WO2021174927A1 - Procédé et appareil de vérification d'identité à base de chaîne de blocs, dispositif, et support de stockage - Google Patents

Procédé et appareil de vérification d'identité à base de chaîne de blocs, dispositif, et support de stockage Download PDF

Info

Publication number
WO2021174927A1
WO2021174927A1 PCT/CN2020/132717 CN2020132717W WO2021174927A1 WO 2021174927 A1 WO2021174927 A1 WO 2021174927A1 CN 2020132717 W CN2020132717 W CN 2020132717W WO 2021174927 A1 WO2021174927 A1 WO 2021174927A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
ciphertext
identity information
verification
target user
Prior art date
Application number
PCT/CN2020/132717
Other languages
English (en)
Chinese (zh)
Inventor
陈聪明
王林青
林锋
Original Assignee
支付宝实验室(新加坡)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝实验室(新加坡)有限公司 filed Critical 支付宝实验室(新加坡)有限公司
Publication of WO2021174927A1 publication Critical patent/WO2021174927A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina

Definitions

  • One or more embodiments of this specification relate to the field of blockchain technology, and in particular to a blockchain-based identity verification method, device, device, and storage medium.
  • Blockchain technology also known as distributed ledger technology, is an emerging technology in which several computing devices participate in “bookkeeping” and jointly maintain a complete distributed database. Because the blockchain technology has the characteristics of decentralization, openness and transparency, each computing device can participate in database records, and the rapid data synchronization between computing devices, the blockchain technology has been widely used in many fields. application.
  • This manual provides a blockchain-based identity verification method, device, equipment and storage medium for realizing user identity information verification.
  • a blockchain-based identity verification method which stores the user identity information of each user issued by an authority, and the method is applied to blockchain node devices ,
  • the method includes: receiving an identity verification request sent by a verification agency when an identity verification operation triggered by a target user is detected, the identity verification request including: a user identity of the target user; and responding to the identity
  • the verification request is to find out whether there is user identity information corresponding to the user identity of the target user in the user identity information of each user registered on the blockchain; if it exists, send the found user identity information to The verification agency uses the verification agency to perform identity verification on the found user identity information.
  • the identity verification request further includes: the encryption key of the verification agency; the user identity information stored on the blockchain is a cipher text; the found user identity information is passed through the target The first ciphertext obtained by encrypting the encryption key corresponding to the user; said sending the found user identity information to the verification agency, so that the verification agency can perform identity verification on the found user identity information,
  • the method includes: converting the first ciphertext into a second ciphertext; the second ciphertext is the ciphertext obtained by encrypting the found user identity information through an encryption key corresponding to the verification agency; The second ciphertext is sent to the verification agency, and the verification agency uses the decryption key of the verification agency to decrypt the second ciphertext to obtain the user identity information plaintext of the target user , And perform identity verification on the plaintext of the obtained user identity information.
  • the converting the first ciphertext into the second ciphertext includes: sending the first ciphertext and the encryption key of the local node device to the user terminal of the target user, so that all The user terminal of the target user uses the decryption key corresponding to the target user to decrypt the first ciphertext to obtain the user identity information plaintext, and uses the encryption key of the node device to encrypt the user identity information plaintext to obtain the first ciphertext.
  • Three ciphertexts and send the third ciphertext to the local node device; receive the third ciphertext sent by the user terminal; use the decryption key of the local node device to decrypt the third ciphertext to obtain the user identity of the target user
  • the information is plaintext, and the user identity information plaintext is encrypted using the encryption key of the verification agency to obtain the second ciphertext.
  • the blockchain also stores a first ciphertext signature corresponding to the user ID of the target user; the first ciphertext signature uses the decryption key of the target user to pair the zone
  • the first ciphertext of the blockchain certificate is obtained by signing; the third ciphertext is decrypted using the decryption key of the device of the node to obtain the plaintext of the user identity information of the target user, and the verification agency’s
  • the encryption key encrypts the plain text of the user identity information to obtain the second cipher text, including: receiving the first cipher text signature sent by the user terminal; the first cipher text signature is received by the user terminal After the first ciphertext, use the decryption key of the target user to sign the first ciphertext to obtain; detect the received first ciphertext signature and the user ID of the target user certified by the blockchain Whether the corresponding first ciphertext signature matches; if it matches, the third ciphertext is decrypted using the decryption key of the node
  • the converting the first ciphertext into the second ciphertext includes: sending the first ciphertext and the encryption key of the verification agency to the user terminal of the target user to The user terminal of the target user uses the decryption key of the target user to decrypt the first ciphertext to obtain the user identity information plaintext of the target user, and uses the encryption key of the verification agency to decrypt the user identity information
  • the plaintext is encrypted to obtain the second ciphertext; the second ciphertext is obtained from the user terminal.
  • an identity verification device based on a blockchain.
  • the blockchain stores the user identity information of each user issued by an authority, and the device is applied to a blockchain node device ,
  • the device includes: a receiving module that receives an identity verification request sent by a verification agency when an identity verification operation triggered by a target user is detected, the identity verification request includes: a user identity of the target user; a search module In response to the identity verification request, in the user identity information of each user registered on the blockchain, search for whether there is user identity information corresponding to the user identity of the target user; the sending module, if it exists, then Send the found user identity information to the verification agency, so that the verification agency performs identity verification on the found user identity information.
  • the identity verification request further includes: the encryption key of the verification agency; the user identity information stored on the blockchain is a cipher text; the found user identity information is passed through the target The first ciphertext obtained by encrypting the encryption key corresponding to the user; the sending module converts the first ciphertext into a second ciphertext; The ciphertext obtained by encrypting the encryption key corresponding to the verification agency; sending the second ciphertext to the verification agency, so that the verification agency uses the verification agency's decryption key to pair the The second ciphertext is decrypted to obtain the user identity information plaintext of the target user, and identity verification is performed on the obtained user identity information plaintext.
  • the sending module sends the first ciphertext and the encryption key of the local node device to the user terminal of the target user, so that the user terminal of the target user adopts the decryption corresponding to the target user
  • the key decrypts the first ciphertext to obtain the user identity information plaintext, and uses the encryption key of the node device to encrypt the user identity information plaintext to obtain the third ciphertext, and sends the third ciphertext to this Node device; receiving the third ciphertext sent by the user terminal; using the decryption key of the node device to decrypt the third ciphertext to obtain the plaintext of the user identity information of the target user, and using the encrypted password of the verification agency
  • the key encrypts the plain text of the user identity information to obtain the second cipher text.
  • the blockchain also stores a first ciphertext signature corresponding to the user ID of the target user; the first ciphertext signature uses the decryption key of the target user to pair the zone
  • the first ciphertext of the block chain deposit certificate is obtained by signing; the sending module receives the first ciphertext signature sent by the user terminal; the first ciphertext signature is obtained by the user terminal after receiving the first ciphertext signature; After the first ciphertext, use the decryption key of the target user to sign the first ciphertext to obtain; detect the received first ciphertext signature and the user ID of the target user certified by the blockchain Whether the corresponding first ciphertext signature matches; if it matches, the third ciphertext is decrypted using the decryption key of the node device to obtain the plaintext of the user identity information of the target user, and the encryption key of the verification agency is used Encrypt the plain text of the user identity information to obtain the second cipher text.
  • the sending module sends the first ciphertext and the encryption key of the verification agency to the user terminal of the target user, so that the user terminal of the target user adopts the target user's
  • the decryption key decrypts the first ciphertext to obtain the user identity information plaintext of the target user, and uses the encryption key of the verification agency to encrypt the user identity information plaintext to obtain the second ciphertext;
  • the terminal obtains the second ciphertext.
  • an electronic device including: a processor; a memory for storing executable instructions of the processor; wherein the processor executes the executable instructions to implement blockchain-based Identity verification method.
  • a computer-readable storage medium on which computer instructions are stored, which when executed by a processor, realize the steps of the above-mentioned blockchain-based identity verification method.
  • the authoritative organization publishes the user identity information of each user on the blockchain for certification, and the verification agency can obtain the user identity information of the target user from the blockchain without the target user inputting the user identity information. Therefore, the user's operation is greatly facilitated.
