CN108512661A - A kind of safety protecting method of block chain private key for user - Google Patents
A kind of safety protecting method of block chain private key for user Download PDFInfo
- Publication number
- CN108512661A CN108512661A CN201810284907.3A CN201810284907A CN108512661A CN 108512661 A CN108512661 A CN 108512661A CN 201810284907 A CN201810284907 A CN 201810284907A CN 108512661 A CN108512661 A CN 108512661A
- Authority
- CN
- China
- Prior art keywords
- private key
- user
- hash value
- block chain
- account
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of safety protecting methods of block chain private key for user, for solving the problems, such as the security protection given for change with private key after stolen after private key is lost.The present invention utilizes the randomness diffusion of hash algorithm and irreversible feature, the hash value for the security parameter that can be controlled using user is as private key, customer parameter is introduced under the premise of meeting private key randomness and requiring, effectively solves the problems, such as that the ownership proof of private key and private key give problem for change.The present invention can be widely applied to use application system of the random number as asymmetric cryptographic algorithm private key, especially have a good application prospect in block chain network.
Description
Technical field
The invention belongs to block chain and its private key security technology area more particularly to a kind of safety of block chain private key for user
Means of defence.
Background technology
Block chain is a kind of a kind of chain type number for being sequentially in time combined into data block in such a way that sequence is connected
According to structure, and the distributed account book that ensures to distort in a manner of cryptography and can not forge.In block catenary system, private key is
Each user oneself generates and oneself is responsible for the random number of keeping, theoretically without third-party participation, so private key is once
It loses, just loses the management and control to account assets.With current calculation power and technology, from wallet address or public key retrodict private key be can not
Capable.Therefore, for block chain user, private key is exactly all.Due to also lacking effective solution, institute at present
It is faced with the risk for causing digital asset to lose due to private key is lost or is stolen with the user of block chain especially bit coin, is solved
Private key for user problem out of control has very important practical significance to the safety for promoting block chain network.
Invention content
Active demand for the protection of block chain private key for user and the deficiencies in the prior art, in order to solve the institute of private key for user
It has the right to belong to proof problem and security protection problem, the present invention provides a kind of safety protecting methods of block chain private key for user.
One-way and randomness diffusion property of the method for the present invention based on Hash functions, utilize the hash value and use of the biological characteristic of user
The hash value for the hash value XOR operation value that the registered permanent residence enables is as private key.For not knowing that the hacker of biological characteristic and user password comes
It says, even if which give private key, a biological characteristic and password can not be found and obtain same private key, thus can be life
The proof that object feature and password belong to as private key, that is, in the case where private key is stolen, the biology for generating private key can be utilized special
The proof that password of seeking peace belongs to as private key can utilize biological characteristic and password to restore again in the case where private key is lost
Private key, it is to realize the safeguard protection of private key for user, i.e., anti-lost also to prevent being stolen.
A kind of safety protecting method of block chain private key for user of the present invention, including private key production method and security protection side
Method, wherein private key production method includes but not limited to:Using the hash value of a security parameter as private key for user;Safety is anti-
Maintaining method includes but not limited to:(1)When user account logs in and initiates transaction, communication terminal that system is registered to user in real time
Reminder message is sent, when user has found account by illegal operation, it is out of control that user broadcasts its private key in block chain network in time
Alert message(Broadcast private key and public key out of control)And initiate all transaction unconfirmed for freezing to be signed by the private key, institute
It is all illegal transaction corresponding trading processing unconfirmed to have node;(2)When there is dispute in the right of attribution of some private key, if
One user can show a parameter within the time of restriction and be striven by the hash value of other node verification parameters and presence
The private key of view is completely the same, then the user is considered as the lawful owner of the private key;(3)Lawful owner's weight of the private key
New private key is newly generated, submission is transferred to whole digital assets in account corresponding to dispute private key in new private key account
Transaction, and show the hash value of the hash value and user password for generating the biological characteristic that there is dispute private key, if
The hash value of the XOR operation value of the hash value of the biological characteristic and the hash value of user password and the private key that there is dispute are complete
Complete consistent, then account private key change is recognized.
