WO2018121797A1 - Procédé de gestion de clé publique décentralisée basé sur un réseau de confiance et système de gestion - Google Patents

Procédé de gestion de clé publique décentralisée basé sur un réseau de confiance et système de gestion Download PDF

Info

Publication number
WO2018121797A1
WO2018121797A1 PCT/CN2018/074647 CN2018074647W WO2018121797A1 WO 2018121797 A1 WO2018121797 A1 WO 2018121797A1 CN 2018074647 W CN2018074647 W CN 2018074647W WO 2018121797 A1 WO2018121797 A1 WO 2018121797A1
Authority
WO
WIPO (PCT)
Prior art keywords
public key
record
trust
network
user
Prior art date
Application number
PCT/CN2018/074647
Other languages
English (en)
Chinese (zh)
Inventor
朱岩
Original Assignee
北京科技大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京科技大学 filed Critical 北京科技大学
Publication of WO2018121797A1 publication Critical patent/WO2018121797A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates

Definitions

  • the invention mainly belongs to the field of information security technology, and particularly relates to a decentralized public key management method and management system based on a trust network.
  • PKI Public Key Infrastructure
  • PKI Public Key Infrastructure
  • Users can use the PKI platform to provide The security services implement and develop a variety of security features and applications based on public key cryptography. It can be said that the PKI framework has become the foundation and credibility of the modern Internet.
  • the existing PKI architecture is dominated by government and companies.
  • PKI-based public key management is far from being popularized on the Internet. At the general user level, PKI is rarely accepted, limiting the general public's need for privacy protection and other security services.
  • PKI architecture cannot be popularized.
  • PGP Perfect Privacy
  • the present invention provides a decentralized public key management method and management system based on a trust network.
  • the public key management method can support infrastructure for authentication, encryption, integrity, and accountability services.
  • a decentralized public key management method wherein the decentralized public key management method adds all verified public key records to a consistent public key storage structure in a decentralized network platform for storage;
  • the method can generate a public key log chain, and the public key log chain can sequentially access the same user in order from back to front in time. Identify all relevant public key records;
  • the method can form an authentication chain based on the recommender signature in the public key record, the authentication chain can form a trust network, the trust network can record the delivery process of the recommendation relationship and realize the transmission of the trust relationship.
  • the consistent public key storage structure refers to that all nodes in the decentralized network platform participate in maintaining and storing the same user public key record set.
  • the structure of the public key record includes the following structure:
  • Status information including a forward pointer pointing to the previous public key record, the forward pointer is used to generate a public key log chain in chronological order and record the change of the public key record state;
  • the forward pointer refers to the location information of the previous log of the record in the system, and may be the record address information or the hash value of the record;
  • Public key information used to store related information of the user's public key; including public key length and cryptographic parameter list;
  • Certificate information used to store information related to the use of the user's public key; including: certificate version, serial number, owner, expiration date; the owner information of the certificate information may be signed or claimed by any name, but must be Guarantee the full platform uniqueness of the signature or logo.
  • the method of signature or identification includes real name, pseudonym, email address, website address, uniform resource locator URL, and so on.
  • the signature or logo pseudonym method used can implement the user's "anonymity".
  • the implementation method includes using the hash name of the user's real name as the owner's signature or identification ID to ensure uniqueness.
  • the unidirectionality of the Hash function guarantees the known signature. Unable to guess the real name.
  • signature list for storing a digital signature of the above three aspects of information by the recommender or the public key owner, the signature list including at least one digital signature, each digital signature containing a pointer to the signer's public key record; signature The list can also include the signature type and signature;
  • Each digital signature can be used as a recommendation for a different referrer.
  • a pointer to the signer's public key record is stored in each signature, so that the pointer can be used to obtain the recommender's public key, and the public key is used to verify the validity of the signature. If the verification is passed, it indicates that the recommendation is valid; otherwise it indicates that the recommendation is invalid and the signed information is not trusted. The security of this type of recommendation comes from the unforgeability of the signature.
  • the public key record can record public key certificates used by various public key cryptosystems, and the public key certificates include: X.509, PKI certificate, PGP certificate, and self-certificate.
  • the public key certificate includes public key information, certificate information, and a list of signatures.
  • the self-certificate refers to a certificate formed by the public key record owner calculating the signature by using the public key in the record.
  • the generation of the public key log chain includes the following steps:
  • the change of the public key record status refers to a protocol executed by changing the public key record status, and the protocol includes: a registration protocol, an update protocol, and a revocation protocol.
  • the registration protocol is used for authenticity verification of a public key record of a user and generation of a public key log chain; the registration protocol includes the following process:
  • Trust request phase the public key owner generates a public key record and sends a trust request
  • Signature collection phase The public key owner collects the list of recommenders' signatures and sends a registration request;