  • the verification agency since the verification agency does not need to wait for the user to input the identity information, but can directly obtain the target user's identity information from the blockchain, the efficiency of identity verification is greatly improved.
  • FIG. 1 is a schematic diagram of a network of identity verification based on blockchain shown in an exemplary embodiment of this specification;
  • Fig. 2 is a flowchart of a blockchain-based identity verification method shown in an exemplary embodiment of this specification
  • Fig. 3 is a flowchart of a blockchain-based identity verification method shown in an exemplary embodiment of this specification
  • Fig. 4 is a hardware structure diagram of an electronic device shown in an exemplary embodiment of this specification.
  • Fig. 5 is a block diagram of a block chain-based identity verification device shown in an exemplary embodiment of this specification.
  • the steps of the corresponding method may not be executed in the order shown and described in this specification.
  • the method may include more or fewer steps than described in this specification.
  • a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. describe.
  • Blockchain is generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain.
  • Public Blockchain Private Blockchain
  • Consortium Blockchain there can also be a combination of the above types, such as private chain + consortium chain, consortium chain + public chain, and so on.
  • the public chain is represented by Bitcoin and Ethereum. Participants who join the public chain (also called nodes in the blockchain) can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks, etc. . Moreover, each node can freely join or exit the network, and perform related operations.
  • the private chain is the opposite.
  • the write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization.
  • a private chain can be a weakly centralized system with strict restrictions on nodes and a small number of nodes. This type of blockchain is more suitable for internal use by specific institutions.
  • Each node in the alliance chain usually has a corresponding entity or organization; nodes are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.
  • the blockchain is usually composed of several blocks.
  • the time stamps corresponding to the creation time of the block are respectively recorded in these blocks, and all the blocks strictly follow the time stamps recorded in the block to form a time-ordered data chain.
  • the real data generated in the physical world it can be constructed into a standard transaction format supported by the blockchain, and then published to the blockchain, and the node devices in the blockchain will perform consensus processing on the received transactions , And after reaching a consensus, the node device as the bookkeeping node in the block chain will package the transaction into the block and carry out persistent storage in the block chain.
  • the consensus algorithms supported in the blockchain can include: the first type of consensus algorithm, that is, the consensus algorithm that node devices need to compete for the accounting right of each round of accounting cycle; for example, Proof of Work (POW) ), Proof of Stake (POS), Delegated Proof of Stake (DPOS) and other consensus algorithms; the second type of consensus algorithm, that is, pre-election of accounting nodes for each round of accounting cycle (no need to compete Accounting rights) consensus algorithms; for example, practical Byzantine Fault Tolerance (PBFT) and other consensus algorithms.
  • the first type of consensus algorithm that is, the consensus algorithm that node devices need to compete for the accounting right of each round of accounting cycle
  • POW Proof of Work
  • POS Proof of Stake
  • DPOS Delegated Proof of Stake
  • PBFT Practical Byzantine Fault Tolerance
  • all node devices that compete for the right to keep accounts can execute the transaction after receiving the transaction.
  • one node device may win this round of contention for the right to bookkeeping and become the bookkeeping node.
  • the accounting node can package the received transaction with other transactions to obtain the latest block, and send the obtained latest block or the block header of the latest block to other node devices for consensus.
  • the node device with the right to book accounts has been agreed before this round of bookkeeping. Therefore, after the node device receives the transaction, if it is not the accounting node of this round, it can send the transaction to the accounting node.
  • the transaction can be executed during or before the process of packaging the transaction with other transactions to obtain the latest block. After obtaining the latest block, the accounting node can send the latest block or the block header of the latest block to other node devices for consensus.
  • the accounting node in this round can package the received transaction to obtain the latest block, and the obtained latest block or the latest block
  • the header of the block is sent to other node devices for consensus verification. If other node equipment receives the latest block or the block header of the latest block, it is verified that there is no problem, and the latest block can be appended to the end of the original blockchain to complete the accounting process of the blockchain. In the process of other nodes verifying the new block or block header sent by the accounting node, the transactions contained in the block can also be executed.
  • the user wants to complete the verification in a verification agency, the user needs to input the user's identity information, and the verification agency verifies the identity information entered by the user.
  • the user completes the verification at another verification agency, the user also needs to submit user information to another verification agency, so that the other verification agency completes verification based on the identity information submitted by the user.
  • the user identity information that the user needs to repeatedly provide to different verification agencies causes great inconvenience for the user to perform identity verification.
  • the verification agency when verifying user identity information, the verification agency also needs to wait for the user to input the user identity information to complete the verification of the user identity information, which greatly reduces the efficiency of identity verification.
  • this specification proposes a blockchain-based identity verification method, where the user identity information of each user is stored on the blockchain.
  • the verification agency can obtain the user identity information of the target user from the blockchain and verify the obtained user identity information.
  • the authoritative organization publishes the user identity information of each user on the blockchain for certification, and the verification agency can download the identity information from the blockchain. Obtain the user identity information of the target user without the target user inputting the user identity information, which greatly facilitates the user's operation.
  • the verification agency since the verification agency does not need to wait for the user to input the identity information, but can directly obtain the target user's identity information from the blockchain, the efficiency of identity verification is greatly improved.
  • the user identity information stored on the blockchain is ciphertext, and the user identity Information is also transmitted in cipher text between parties, which greatly improves the security of user identity information storage and transmission.
  • FIG 1 is a schematic diagram of a blockchain-based identity verification networking diagram according to an exemplary embodiment of this specification; the networking includes: blockchain, authority, verification agency, user terminal, etc. .
  • the equipment included in the networking is merely exemplified, and the equipment included in the networking is not specifically limited.
  • Authority refers to an organization that can guarantee the reliability and authenticity of user identity information.
  • the authority may be the Public Security Bureau.
  • the authority is only an exemplary description of the authority, and does not specifically limit the authority.
  • Users can register their own user identity information on the authority, and the authority can publish the user identity information of registered users to the blockchain for certification.
  • Block chain the block chain stores the user identity information of each user.
  • the block chain described in this specification can be a consortium chain, a public chain or a private chain, etc.
  • the block chain is not specifically limited here.
  • the verification agency refers to the agency that verifies the user's identity information.
  • the bank needs to verify the user's identity information.
  • the bank may be a verification agency.
  • the server of the APP needs to verify the user's identity information.
  • the server of the APP may be a verification organization.
  • verification agency Any agency that needs to verify user identity information can be a verification agency, and the verification agency is not specifically limited here.
  • User terminal refers to the terminal equipment used by the user.
  • the user terminal may include terminal devices such as mobile phones, computers, notebooks, IPADs, etc.
  • the user terminal is only exemplified here, and is not specifically limited.
  • the user can register his user identity information in the authority through the user terminal.
  • authorities can publish user identity information to the blockchain for storage.
  • the verification agency After the verification agency detects the identity verification operation triggered by the target user, the verification agency can obtain the user identity information of the target user from the blockchain and verify the obtained user identity information.
  • Key This manual involves at least three sets of keys.
  • the three sets of keys are: the encryption key and decryption key of the target user; the encryption key and decryption key of the node device of the blockchain; the encryption key and decryption key of the verification agency.
  • the encryption and decryption algorithm used in this specification is a symmetric encryption algorithm
  • the encryption key and the decryption key in each set of keys are the same.
  • the encryption key in each set of keys is the public key
  • the decryption key is the private key.
  • Ciphertext This specification involves at least three ciphertexts, namely the first ciphertext, the second ciphertext and the third ciphertext. Among them, “first”, “second” and “third” are only for convenience of description and have no actual meaning.
  • the first ciphertext refers to the ciphertext obtained by encrypting the plaintext of the user identity information of the target user through the encryption key of the target user.
  • the second ciphertext refers to the ciphertext obtained by encrypting the plaintext of the user identity information of the target user with the encryption key of the verification agency.
  • the third ciphertext refers to the ciphertext obtained by encrypting the plaintext of the user identity information of the target user with the encryption key of the node device of the blockchain.