Further, hash value used by the method for the present invention includes using standard hash algorithm and anti-quantum calculation
The output result that hash algorithm obtains.
Further, security parameter used by the method for the present invention include but not limited to user biological feature hash value with
The XOR operation value of the hash value of user password.
Further, user biological feature used by the method for the present invention includes but not limited to fingerprint characteristic, facial characteristics
And iris feature.
Further, the private key in the method for the present invention includes but not limited to the ECC of 256 bits, 384 bits and 512 bits
Algorithm(Including signature algorithm and Encryption Algorithm)Private key.
Compared with prior art, a kind of safety protecting method of block chain private key for user of the invention has following notable wound
New property:The present invention is using the randomness diffusion of hash algorithm and irreversible feature, the security parameter that can be controlled using user
Hash value as private key, rationally introduce customer parameter under the premise of meeting private key randomness and requiring, can effectively solve private
The ownership proof problem of key and private key give problem for change, to realize the safeguard protection of private key for user, i.e., it is anti-lost also prevent it is stolen
It takes.The present invention can be widely applied to use application system of the random number as private key, especially have in block chain network
Good application prospect.
Description of the drawings
Fig. 1 is the private key production method schematic diagram of the present invention.
Specific implementation mode
To keep technical scheme of the present invention and advantage clearer, as the part of the present invention, below in conjunction with attached drawing and
Specific embodiment, the present invention is described in further detail.
The present invention is suitable for the situation of all private keys using random number as asymmetric cryptographic algorithm, and the present invention is not specific
Limit the method that corresponding public key generates(For example, the public key production method spec256k1 of bit coin may be used).
Hash value used in the present invention includes using standard hash algorithm(Such as MD5, SHA_1, SHA_256 etc.)With
The hash algorithm of anti-quantum calculation(Such as anti-quantum standard algorithm)Obtained output result.It is multiple used in the present invention
Hash value may be used the same hash algorithm and generate, and multiple hash algorithms can also be used to generate.
Under normal conditions, block chain user node randomly generates a random number as private key, and still, which does not have
User characteristics.After private key is stolen, user does not have effective means to control risk;After private key is lost, user also has no idea to give for change.
The present invention utilizes the Hash for the security parameter that user can control using the randomness diffusion of hash algorithm and irreversible feature
Be worth the ownership proof and private key that private key can be effectively solved the problems, such as private key gives problem for change, to realize private key for user
Safeguard protection, i.e., it is anti-lost also to prevent being stolen.
As a preferred embodiment, private key production method of the invention is as shown in Figure 1, the embodiment is used to generate
The private key of the ECC algorithm of 256 bits, wherein using fingerprint characteristic and password as customer parameter, using user fingerprints feature
The hash value of the XOR operation value of the hash value of hash value and user password is as private key, that is, note user fingerprints are characterized as C, mouth
Enable is P, then, private key SK=SHA_256 (SHA_256 (C) ⊕ SHA_256 (P)), wherein ⊕ indicates XOR operation.User adopts
Block chain account is logged in private key SK to be stolen by hacker to reduce fingerprint characteristic and password without the use of fingerprint characteristic and password
Risk.
