WO2022242572A1 - 一种个人数字身份管理系统与方法 - Google Patents
一种个人数字身份管理系统与方法 Download PDFInfo
- Publication number
- WO2022242572A1 WO2022242572A1 PCT/CN2022/092777 CN2022092777W WO2022242572A1 WO 2022242572 A1 WO2022242572 A1 WO 2022242572A1 CN 2022092777 W CN2022092777 W CN 2022092777W WO 2022242572 A1 WO2022242572 A1 WO 2022242572A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- digital identity
- digital
- key
- information
- user
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000012795 verification Methods 0.000 claims abstract description 16
- 150000003839 salts Chemical class 0.000 claims description 48
- 238000007726 management method Methods 0.000 claims description 40
- 238000004891 communication Methods 0.000 claims description 33
- 238000013515 script Methods 0.000 claims description 15
- 238000004422 calculation algorithm Methods 0.000 claims description 3
- 230000000694 effects Effects 0.000 abstract description 4
- 238000005516 engineering process Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
Definitions
- Password management is a very complicated matter. When there are many passwords to be managed, it is very difficult to remember all the passwords, and it is also difficult to quickly generate user names and sufficiently secure passwords. On the other hand, the existing password management software It is unable to provide the ability to proactively provide multiple digital identities and manage digital identities at different levels. With the large-scale application of big data technologies such as user profiling technology, Internet giants' violations of user privacy are very common. Users need a way to manage their digital identities and protect their privacy from violations.
- the cryptographically secure random number generator may be configured to generate random numbers of sufficient strength.
- the hash calculator generates a new lower-level key according to the upper-level key and the salt.
- the network communication device has a built-in certificate used by the server and can be configured to establish a trusted communication channel with the server.
- the user can send the digital identity to the server through the network communication device.
- the digital identity generator may be configured to generate a digital identity and account information required by the user; first, the user sets a digital identity generation rule.
- the digital identity generation rule is a set of additional information keywords and programmable scripts corresponding to the additional information keywords. The script receives the additional information keywords and the digital identity master key, and returns additional information corresponding to the keywords.
- the public key, name, additional signature, number and index in the digital identity additional information may not be generated by the digital identity generation rule.
- the digital identity master key, public key, name, additional signature, number, index and digital identity generation rules used by the digital identity are stored in the information storage device.
- the salt generator uses the user-specified superior key and keyword, the random number generated by the random number generator, the keyword in the salt used by the superior key, the user-specified
- the keywords and known information of the formatted time generate a string or a string equivalent, return it as a salt, and store the salt in the message store.
- the server accepts the digital identity information sent by the client, performs digital signature, and displays the information publicly.
- the communication module can be configured to establish a secure channel with the client and communicate with the client;
- the signature management module includes a pair of public key and private key, and the digital key selected by the server operator Identity is authenticated and a verifiable digital signature is given.
- the display module numbers and indexes the digital identity transmitted by the client and displays it publicly.
- Step 1 initialization-creation of keys, wherein, the steps of initialization-creation of keys include:
- the first-level key is generated by the client using a random number generator or directly specified by the user, and the generated key is stored in the information storage device;
- Step 2 generating a digital identity, wherein the step of generating a digital identity includes:
- the client obtains the primary key or secondary key from the information storage device as the master key of the digital identity
- the client stores the generated information in the information storage device
- the user enters the platform information associated with the account.
- the client identifies the input information and queries the keywords in the digital identity additional information generation rules; when the corresponding platform keywords are retrieved, the corresponding script is used to generate account information; when the corresponding platform keywords are not retrieved, the user defines a new number Identity additional information generation rules or select existing keywords and digital identity additional information generation rules, and then use the corresponding script to generate the required account information;
- Step of signing the message includes:
- the user After the user enters the message, select the digital identity to be used through the display device of the client, use the digital identity master password selected by the user as the private key, sign the message through the digital signature generation and verification device, and finally give the corresponding digital signature , the generated digital signature can be used as additional information of other digital identities;
- Transmitting digital identity information to the server wherein the step of transmitting digital identity information to the server includes:
- the client user provides the required digital signature and digital identity index of the signature issuer to the access controller;
- the access control party requests the server for the digital identity corresponding to the digital identity index of the above-mentioned signature issuer, and uses the public key returned by the server to verify the signature; by confirming the content and authenticity of the signature, it judges whether to allow access.
