CN108615154A - A kind of block chain digital signature system and process for using based on hardware encipherment protection - Google Patents
A kind of block chain digital signature system and process for using based on hardware encipherment protection Download PDFInfo
- Publication number
- CN108615154A CN108615154A CN201810406816.2A CN201810406816A CN108615154A CN 108615154 A CN108615154 A CN 108615154A CN 201810406816 A CN201810406816 A CN 201810406816A CN 108615154 A CN108615154 A CN 108615154A
- Authority
- CN
- China
- Prior art keywords
- data
- digital signature
- hardware
- encipherment protection
- block chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3823—Payment protocols; Details thereof insuring higher security of transaction combining multiple encryption tools for a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Technology Law (AREA)
- Computing Systems (AREA)
- Data Mining & Analysis (AREA)
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a kind of block chain digital signature systems and process for using based on hardware encipherment protection,It include user terminal,Management end,Digital signature protection system,Hardware encipherment protection module,User terminal is connect by digital signature protection system with hardware encipherment protection module both-way communication,Management end is off-line system,It is connect with hardware encipherment protection module both-way communication by digital signature protection system,User terminal is communicated to connect with external block chain network,Hardware encipherment protection module is HSM hardware encryption equipment or the CPU using Intel SGX technologies,This system private key for user and signature rule are respectively positioned in hardware encipherment protection module,Private key for user is located at consistently online in hardware encipherment protection module,It is suitable for high frequency transaction,And private key and signature rule are also to exist in the form of encrypting when storing,System is effectively reduced to be invaded,User account is held as a hostage,Digital cash is stolen,The spoofed equivalent risk of block chain transaction.
Description
Technical field
The present invention relates to block chain technical field, specially a kind of block chain digital signature system based on hardware encipherment protection
System and process for using.
Background technology
Block chain is generally understood as a distributed account book, it is substantially also a Distributed Calculation and storage is
System, different blocks chain node are reached common understanding by certain computation rule, and by the transaction implementing result after common recognition with block
Form store into database, multiple blocks constitute block chain.
In block chain technical system, trust is communicated and reached between each node, needs to rely on digital signature technology,
It mainly realizes identity validation and ensures information integrity.Digital signature is related to the tools such as private key, public key and wallet.Number
There are two effects for word signature, first, proving that message is strictly to be issued by information sender, two are to determine the integrality of message.
By the asymmetric encryption mechanism of private key, public key, transmission content-encrypt is carried out using the public key of specific recipient, only this is received
The private key of people could decrypt transmission content, to realize to specifying the information of recipient to transmit safety guarantee, additionally by sending out
Sending end and receiving terminal Hash same to message content execution are calculated and are compared hash value, it is ensured that send the integrality of information.By
This visible private key is most important part in block chain technology, because the identity of user, the guarantor of private key can uniquely be represented
It deposits and using must be perfectly safe, once revealing and mean that this block chain user is stolen and replaces completely if being used by others
Generation.
At present to the preservation of private key and management mainly using cold wallet by the way of, i.e., offline preservation, when use, reads again
The mode of line, though having certain safety, service efficiency is very low, completely uncomfortable in requisition for the application for carrying out high-frequency operation
Scene, and preservation means effectively to give for change once loss or if forgeing offline, if enterprise takes offline mode in addition
It preserves private key to be intended to manually carry out the management of private key and take, it is difficult to which ghost steals private key in taking precautions against.
Must be absolutely controllable using the operating process that private key is digitally signed, due to the occupation mode of current digital signature
It is to be carried out in computer operating system by routine call, so there are digital signing operations or digital signature function interface quilts
The risk of attacker's control.Enterprise repeatedly occurs recently or exchange is stolen and private key is caused to lose by hacker attack or interior ghost
It loses, finally loses the security incident of a large amount of ideal moneys, need a kind of technology can safely controllablely in block chain ecosystem
Carry out the management and use of private key and digital signature.For this purpose, proposing a kind of block chain digital signature based on hardware encipherment protection
System and process for using.
Invention content
The purpose of the present invention is to provide a kind of block chain digital signature system based on hardware encipherment protection and use stream
Journey, to solve the problems mentioned in the above background technology.