  • Figure 2 is a flowchart of a blockchain-based identity verification method shown in an exemplary embodiment of this specification. The method can be applied to the node device of the blockchain and can include steps 202-206. .
  • Step 202 The blockchain node device receives the identity verification request sent by the verification agency when the identity verification operation triggered by the target user is detected, where the identity verification request includes: the user identification of the target user.
  • the blockchain stores the user identity information of each user issued by the authority.
  • the authority can send a transaction to the node device of the blockchain, and the transaction carries the user identity information of each user.
  • the node device of the blockchain can send the transaction to other node devices of the blockchain, so that the other node devices and the node device can perform consensus processing on the transaction.
  • each node device of the blockchain stores the user identity information of each user carried in the transaction in the blockchain ledger of each node device.
  • the user identity information stored on the blockchain can be plaintext or ciphertext formed by encrypting the user identity information with the user's encryption key.
  • the storage form of the user identity information is only exemplified, and is not specifically limited.
  • the verification agency may obtain the user identification of the target user after detecting the identity verification operation triggered by the target user.
  • the user terminal of the target user may generate a graphic code based on the user identification of the target user, and provide the graphic code to the verification agency.
  • the verification agency can scan the graphic code and identify the user identification of the target user contained in the graphic code.
  • the verification agency may generate an identity verification request based on the user identification of the target user and the encryption key of the verification agency, and send the identity verification request to the blockchain node device.
  • the user ID can be information that uniquely identifies a user, for example, the user ID is a unique identification code assigned to the user by an authority, or the user ID is the encryption key of the user.
  • the user ID is only exemplified. , Does not specifically limit the user ID.
  • Step 204 In response to the identity verification request, the blockchain node device searches the user identity information of each user registered on the blockchain for whether there is user identity information corresponding to the user identity of the target user.
  • the node device of the blockchain After receiving the identity verification request sent by the verification agency, the node device of the blockchain can respond to the identity verification request and search for the existence and User identity information corresponding to the user ID of the target user.
  • step 206 is executed.
  • an alarm message is sent to the verification agency to remind the verification agency that the verification agency cannot perform user identity information verification.
  • Step 206 If it exists, the blockchain node device sends the searched user identity information to the verification agency, so that the verification agency can perform identity verification on the searched user identity information.
  • Step 206 Give a detailed explanation. Several implementations of step 206 are described below.
  • the user identity information of the blockchain certificate is ciphertext.
  • the ciphertext is the ciphertext obtained by encrypting the user's identity information with the user's encryption key.
  • the user identity information recorded on the blockchain is ciphertext
  • the user identity information corresponding to the target user found is the first ciphertext encrypted by the encryption key of the target user.
  • the node device of the blockchain needs to convert the first ciphertext into the second ciphertext encrypted by the encryption key of the verification agency.
  • the blockchain node device sends the second ciphertext to the verification agency, so that the verification agency uses the decryption key of the verification agency to decrypt the second ciphertext to obtain a plaintext of user identity information.
  • Step 206 will be described in detail below through step A1 to step A3.
  • Step A1 The blockchain node device converts the first ciphertext into the second ciphertext.
  • the blockchain node device sends the found first ciphertext and the encryption key of the blockchain node device to the user terminal of the target user.
  • the user terminal uses the stored decryption key of the target user to decrypt the first ciphertext to obtain the user identity information plaintext.
  • the user terminal can use the encryption key of the blockchain node device sent by the blockchain node device to encrypt the user identity information plaintext to obtain the third ciphertext, and then send the third ciphertext to the blockchain node equipment.
  • the blockchain node device can use the decryption key corresponding to the blockchain node device to decrypt the third ciphertext to obtain the plaintext of the user identity information.
  • the blockchain node device uses the encryption key of the verification agency carried in the aforementioned identity verification request to encrypt the obtained plaintext of the user identity information to obtain the second ciphertext.
  • the embodiment of this specification in order to prevent illegal agencies from impersonating the user terminal to send messages to the node device of the blockchain, in other words, in order to verify the sender of the third ciphertext, the embodiment of this specification also adopts a signature mechanism.
  • the blockchain in addition to the ciphertext of user identity information sent by the authority, the blockchain also stores the ciphertext signature corresponding to the ciphertext of each user's identity information.
  • the ciphertext signature corresponding to the user of the blockchain certificate is obtained by signing the ciphertext of the user's identity information through the user's decryption key.
  • the ciphertext signature corresponding to the ciphertext of the user identity information of the target user is referred to as the first ciphertext signature.
  • the user terminal After the user terminal receives the first ciphertext sent by the blockchain node device and the encryption key of the blockchain node device, on the one hand, the user terminal can use the decryption key of the target user to decrypt the first ciphertext Obtain the user identity information in plain text, and use the encryption key of the blockchain node device to encrypt the user identity information to obtain the third cipher text. On the other hand, the user terminal may also use the decryption key of the target user to sign the first ciphertext to obtain the first ciphertext signature.
  • the user terminal can send the third ciphertext and the first ciphertext signature to the blockchain node device.
  • the blockchain node device may first detect whether the received first ciphertext signature matches the first ciphertext signature of the target user certified by the blockchain.
  • the blockchain node device uses the decryption key of the blockchain node device Decrypt the third ciphertext to obtain the user identity information plaintext of the target user, and use the encryption key of the verification agency to encrypt the user identity information plaintext to obtain the two ciphertext.
  • an unverifiable warning message is returned to the verification agency.
  • the verification agency can use traditional methods to verify user identity information. For example, the verification agency may display a prompt message to the user. The prompt message is used to prompt the user that the verification is not possible, and prompt the user to provide user identity information. The verification agency can obtain the user identity information entered by the user, and then perform identity verification on the user identity information.
  • the blockchain node device sends the first ciphertext and the encryption key of the verification agency to the user terminal of the target user.
  • the user terminal of the target user uses the decryption key of the target user to decrypt the first ciphertext to obtain the plaintext of the user identity information of the target user. Then, the user terminal of the target user can use the encryption key of the verification agency to encrypt the plaintext of the user identity information to obtain the second ciphertext.
  • the block connection point device can obtain the second ciphertext from the user terminal.
  • the blockchain node device may send an acquisition request to the user terminal, and the user terminal sends the second ciphertext to the node device of the blockchain after receiving the acquisition request.
  • the user terminal can directly send the second ciphertext to the node device of the blockchain.
  • Step A2 The blockchain node device sends the second ciphertext to the verification agency, so that the verification agency uses the verification agency's decryption key to decrypt the second ciphertext.
  • the user identity information of the target user is plaintext, and identity verification is performed on the plaintext of the user identity information.
  • the blockchain node device may send the second ciphertext to the verification agency.
  • the verification agency may use the decryption key of the verification agency to decrypt the second ciphertext to obtain the user identity information plaintext of the target user, and perform identity verification on the user identity information plaintext.
  • the verification agency stores the user identity information of the registered user.
  • the verification agency can look up the target user's identity information in the user identity information of the registered user. Then, the verification agency can detect whether the identity information of the target user stored by the verification agency is consistent with the plaintext of the user identity information found. If they are consistent, it is determined that the verification of the plaintext of the user identity information is passed. If they are inconsistent, it is determined that the verification of the plaintext of the user identity information fails. In addition, if the verification agency fails to find the identity information of the target user in the user identity information of the registered user, it is determined that the plaintext verification of the user identity information fails.
  • user identity information is stored in cipher text on the blockchain, and user identity information is also passed between blockchain node devices, user terminals and verification agencies in cipher text, it greatly protects users Security of identity information.
  • the user identity information stored on the blockchain can also be plain text of the user identity information.
  • the blockchain node device after the blockchain node device finds the user identity information of the target user in the plaintext of the user identity information in the blockchain certificate, it can directly express the user identity information of the target user. Send it to the verification agency.