  • each node of the network platform verifies the signature in the registration request, and writes the public key record into the public key storage structure after passing the verification;
  • Each node of the network platform establishes a head node of the public key log chain in the lookup table, and links the aforementioned public key record to the head node of the public key log chain.
  • step 2) the verification of the validity of the public key by each node of the network platform is a validity verification process of the public key owner credibility verification and the held public key.
  • Public key owner credibility verification can be verified by trust metrics such as friend relationship, trust relationship, trust calculation model, etc.
  • the public key validity verification process includes encrypting the secret by public key and sending it to the public key holder for decryption and return. The way to verify in a secret way.
  • the update protocol is mainly used for user password update and upgrade, that is, replacing the old key with a new one. If the certificate has expired, it can be upgraded within the specified time without re-registration.
  • the update protocol includes the following process:
  • Update request phase the public key owner generates an updated public key record, and signs the update public key record with the old private key and sends an update request;
  • Each node of the network platform links the updated public key log to the head node of the public key log chain in the public key lookup table.
  • the revocation agreement is used by the public key owner to initiate an application to revoke and discard the public key certificate. After the public key is revoked, it cannot be activated and reused, and can only be re-registered to apply for a new certificate.
  • the revocation agreement includes the following process:
  • the revocation request phase the public key owner generates the revocation public key record and signs the revocation public key record with the private key and sends the revocation request;
  • each node of the network platform verifies the validity of the signature in the revoked public key record by using the public key in the public key log chain, and records the revoked public key record after passing the verification;
  • Each node of the network platform links the undo public key log to the head node of the public key log chain in the public key lookup table.
  • the generation of the authentication chain based on the trust network is specifically as follows:
  • Each public key record signature list stores at least one recommender signature, and each of the recommender signatures is a recommendation certificate of the recommender, and each recommender signature stores a signer public key record pointer, according to the signer
  • the public key record pointer can form an authentication chain.
  • the authentication chain can form a trust network, and the trust relationship supported by the trust network includes direct trust, hierarchical trust, and indirect trust relationship.
  • the method for obtaining the trust relationship includes: negotiating trust by members in the decentralized network platform, and issuing the certificate according to a third-party trusted certificate authority (such as a PKI certificate authority CA).
  • the method is also capable of retrieving a user's public key based on the user identification in the public key record.
  • the retrieval of the user public key depends on a public key retrieval structure, which is composed of a lookup table and a list of head nodes of the public key log chain; the lookup table uses the user identifier of the public key owner as a search key.
  • the methods for constructing the lookup table include: a hash lookup table, a binary search tree, a B tree, a B+ tree, and a lexicographic index table.
  • the user ID is retrieved based on the user identifier in the public key record, specifically:
  • Retrieval request phase the requester generates and sends a query request according to the user ID of the public key to be queried;
  • each node of the network platform relies on the keyword retrieval method of the lookup table to find the item corresponding to the user identifier, and extracts the head node of the public key log chain from the item;
  • Each node of the network platform searches in order from the head node of the public key log chain to obtain the most recent valid public key record, and performs the trustworthiness of the public key record obtained by the search according to the public key trust model. Metric, output the public key record and the credibility measurement result;
  • Consistency check phase The requester receives a specified number of public key records and credibility measurement results, and compares the received query results; if they are consistent, determines the availability of the public key and returns the public key. ; otherwise, it returns "failed".
  • the credibility of the public key in the public key record can be measured by the public key log chain and the record information in the authentication chain. According to the metric, the public key credibility can be divided into different trust levels, and the trust level includes: fully trusted The edge is credible, effective but not credible and invalid.
  • the public key trust model in step 3) is an algorithm or function, algorithm or function for measuring the credibility of the public key record according to the recommender list, the public key validity period, and the public key state change information in the public key record.
  • the output is a credibility metric; the determining the availability of the public key refers to whether the public key record can be used depending on whether the credibility metric is greater than or equal to the security requirement of the public key operation. For example, the credibility measure of the public key record is edge trusted, the security requirement of the public key operation is completely trusted, and the edge trust is less than fully trusted, then the public key record will not be suitable for use.
  • a decentralized public key management system based on trust network A decentralized public key management system based on trust network.
  • the public key management system includes a decentralized network platform and a consistent public key storage structure with network-wide consistency.
  • the centralized network platform is constructed by a distributed data system, including: a blockchain network, a P2P network, and a distribution.