It when practical application, needs to increase corresponding security mechanism in block catenary system, that is, user account is logged in and initiated
When transaction, communication equipment that system is registered to user in real time(Such as mobile phone)Reminder message is sent, when user has found account quilt
When illegal operation, user may be used account out of control or other accounts and broadcast the police out of control of its private key in block chain network in time
Report message(Wherein, alert message includes the public key and private key of user)And it is all unconfirmed to initiate to freeze to be signed by the private key
Transaction, all nodes are all illegal transaction corresponding trading processing unconfirmed(That is, not handling the illegal transaction, accounting nodes
All illegal transactions are rejected from trading pit);It is possible thereby to be lost caused by reducing the stolen possibility of private key for user;Then, area
Block catenary system starts the arbitration of the private key right of attribution, that is, if a user can show a parameter and quilt within the time of restriction
The hash value of other node verification parameters is completely the same with the private key that there is dispute, then the user is considered as the conjunction of the private key
Method owner;Obviously, the user for stealing SK can not show the security parameter for generating SK, and the lawful owner of the private key can be suitable
Profit shows SHA_256 (C) ⊕ SHA_256 (P) and SK, to solve the problems, such as that the right of attribution of private key proves;Finally, the private key
Lawful owner regenerate new private key, submission is transferred to whole digital assets in account corresponding to dispute private key newly
Private key account in transaction, and show for generate it is described exist dispute private key fingerprint characteristic hash value SHA_256
(C) with the hash value SHA_256 of user password (P), if the hash value SHA_256 (C) of the fingerprint characteristic and using the registered permanent residence
The hash value of the XOR operation value of the hash value SHA_256 (P) of order and the private key that there is dispute are completely the same, then account private key
Change and corresponding money transfer transactions are recognized.To realize the security protection to private key for user account.
When private key for user is lost, user can utilize the hash value SHA_256 (C) and user password of fingerprint characteristic
Hash value SHA_256 (P) restores private key.Certainly, in order to realize that better safeguard protection, user password and private key should be isolated
Storage protection.
In order to realize higher algorithm security, the private key of the ECC algorithm of 384 bits and 512 bits can also be used.
It should be noted that the method for the present invention can be widely applied to the generation of private key, it is not limited solely to use for block chain
The generation of family private key.
Embodiments described above is only a part of the embodiment of the present invention, instead of all the embodiments.This field
Other direct embodiments for using the method for the present invention that those of ordinary skill is obtained under the premise of not making creative work, all
Belong to the scope of protection of the invention.
Claims (5)
1. a kind of safety protecting method of block chain private key for user, which is characterized in that including private key production method and security protection
Method, wherein
Private key production method includes:Using the hash value of a security parameter as private key for user;
Safety protecting method includes:
(1)When user's logon account and initiation transaction, system sends reminder message to the communication terminal that user is registered in real time, when
When user has found account by illegal operation, user broadcasts its private key alert message out of control and initiation in block chain network in time
Freeze the request for all transaction unconfirmed signed by the private key, all nodes are illegal trading processing unconfirmed accordingly
Transaction;
(2)When the right of attribution of some private key has dispute, if a user can show a ginseng within the time of restriction
Number is simultaneously completely the same by the hash value of other node verification parameters and the private key in the presence of dispute, then the user is considered as the private
The lawful owner of key;
(3)The lawful owner of the private key regenerates new private key, submits the whole in account corresponding to dispute private key
Digital asset is transferred to the transaction in new private key account, and shows for generating the biological characteristic that there is dispute private key
The hash value of hash value and user password, if the XOR operation of the hash value of the hash value and user password of the biological characteristic
The hash value of value and the private key that there is dispute are completely the same, then account private key change is recognized.
2. according to the method described in claim 1, it is characterized in that, the hash value includes using standard hash algorithm and anti-amount
The output result that the hash algorithm that son calculates obtains.
3. according to the method described in claim 1, it is characterized in that, the security parameter includes the hash value of user biological feature
With the XOR operation value of the hash value of user password.
4. according to the method described in claim 3, it is characterized in that, user biological feature include fingerprint characteristic, facial characteristics and
Iris feature.