To achieve the goals above, the present invention provides following technical solutions:
A kind of block chain digital signature system based on hardware encipherment protection, the system comprises user terminal, management end, numbers
Word signature protection system, hardware encipherment protection module, the user terminal pass through digital signature protection system and hardware encipherment protection
Module both-way communication connects, and the management end is connected by digital signature protection system and hardware encipherment protection module both-way communication
It connects, the user terminal is communicated to connect with external block chain network, and the management end is off-line system, can only be in local or LAN
It accesses, to ensure the safety of this system.
Further, the hardware encipherment protection module is HSM hardware encryption equipment or uses the CPU of Intel SGX technologies,
HSM hardware encryption equipments are a kind of computing devices of entity, can be individual hardware device can also be in the form of hardware board
On the user's computer, Intel SGX are an extensions to Intel's CPU technical systems, for enhancing at data for installation
The safety of reason.The processing mode of Intel SGX is not all Malwares on identification and free isolated operation system, but will
The safety operation of legal software is encapsulated in a range, protects it from the attack of Malware.By Intel processor
SGX technologies are switched by the hardware mode of CPU, and system enters trusted mode execution, and it is complete to only use required hardware composition one
The privileged secure mode being isolated entirely.Intel SGX technologies can provide HSM hardware encryption equipments similar safe handling function, but
Installation and manufacturing cost is greatly saved, to improve the application of technical solution of the present invention.
A kind of process for using of the block chain digital signature system based on hardware encipherment protection, including digital signature protection system
The setting initialization procedure and transaction data request process, flow of system are as follows:
Initialization procedure is set:
Regular data D1 is transferred to digital signature protection system, digital signature protection system by M1, user by management end
Forward rule data D1 is to hardware encipherment protection module;
M2, hardware encipherment protection module are encrypted encapsulation to regular data D1 and obtain encryption data D2;
Encryption data D2 is sent to digital signature protection system, digital signature protection system by M3, hardware encipherment protection module
System stores encryption data D2;
Transaction data request process:
Transaction data D3 is transferred to digital signature protection system by S1, user by user terminal;
Transaction data D3 is identified for S2, digital signature protection system, and extracts and be organized into native data D4;
Native data D4 is transferred to hardware encipherment protection module by S3, digital signature protection system;
Encryption data D2 progress logic whether is loaded with to it after S4, hardware encipherment protection module acquisition native data D4 to sentence
It is disconnected:
A1, when being loaded with encryption data D2 in hardware encipherment protection module, hardware encipherment protection module is to encryption data
D2 is decrypted to obtain the regular data D1 in M1;
A2, when not being loaded with encryption data D2 in hardware encipherment protection module, then hardware encipherment protection module is to number
Signature protection system sends out instruction, after being transferred in digital signature protection system and loading encryption data D2, repeats above-mentioned A1 and walks
Suddenly;
S5, regular data D1 is compared hardware encipherment protection module with native data D4, and carries out logic judgment:
B1 is authenticated signature to native data D4 and obtains certification when native data D4, which meets regular data D1, to be required
Data D5;
B2 then refuses the signature request of native data D4 when native data D4, which is unsatisfactory for regular data D1, to be required;
Authentication data D5 is sent to digital signature protection system by S6, hardware encipherment protection module;
S7, digital signature protection system is built to obtain authenticating transactions data D6, and authenticating transactions data D6 is transmitted
To user terminal;
S8, user terminal broadcast authenticating transactions data D6 to external block chain network.
Further, the regular data D1 includes the block chain private key and signature rule of user.
Further, the quantity of the user is at least one, includes uniqueness in regular data D1 and transaction data D3
Label data, this label data be useful for confirm be which user is operating, to carry out matching operation.
Further, the signature rule includes the amount upper limit and address white list.
Further, the signature rule includes timeliness.
Further, in the step of S5, in the case of B2, hardware encipherment protection module is transmitted to number by situation is refused
Signature protection system, digital signature protection system feed back to user terminal by situation is refused.
Compared with prior art, the beneficial effects of the invention are as follows:A kind of block chain number label based on hardware encipherment protection
Name system and process for using, private key for user and signature rule are isolated with user terminal by hardware encipherment protection module, when use
Private key for user and signature rule are respectively positioned in hardware encipherment protection module, and private key for user, which is located in hardware encipherment protection module, to be continued
Online, it is ensured that private family key safety and digital signature procedure it is safely controllable while, block chain technology can be well adapted for
Under the conditions of high frequency transaction, multi-user merchandise scene, security from attacks person is also to add when in addition private key for user and signature rule store
Close form is stored in digital signature protection system, and information therein can not also be directly acquired by being stolen by other people, and safe coefficient is high,
Can take precautions against including it is interior ghost to private key steal and the abduction of digital signature function.