  • a database system a multi-party secure computing system;
  • the consistent public key storage structure is configured to store a public key record that is verified.
  • nodes In this decentralized network, there is a peer relationship between nodes, no central node, and each node has a network-consistent consistent storage structure, which is used for "billing"
  • the form records the various state changes of the public key of the user (including individuals, companies, enterprises, etc.) in the life cycle, wherein the public key life cycle includes the whole process of generating, publishing, updating, and canceling the public key.
  • Consistency means that all nodes in the network platform will participate in the maintenance of the user's public key's full lifecycle management, and establish a reliable correspondence between the identity and the public key through the consensus mechanism of the large-scale node, the public key storage structure It is also multi-copy, but maintains the consistency, integrity, and non-changeability of data between multiple copies.
  • the consistent public key storage structure of the present invention is used to store information of a user's public key and record state changes in chronological order, and is called "public key record", "public key log” or "public key certificate”.
  • the public key record is submitted by the public key owner (or holder) to the system, and after being verified by the system, it is added to the decentralized network platform for storage.
  • the method of the invention enables a user in the network to efficiently, conveniently and accurately verify, query and obtain the public key of a certain user (represented by an identity), and at the same time ensure the validity, correctness and consistency of the obtained public key. Not deceptive.
  • the security risk of public key management lies in how to guarantee the credibility of the public key. Since the information obtained in the Internet is not reliable, the present invention guarantees the credibility and authenticity of the public key certificate.
  • the invention has wide application value, including a secure, reliable and efficient key management solution for any public key cryptosystem, including identity authentication, key exchange, encryption, signature, secure computing and other security services, and Meeting the key management needs of the government, enterprises, military, schools, hospitals and other large-scale user groups will drive the development of the entire Internet security industry in China and promote the establishment of a more secure and reliable Internet trust mechanism.
  • Figure 1 is a system configuration diagram of a public key management framework in the present invention.
  • FIG. 2 is a flow chart showing the execution of a registration protocol in the present invention.
  • Figure 3 is a flow chart showing the execution of an update protocol in the present invention.
  • Figure 4 is a flow chart showing the execution of the revocation protocol in the present invention.
  • Figure 5 is a flow chart showing the execution of the public key retrieval protocol in the present invention.
  • Figure 6 is a block diagram of an information storage structure based on a blockchain in the present invention.
  • the blockchain network includes the following entities:
  • each member P i is an independent execution node of the system and stores a copy of the blockchain BC;
  • 3-block storage structure BC: ⁇ B 1 ,...,B n ⁇ :
  • Consensus Agreement An agreement to ensure that all members of the blockchain system collaborate and obtain common results, such as mining mechanisms, and the agreement of the Byzantine.
  • the data structures used in the block storage structure include:
  • Hash Tree HTree A binary tree used to organize all data records ⁇ cert 1 ,...,cert m ⁇ in the data store body k .
  • the leaf node is the hash value Hress(cert i ) of the data record cert i
  • Block head B k Block head B k .
  • information for storing a user public key pk in each data record cert i is called a public key record or a public key certificate.
  • the public key record structure is defined as follows:
  • public key information pk_info: ⁇ public key length pk_length, type pk_type, parameter list para_list, etc. ⁇ ;
  • the state information before the state_info is used to store this public key pointer forward_ptr cert i recording address information in a block chain, the previous record of this public key (e.g., cert j), i.e., a public key record chain (See below)
  • the public key information pk_info and the certificate information cert_info in the public key record are consistent with the two parts of the common X.509 or PGP public key digital certificate.
  • the signature information sig_info is used to store a digital signature for data including the block information state_info, the public key information pk_info, and the certificate information cert_info.
  • the signature list sig_list can store multiple signatures, and in some cases can also store "self-signed", that is, the public key certificate is performed with the certificate holder's private key. signature.
  • the public key lookup table is constructed by a Hash lookup table, which enables the retrieval of public key certificates. As shown in Figure 1, the Hash lookup table is defined as follows:
  • HashMap ⁇ 0, 1 ⁇ * ⁇ [0, m-1], used to convert the owner "identifier holderID" into the address in the random Hash lookup table t ⁇ HashMap(holderID);
  • the public key log chain Cert_Link i,j : ⁇ link i,j ,cert 1 ,...,cert t ⁇ records the usage record of the public key identifier holderID, where the link header is link i,j .
  • the kth record is cert k , which can be found by the cert k-1 hash pointer cert k-1 .
  • forward_ptr Hash(cert k );
  • the "forward pointer forward_ptr" constitutes a public key record singly linked list, and the public key certificate chain records all the information of the public key certificate.
  • Step 1 retrieve the request phase
  • the requester A generates and sends a query request according to the identifier reqID of the public key to be queried;
  • Step 3 Log chain search phase
  • cert k .sig_num indicates the number of recommender signatures in the public key record
  • m indicates the length of the public key log chain
  • left(cert k .POV) indicates the remaining validity period length
  • trust(cert k ) trust metric value is four categories. : Fully trusted L3, edge trusted L2, valid but not trusted L1, invalid return trust metric L0.