  • the verification agency can verify the plain text of the user identity information sent by the blockchain node device.
  • the verification request also carries the encryption key of the verification agency
  • the block chain node device finds the user identity information of the target user in the clear text of the user identity information in the block chain, in order to ensure the security of the user identity information clear text between the block chain node device and the verification agency
  • the block chain node device can use the encryption key of the verification agency to encrypt the plain text of the user identity information to obtain the second cipher text.
  • the blockchain node device may send the second ciphertext to a verification agency, and the verification agency uses the decryption key of the verification agency to decrypt the second ciphertext to obtain the user identity information plaintext of the target user, And perform identity verification on the user identity information in plain text.
  • the verification agency since the authority publishes the user identity information of each user on the blockchain for certification, the verification agency can obtain the user identity information of the target user from the blockchain without the target user inputting the user identity information , So it greatly facilitates the user's operation. In addition, since the verification agency does not need to wait for the user to input the identity information, but can directly obtain the target user's identity information from the blockchain, the efficiency of identity verification is greatly improved.
  • the corresponding relationship of ciphertext signature is taken as an example, and in conjunction with Figure 3, the blockchain-based identity verification method provided in this specification will be described in detail.
  • the user identity information ciphertext is the ciphertext formed by encrypting the user identity information with the user's public key
  • the ciphertext signature is the ciphertext signature obtained by signing the user identity information ciphertext with the user's private key.
  • FIG. 3 is a flowchart of a blockchain-based identity verification method shown in an exemplary embodiment of this specification.
  • Step 301 After detecting the identity verification operation triggered by the target user, the verification agency sends an identity verification request to the blockchain node device.
  • the identity verification request carries the public key of the target user and the public key of the verification agency.
  • an APP associated with the verification agency is installed on the user terminal.
  • the private key and public key of the user terminal are saved in the APP.
  • users register on this APP they can use biometric information to register.
  • the APP can generate a graphic code based on the public key of the user terminal.
  • the APP can also generate graphic codes at other times. For example, when the APP detects that the user has triggered the graphic code generation operation, it can generate graphic codes based on the public key of the user terminal.
  • the verification agency After the verification agency detects the identity verification operation triggered by the target user, it can scan the graphic code generated by the APP of the user terminal, identify the graphic code, and obtain the public key of the user terminal.
  • the verification agency can generate an identity verification request through the public key of the user terminal and the public key of the verification agency, and send the identity verification request to the node device of the blockchain.
  • Step 302 The blockchain node device searches for the first ciphertext corresponding to the public key of the target user in the correspondence between the public key of the user registered on the blockchain, the ciphertext of the user identity information, and the ciphertext signature .
  • Step 303 The blockchain node device sends the first ciphertext and the public key of the blockchain node device to the target user terminal.
  • the target user terminal refers to the user terminal of the target user.
  • Step 304 The target user terminal uses the private key of the target user terminal to decrypt the first ciphertext to obtain the user identity information plaintext of the target user, and uses the public key of the blockchain node device to perform the plaintext of the user identity information of the target user. Encryption, obtain the third ciphertext, and use the decryption key of the target user terminal to sign the first ciphertext to obtain the first ciphertext signature.
  • Step 305 The target user terminal sends the first ciphertext signature and the third ciphertext to the blockchain node device.
  • Step 306 The blockchain node device detects whether the first ciphertext signature sent by the user terminal is consistent with the first ciphertext signature of the blockchain certificated and corresponding to the public key of the target user.
  • step 307 If the first ciphertext signature sent by the target user terminal is consistent with the first ciphertext signature of the blockchain certified and corresponding to the target user's public key, perform step 307 to step 309;
  • step 310 is performed.
  • Step 307 The blockchain node device uses the private key of the blockchain node device to decrypt the third ciphertext to obtain the user identity information plaintext of the target user, and uses the public key of the verification agency to obtain the user of the target user
  • the plaintext of the identity information is encrypted to obtain the second ciphertext.
  • Step 308 The blockchain node device sends the second ciphertext to the verification agency.
  • Step 309 The verification agency uses the private key of the verification agency to decrypt the second ciphertext to obtain the user identity information plaintext of the target user, and verify the user identity information plaintext.
  • the blockchain node device sends an alarm that cannot be verified to the verification agency.
  • this specification also provides an embodiment of the blockchain-based identity verification device.
  • this specification also provides an embodiment of a blockchain-based identity verification device.
  • the embodiments of the blockchain-based identity verification device in this specification can be applied to electronic devices (such as blockchain node devices).
  • the device embodiments can be implemented by software, or can be implemented by hardware or a combination of software and hardware. Taking software implementation as an example, as a logical device, it is formed by reading the corresponding computer program instructions in the non-volatile memory into the memory through the processor of the electronic device where it is located.
  • FIG 4 a hardware structure diagram of the electronic device where the blockchain-based identity verification device of this specification is located, except for the processor, memory, network interface, and network interface shown in Figure 4
  • the electronic device in which the device is located in the embodiment may also include other hardware according to the actual function of the electronic device, which will not be repeated here.
  • FIG. 5 is a block diagram of a block chain-based identity verification device shown in an exemplary embodiment of this specification.
  • the block chain stores the user identity information of each user issued by an authority.
  • the device is applied to a blockchain node device, and the device includes a receiving module 501, a searching module 502, and a sending module 503.
  • the receiving module 501 receives an identity verification request sent by a verification agency when an identity verification operation triggered by a target user is detected, where the identity verification request includes: the user identification of the target user.
  • the searching module 502 in response to the identity verification request, searches whether there is user identity information corresponding to the user identity of the target user in the user identity information of each user registered on the blockchain.
  • the sending module 503 if it exists, sends the found user identity information to the verification agency, so that the verification agency can perform identity verification on the found user identity information.
  • the identity verification request further includes: the encryption key of the verification agency; the user identity information stored on the blockchain is a cipher text; the found user identity information is passed through the target The first ciphertext obtained by encrypting the encryption key corresponding to the user;
  • the sending module 503 converts the first ciphertext into a second ciphertext; the second ciphertext is the ciphertext obtained by encrypting the found user identity information through the encryption key corresponding to the verification agency Send the second ciphertext to the verification agency, so that the verification agency uses the verification agency’s decryption key to decrypt the second ciphertext to obtain the target user’s
  • User identity information is in plain text, and identity verification is performed on the obtained user identity information in plain text.
  • the sending module 503 sends the first ciphertext and the encryption key of the local node device to the user terminal of the target user, so that the user terminal of the target user adopts the target user's corresponding
  • the decryption key decrypts the first ciphertext to obtain the user identity information plaintext, and uses the encryption key of the node device to encrypt the user identity information plaintext to obtain the third ciphertext, and sends the third ciphertext to This node device; receives the third ciphertext sent by the user terminal; uses the decryption key of the node device to decrypt the third ciphertext to obtain the plaintext of the user identity information of the target user, and adopts the encryption of the verification agency The key encrypts the plain text of the user identity information to obtain the second cipher text.
  • the blockchain also stores a first ciphertext signature corresponding to the user ID of the target user; the first ciphertext signature uses the decryption key of the target user to pair the zone It is obtained by signing the first ciphertext of the blockchain deposit certificate.
  • the sending module 503 receives the first cipher text signature sent by the user terminal; the first cipher text signature is used by the user terminal after receiving the first cipher text, using the decryption cipher of the target user
  • the key is used to sign the first ciphertext to obtain; it is detected whether the received first ciphertext signature matches the first ciphertext signature corresponding to the user ID of the target user certified by the blockchain; if they match, then Use the decryption key of the local node device to decrypt the third ciphertext to obtain the user identity information plaintext of the target user, and use the encryption key of the verification agency to encrypt the user identity information plaintext to obtain the second ciphertext .