5. according to the method described in claim 1, it is characterized in that, the private key includes 256 bits, 384 bits and 512 bits
ECC algorithm private key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810284907.3A CN108512661A (en) | 2018-04-02 | 2018-04-02 | A kind of safety protecting method of block chain private key for user |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810284907.3A CN108512661A (en) | 2018-04-02 | 2018-04-02 | A kind of safety protecting method of block chain private key for user |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN108512661A true CN108512661A (en) | 2018-09-07 |
Family
ID=63380102
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810284907.3A Withdrawn CN108512661A (en) | 2018-04-02 | 2018-04-02 | A kind of safety protecting method of block chain private key for user |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108512661A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109067529A (en) * | 2018-09-09 | 2018-12-21 | 成都量安区块链科技有限公司 | A kind of production method of block chain private key for user |
| CN109359464A (en) * | 2018-10-29 | 2019-02-19 | 南通大学 | A kind of wireless security authentication method based on block chain technology |
| CN109639421A (en) * | 2019-01-09 | 2019-04-16 | 山东浪潮质量链科技有限公司 | A kind of method that private key is given for change and server |
| CN110009352A (en) * | 2019-03-29 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Method and apparatus based on biological characteristic resetting block chain account key |
| CN110070363A (en) * | 2019-03-13 | 2019-07-30 | 咪咕文化科技有限公司 | Account management method, verification method and terminal device in block chain network |
| CN110417546A (en) * | 2019-07-03 | 2019-11-05 | 山东大学 | The method and apparatus that the end B based on multi-way encryption uses private key |
| CN111159774A (en) * | 2019-12-11 | 2020-05-15 | 马上游科技股份有限公司 | Decentralized intelligent contract escrow wallet method and system |
| CN111210224A (en) * | 2019-12-23 | 2020-05-29 | 中思博安科技(北京)有限公司 | Access control method and device in block chain network |
| CN115098850A (en) * | 2022-05-14 | 2022-09-23 | 陈勇 | Account management method, device and system |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1336597A (en) * | 2000-08-02 | 2002-02-20 | 邵通 | Ciphered matter and right transferring method and system |
| CN101626295A (en) * | 2008-07-08 | 2010-01-13 | ***通信集团公司 | Method, device and system for guaranteeing security of network logon |
| CN101635743A (en) * | 2009-04-02 | 2010-01-27 | 浙江亚斯特科技有限公司 | System and method using biologic characteristic certification result to validate identity of mobile terminal holder |
| CN106059764A (en) * | 2016-08-02 | 2016-10-26 | 西安电子科技大学 | Password and fingerprint third-party authentication method based on halting key derivation function |
| US20160330027A1 (en) * | 2015-05-05 | 2016-11-10 | ShoCard, Inc. | Identity Management Service Using A Blockchain Providing Certifying Transactions Between Devices |
| CN107579817A (en) * | 2017-09-12 | 2018-01-12 | 广州广电运通金融电子股份有限公司 | User ID authentication method, apparatus and system based on block chain |
-
2018
- 2018-04-02 CN CN201810284907.3A patent/CN108512661A/en not_active Withdrawn
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1336597A (en) * | 2000-08-02 | 2002-02-20 | 邵通 | Ciphered matter and right transferring method and system |
| CN101626295A (en) * | 2008-07-08 | 2010-01-13 | ***通信集团公司 | Method, device and system for guaranteeing security of network logon |
| CN101635743A (en) * | 2009-04-02 | 2010-01-27 | 浙江亚斯特科技有限公司 | System and method using biologic characteristic certification result to validate identity of mobile terminal holder |
| US20160330027A1 (en) * | 2015-05-05 | 2016-11-10 | ShoCard, Inc. | Identity Management Service Using A Blockchain Providing Certifying Transactions Between Devices |
| CN106059764A (en) * | 2016-08-02 | 2016-10-26 | 西安电子科技大学 | Password and fingerprint third-party authentication method based on halting key derivation function |
| CN107579817A (en) * | 2017-09-12 | 2018-01-12 | 广州广电运通金融电子股份有限公司 | User ID authentication method, apparatus and system based on block chain |
Non-Patent Citations (2)
| Title |
|---|
| T2噬菌体: "《哈希(Hash)与加密(Encrypt)的基本原理、区别及工程应用》", 《HTTPS://WWW.CNBLOGS.COM/LEOO2SK/ARCHIVE/2010/10/01/HASH-AND-ENCRYPT.HTML》 * |
| 巴比特: "《聊聊脑钱包的那些事儿,brainwallet.org永久关闭》", 《HTTPS://WWW.LIANSHIJIE.COM/COIN/25124》 * |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109067529A (en) * | 2018-09-09 | 2018-12-21 | 成都量安区块链科技有限公司 | A kind of production method of block chain private key for user |