  • the public key record and trust metric (cert, trust(cert k )) are output.
  • the requester A After the requester A receives the specified number (such as at least 5) of the platform query return result ⁇ (cert, trust(cert k )) ⁇ , the requester A compares the results. If they are consistent, the availability of the public key is determined according to the trust metric trust(cert k ), and the public key cert.pk_info is returned; otherwise, "failed" is returned.
  • the specified number such as at least 5
  • the requester A After the requester A receives the specified number (such as at least 5) of the platform query return result ⁇ (cert, trust(cert k )) ⁇ , the requester A compares the results. If they are consistent, the availability of the public key is determined according to the trust metric trust(cert k ), and the public key cert.pk_info is returned; otherwise, "failed" is returned.
  • the public key record cert operation type refers to the type of protocol executed by this record, including: registration protocol Protocol_Regist, update protocol Protocol_Update, and revocation protocol Protocol_Revoke.
  • the registered user A (identified as holderID) generates a public/private key pair (pk A , sk A ), and generates a “certificate registration request” cert A for pk A according to the certificate record cert format, and passes the blockchain.
  • the network net is sent to all system members in the form of a "trust request";
  • the registration applicant A puts the signature ⁇ sig k ⁇ into the public key certificate cert after collecting enough ⁇ sig k ⁇ of the recommender (for example, setting up enough for at least 5 signatures).
  • a 's signature list sig_list is used as a trust basis and is again submitted to the blockchain network in the form of a "registration request";
  • the block chain network (each node) is recommended by the author's public key certificate cert A signature review ⁇ sig k ⁇ , i.e. one by one with the signature sig k Intro_ptr k points to authenticate the public key pk k And according to the "block generation method", it is added to cert A to the current block B i of the blockchain for storage.
  • the block, link.ptr Hash(cert A ), constructs the public key certificate chain Cert_Link t .
  • the trust structure refers to a public key trust relationship formed by a "recommendation relationship" composed of a plurality of recommenders Pk signatures when a public key is registered in the blockchain.
  • This kind of trust relationship is transitive, that is, subject A learns from the trust of subject B to subject C, and forms an indirect trust relationship between subjects A and C.
  • Protocol_Update (as shown in Figure 3):
  • the public/private key pair of public key owner A is (pk A , sk A ), which generates a new public/private key pair (pk' A , sk' A ) and uses the public key.
  • the new public key certificate format pk 'a encapsulated obtained cert' a, of cert 'a sign sig' a with the old private key sk a, and sends it to "update request" block chains to form a network;
  • the blockchain network (in each node) reviews the submitted public key certificate cert' A , that is, the signature sig' A is verified by the old public key pk A in the replaced block, and the approval is followed by The block building method adds cert' A to the current block of the blockchain for storage.
  • each node of the network platform adds a new record cert' A to the "public key log chain" header node in the public key lookup table.
  • Protocol_Revoke (as shown in Figure 4)
  • the public key owner A fills in an empty certificate cert A and fills in the operation type as "undo", then the private key sk A is signed to sign the empty certificate sig A , and it is in the form of "revoked request" Sent to the blockchain network;
  • the blockchain network (in each node) reviews the submitted public key certificate cert A , that is, the public key pk A in the forward block authenticates the signature sig A. If the audit is passed, cert A is added to the current block of the blockchain for storage according to the block building method.
  • each node of the network platform adds the revocation record cert A to the "public key log chain" header node in the public key lookup table, and the process is the third step of the Protocol_Update protocol.
  • a decentralized public key management system based on the trust network can be constructed.
  • the system is shown in FIG. 1 .
  • the system is described as follows:
  • the six block headers are ⁇ hdr 1 , hdr 2 , hdr 3 , hdr 4 , hdr 5 , hdr 6 ⁇ , respectively, which form a block head list through the block chain pointer.
  • Figure 1 shows a body comprising a public key CERT i, i recorded in the data store.
  • PK A public key
  • operation type Regist registration, Update update, Revoke revocation
  • FIG. 3 The right side of Figure 1 shows a public key log chain lookup table consisting of a hash lookup table. As described in the above 3) public key retrieval structure, the lookup table is composed of a hash map HashMap, m pointer arrays A[0:m-1], and three collision list tables Link i .
  • Public key log chain construction The head node of the public key log chain is stored in each node of the collision list Link i in the hash lookup table, and is linked into a singly linked list by the forward_ptr in each public key record. As shown in Figure 1, for user A's public key lookup, user A's public key log chain node is first obtained by link m-3,1 ⁇ A[HashMap(A)], and then user A's is obtained along the chain pointer. Public key log chain
  • Trust network The recommender or owner signature Sig i in the cert i is recorded by the public key to constitute the trust transfer relationship and network of the public key.
  • the recommender or owner signature Sig i in the cert i is recorded by the public key to constitute the trust transfer relationship and network of the public key.
  • FIG 1 when the public key of user A is registered, there are signatures Sig R1 and Sig R2 of two recommenders (users R1 and R2 respectively); continue to query the public key records of the two recommenders, and they know that they have one common The recommender R signed them Sig R and Sig R' .
  • a trust network is constructed: R ⁇ R1 ⁇ A and R ⁇ R2 ⁇ A, where ⁇ represents a trust relationship, that is, R ⁇ R1 indicates that the credibility of R1 is derived from R.
  • a more complex trust network can be constructed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