  • the sending module 503 sends the first ciphertext and the encryption key of the verification agency to the user terminal of the target user, so that the user terminal of the target user adopts the target user Decrypt the first ciphertext with the decryption key to obtain the user identity information plaintext of the target user, and use the encryption key of the verification agency to encrypt the user identity information plaintext to obtain the second ciphertext; The user terminal obtains the second ciphertext.
  • this specification also provides an electronic device, including: a processor; a memory for storing executable instructions of the processor; wherein the processor executes the executable instructions to realize that the receiving verification mechanism detects the target user
  • the identity verification request sent when the identity verification operation is triggered, the identity verification request includes: the user ID of the target user; In the user identity information of the user identity information, find out whether there is user identity information corresponding to the user ID of the target user; The received user identity information is verified.
  • the identity verification request further includes: the encryption key of the verification agency; the user identity information stored on the blockchain is a cipher text; the found user identity information is passed through the target The first ciphertext obtained by encrypting the encryption key corresponding to the user.
  • the processor sends the found user identity information to the verification agency, so that when the verification agency performs identity verification on the found user identity information,
  • the first ciphertext is converted into a second ciphertext;
  • the second ciphertext is a ciphertext obtained by encrypting the found user identity information through an encryption key corresponding to the verification agency;
  • the ciphertext is sent to the verification agency, and the verification agency uses the decryption key of the verification agency to decrypt the second ciphertext to obtain the plaintext of the user identity information of the target user, and
  • the obtained user identity information is verified in plain text.
  • the processor realizes sending the first ciphertext and the encryption key of the local node device to the
  • the user terminal of the target user uses the user terminal of the target user to decrypt the first ciphertext using the decryption key corresponding to the target user to obtain the plaintext of the user identity information, and uses the encryption cipher of the node device.
  • the key encrypts the user identity information plaintext to obtain the third ciphertext, and sends the third ciphertext to the local node device; receives the third ciphertext sent by the user terminal; uses the decryption key of the local node device to pair the third ciphertext
  • the ciphertext is decrypted to obtain the user identity information plaintext of the target user, and the user identity information plaintext is encrypted using the encryption key of the verification agency to obtain the second ciphertext.
  • the blockchain also stores a first ciphertext signature corresponding to the user ID of the target user; the first ciphertext signature uses the decryption key of the target user to pair the zone It is obtained by signing the first ciphertext of the blockchain deposit certificate.
  • the processor uses the decryption key of the node device to decrypt the third ciphertext to obtain the plaintext of the user identity information of the target user by running the executable instruction, and uses the encryption key pair of the verification agency
  • the user identity information is encrypted in plain text, and when the second cipher text is obtained, the first cipher text signature sent by the user terminal is received; the first cipher text signature is performed by the user terminal when the first cipher text is received.
  • the decryption key of the target user After the text, use the decryption key of the target user to sign the first ciphertext to obtain; detect that the received first ciphertext signature corresponds to the first ciphertext of the target user’s user ID that is certified by the blockchain Whether the ciphertext signature matches; if it matches, the third ciphertext is decrypted using the decryption key of the node device to obtain the plaintext of the user identity information of the target user, and the encryption key of the verification agency is used to identify the user The information plaintext is encrypted to obtain the second ciphertext.
  • the processor sends the first ciphertext and the encryption key of the verification agency when converting the first ciphertext into the second ciphertext by running the executable instruction
  • the user terminal of the target user uses the decryption key of the target user to decrypt the first ciphertext to obtain the plaintext of the user identity information of the target user, and use verification
  • the encryption key of the organization encrypts the plain text of the user identity information to obtain the second cipher text; and obtains the second cipher text from the user terminal.
  • this specification also provides a computer-readable storage medium on which a computer instruction is stored, which is characterized in that, when the instruction is executed by the processor, the receiving verification mechanism sends it when it detects the identity verification operation triggered by the target user.
  • the identity verification request includes: the user identity of the target user; in response to the identity verification request, in the user identity information of each user registered on the blockchain, find out whether There is user identity information corresponding to the user ID of the target user; if it exists, the found user identity information is sent to the verification agency, so that the verification agency can perform identity verification on the searched user identity information. Test.
  • the identity verification request further includes: the encryption key of the verification agency; the user identity information stored on the blockchain is a cipher text; the found user identity information is passed through the target The first ciphertext obtained by encrypting the encryption key corresponding to the user.
  • the instruction is executed by the processor, and when the found user identity information is sent to the verification agency, when the verification agency performs identity verification on the found user identity information, the first secret is realized.
  • the text is converted into a second cipher text; the second cipher text is the cipher text obtained by encrypting the found user identity information through the encryption key corresponding to the verification agency; the second cipher text is sent to the The verification agency uses the verification agency to decrypt the second ciphertext using the verification agency’s decryption key to obtain the target user’s user identity information in plain text, and to compare the obtained user identity information Perform identity verification in plain text.
  • the instruction is executed by the processor, and when the first ciphertext is converted into the second ciphertext, the first ciphertext and the encryption key of the local node device are sent to the target user.
  • the user terminal uses the user terminal of the target user to decrypt the first ciphertext using the decryption key corresponding to the target user to obtain the user identity information plaintext, and uses the encryption key of the node device to identify the user
  • the information plaintext is encrypted to obtain the third ciphertext, and the third ciphertext is sent to the local node device; the third ciphertext sent by the user terminal is received; the third ciphertext is decrypted using the decryption key of the local node device to obtain the third ciphertext
  • the user identity information of the target user is in plain text, and the user identity information is encrypted using the encryption key of the verification agency to obtain the second cipher text.
  • the blockchain also stores a first ciphertext signature corresponding to the user ID of the target user; the first ciphertext signature uses the decryption key of the target user to pair the zone It is obtained by signing the first ciphertext of the blockchain deposit certificate.
  • the instruction is executed by the processor, the third ciphertext is decrypted using the decryption key of the node device to obtain the plaintext of the user identity information of the target user, and the user identity information is plaintext using the encryption key of the verification agency
  • the second ciphertext is obtained through encryption
  • the first ciphertext signature sent by the user terminal is received;
  • the first ciphertext signature is used by the user terminal after receiving the first ciphertext
  • the decryption key of the target user is obtained by signing the first ciphertext; it is detected whether the received first ciphertext signature matches the first ciphertext signature corresponding to the user ID of the target user certified by the blockchain If they match, use the decryption key of the node device to decrypt the third ciphertext to obtain the plaintext of the user identity information of the target user, and use the encryption key of the verification agency to encrypt the plaintext of the user identity information, Get the second ciphertext.
  • the instruction is executed by the processor, and when the first ciphertext is converted into the second ciphertext, the first ciphertext and the encryption key of the verification agency are sent to the target user
  • the user terminal uses the user terminal of the target user to decrypt the first ciphertext using the decryption key of the target user to obtain the plaintext of the user identity information of the target user, and uses the encryption key of the verification agency Encrypting the plaintext of the user identity information to obtain the second ciphertext; obtaining the second ciphertext from the user terminal.
  • a typical implementation device is a computer.
  • the specific form of the computer can be a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email receiving and sending device, and a game control A console, a tablet computer, a wearable device, or a combination of any of these devices.
  • the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • processors CPU
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • the memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology.
  • the information can be computer-readable instructions, data structures, program modules, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, disk storage, quantum memory, graphene-based storage media or other magnetic storage devices, or any other non-transmission media, can be used to store information that can be accessed by computing devices.
  • computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
  • first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • first information may also be referred to as second information, and similarly, the second information may also be referred to as first information.
  • word “if” as used herein can be interpreted as "when” or “when” or "in response to determination”.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Theoretical Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

La présente invention porte sur un procédé et sur un appareil de vérification d'identité à base de chaîne de blocs, sur un dispositif et sur un support de stockage, consistant : à recevoir une demande de vérification d'identité envoyée par un mécanisme de vérification lors de la détection d'une opération de vérification d'identité déclenchée par un utilisateur cible, la demande de vérification d'identité comprenant un identifiant d'utilisateur de l'utilisateur cible ; en réponse à la demande de vérification d'identité, à effectuer une recherche pour savoir si des informations d'identité d'utilisateur correspondant à l'identifiant d'utilisateur de l'utilisateur cible existent dans des informations d'identité d'utilisateur de chaque utilisateur stockées dans une chaîne de blocs ; et si tel est le cas, à envoyer les informations d'identité d'utilisateur recherchées au mécanisme de vérification de telle sorte que le mécanisme de vérification effectue une vérification d'identité sur les informations d'identité d'utilisateur recherchées.
PCT/CN2020/132717 2020-03-03 2020-11-30 Procédé et appareil de vérification d'identité à base de chaîne de blocs, dispositif, et support de stockage WO2021174927A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010140345.2 2020-03-03
CN202010140345.2A CN111556007B (zh) 2020-03-03 2020-03-03 基于区块链的身份校验方法、装置、设备及存储介质