Description of the drawings
Fig. 1 is the flow diagram of present invention setting initialization procedure;
Fig. 2 is the flow diagram of transaction data request process of the present invention.
Specific implementation mode
The technical solution in the present invention is clearly and completely described with reference to specific embodiment, it is clear that described
Embodiment be only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, ability
The every other embodiment that domain those of ordinary skill is obtained without making creative work, belongs to guarantor of the present invention
The range of shield.
With reference to figure 1-2, the safety of data is opposite, it is impossible to there is the scheme being perfectly safe, such as the account of user
Although encrypted message is taken care of by high strength encrypting, but still may in some cases, user oneself accidentally reveals decodement,
Such situation will likely cause user account to be completely controlled, and situation will be identical as user's operation, so the present invention
Scheme needs to establish discusses safe antitheft, the base for technical scheme of the present invention under a basic trusted environment
This use environment is the nothing without considering that the account essential information of user is revealed and stolen by other people by self reason clear-text way
It need to consider that the data of the authenticating transactions data D6 after signature are modified, and user is independently added to the white name in address in signature rule
The address of single the inside is that safety is trusted, does not consider safety problem in the white list of address (such as fiduciary's, acquaintance steals).
Embodiment one
User Xiao Ming gathers around the wallet account there are one block chain, and prepares to protect its number using the system of the present invention
The property safety of word currency.Xiao Ming possesses 10 digital cash, and only prepares to be traded with good friend Xiao Zhang or small blueness.First
Xiao Ming logs in the management end of himself, and management end is off-line system, and management end can only be accessed by LAN, do not allow to pass through because
Spy's net accesses, to enhance safety.It is 1 digital cash that Xiao Ming is provided with the payment upper limit by management end, and allow
Include the digital wallet address of good friend Xiao Zhang and small blueness in the list of address, management end makees the limitation for paying the upper limit, permission address
It is transferred to digital signature protection system for regular data D1, digital signature protection system forwards regular data D1 to hardware, which is encrypted, to be protected
Module is protected, hardware encipherment protection module is encrypted encapsulation to regular data D1 and obtains encryption data D2, hardware encipherment protection mould
Encryption data D2 is sent to digital signature protection system by block, and digital signature protection system stores encryption data D2, and this
When hardware encipherment protection modular system in also retain and have encryption data D2 by encapsulation, be to this entire setting initialization procedure
Finish, the trading situation of the digital cash of Xiao Ming, which only has, later meets the " wallet that the payment upper limit is 1 digital cash, transfers accounts
Address object is Xiao Zhang or small blueness " it could carry out, certain Xiao Ming can be modified regular data D1 by management end, such as
The payment upper limit is changed to 0.5 digital cash to form new regular data d1, it is close must to provide wallet by Xiao Ming when change
Key could change success, and original encryption data D2 will be replaced the transaction after new encryption data d2 is carried out after change
Verification.
When being traded, such as Xiao Ming will take out 0.3 digital cash from the account of oneself and be transferred to small green digital money
In the address of packet, Xiao Ming first regard the above-mentioned request of data to be shifted as transaction data D3 by user terminal and is transferred to digital label
Name protection system, transaction data D3 is identified digital signature protection system, and extracts and be organized into native data D4, primary number
According to D4 arrangement the purpose of be facilitate comparison to reduce garbage caused by data omission, and can in flow later shape
At the data of authentication signature.Native data D4 is transferred to hardware encipherment protection module, hardware encryption by digital signature protection system
Protection module is decrypted to obtain and " pays the upper limit and be changed to 1 digital cash, it is small green or small to allow address to encryption data D2
" regular data D1, and block chain private key is further comprised in regular data D1 data for signing, hardware encipherment protection mould
Block compares native data D4 and regular data D1, it is found that native data D4 meets regular data D1, transaction is allowed to, primary number
The block chain private key decrypted by hardware encipherment protection module according to D4 is authenticated signature and obtains authentication data D5 and transmit
Give digital signature protection system, digital signature protection system is built to obtain authenticating transactions data D6, and by authenticating transactions number
It is sent to user terminal according to D6, user terminal broadcasts authenticating transactions data D6 to external block chain network, to complete Xiao Ming's transfer
Whole process of 0.3 digital cash to small green address.