La présente invention se rapporte principalement au domaine de la technologie de sécurité d'informations et se rapporte, de façon précise, à un nouveau procédé de gestion de clé publique décentralisée et à un modèle de confiance, le procédé étant construit sur une plate-forme de réseau de données distribuée comme une chaîne de blocs ou P2P, ce qui garantit que chaque nœud de la plate-forme peut participer au maintien d'une gestion de cycle de vie complet d'une clé publique d'utilisateur, et à l'enregistrement de chaque changement d'état d'une clé publique d'utilisateur pendant un cycle de vie sous la forme d'un grand livre. Le procédé de la présente invention peut ajouter des enregistrements de clé publique qui ont passé une vérification à une structure de stockage de clé publique cohérente d'une plate-forme à sauvegarder ; tous les enregistrements de clé publique du même utilisateur peuvent être agencés du premier au dernier dans l'ordre chronologique pour générer une chaîne de journal de clé publique, et une chaîne d'authentification et un réseau de confiance peuvent être formés sur la base d'une signature de recommandation ; une recherche de clé publique efficace peut être mise en œuvre sur la base d'un identifiant d'utilisateur. La présente invention garantit une délivrance et une acquisition commodes et précises d'une clé publique d'utilisateur, garantit qu'une clé publique acquise est valide, correcte, cohérente et non trompeuse, et peut faire office d'infrastructure pour prendre en charge des services d'authentification, de cryptage, d'intégrité et de comptabilité.
PCT/CN2018/074647 2016-12-26 2018-01-31 Procédé de gestion de clé publique décentralisée basé sur un réseau de confiance et système de gestion WO2018121797A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611218516.9 2016-12-26
CN201611218516.9A CN107070644B (zh) 2016-12-26 2016-12-26 一种基于信任网络的去中心化公钥管理方法和管理系统