Publications (1)

Publication Number Publication Date
WO2021174927A1 true WO2021174927A1 (fr) 2021-09-10

Family

ID=72004135

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/132717 WO2021174927A1 (fr) 2020-03-03 2020-11-30 Procédé et appareil de vérification d'identité à base de chaîne de blocs, dispositif, et support de stockage

Country Status (2)

Country Link
CN (2) CN114143041A (fr)
WO (1) WO2021174927A1 (fr)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113761496A (zh) * 2021-10-21 2021-12-07 支付宝(杭州)信息技术有限公司 一种基于区块链的身份校验方法及装置和电子设备
CN113806809A (zh) * 2021-11-17 2021-12-17 北京溪塔科技有限公司 一种基于区块链的求职者信息披露方法及系统
CN113821529A (zh) * 2021-09-26 2021-12-21 陕西师范大学 一种基于区块链技术的三维数字文化遗产溯源方法及装置
CN114499871A (zh) * 2021-12-23 2022-05-13 成都卫士通信息产业股份有限公司 一种签名加密方法、装置、系统及计算机可读存储介质
CN114760111A (zh) * 2022-03-24 2022-07-15 标信智链(杭州)科技发展有限公司 基于区块链的文件保密方法及文件保密装置
CN115118441A (zh) * 2022-08-29 2022-09-27 中航信移动科技有限公司 一种基于区块链的身份验证系统

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114143041A (zh) * 2020-03-03 2022-03-04 支付宝实验室(新加坡)有限公司 基于区块链的身份校验方法、装置、设备及存储介质
CN112287379B (zh) * 2020-12-24 2021-08-20 北京百度网讯科技有限公司 业务数据使用方法、装置、设备、存储介质和程序产品
CN117633848B (zh) * 2024-01-25 2024-04-12 中信证券股份有限公司 用户信息联合处理方法、装置、设备和计算机可读介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017108783A1 (fr) * 2015-12-22 2017-06-29 Gemalto Sa Procédé de gestion d'une identité de confiance
CN108702622A (zh) * 2017-11-30 2018-10-23 深圳前海达闼云端智能科技有限公司 移动网络接入认证方法、装置、存储介质及区块链节点
CN109918878A (zh) * 2019-04-24 2019-06-21 中国科学院信息工程研究所 一种基于区块链的工业物联网设备身份认证及安全交互方法
CN110457878A (zh) * 2019-08-14 2019-11-15 北京中电普华信息技术有限公司 一种基于区块链的身份认证方法、装置及系统
CN111556007A (zh) * 2020-03-03 2020-08-18 支付宝实验室(新加坡)有限公司 基于区块链的身份校验方法、装置、设备及存储介质