In this process of exchange, if do not load encryption data D2 in hardware encipherment protection module (such as hardware adds
Privacy protection module midway powered off), it needs that encryption data D2 is transferred and loaded from digital signature protection system, certainly signature rule
Content restriction then is not limited to the amount upper limit and address white list, may include timeliness as needed, such as the mistake of address white list
The address of effect time, digital cash transfer number etc., such as small blueness is after signature rule foundation is full for 24 hours from shapes such as white list deletions
Formula.
Embodiment two
The small black digital cash for wanting to steal Xiao Ming of hacker, it is assumed that the small black interface for having found digital signature protection system,
It is small black also to the transmission transaction data request of digital signature protection system, it asks to small black address transfer digital cash 10,
Transfer flow is identical as embodiment one, and regular data D1 is compared hardware encipherment protection module with native data D4, can send out
Now the payment upper limit is not inconsistent, and small black address is also in the white list of address, so hardware encipherment protection module refusal is primary
The request of data of data D4, and hardware encipherment protection module will refuse situation and be transmitted to digital signature protection system, number label
Name protection system feeds back to user terminal by situation is refused, and plays the role of certain warning, under normal circumstances hacker in order to insure or
Person can take the number of transfer lesser amt every time for the moving away as far as possible by the digital cash being broken into the account of people
Word currency (such as 0.01 digital cash every time), but the small black address of hacker is still or not in the white list of address, so transaction
Still it will not go through, authenticating transactions data D6 will not be obtained.
Embodiment three
The small black digital cash for coveting Xiao Ming of hacker, it is assumed that the small black digital signature protection system for having invaded Xiao Ming
System, and it is small it is black have found regular data D1 in digital signature protection system, although regular data D1 in include block chain private key
And signature rule, but regular data D1 at this time is added with being encrypted obtained from encapsulation by hardware encipherment protection module
Ciphertext data D2, hardware encipherment protection module are can not to be cracked from outside encrypted, and encryption data D2 is only capable of in hardware encipherment protection
Inside modules use, thus hacker it is small it is black still can not crack or change encryption data D2, therefore the number of Xiao Ming cannot be shifted
It is gone on currency to the address in non-address white list, although the small black digital signature protection system that can control Xiao Ming, is caused
Biggest impact be at most exactly allow Xiao Ming can not use the system, still can not steal the digital cash of Xiao Ming to the address of oneself
On.
In addition in the case that multiple users use the same present system, in regular data D1 and transaction data D3
The label data for including uniqueness can be confirmed it is which user is operating using the label data of this uniqueness, uniqueness
Label data can be user wallet address, certain this system (equally has comprising preliminary authentication with many softwares
User name, password), cracked so being invaded when preliminary authentication, effractor's (hacker in such as embodiment two and three is small black) is still
It can not so change and be encrypted the encryption data D2 that encapsulation obtains, not exist so can not also be transferred to the digital cash of other user
On address in the white list of address.
Present system ensures the safety of block chain digital signature using hardware encipherment protection technology, private key for user and
Signature rule is stored in firmly plus in encipherment protection module, outside invasion can be effectively prevent to steal, and can be continued in private key
In the case of line, it is ensured that private key safety and digital signature procedure it is safely controllable, block chain technical conditions can be well adapted for
Lower high frequency transaction, and private key for user and signature rule are also to exist in an encrypted form when external backup stores, even if storage
Device, which is invaded, to be stolen, and also can not be understood and be usurped, and the safety of block chain transaction is substantially increased.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with
Understanding without departing from the principles and spirit of the present invention can carry out these embodiments a variety of variations, modification, replace
And modification, the scope of the present invention is defined by the appended.
Claims (8)
1. a kind of block chain digital signature system based on hardware encipherment protection, it is characterised in that:The system comprises user terminal,
Management end, digital signature protection system, hardware encipherment protection module, the user terminal pass through digital signature protection system and hardware
Encipherment protection module both-way communication connects, and the management end is two-way by digital signature protection system and hardware encipherment protection module
Communication connection, the user terminal are communicated to connect with external block chain network, and the management end is off-line system.
2. a kind of block chain digital signature system based on hardware encipherment protection according to claim 1, it is characterised in that:
The hardware encipherment protection module is HSM hardware encryption equipment or the CPU using Intel SGX technologies.
3. a kind of process for using of the block chain digital signature system based on hardware encipherment protection, including digital signature protection system
Setting initialization procedure and transaction data request process, flow it is as follows:
Initialization procedure is set:
Regular data D1 is transferred to digital signature protection system, digital signature protection system forwards by M1, user by management end
Regular data D1 is to hardware encipherment protection module;
M2, hardware encipherment protection module are encrypted encapsulation to regular data D1 and obtain encryption data D2;
Encryption data D2 is sent to digital signature protection system by M3, hardware encipherment protection module, and digital signature protection system will
Encryption data D2 storages;
Transaction data request process:
Transaction data D3 is transferred to digital signature protection system by S1, user by user terminal;
Transaction data D3 is identified for S2, digital signature protection system, and extracts and be organized into native data D4;
Native data D4 is transferred to hardware encipherment protection module by S3, digital signature protection system;
Whether S4, hardware encipherment protection module are loaded with it encryption data D2 progress logic judgments after obtaining native data D4:
A1, when being loaded with encryption data D2 in hardware encipherment protection module, hardware encipherment protection module to encryption data D2 into
Row decryption obtains the regular data D1 in M1;
A2, when not being loaded with encryption data D2 in hardware encipherment protection module, then hardware encipherment protection module is to digital signature
Protection system sends out instruction, after being transferred in digital signature protection system and loading encryption data D2, repeats above-mentioned A1 steps;
S5, regular data D1 is compared hardware encipherment protection module with native data D4, and carries out logic judgment:
B1 is authenticated signature to native data D4 and obtains authentication data when native data D4, which meets regular data D1, to be required
D5;
B2 then refuses the request of data of native data D4 when native data D4, which is unsatisfactory for regular data D1, to be required;
Authentication data D5 is sent to digital signature protection system by S6, hardware encipherment protection module;
S7, digital signature protection system is built to obtain authenticating transactions data D6, and authenticating transactions data D6 is sent to use
Family end;
S8, user terminal broadcast authenticating transactions data D6 to external block chain network.
4. a kind of process for using of block chain digital signature system based on hardware encipherment protection according to claim 3,
It is characterized in that:The regular data D1 includes the block chain private key and signature rule of user.
5. a kind of process for using of block chain digital signature system based on hardware encipherment protection according to claim 4,
It is characterized in that:The quantity of the user is at least one, and includes the mark of uniqueness in regular data D1 and transaction data D3
Sign data.
6. a kind of process for using of block chain digital signature system based on hardware encipherment protection according to claim 4,
It is characterized in that:The signature rule includes the amount upper limit and address white list.
7. a kind of process for using of block chain digital signature system based on hardware encipherment protection according to claim 4,
It is characterized in that:The signature rule includes timeliness.
8. a kind of process for using of block chain digital signature system based on hardware encipherment protection according to claim 4,
It is characterized in that:In the step of S5, in the case of B2, hardware encipherment protection module is transmitted to digital signature protection system by situation is refused
System, digital signature protection system feed back to user terminal by situation is refused.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810406816.2A CN108615154B (en) | 2018-05-01 | 2018-05-01 | Block chain digital signature system based on hardware encryption protection and using process |
CN202310339096.3A CN116362747A (en) | 2018-05-01 | 2018-05-01 | Block chain digital signature system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810406816.2A CN108615154B (en) | 2018-05-01 | 2018-05-01 | Block chain digital signature system based on hardware encryption protection and using process |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310339096.3A Division CN116362747A (en) | 2018-05-01 | 2018-05-01 | Block chain digital signature system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108615154A true CN108615154A (en) | 2018-10-02 |
CN108615154B CN108615154B (en) | 2023-04-18 |
Family
ID=63661557
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810406816.2A Active CN108615154B (en) | 2018-05-01 | 2018-05-01 | Block chain digital signature system based on hardware encryption protection and using process |
CN202310339096.3A Pending CN116362747A (en) | 2018-05-01 | 2018-05-01 | Block chain digital signature system |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310339096.3A Pending CN116362747A (en) | 2018-05-01 | 2018-05-01 | Block chain digital signature system |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN108615154B (en) |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109754250A (en) * | 2018-12-27 | 2019-05-14 | 石更箭数据科技(上海)有限公司 | Data trade method and system, platform, storage medium |
CN110222485A (en) * | 2019-05-14 | 2019-09-10 | 浙江大学 | Industry control white list management system and method based on SGX software protecting extended instruction |
CN110545190A (en) * | 2019-09-06 | 2019-12-06 | 腾讯科技(深圳)有限公司 | signature processing method, related device and equipment |
CN110634072A (en) * | 2019-09-20 | 2019-12-31 | 余欢 | Block chain transaction system based on multiple tags and hardware encryption and operation mechanism thereof |
CN111091380A (en) * | 2019-10-25 | 2020-05-01 | 趣派(海南)信息科技有限公司 | Block chain asset management method based on friend covert verification |
CN111475782A (en) * | 2020-04-08 | 2020-07-31 | 浙江大学 | API (application program interface) key protection method and system based on SGX (secure gateway) software extension instruction |
CN111798224A (en) * | 2020-06-03 | 2020-10-20 | 杭州云象网络技术有限公司 | SGX-based digital currency payment method |
CN113098692A (en) * | 2021-04-06 | 2021-07-09 | 湖北央中巨石信息技术有限公司 | Synchronous consensus algorithm, system and medium for multiple parties under same prefabrication rule |
US20210374724A1 (en) * | 2018-10-19 | 2021-12-02 | Bell Identification B.V. | Secure digital wallet processing system |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102004053890A1 (en) * | 2004-11-09 | 2006-05-11 | Service Concepts Gmbh Integrated Services | Virtual chip card for computer-supported central generation of an asymmetric pair of keys for encrypted storage as a key object offers a private key for a user in a database |
CN104408622A (en) * | 2014-12-10 | 2015-03-11 | 公安部第三研究所 | System and method for confirming electronic trade based on independent password equipment |
CN106327184A (en) * | 2016-08-22 | 2017-01-11 | 中国科学院信息工程研究所 | Intelligent mobile terminal payment system and intelligent mobile terminal payment method based on safe hardware isolation |
CN106685995A (en) * | 2017-02-23 | 2017-05-17 | 王锐 | Data query system for leaked account based on hardware encryption |
CN106850200A (en) * | 2017-01-25 | 2017-06-13 | 中钞***产业发展有限公司北京智能卡技术研究院 | A kind of method for using the digital cash based on block chain, system and terminal |
BE1024384B1 (en) * | 2016-12-22 | 2018-02-05 | Itext Group Nv | Distributed blockchain-based method for digitally signing a PDF document |
-
2018
- 2018-05-01 CN CN201810406816.2A patent/CN108615154B/en active Active
- 2018-05-01 CN CN202310339096.3A patent/CN116362747A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102004053890A1 (en) * | 2004-11-09 | 2006-05-11 | Service Concepts Gmbh Integrated Services | Virtual chip card for computer-supported central generation of an asymmetric pair of keys for encrypted storage as a key object offers a private key for a user in a database |
CN104408622A (en) * | 2014-12-10 | 2015-03-11 | 公安部第三研究所 | System and method for confirming electronic trade based on independent password equipment |
CN106327184A (en) * | 2016-08-22 | 2017-01-11 | 中国科学院信息工程研究所 | Intelligent mobile terminal payment system and intelligent mobile terminal payment method based on safe hardware isolation |
BE1024384B1 (en) * | 2016-12-22 | 2018-02-05 | Itext Group Nv | Distributed blockchain-based method for digitally signing a PDF document |
CN106850200A (en) * | 2017-01-25 | 2017-06-13 | 中钞***产业发展有限公司北京智能卡技术研究院 | A kind of method for using the digital cash based on block chain, system and terminal |
CN106685995A (en) * | 2017-02-23 | 2017-05-17 | 王锐 | Data query system for leaked account based on hardware encryption |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20210374724A1 (en) * | 2018-10-19 | 2021-12-02 | Bell Identification B.V. | Secure digital wallet processing system |
CN109754250A (en) * | 2018-12-27 | 2019-05-14 | 石更箭数据科技(上海)有限公司 | Data trade method and system, platform, storage medium |
CN109754250B (en) * | 2018-12-27 | 2021-06-08 | 石更箭数据科技(上海)有限公司 | Data transaction method and system, platform and storage medium |