Publications (1)

Publication Number Publication Date
WO2018121797A1 true WO2018121797A1 (fr) 2018-07-05

Family

ID=59624385

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/074647 WO2018121797A1 (fr) 2016-12-26 2018-01-31 Procédé de gestion de clé publique décentralisée basé sur un réseau de confiance et système de gestion

Country Status (2)

Country Link
CN (1) CN107070644B (fr)
WO (1) WO2018121797A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019133307A1 (fr) * 2017-12-29 2019-07-04 Ebay Inc. Grand livre de chaînes de blocs à clé traçable
CN114205809A (zh) * 2021-11-12 2022-03-18 天津大学 基于区块链的无人艇自组网方法
EP3831012A4 (fr) * 2018-07-27 2022-04-27 HRL Laboratories, LLC Chaîne de blocs bidirectionnelle
US20220270085A1 (en) * 2019-05-21 2022-08-25 nChain Holdings Limited Destination addressing associated with a distributed ledger
WO2022231983A1 (fr) * 2021-04-29 2022-11-03 Arris Enterprises Llc Base de données centralisée avec des dispositions pour empêcher une duplication de clé pki et de certificat de sécurité

Families Citing this family (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107070644B (zh) * 2016-12-26 2020-02-28 北京科技大学 一种基于信任网络的去中心化公钥管理方法和管理系统
CN107517256B (zh) * 2017-08-24 2020-08-07 李昊星 信息发布方法以及装置
CN107769925B (zh) * 2017-09-15 2020-06-19 山东大学 基于区块链的公钥基础设施系统及其证书管理方法
US11699166B2 (en) 2017-10-09 2023-07-11 American Express Travel Related Services Company, Inc. Multi-merchant loyalty point partnership
US11449887B2 (en) * 2017-10-09 2022-09-20 American Express Travel Related Services Company, Inc. Systems and methods for loyalty point distribution
US11397962B2 (en) 2017-10-09 2022-07-26 American Express Travel Related Services Company, Inc. Loyalty point distributions using a decentralized loyalty ID
CN107733892A (zh) * 2017-10-17 2018-02-23 光载无限(北京)科技有限公司 基于智能合约控制的链网系统及链网个人业务流程
CN108242999B (zh) * 2017-10-26 2021-04-16 招商银行股份有限公司 密钥托管方法、设备及计算机可读存储介质
CN108009918B (zh) * 2017-11-23 2021-10-26 深圳捷汇科技有限公司 区块链共识算法交易系统的记账方法及电子设备
CN108053308A (zh) * 2017-12-08 2018-05-18 横琴密达科技有限责任公司 一种基于区块链的金融策略选择和智能交易的方法及系统
CN108124505B (zh) * 2017-12-19 2020-06-30 深圳前海达闼云端智能科技有限公司 获取可信节点的方法、装置、存储介质及区块链节点
US10896418B2 (en) 2017-12-29 2021-01-19 Ebay Inc. Secure management of data files using a blockchain
US11615060B2 (en) 2018-04-12 2023-03-28 ISARA Corporation Constructing a multiple entity root of trust
CN108924081B (zh) * 2018-05-03 2021-04-30 深圳中泰智丰物联网科技有限公司 基于边缘计算的物联网中保护用户隐私抵抗恶意用户方法
CN108769014B (zh) * 2018-05-29 2019-05-14 山东九州信泰信息科技股份有限公司 一种基于区块链技术对电子邮件进行pgp校验的方法
CN110611641B (zh) * 2018-06-15 2021-11-02 成都高新信息技术研究院 一种区块链移动用户终端系统
CN108876371B (zh) * 2018-06-26 2021-01-29 广州天高软件科技有限公司 基于区块链的消费数据存储、数据校验、数据溯源方法
