method and first interaction node
CN113630248B (en) Session key negotiation method
CN110545169B (en) Block chain method and system based on asymmetric key pool and implicit certificate
CN116757698B (en) Encryption method and system for improving payment security performance
CN116132118B (en) Encryption communication method and system based on block chain technology
CN112039883A (en) Data sharing method and device for block chain
CN116349203A (en) Identifying denial of service attacks
CN111131311A (en) Data transmission method based on block chain and block chain link point
KR20230002941A (en) (EC)DSA Threshold Signature with Secret Sharing
KR20220142254A (en) Multi-signature wallet system in blockchain using the bloom filter
CN110784318B (en) Group key updating method, device, electronic equipment, storage medium and communication system
CN110048852B (en) Quantum communication service station digital signcryption method and system based on asymmetric key pool

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant