Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical solution in the embodiment of the present invention is explicitly described, it is clear that described embodiment is the present invention
A part of the embodiment, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not having
Every other embodiment obtained under the premise of creative work is made, shall fall within the protection scope of the present invention.
Fig. 1 is a kind of truthful data verification method flow diagram provided in an embodiment of the present invention, as shown in Figure 1, comprising:
101, client establishes the TLS/SSL connection between server, and the client is divided by audit eventually
End and audit terminal;
102, creation is described by the dialogue between audit terminal and the audit terminal, described to be generated key by audit terminal
ServerwriteKey, key clientmackey and key clientwritekey, the audit terminal only generate identity
Authentication secret SeverMac Key;
103, the audit terminal is according to the SeverMac Key, the verifying data obtained by audit terminal and institute
The data for stating server are consistent.
It should be noted that method provided in an embodiment of the present invention is mainly used in data service, documentary evidence generates, card
In the application environment of prescribed paper verifying, it also can be applied to lottery industry, recreation, the risk management of financial industry and management of investment, trace back
Source, infringing information, under sensor information such as particular surroundings such as discharge of factory's pollution.It further illustrates, the present invention is real
Applying example can be combined with block chain, construct the interface channel of a block chain and real world, provide for block chain credible
Real world data, in use, external data can be written in block chain, and set agreement terms and obtain
The necessary condition run when meeting, so that contract executes automatically according to pre-set rule.
Specifically, in a step 101, the embodiment of the present invention can initially set up server and by the TLS/ between audit side
SSL connection.It is understood that tls protocol is intended to provide secure communication in client-server model.It is most outstanding
Purposes is protection http protocol (https).In such setting, only (Web) server passes through authentication, authentication
Based on X.509 certificate, the protocol version that is current and recommending is TLS1.2, but legacy version such as 1.0 and 1.1, is still obtained wide
General support.So in order to prove data that client obtains actually from source server, the embodiment of the present invention is by client point
For two parts --- by audit side and auditor, i.e., in the embodiment of the present invention by audit terminal and audit terminal.It is understood that
, client-side is split as executor and overseer's two parts, data acquisition work completed, without changing by the embodiment of the present invention
Tls protocol is made, therefore server end is noninductive, and since current most of webpage all supports TLS1.0 and 1.1 versions, so can
To apply in most of website.
Further, in a step 102, the interaction flow being different from the prior art, the embodiment of the present invention are talked in creation
When can establish the interactive process by audit side and auditor, and in the interactive process, in order to demonstrate,prove safety and prevent on trial
Core side and auditor conspire or the security risks such as are distorted after obtaining integrity key by audit side, and auditor is pre- oneself part
Main password is sent to after rsa encryption by audit side.By audit side by the pre-master password of oneself also pass through after rsa encryption with examine
Core person is multiplied, then passes to server, so that server can be decrypted by the private key of oneself according to the multiplicative homomorphic of RSA
Complete pre-master password.At the same time, auditor and by audit side can generate respectively ServerMac Key and other three dialogue
Key.Wherein Server Mac Key is the authentication secret that auditor is used for verify data.
Finally, in step 103, auditor can use the data validity that ServerMac Key obtains client
It is verified.Specifically, by audit side after obtaining the data from server, while being responsible for generating a documentary evidence.It should
Documentary evidence mainly includes the cryptographic Hash of server external data and the signature of auditor.It is careful due to needing to write exactly in documentary evidence
ServerMacKey that core person obtains but in order to guarantee that external data will not be distorted again after the complete key of acquisition by audit side,
Therefore auditor needs to sign to the cryptographic Hash of the external data obtained from server.This documentary evidence, which is supplied to, to be made
User with this come prove we provide data actually from source server.Later, the embodiment of the present invention can also be proved
The verifying of file, verification step is determined according to generation step, is concentrated mainly on the verifying of public key, cryptographic Hash and signature.
A kind of truthful data verification method provided in an embodiment of the present invention, by third party's audit come authentication server and by
TLS/SSL connection between audit side.Audit side is communicated with by between audit side with specific protocol, while starting is connected to service
Device, audit side state to be provided the data from server by audit side in which can determine by audit.
On the basis of the above embodiments, the TLS/SSL connection that the client is established between server includes:
Client sends the encryption method of client random number and client support to the server, for the service
Device sends digital certificate and server random number to the client after confirming the encryption method;
The digital certificate and the server random number that the server is sent are received, and verifies the number card
Book be effectively after, generate pre-master password, and using being sent to institute after pre-master password described in the public key encryption in the digital certificate
Server is stated, so that the server decrypts the pre-master password according to the private key of server;
Server and client side generates session key according to the encryption method, completes TLS/SSL connection and establishes.
By the content of above-described embodiment it is found that the realization of the embodiment of the present invention is based upon third party auditor to verify
Server and by the TLS/SSL connection between audit side.Then, auditor is communicated with by between audit side with specific protocol, together
Shi Qidong is connected to server, and auditor states to be provided the number from server by audit side in which can determine by audit
According to.