- This application can safely, quickly and unlimitedly generate available digital identities, so that users can switch between multiple digital identities, so as to achieve the effect of fighting against the tracking of digital identities and better protect user privacy.
- public key and signature are provided to complete the verification.
- Fig. 2 shows an exemplary embodiment of a personal digital identity management method implemented by the personal digital identity management system according to the embodiment of the present application.
- Fig. 1 shows a personal digital identity management system according to an embodiment of the present application.
- the personal digital identity management system may include a client and a server.
- the client can operate independently, including a cryptographically secure random number generator, information storage device, digital identity generator, digital signature generation and verification device, network communication device, hash calculator, salt generator and display device.
- the hash calculator generates a new lower-level key according to the upper-level key and the salt.
- the digital identity generator can be configured to generate digital identity and account information required by the user; first, the user sets digital identity generation rules.
- the digital identity generation rule is a set of additional information keywords and programmable scripts corresponding to the additional information keywords. The script receives the additional information keywords and the digital identity master key, and returns additional information corresponding to the keywords.
- the public key, name, additional signature and index in the digital identity additional information may not be generated by the digital identity generation rule.
- the public key in the digital identity additional information is calculated by the master key as a private key through the public key encryption algorithm; the name in the digital identity additional information can be specified by the user, and the default value is the keyword in the salt used to generate the master key; The additional signature in the digital identity additional information can be specified by the user, and the default value is empty; the number and index are provided by the server, and the default value is empty.
- the additional information keywords in the digital identity generation rules and the programmable scripts corresponding to the additional information keywords are preset according to user needs.
- the digital identity master key, public key, name, additional signature, number and index, and the digital identity generation rules used by the digital identity are stored in the information storage device.
- the display device may be configured to display keys of various levels and digital identities corresponding to the keys for users to choose.
- the server accepts the digital identity information sent by the client, performs digital signature, and displays the information publicly.
- the communication module can be configured to establish a secure channel with the client and communicate with the client;
- the signature management module includes a pair of public key and private key, and the digital key selected by the server operator Identity is authenticated and a verifiable digital signature is given.
- the display module numbers and indexes the digital identities transmitted by the client and displays them publicly.
- Client users can access the server through the World Wide Web to obtain the digital identity information displayed by a specific user.
- client user A can use the public key in B presented by the server to verify after receiving the digital identity B signature.
- the application system can quickly generate an unlimited number of available digital identities, thereby preventing the tracking of digital identities; for scenarios that require verification and access control of user digital identities, digital signatures are provided to facilitate digital identity verification.
- Identity verification is provided to facilitate digital identity verification.
- Fig. 2 shows an exemplary implementation of a personal digital identity management method implemented by the personal digital identity management system according to the embodiment of the present application.
- the personal digital identity management method may include the following steps:
- Step 1 Initialization - create a key.
- the step of initializing-creating a key may include the following steps:
- the said primary key is generated by the client using a random number generator or directly specified by the user, and the generated key is stored in the information storage device.
- the client generates a secondary key.
- the user specifies the upper-level key and keyword, and uses the salt generator to generate salt.
- Step 2 Generate a digital identity.
- the step of generating a digital identity may include the following steps:
- the client obtains the primary key or secondary key from the information storage device as the master key of the digital identity.
- the client stores the generated information in the information storage device.
- the step of using a digital identity may include the following steps.
- the user selects the digital identity to be used through the display device of the client, and at the same time determines the digital identity generation rule used when the digital identity is generated.
- the user enters the platform information associated with the account, such as the domain name of the website, the name of the platform, etc.
- the input means include but not limited to manual input and code scanning input.
- the client side identifies the input information and queries the keywords in the digital identity additional information generation rules.
- the corresponding platform keyword is retrieved, use the corresponding script to generate account information;
- the user defines a new digital identity additional information generation rule or selects an existing keyword and digital identity additional information generation rule, Then use the corresponding script to generate the required account information.
- the user After the user enters the message, select the digital identity to be used through the display device of the client, use the digital identity master password selected by the user as the private key, sign the message through the digital signature generation and verification device, and finally give the corresponding digital signature .