| CN109359464A (en) * | 2018-10-29 | 2019-02-19 | 南通大学 | A kind of wireless security authentication method based on block chain technology |
| CN109359464B (en) * | 2018-10-29 | 2021-10-15 | 南通大学 | Wireless security authentication method based on block chain technology |
| CN109639421B (en) * | 2019-01-09 | 2021-09-21 | 山东浪潮质量链科技有限公司 | Method for retrieving private key and server |
| CN109639421A (en) * | 2019-01-09 | 2019-04-16 | 山东浪潮质量链科技有限公司 | A kind of method that private key is given for change and server |
| CN110070363A (en) * | 2019-03-13 | 2019-07-30 | 咪咕文化科技有限公司 | Account management method, verification method and terminal device in block chain network |
| CN110009352A (en) * | 2019-03-29 | 2019-07-12 | 阿里巴巴集团控股有限公司 | Method and apparatus based on biological characteristic resetting block chain account key |
| CN110009352B (en) * | 2019-03-29 | 2021-02-05 | 创新先进技术有限公司 | Method and apparatus for resetting blockchain account key based on biometrics |
| CN110417546A (en) * | 2019-07-03 | 2019-11-05 | 山东大学 | The method and apparatus that the end B based on multi-way encryption uses private key |
| CN111159774A (en) * | 2019-12-11 | 2020-05-15 | 马上游科技股份有限公司 | Decentralized intelligent contract escrow wallet method and system |
| CN111159774B (en) * | 2019-12-11 | 2022-07-15 | 马上游科技股份有限公司 | Decentralized intelligent contract escrow wallet method and system |
| CN111210224A (en) * | 2019-12-23 | 2020-05-29 | 中思博安科技(北京)有限公司 | Access control method and device in block chain network |
| CN115098850A (en) * | 2022-05-14 | 2022-09-23 | 陈勇 | Account management method, device and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108512661A (en) | A kind of safety protecting method of block chain private key for user | |
| CN110741600B (en) | Computer-implemented system and method for providing a decentralised protocol for retrieving encrypted assets | |
| CN110958110B (en) | Block chain private data management method and system based on zero knowledge proof | |
| CN107124268A (en) | A kind of privacy set common factor computational methods for resisting malicious attack | |
| CN112953727A (en) | Internet of things-oriented equipment anonymous identity authentication method and system | |
| CN103490889B (en) | A kind of infinite length key internet communication encryption method | |
| CN111404664B (en) | Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices | |
| CN109146524A (en) | A kind of agricultural product using block chain technology are traced to the source information security solution | |
| Giri et al. | Efficient biometric and password based mutual authentication for consumer USB mass storage devices | |
| CN109379176B (en) | Password leakage resistant authentication and key agreement method | |
| CN108881960A (en) | The method of intelligent video camera head security control and data confidentiality based on id password | |
| CN110505055A (en) | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system | |
| CN111416715A (en) | Quantum secret communication identity authentication system and method based on secret sharing | |
| CN107612680A (en) | A kind of national secret algorithm in mobile network's payment | |
| CN110224816A (en) | Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number | |
| CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| CN115442050A (en) | Privacy protection federal learning method based on SM9 algorithm | |
| CN109067529A (en) | A kind of production method of block chain private key for user | |
| CN104618113A (en) | Method for authenticating identity of mobile terminal and constructing safety channel | |
| CN106230840A (en) | A kind of command identifying method of high security | |
| CN110912702B (en) | Block chain asset management method based on hidden social relationship | |
| CN110430047B (en) | Anti-quantum computing energy-saving equipment key negotiation method and system based on asymmetric key and MQV | |
| Li et al. | An improved two-factor user authentication protocol for wireless sensor networks using elliptic curve cryptography | |
| Zhu et al. | A Novel Biometrics-based One-Time Commitment Authenticated Key Agreement Scheme with Privacy Protection for Mobile Network. | |
| JP2002539489A (en) | Voice and data encryption method using encryption key split combiner |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20180907 |
|
| WW01 | Invention patent application withdrawn after publication |