CN108881471B (zh) * 2018-07-09 2020-09-11 北京信息科技大学 一种基于联盟的全网统一信任锚系统及构建方法
CN108874631A (zh) * 2018-07-10 2018-11-23 佛山伊苏巨森科技有限公司 一种用于测试数据库数据结构中条目有效性的系统
CN109067521A (zh) * 2018-07-27 2018-12-21 天津大学 一种基于区块链的公钥分发方法
CN110830256A (zh) * 2018-08-14 2020-02-21 珠海金山办公软件有限公司 一种文件签名方法、装置、电子设备及可读存储介质
US11301452B2 (en) 2018-10-09 2022-04-12 Ebay, Inc. Storing and verification of derivative work data on blockchain with original work data
EP3644549A1 (fr) * 2018-10-23 2020-04-29 Siemens Aktiengesellschaft Dispositif et procédé d'émission et dispositif et procédé de demande d'un certificat numérique
CN111314060B (zh) * 2018-12-12 2022-12-13 中移动信息技术有限公司 一种密钥更新方法、设备及存储介质
CN109951279B (zh) * 2019-03-15 2022-03-29 南京邮电大学 一种基于区块链和边缘设备的匿名数据存储方法
CN109902074B (zh) * 2019-04-17 2021-02-09 江苏全链通信息科技有限公司 基于数据中心的日志存储方法和系统
CN110061851A (zh) * 2019-04-28 2019-07-26 广州大学 一种去中心化的跨信任域认证方法及系统
CN111190909B (zh) * 2019-05-17 2020-12-15 延安大学 一种数据可信处理方法
CN110247960B (zh) * 2019-05-27 2021-12-07 矩阵元技术(深圳)有限公司 安全多方计算的实现方法、装置、计算机设备和存储介质
US10791122B2 (en) 2019-07-04 2020-09-29 Alibaba Group Holding Limited Blockchain user account data
CN110474775B (zh) * 2019-07-04 2020-09-01 阿里巴巴集团控股有限公司 一种块链式账本中的用户创建方法、装置及设备
CN110675685A (zh) * 2019-09-29 2020-01-10 张华平 一种基于区块链的工商管理专业实训系统
CN110719167B (zh) * 2019-10-16 2022-09-27 郑州师范学院 一种基于区块链的带时效性的签密方法
CN110855679B (zh) * 2019-11-15 2021-11-30 微位(深圳)网络科技有限公司 一种uPKI联合公钥认证方法及系统
CN111047313B (zh) * 2020-03-12 2020-12-04 支付宝(杭州)信息技术有限公司 扫码支付、信息发送和密钥管理方法、装置和设备
CN111917734B (zh) * 2020-07-12 2023-03-10 中信银行股份有限公司 公钥的管理方法、装置、电子设备及计算机可读存储介质
CN111859348B (zh) * 2020-07-31 2022-07-19 上海微位网络科技有限公司 一种基于用户识别模块及区块链技术的身份认证方法及装置
US10958450B1 (en) 2020-10-15 2021-03-23 ISARA Corporation Constructing a multiple-entity root certificate data block chain
CN112511553B (zh) * 2020-12-08 2021-12-07 清华大学 层次化的互联网信任度分享方法
CN112861155A (zh) * 2021-02-25 2021-05-28 浙江清华长三角研究院 一种在去中心计算场景的公钥发布方法
CN113055886B (zh) * 2021-03-15 2023-02-24 中国联合网络通信集团有限公司 边缘计算网络中的终端认证方法、系统、服务器及介质
CN115361110A (zh) * 2022-07-04 2022-11-18 南京航空航天大学 一种区块链跨链交互数据计算结果的正确性验证方法
CN115632791B (zh) * 2022-10-12 2024-03-19 南京航空航天大学 一种动态跨链数据一致性去中心化验证方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105701372A (zh) * 2015-12-18 2016-06-22 布比(北京)网络技术有限公司 一种区块链身份构建及验证方法
CN106230808A (zh) * 2016-07-28 2016-12-14 杭州云象网络技术有限公司 一种基于区块链技术的个人征信系统建设方法
WO2016200885A1 (fr) * 2015-06-08 2016-12-15 Blockstream Corporation Montants de dissimulation cryptographique dans une transaction sur un registre tout en préservant la capacité d'un réseau à vérifier la transaction
CN107070644A (zh) * 2016-12-26 2017-08-18 北京科技大学 一种基于信任网络的去中心化公钥管理方法和管理系统

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016029119A1 (fr) * 2014-08-21 2016-02-25 myVBO, LLC Systèmes et procédés permettant de gérer des opérations en monnaies alternatives et d'optimiser des avantages financiers
CN105591753A (zh) * 2016-01-13 2016-05-18 杭州复杂美科技有限公司 一种ca证书在区块链上的应用方法
CN105592098B (zh) * 2016-01-16 2018-09-14 杭州复杂美科技有限公司 区块链上的投票及ca证书的管理方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016200885A1 (fr) * 2015-06-08 2016-12-15 Blockstream Corporation Montants de dissimulation cryptographique dans une transaction sur un registre tout en préservant la capacité d'un réseau à vérifier la transaction
CN105701372A (zh) * 2015-12-18 2016-06-22 布比(北京)网络技术有限公司 一种区块链身份构建及验证方法
CN106230808A (zh) * 2016-07-28 2016-12-14 杭州云象网络技术有限公司 一种基于区块链技术的个人征信系统建设方法
CN107070644A (zh) * 2016-12-26 2017-08-18 北京科技大学 一种基于信任网络的去中心化公钥管理方法和管理系统

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019133307A1 (fr) * 2017-12-29 2019-07-04 Ebay Inc. Grand livre de chaînes de blocs à clé traçable
EP3831012A4 (fr) * 2018-07-27 2022-04-27 HRL Laboratories, LLC Chaîne de blocs bidirectionnelle
US20220270085A1 (en) * 2019-05-21 2022-08-25 nChain Holdings Limited Destination addressing associated with a distributed ledger
WO2022231983A1 (fr) * 2021-04-29 2022-11-03 Arris Enterprises Llc Base de données centralisée avec des dispositions pour empêcher une duplication de clé pki et de certificat de sécurité
US11601290B2 (en) 2021-04-29 2023-03-07 Arris Enterprises Llc Centralized database with provisions to prevent PKI key and security certificate duplication
CN114205809A (zh) * 2021-11-12 2022-03-18 天津大学 基于区块链的无人艇自组网方法

Also Published As

Publication number Publication date
CN107070644B (zh) 2020-02-28
CN107070644A (zh) 2017-08-18

Similar Documents

Publication Publication Date Title
WO2018121797A1 (fr) Procédé de gestion de clé publique décentralisée basé sur un réseau de confiance et système de gestion
Qi et al. Cpds: Enabling compressed and private data sharing for industrial Internet of Things over blockchain
AU2021206913B2 (en) Systems and methods for distributed data sharing with asynchronous third-party attestation
TWI749583B (zh) 鏈式結構資料儲存、驗證、實現方法、系統、裝置及媒體
Lin et al. A new transitively closed undirected graph authentication scheme for blockchain-based identity management systems
Zhang et al. An efficient blockchain-based hierarchical data sharing for Healthcare Internet of Things
Miao et al. Verifiable searchable encryption framework against insider keyword-guessing attack in cloud storage
Fan et al. TraceChain: A blockchain‐based scheme to protect data confidentiality and traceability
JP2023504535A (ja) アイデンティティ(id)ベース公開鍵生成プロトコル
CN111614680B (zh) 一种基于cp-abe的可追溯云存储访问控制方法和系统
CN110191153A (zh) 基于区块链的社交通信方法
Yan et al. Efficient identity-based public integrity auditing of shared data in cloud storage with user privacy preserving
CN114205136A (zh) 一种基于区块链技术的交通数据资源共享方法及系统
Patsonakis et al. Towards a smart contract-based, decentralized, public-key infrastructure
CN113824563A (zh) 一种基于区块链证书的跨域身份认证方法
WO2021165755A1 (fr) Service d'attestation à utiliser avec un réseau de chaîne de blocs
CN114503508A (zh) 用于在区块链上存储经认证的数据的计算机实施的方法和系统
Ma et al. CP‐ABE‐Based Secure and Verifiable Data Deletion in Cloud
CN115136566A (zh) 分布式数据库
Zhang et al. Redactable transactions in consortium blockchain: Controlled by multi-authority CP-ABE
Yang et al. Identity-based cloud storage auditing for data sharing with access control of sensitive information
Liu et al. Blockchain-assisted comprehensive key management in CP-ABE for cloud-stored data
Lu et al. Novel Searchable Attribute‐Based Encryption for the Internet of Things
Prakasha et al. Efficient digital certificate verification in wireless public key infrastructure using enhanced certificate revocation list
Huang et al. Customized data sharing scheme based on blockchain and weighted attribute

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18734061

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18734061

Country of ref document: EP

Kind code of ref document: A1