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018046009A1 (fr) * 2016-09-12 2018-03-15 上海鼎利信息科技有限公司 Système d'identité à chaîne de blocs
CN107086909B (zh) * 2017-03-07 2021-01-12 创新先进技术有限公司 身份信息的生成方法和装置、身份审核的方法和装置
CN107257340B (zh) * 2017-06-19 2019-10-01 阿里巴巴集团控股有限公司 一种认证方法、基于区块链的认证数据处理方法及设备
CN107579817A (zh) * 2017-09-12 2018-01-12 广州广电运通金融电子股份有限公司 基于区块链的用户身份验证方法、装置及系统
CN109600338B (zh) * 2017-09-30 2021-11-19 卓望数码技术(深圳)有限公司 一种可信身份管理服务方法及系统
US11057366B2 (en) * 2018-08-21 2021-07-06 HYPR Corp. Federated identity management with decentralized computing platforms
CN109951489B (zh) * 2019-03-27 2020-11-03 深圳市网心科技有限公司 一种数字身份认证方法、设备、装置、系统及存储介质
CN110020526A (zh) * 2019-04-02 2019-07-16 深圳智乾区块链科技有限公司 基于区块链身份认证的审批方法、装置及存储介质
CN110049060A (zh) * 2019-04-28 2019-07-23 南京理工大学 基于区块链的分布式可信身份存证方法及系统
CN110519062B (zh) * 2019-09-19 2021-10-29 腾讯科技(深圳)有限公司 基于区块链的身份认证方法、认证系统及存储介质

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017108783A1 (fr) * 2015-12-22 2017-06-29 Gemalto Sa Procédé de gestion d'une identité de confiance
CN108702622A (zh) * 2017-11-30 2018-10-23 深圳前海达闼云端智能科技有限公司 移动网络接入认证方法、装置、存储介质及区块链节点
CN109918878A (zh) * 2019-04-24 2019-06-21 中国科学院信息工程研究所 一种基于区块链的工业物联网设备身份认证及安全交互方法
CN110457878A (zh) * 2019-08-14 2019-11-15 北京中电普华信息技术有限公司 一种基于区块链的身份认证方法、装置及系统
CN111556007A (zh) * 2020-03-03 2020-08-18 支付宝实验室(新加坡)有限公司 基于区块链的身份校验方法、装置、设备及存储介质

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113821529A (zh) * 2021-09-26 2021-12-21 陕西师范大学 一种基于区块链技术的三维数字文化遗产溯源方法及装置
CN113761496A (zh) * 2021-10-21 2021-12-07 支付宝(杭州)信息技术有限公司 一种基于区块链的身份校验方法及装置和电子设备
CN113761496B (zh) * 2021-10-21 2024-04-09 支付宝(杭州)信息技术有限公司 一种基于区块链的身份校验方法及装置和电子设备
CN113806809A (zh) * 2021-11-17 2021-12-17 北京溪塔科技有限公司 一种基于区块链的求职者信息披露方法及系统
CN113806809B (zh) * 2021-11-17 2022-02-18 北京溪塔科技有限公司 一种基于区块链的求职者信息披露方法及系统
CN114499871A (zh) * 2021-12-23 2022-05-13 成都卫士通信息产业股份有限公司 一种签名加密方法、装置、系统及计算机可读存储介质
CN114499871B (zh) * 2021-12-23 2024-01-09 成都卫士通信息产业股份有限公司 一种签名加密方法、装置、系统及计算机可读存储介质
CN114760111A (zh) * 2022-03-24 2022-07-15 标信智链(杭州)科技发展有限公司 基于区块链的文件保密方法及文件保密装置
CN115118441A (zh) * 2022-08-29 2022-09-27 中航信移动科技有限公司 一种基于区块链的身份验证系统
CN115118441B (zh) * 2022-08-29 2022-11-04 中航信移动科技有限公司 一种基于区块链的身份验证系统

Also Published As

Publication number Publication date
CN111556007A (zh) 2020-08-18
CN114143041A (zh) 2022-03-04
CN111556007B (zh) 2021-09-24

Similar Documents

Publication Publication Date Title
WO2021174927A1 (fr) Procédé et appareil de vérification d'identité à base de chaîne de blocs, dispositif, et support de stockage
CN109359974B (zh) 区块链交易方法及装置、电子设备
ES2881289T3 (es) Método para gestionar una identidad de confianza
CN112215608B (zh) 数据处理方法和装置
US11095449B2 (en) System and method for securely processing an electronic identity
US12088568B2 (en) Systems and methods for secure key service
CN108647964B (zh) 一种区块链数据处理方法、装置及计算机可读存储介质
US20160162897A1 (en) System and method for user authentication using crypto-currency transactions as access tokens
CN111492634A (zh) 使用零知识协议的安全并且机密的保管交易系统、方法和设备
JP2023502346A (ja) 量子安全ネットワーキング
CN110597836B (zh) 基于区块链网络的信息查询请求响应方法及装置
US20230298015A1 (en) Systems and methods for verification of protected private information
CN114785511A (zh) 证明生成方法及装置、电子设备、存储介质
Calhoun et al. Physical unclonable function (PUF)-based e-cash transaction protocol (PUF-Cash)
JP2023543470A (ja) 物理複製困難関数に基づくチャレンジ応答プロトコル
CN110716724B (zh) 基于fpga实现隐私区块链的方法及装置
CN114389810B (zh) 证明生成方法及装置、电子设备、存储介质
US20240202718A1 (en) Blockchain based system and method
Huynh et al. A reliability guaranteed solution for data storing and sharing
Yang et al. PrivCrowd: A Secure Blockchain‐Based Crowdsourcing Framework with Fine‐Grained Worker Selection
TW202215814A (zh) 實體不可仿製之功能
CN115208642A (zh) 基于区块链的身份认证方法、装置及系统
Patel et al. The study of digital signature authentication process
JP2023543515A (ja) ブロックチェーン上に応答値を記憶する物理複製困難関数
Glauser Self-Sovereign Identities in Cardossier

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20923298

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20923298

Country of ref document: EP

Kind code of ref document: A1