CN110222485A (en) * | 2019-05-14 | 2019-09-10 | 浙江大学 | Industry control white list management system and method based on SGX software protecting extended instruction |
CN110222485B (en) * | 2019-05-14 | 2021-01-12 | 浙江大学 | Industrial control white list management system and method based on SGX software protection extended instruction |
CN110545190A (en) * | 2019-09-06 | 2019-12-06 | 腾讯科技(深圳)有限公司 | signature processing method, related device and equipment |
CN110545190B (en) * | 2019-09-06 | 2021-08-13 | 腾讯科技(深圳)有限公司 | Signature processing method, related device and equipment |
CN110634072A (en) * | 2019-09-20 | 2019-12-31 | 余欢 | Block chain transaction system based on multiple tags and hardware encryption and operation mechanism thereof |
CN111091380A (en) * | 2019-10-25 | 2020-05-01 | 趣派(海南)信息科技有限公司 | Block chain asset management method based on friend covert verification |
CN111091380B (en) * | 2019-10-25 | 2023-05-09 | 趣派(海南)信息科技有限公司 | Block chain asset management method based on friend hidden verification |
CN111475782B (en) * | 2020-04-08 | 2022-11-08 | 浙江大学 | API (application program interface) key protection method and system based on SGX (generalized Standard X) software extension instruction |
CN111475782A (en) * | 2020-04-08 | 2020-07-31 | 浙江大学 | API (application program interface) key protection method and system based on SGX (secure gateway) software extension instruction |
CN111798224A (en) * | 2020-06-03 | 2020-10-20 | 杭州云象网络技术有限公司 | SGX-based digital currency payment method |
CN113098692A (en) * | 2021-04-06 | 2021-07-09 | 湖北央中巨石信息技术有限公司 | Synchronous consensus algorithm, system and medium for multiple parties under same prefabrication rule |
CN113098692B (en) * | 2021-04-06 | 2023-07-28 | 湖北央中巨石信息技术有限公司 | Synchronous consensus algorithm, system and medium for multiple parties under same prefabrication rule |
Also Published As
Publication number | Publication date |
---|---|
CN116362747A (en) | 2023-06-30 |
CN108615154B (en) | 2023-04-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108615154A (en) | A kind of block chain digital signature system and process for using based on hardware encipherment protection | |
CN108012268B (en) | SIM card for ensuring safe use of application software on mobile phone terminal | |
US9609024B2 (en) | Method and system for policy based authentication | |
CN106537432A (en) | Method and device for securing access to wallets in which cryptocurrencies are stored | |
CN101488952A (en) | Mobile storage apparatus, data secured transmission method and system | |
CN105900375A (en) | Efficient methods for protecting identity in authenticated transmissions | |
CN102215221A (en) | Methods and systems for secure remote wake, boot, and login to a computer from a mobile device | |
JPH10507324A (en) | Loving software license for hardware agents | |
CN101216923A (en) | A system and method to enhance the data security of e-bank dealings | |
CN110519300A (en) | Client key method for secure storing based on password bidirectional authentication | |
US8316437B2 (en) | Method for protecting the access to an electronic object connected to a computer | |
KR101923943B1 (en) | System and method for remitting crypto currency with enhanced security | |
CN110505055A (en) | Based on unsymmetrical key pond to and key card outer net access identity authentication method and system | |
CN104219077A (en) | Information management system for middle and small-sized enterprises | |
US20040193553A1 (en) | Process for securing digital transactions | |
CN111901338A (en) | Data security protection method for application block chain | |
CN110519222A (en) | Outer net access identity authentication method and system based on disposable asymmetric key pair and key card | |
JP2003530739A (en) | Network system | |
CN108959908A (en) | A kind of method, computer equipment and storage medium that the mobile platform with access SDK is authenticated | |
CN111538973A (en) | Personal authorization access control system based on state cryptographic algorithm | |
Yee et al. | Ensuring privacy for e-health services | |
Nosrati et al. | Security assessment of mobile-banking | |
CN106576050A (en) | Three-tiered security and computational architecture | |
US20200092096A1 (en) | Method for secure management of secrets in a hierarchical multi-tenant environment | |
CN100440190C (en) | Surrogate mode safety remote access technology |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20230315 Address after: Room 620, R&D Building, Shanghai Jiaotong University (Jiaxing) Science Park, 321 Jiachuang Road, Xiuzhou District, Jiaxing City, Zhejiang Province, 314000 Applicant after: Zhejiang Haoan Information Technology Co.,Ltd. Address before: 200127 Room 102, No. 15, Lane 1578, Pujian Road, Pudong New Area, Shanghai Applicant before: Wang Rui |
|
GR01 | Patent grant | ||
GR01 | Patent grant |