- the generated digital signature can be used as additional information for other digital identities. For example, after the employee gives the public key, the company can give the digital signature of the employee's on-the-job information, and the employee can attach it to the additional information of their digital identity to prove that the owner of the digital identity is a company employee.
- the client requests the server to receive digital identity information. After the server agrees, the client transmits digital identity-related information to the server through the network communication device. After receiving the digital identity information, the server examines the corresponding digital identity index through the display module and lists the user The provided digital identity information and digital identity index are publicly displayed, and the server will return the generated digital identity index to the client through the communication module.
- the server returns corresponding digital identity information through the communication module according to the received digital identity index.
- the client verifies the message according to the public key in the digital identity returned by the server.
- the user sends digital identity information to the server through the network communication device of the client, and makes a request to the server, requiring the server maintainer to verify the user's identity.
- the client user provides the required digital signature and digital identity index of the signature issuer to the access controller.
- the access control party requests the server for the digital identity corresponding to the digital identity index of the above-mentioned signature issuer, and uses the public key returned by the server to verify the signature. By confirming the content and authenticity of the signature, it is judged whether to allow access.
- This application provides a personal digital identity management system and method disclosed in this application, including a client and a server; Identity information, carry out digital signature, and display the information publicly.
- the application method can safely, quickly and unlimitedly generate available digital identities, so that users can switch between multiple digital identities, so as to achieve the effect of fighting against the tracking of digital identities and better protect user privacy.
- public keys and signatures are provided to complete the verification.
- a personal digital identity management system and method of the present application are reproducible and can be used in various industrial applications.
- the personal digital identity management system and method of the present application can be used in the field of digital identity management.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Computing Systems (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Physics (AREA)
- Mathematical Optimization (AREA)
- Mathematical Analysis (AREA)
- Algebra (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (4)
- 一种个人数字身份管理系统,其特征在于,包括客户端与服务端;客户端能够独立运作,包括一个密码学安全的随机数发生器、信息存储装置、数字身份生成器、数字签名生成与验证装置、网络通信装置、哈希计算器、盐生成器以及显示装置;客户端使用用户指定的关键字对密钥进行分级管理;一级密钥由随机数发生器生成;包括二级密钥在内的次级密钥由上级密钥与盐经哈希计算器生成;对于二级密钥,其密钥生成过程中使用的盐包括随机数、关键字与时间信息;客户端使用用户指定的关键字来对密钥进行标记与分级;使用时间信息使得密钥随时间更新;更次级密钥生成过程中所使用的盐中关键字包括上级密钥的所有关键字及本次用户指定的新关键字;即更次级密钥生成过程中所使用的盐包括随机数、上级密钥的关键字、本次用户指定的关键字与时间信息;数字身份包括一个派生出此数字身份的主密钥以及附加信息;数字身份由数字身份生成器生成并储存在信息存储装置中;数字身份的附加信息包括名称、公钥、附加签名、索引以及用户自定义的信息,所述的自定义信息包括地址、各网络平台的名称与对应的账户及密码和数字货币的私玥与收款地址;附加信息中的公钥由主密钥作为私钥计算得到,主密钥能够用来作为私钥执行密码学功能;附加信息由数字身份生成装置生成;所述的密码学安全的随机数发生器被配置成用于生成具有足够强度的随机数;所述的信息存储装置,储存所有的密钥、盐、数字身份与数字身份生成规则并记录储存时间;所述的哈希计算器,根据上一级密钥与盐生成新的下一级密钥;所述的数字签名生成与验证装置,使用数字身份所对应的私玥,给出信息的数字签名并使用公钥对签名进行验证,所述的网络通信装置,内置服务端所使用的证书,被配置成用于与服务端建立可信的通信通道;用户能够通过网络通信装置将数字身份发送给服务端;所述的数字身份生成器,被配置成用于生成数字身份、数字身份生成规则以及用户所需的账户信息;所述的盐生成器,被配置成用于生成次级密钥所需的盐;所述的显示装置,被配置成用于展示各级密钥与密钥对应的数字身份,供用户进行选择;服务端接受客户端所传来的数字身份信息,进行数字签名,并将信息公开展示;包括 通信模块、展示模块和签名管理模块;所述的通信模块被配置成用于与客户端建立安全的信道,并与客户端通信;所述的签名管理模块包含成对的公钥与私钥,对服务端运营者所选的数字身份进行认证并给出可验证的数字签名;展示模块对客户端传输的数字身份进行编号与索引并公开展示。
- 根据权利要求1所述的一种个人数字身份管理系统,其特征在于,所述的数字身份生成器,被配置成用于生成数字身份以及用户所需的账户信息;首先,用户设置数字身份生成规则;所述的数字身份生成规则为附加信息关键字与附加信息关键字所对应的可编程脚本的集合,脚本接收附加信息关键字与数字身份主密钥,并返回与关键字对应的附加信息;数字身份附加信息中的公钥、名称、附加签名与编号及索引不由数字身份生成规则生成;数字身份附加信息中的公钥由主密钥作为私玥经公钥加密算法计算得到;数字身份附加信息中的名称能够由用户指定,缺省值为生成主密钥时所用盐中的关键字;数字身份附加信息中的附加签名能够由用户指定,缺省值为空;索引由服务端提供,缺省值为空;所述的数字身份生成规则中附加信息关键字与附加信息关键字所对应的可编程脚本根据用户需要进行预先设定;最后,将数字身份主密钥、公钥、名称、附加签名、编号及索引与该数字身份所用的数字身份生成规则存储在信息存储装置中。
- 根据权利要求2所述的一种个人数字身份管理系统,其特征在于,所述的盐生成器,使用用户指定的上级密钥与关键字、使用随机数发生器产生的随机数、上级密钥使用的盐中的关键字、用户指定的关键字与格式化时间的已知信息生成字符串或字符串等价物,作为盐返回,并将盐存储在信息存储装置中。
- 根据权利要求3所述的一种个人数字身份管理系统,其特征在于,所述个人数字身份管理系统实现一种个人数字身份管理方法,所述方法包括如下步骤:步骤1、初始化-创建密钥,其中,所述初始化-创建密钥的步骤包括:首先需要获取一级密钥;所诉的一级密钥由客户端使用随机数发生器生成或者用户直接指定,将生成的密钥储存在信息存储装置中;以及客户端生成次级密钥;用户指定上级密钥与关键字,使用盐生成装置生成盐;使用上一级密钥与盐共同通过哈希计算器生成次级密钥,并将次级密钥储存在信息存储装置中;步骤2、生成数字身份,其中,所述生成数字身份的步骤包括:客户端从信息存储装置中获取一级密钥或者次级密钥,作为该数字身份的主密钥;通过客户端的数字身份生成器生成数字身份;客户端将生成的信息储存在信息存储装置中;步骤3、使用数字身份,其中,所述使用数字身份的步骤包括:快速生成账户与密码,其中,所述快速生成账户与密码的步骤包括:首先用户通过客户端的显示装置选择所要使用的数字身份,同时确定该数字身份生成时所用的数字身份生成规则;用户输入账户所关联的平台信息;以及客户端识别输入信息,并查询数字身份附加信息生成规则中的关键字,当检索到对应平台关键词时,采用对应脚本生成账户信息,当未检索到对应平台关键词时,用户定义新的数字身份附加信息生成规则或选择已有关键字与数字身份附加信息生成规则,再使用对应脚本生成所需的账户信息;对消息进行签名,其中,所述对消息进行签名的步骤包括:用户输入消息后,通过客户端的显示装置选择所要使用的数字身份,使用用户所选择的数字身份主密码作为私钥,通过数字签名生成与验证装置对消息进行签名操作,最后给出对应的数字签名;生成的数字签名能够作为其他数字身份的附加信息;向服务端传输数字身份信息,其中,所述向服务端传输数字身份信息的步骤包括:客户端请求服务端接收数字身份信息,在服务端同意后,客户端通过网络通信装置向服务端传输数字身份相关信息,服务端接收数字身份信息后通过展示模块审查对应的数字身份索引并将用户提供的数字身份信息与数字身份索引进行公开展示,同时服务端将通过通信模块将生成的数字身份索引返回给客户端对消息进行验证,其中,所述对消息进行验证的步骤包括:用户在得到其他用户给出的数字签名与数字身份索引后,通过客户端的网络通信装置向服务端发送数字身份索引,请求对方包括公钥在内的数字身份信息;服务端通过通信模块根据接收到的数字身份索引返回相应的数字身份信息;以及客户端根据服务端返回数字身份中的公钥,对消息进行验证;服务端提供对数字身份的签名,其中,所述服务端提供对数字身份的签名的步骤包括:用户通过客户端的网络通信装置向服务端发送数字身份信息,并向服务端提出请求,要求服务端维护者对用户身份进行验证;以及服务端维护者对用户身份进行验证后,使用服务端的签名管理模块对用户发送的数字身份进行签名,给出对应用户数字身份的数字签名,并将用户发送的数字身份信息、签名管理模块给出的数字签名与数字身份索引返回用户客户端;对数字身份进行验证,其中,所述对数字身份进行验证的步骤包括:在需要身份验证与访问控制的场景,客户端用户向访问控制方提供所需的数字签名与签名发行者数字身份索引;以及访问控制方对服务端请求上述签名发行者数字身份索引对应的数字身份,并使用服务端返回的公钥对签名进行验证;通过对签名内容与真伪性的确认,对是否允许访问进行判断。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2023567140A JP2024528337A (ja) | 2021-05-17 | 2022-05-13 | 個人デジタルid管理システム及び方法 |
EP22803894.9A EP4343592A1 (en) | 2021-05-17 | 2022-05-13 | Personal digital identity management system and method |
US18/562,200 US20240243922A1 (en) | 2021-05-17 | 2022-05-13 | Personal digital identity management system and method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110535192.6A CN113268722B (zh) | 2021-05-17 | 2021-05-17 | 一种个人数字身份管理系统与方法 |
CN202110535192.6 | 2021-05-17 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022242572A1 true WO2022242572A1 (zh) | 2022-11-24 |
Family
ID=77231285
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2022/092777 WO2022242572A1 (zh) | 2021-05-17 | 2022-05-13 | 一种个人数字身份管理系统与方法 |
Country Status (5)
Country | Link |
---|---|
US (1) | US20240243922A1 (zh) |
EP (1) | EP4343592A1 (zh) |
JP (1) | JP2024528337A (zh) |
CN (1) | CN113268722B (zh) |
WO (1) | WO2022242572A1 (zh) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3989482A1 (en) | 2020-10-22 | 2022-04-27 | No.ID Sp. z o.o. | Creating and managing disposable identities |
CN113268722B (zh) * | 2021-05-17 | 2022-04-26 | 时昕昱 | 一种个人数字身份管理系统与方法 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012048015A1 (en) * | 2010-10-06 | 2012-04-12 | Prasad Peddada | System and method for single use transaction signatures |
CN102571326A (zh) * | 2010-12-09 | 2012-07-11 | 上海华虹集成电路有限责任公司 | 分级管理模式密钥管理系统的安全性测试方法 |
CN109347858A (zh) * | 2018-11-16 | 2019-02-15 | 上海敬信软件技术有限公司 | 密码保护方法、身份验证方法、装置、设备及存储介质 |
CN112532387A (zh) * | 2020-11-27 | 2021-03-19 | 上海爱数信息技术股份有限公司 | 一种密钥服务运算系统及其方法 |
CN113268722A (zh) * | 2021-05-17 | 2021-08-17 | 时昕昱 | 一种个人数字身份管理系统与方法 |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030235305A1 (en) * | 2002-06-20 | 2003-12-25 | Hsu Raymond T. | Key generation in a communication system |
CN105827412B (zh) * | 2016-03-14 | 2019-01-08 | 中金金融认证中心有限公司 | 认证方法、服务器及客户端 |
CN107948189B (zh) * | 2017-12-19 | 2020-10-30 | 数安时代科技股份有限公司 | 非对称密码身份鉴别方法、装置、计算机设备及存储介质 |
CN109271281B (zh) * | 2018-08-31 | 2021-10-22 | 政和科技股份有限公司 | 一种防数据被篡改的数据备份方法及系统 |
CN112039848B (zh) * | 2020-08-05 | 2022-11-04 | 北京链飞未来科技有限公司 | 一种基于区块链公钥数字签名的Web认证方法、系统和装置 |
CN112132560B (zh) * | 2020-09-30 | 2022-03-15 | 郑州信大捷安信息技术股份有限公司 | 链上数字资产管理方法及装置 |
CN112637131B (zh) * | 2020-12-01 | 2023-04-18 | 百果园技术(新加坡)有限公司 | 用户身份认证方法、装置、设备和存储介质 |
CN112733130B (zh) * | 2021-01-18 | 2022-11-29 | 成都质数斯达克科技有限公司 | 账户注册方法、装置、电子设备及可读存储介质 |
-
2021
- 2021-05-17 CN CN202110535192.6A patent/CN113268722B/zh active Active
-
2022
- 2022-05-13 JP JP2023567140A patent/JP2024528337A/ja active Pending
- 2022-05-13 EP EP22803894.9A patent/EP4343592A1/en active Pending