So specifically establish TLS/SSL connection procedure are as follows: first client provide protocol version, one generation with
The encryption method that machine number (Client random) and client are supported;Then the encryption side that server confirmation both sides use
Method, and provide the random number (Server random) that digital certificate and a server generate;And then client confirms
Digital certificate is effective, then generates a new pre-master password, and uses public key encryption this random number in digital certificate, hair
To server;So server uses oneself private key, obtains the pre-master password that client is sent.Client and server according to
The encryption method of agreement, three random numbers before use generate " session key ", for encrypting next entire talked with
Journey.Wherein session key includes ClientWrite Key, Server Write Key, Client MacKey, Server
MacKey.It should be noted that data transmission procedure provided in an embodiment of the present invention only counts as common Http request
According to being encrypted using Client Write Key and Server Write Key.
On the basis of the above embodiments, described in the creation by the dialogue between audit terminal and the audit terminal,
Include:
It is described to be received the audit terminal hair by audit terminal after Transport Layer Security tls protocol is shaken hands for the first time
The the first pre-master password by rsa encryption sent;
It is described that oneself is also passed through into rsa encryption with described by the second pre-master password of rsa encryption by audit terminal
The first pre-master password be multiplied after be sent to the server, so that the server is decrypted according to the multiplicative homomorphic of RSA
Complete pre-master password.
By the content of above-described embodiment it is found that the embodiment of the present invention can be interacted so in the side of audit and the side of being reviewed, handing over
During mutually, auditor and the pre-master password that all will be responsible for generating half by audit side.Auditor sends by the on trial of encryption
Pre-master password required for core side is given by audit side, therefore can be generated " session key " by audit.Meanwhile auditor will from by
Part needed for audit side obtains generation authentication key generates authentication key (SeverMac Key).In this way, by audit side
Do not know the key of other side with auditor, and by audit side in the case where no Server Mac Key, vacation can not be made
Data are to cheat auditor.Finally it is responsible for the multiplicative homomorphic attribute by two parts key by encryption according to RSA by audit side
Pass to server.
Further, it after demonstrating the digital certificate of server, is passed respectively using server by audit side and auditor
The public key come carries out rsa encryption.In order to allow each party of client in the case where the pre-master password of not shared two parts
Also complete pre-master password can be transmitted to server, the morphism attribute of rsa encryption is utilized in the embodiment of the present invention:
(RSA (x1) × RSA (x2)) mod n=RSA (x1 × x2);
In order to which two parts that the random data of a string of 48 bytes is spliced can be obtained after decrypting privacy key
Pre-master password should provide the special digit of pre-master password 1 (S1) and pre-master password 2 (S2), as follows:
Preceding 24bytes is S1 --- 48bytes:03 01 | | 12random bytes | | 33bytes 00 | | after 01
24bytes is S2 --- 48bytes:24bytes 00 | | 9random bytes | | 14bytes 00 | | 01
At the same time, it is provided since RSA Algorithm encrypts, string of filling character at random should be added before the message to be encrypted
(if not filling, rsa encryption is unsafe), therefore the complete sequence by audit side and auditor eventually formed
It is:
By audit side: [39bytes P1 | | 00 | | 03 01 | | 12random bytes | | 33bytes 00 | | 01] audit
Member: [119bytes P2 | | 25bytes 00 | | 9random bytes | | 14bytes 00 | | 01] multiplication of two such sequence
Afterwards, the last 48bytes of the product obtained be before S1 and S2 splicing, form is as follows:
00||02||...205bytes of padding...||00||S1||S2
So server receive by this string data of rsa encryption and with the private key of oneself decryption after can be obtained by
Complete pre-master password (S1 | | S2).
It is on the basis of the above embodiments, described to generate authentication key SeverMac Key for the audit terminal,
Include:
According to pseudo-random function, four keys are generated, one of key is the SeverMac Key, for authenticating
Data are stated whether from the server, the other three key is communicated for data grabber and with the server.
By the content of above-described embodiment it is found that the embodiment of the present invention can generate key to allow auditor to test according to key
Card.
Specifically, the embodiment of the present invention use pseudo-random function verified, by audit side and auditor use puppet with
Machine function:
PRF (secret, label, seed)=PMD5 (S1, label+seed) ⊕ PSHA-1 (S2, label+seed) points
Server MacKey and ClientWriteKey/Server Mac Key/Client Mac Key such four Dui Ying not generated
Key, wherein audit side only generates ServerMacKey, and whether SeverMac Key is for authenticating the data from described
Server;The other three key is generated by audit side, they are mainly used for data grabber and communicate with the server;Clothes
Business device end oneself possesses complete pre-master password therefore complete four session keys can be generated.
On the basis of the above embodiments, the audit terminal verifies the client according to the SeverMac Key
The data of acquisition come from the server, comprising:
The audit terminal according to the SeverMac Key, data that verifying is provided by audit terminal whether with the clothes
The Data Matching that business device provides;
If the Data Matching that the data provided by audit terminal and the server provide, verifies the client
The data of acquisition come from the server.
By the content of above-described embodiment it is found that the embodiment of the present invention may require that audit side verifies data, and it is on trial
It is responsible for generating a documentary evidence after obtaining the data from server in core side.
So specific verification process are as follows: when auditor receives documentary evidence, whether the public key of first authentication server
With the public key match of documentary evidence, verification method is divided into two steps, first step are as follows: it is credible whether verifying digital certificate has
CA signature;Second step are as follows: the public key that server transmits is extracted and is carried out with the public key contained in documentary evidence pair
Than.After having verified public key, the information contained by documentary evidence is verified step by step.It creates and is initialized by audit side and careful first
The session of core person.Certificate is extracted in the documentary evidence of upload, then is verified by whether audit side provides effective auditor's label
Name.After verifying effectively signature, auditor verifies whether the data provided by audit side mention with server with Server Mac Key
The Data Matching of confession.If correctly illustrating that the documentary evidence is credible, data come from former server, without distorting.Otherwise, it verifies
Documentary evidence failure, data and former server mismatch.
Fig. 2 is a kind of truthful data verifying system structure diagram provided in an embodiment of the present invention, as shown in Figure 2, comprising:
Connection establishment module 201, authentication secret generation module 202 and Data Verification module 203, in which:
Connection establishment module 201 establishes the TLS/SSL connection between server for client, and by the client
It is divided by audit terminal and audit terminal;
Authentication secret generation module 202 is described by the dialogue between audit terminal and the audit terminal, institute for creating
It states and is generated key ServerwriteKey, key clientmackey and key clientwritekey, institute by audit terminal
It states audit terminal and only generates authentication key SeverMac Key;
For Data Verification module 203 for the audit terminal according to the SeverMac Key, verifying is described whole by audit
Hold the data obtained consistent with the data of the server.
It is specific how to pass through connection establishment module 201, authentication secret generation module 202 and Data Verification module 203
Carrying out truthful data verifying can be used for executing the technical solution of truthful data verification method embodiment shown in FIG. 1, realize former
Reason is similar with technical effect, and details are not described herein again.
A kind of truthful data provided in an embodiment of the present invention verifies system, by third party's audit come authentication server and by
TLS/SSL connection between audit side.Audit side is communicated with by between audit side with specific protocol, while starting is connected to service
Device, audit side state to be provided the data from server by audit side in which can determine by audit.
The embodiment of the present invention provides a kind of electronic equipment, comprising: at least one processor;And with the processor communication
At least one processor of connection, in which:
Fig. 3 is the structural block diagram of electronic equipment provided in an embodiment of the present invention, referring to Fig. 3, the electronic equipment, comprising:
Processor (processor) 301, communication interface (Communications Interface) 302, memory (memory) 303
With bus 304, wherein processor 301, communication interface 302, memory 303 complete mutual communication by bus 304.Place
Reason device 301 can call the logical order in memory 303, and to execute following method: client is established between server
TLS/SSL connection, and the client is divided by audit terminal and audit terminal;Creation is described by audit terminal and described
Dialogue between audit terminal, it is described by audit terminal generate key ServerwriteKey, key clientmackey and
Key clientwritekey, the audit terminal only generate authentication key SeverMac Key;The audit terminal root
According to the SeverMac Key, the verifying data obtained by audit terminal are consistent with the data of the server.
The embodiment of the present invention discloses a kind of computer program product, and the computer program product is non-transient including being stored in
Computer program on computer readable storage medium, the computer program include program instruction, when described program instructs quilt
Computer execute when, computer is able to carry out method provided by above-mentioned each method embodiment, for example, client establish with
TLS/SSL connection between server, and the client is divided by audit terminal and audit terminal;It creates described on trial
Dialogue between core terminal and the audit terminal, it is described to be generated key ServerwriteKey, key by audit terminal
Clientmackey and key clientwritekey, the audit terminal only generate authentication key SeverMac
Key;The audit terminal is according to the SeverMac Key, the verifying data obtained by audit terminal and the server
Data it is consistent.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium, the non-transient computer readable storage
Medium storing computer instruction, the computer instruction make the computer execute side provided by above-mentioned each method embodiment
Method, for example, client establishes the TLS/SSL connection between server, and the client is divided by audit eventually
End and audit terminal;Creation is described by the dialogue between audit terminal and the audit terminal, described close by audit terminal generation
Key ServerwriteKey, key clientmackey and key clientwritekey, the audit terminal only generate body
Part authentication secret SeverMac Key;According to the SeverMac Key, verifying is described to be obtained the audit terminal by audit terminal
The data taken are consistent with the data of the server.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can
It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on
Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should
Computer software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including several fingers
It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation
Method described in certain parts of example or embodiment.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used
To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features;
And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and
Range.