- 2022-05-13 WO PCT/CN2022/092777 patent/WO2022242572A1/zh active Application Filing
- 2022-05-13 US US18/562,200 patent/US20240243922A1/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012048015A1 (en) * | 2010-10-06 | 2012-04-12 | Prasad Peddada | System and method for single use transaction signatures |
CN102571326A (zh) * | 2010-12-09 | 2012-07-11 | 上海华虹集成电路有限责任公司 | 分级管理模式密钥管理系统的安全性测试方法 |
CN109347858A (zh) * | 2018-11-16 | 2019-02-15 | 上海敬信软件技术有限公司 | 密码保护方法、身份验证方法、装置、设备及存储介质 |
CN112532387A (zh) * | 2020-11-27 | 2021-03-19 | 上海爱数信息技术股份有限公司 | 一种密钥服务运算系统及其方法 |
CN113268722A (zh) * | 2021-05-17 | 2021-08-17 | 时昕昱 | 一种个人数字身份管理系统与方法 |
Also Published As
Publication number | Publication date |
---|---|
EP4343592A1 (en) | 2024-03-27 |
JP2024528337A (ja) | 2024-07-29 |
CN113268722A (zh) | 2021-08-17 |
US20240243922A1 (en) | 2024-07-18 |
CN113268722B (zh) | 2022-04-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US12086799B2 (en) | Method and system for zero-knowledge and identity based key management for decentralized applications | |
AU2021206913B2 (en) | Systems and methods for distributed data sharing with asynchronous third-party attestation | |
CN109862041B (zh) | 一种数字身份认证方法、设备、装置、系统及存储介质 | |
CN108768988B (zh) | 区块链访问控制方法、设备及计算机可读存储介质 | |
JP4790731B2 (ja) | 派生シード | |
US9397839B2 (en) | Non-hierarchical infrastructure for managing twin-security keys of physical persons or of elements (IGCP/PKI) | |
CN1885771B (zh) | 用于建立安全通信会话的方法与装置 | |
US8196186B2 (en) | Security architecture for peer-to-peer storage system | |
US7925023B2 (en) | Method and apparatus for managing cryptographic keys | |
WO2022242572A1 (zh) | 一种个人数字身份管理系统与方法 | |
CN101405759A (zh) | 用户中心私人数据管理的方法和设备 | |
JP2011239476A (ja) | 導出鍵を用いたセキュアメッセージングシステム | |
US9485090B2 (en) | Managed authentication on a distributed network | |
US10033724B2 (en) | System of composite passwords incorporating hints | |
JP2007519077A (ja) | アイデンティティの認識のための方法およびシステム | |
CN108632385B (zh) | 基于时间序列的多叉树数据索引结构云存储隐私保护方法 | |
KR20210095093A (ko) | 탈중앙화 아이디 앱을 이용하여 인증 서비스를 제공하는 방법 및 이를 이용한 탈중앙화 아이디 인증 서버 | |
CN109981287A (zh) | 一种代码签名方法及其存储介质 | |
Guo et al. | Using blockchain to control access to cloud data | |
CN110188545B (zh) | 一种基于链式数据库的数据加密方法及装置 | |
JP5799635B2 (ja) | 暗号データ検索システム、装置、方法及びプログラム | |
Yeh et al. | Applying lightweight directory access protocol service on session certification authority | |
US20140245412A1 (en) | Linking credentials in a trust mechanism | |
Blömer et al. | Cloud architectures for searchable encryption | |
JPH11331145A (ja) | 情報共有システム、情報保管装置およびそれらの情報処理方法、並びに記録媒体 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 22803894 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2023567140 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 18562200 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2022803894 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 2022803894 Country of ref document: EP Effective date: 20231218 |