CN109902515A - A kind of truthful data verification method and system - Google Patents
A kind of truthful data verification method and system Download PDFInfo
- Publication number
- CN109902515A CN109902515A CN201910023880.7A CN201910023880A CN109902515A CN 109902515 A CN109902515 A CN 109902515A CN 201910023880 A CN201910023880 A CN 201910023880A CN 109902515 A CN109902515 A CN 109902515A
- Authority
- CN
- China
- Prior art keywords
- key
- server
- audit terminal
- audit
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the invention provides a kind of truthful data verification method and system, method includes: the TLS/SSL connection that client is established between server, and the client is divided by audit terminal and audit terminal;Creation is described by the dialogue between audit terminal and the audit terminal, it is described to be only generated authentication key SeverMac Key by audit terminal generation key ServerwriteKey, key clientmackey and key clientwritekey, the audit terminal;For the audit terminal according to the SeverMac Key, the verifying data obtained by audit terminal are consistent with the data of the server.The embodiment of the invention provides a kind of truthful data verification method and systems, by third party's audit come authentication server and by the TLS/SSL connection between audit side.Audit side is communicated with by between audit side with specific protocol, while starting is connected to server, and audit side states to be provided the data from server by audit side in which can determine by audit.
Description
Technical field
The present embodiments relate to technical field of data security more particularly to a kind of truthful data verification method and systems.
Background technique
The scene for needing third party to be arbitrated is very universal in our daily life.People routinely provide screen
Screenshot or printout are as the incident evidence of friendship, or provide and the fund of visa application is supported to prove, or use charges for water and electricity
The inhabitation that account establishes account proves.This these data for just needing third party auditor to prove that people provide is that really, do not have
Have by distorting.
Therefore, a kind of truthful data verification method is needed now to confirm the real reliability of data.
Summary of the invention
To solve the above-mentioned problems, the embodiment of the present invention provides one kind and overcomes the above problem or at least be partially solved
State a kind of truthful data verification method and system of problem.
The first aspect embodiment of the present invention provides a kind of truthful data verification method, comprising:
Client establish and server between TLS/SSL connection, and by the client be divided by audit terminal with
Audit terminal;
Creation is described by the dialogue between audit terminal and the audit terminal, described to be generated key by audit terminal
ServerwriteKey, key clientmackey and key clientwritekey, the audit terminal only generate identity
Authentication secret SeverMac Key;
The audit terminal is according to the SeverMac Key, the verifying data obtained by audit terminal and the clothes
The data of business device are consistent.
The embodiment of the invention provides a kind of truthful datas to verify system for second aspect, comprising:
Connection establishment module establishes the TLS/SSL connection between server for client, and the client is drawn
It is divided by audit terminal and audit terminal;
Authentication secret generation module, it is described by the dialogue between audit terminal and the audit terminal for creating, it is described
Key ServerwriteKey, key clientmackey and key clientwritekey are generated by audit terminal, it is described
Audit terminal only generates authentication key SeverMac Key;
Data Verification module, for the audit terminal according to the SeverMac Key, verifying is described by audit terminal
The data of acquisition are consistent with the data of the server.
The embodiment of the invention provides a kind of electronic equipment for the third aspect, comprising:
Processor, memory, communication interface and bus;Wherein, the processor, memory, communication interface pass through described
Bus completes mutual communication;The memory is stored with the program instruction that can be executed by the processor, the processor
Described program instruction is called to be able to carry out above-mentioned truthful data verification method.
The embodiment of the invention provides a kind of non-transient computer readable storage medium, the non-transient calculating for fourth aspect
Machine readable storage medium storing program for executing stores computer instruction, and the computer instruction makes the computer execute above-mentioned truthful data verifying
Method.
A kind of truthful data verification method provided in an embodiment of the present invention and system, by third party's audit come the service for checking credentials
Device and by the TLS/SSL connection between audit side.Audit side is communicated with by between audit side with specific protocol, while starting connection
To server, audit side states to be provided the data from server by audit side in which can determine by audit.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair
Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is a kind of truthful data verification method flow diagram provided in an embodiment of the present invention;
Fig. 2 is a kind of truthful data verifying system structure diagram provided in an embodiment of the present invention;
Fig. 3 is the structural block diagram of electronic equipment provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, technical solution in the embodiment of the present invention is explicitly described, it is clear that described embodiment is the present invention
A part of the embodiment, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not having
Every other embodiment obtained under the premise of creative work is made, shall fall within the protection scope of the present invention.
Fig. 1 is a kind of truthful data verification method flow diagram provided in an embodiment of the present invention, as shown in Figure 1, comprising:
101, client establishes the TLS/SSL connection between server, and the client is divided by audit eventually
End and audit terminal;
102, creation is described by the dialogue between audit terminal and the audit terminal, described to be generated key by audit terminal
ServerwriteKey, key clientmackey and key clientwritekey, the audit terminal only generate identity
Authentication secret SeverMac Key;
103, the audit terminal is according to the SeverMac Key, the verifying data obtained by audit terminal and institute
The data for stating server are consistent.
It should be noted that method provided in an embodiment of the present invention is mainly used in data service, documentary evidence generates, card
In the application environment of prescribed paper verifying, it also can be applied to lottery industry, recreation, the risk management of financial industry and management of investment, trace back
Source, infringing information, under sensor information such as particular surroundings such as discharge of factory's pollution.It further illustrates, the present invention is real
Applying example can be combined with block chain, construct the interface channel of a block chain and real world, provide for block chain credible
Real world data, in use, external data can be written in block chain, and set agreement terms and obtain
The necessary condition run when meeting, so that contract executes automatically according to pre-set rule.
Specifically, in a step 101, the embodiment of the present invention can initially set up server and by the TLS/ between audit side
SSL connection.It is understood that tls protocol is intended to provide secure communication in client-server model.It is most outstanding
Purposes is protection http protocol (https).In such setting, only (Web) server passes through authentication, authentication
Based on X.509 certificate, the protocol version that is current and recommending is TLS1.2, but legacy version such as 1.0 and 1.1, is still obtained wide
General support.So in order to prove data that client obtains actually from source server, the embodiment of the present invention is by client point
For two parts --- by audit side and auditor, i.e., in the embodiment of the present invention by audit terminal and audit terminal.It is understood that
, client-side is split as executor and overseer's two parts, data acquisition work completed, without changing by the embodiment of the present invention
Tls protocol is made, therefore server end is noninductive, and since current most of webpage all supports TLS1.0 and 1.1 versions, so can
To apply in most of website.
Further, in a step 102, the interaction flow being different from the prior art, the embodiment of the present invention are talked in creation
When can establish the interactive process by audit side and auditor, and in the interactive process, in order to demonstrate,prove safety and prevent on trial
Core side and auditor conspire or the security risks such as are distorted after obtaining integrity key by audit side, and auditor is pre- oneself part
Main password is sent to after rsa encryption by audit side.By audit side by the pre-master password of oneself also pass through after rsa encryption with examine
Core person is multiplied, then passes to server, so that server can be decrypted by the private key of oneself according to the multiplicative homomorphic of RSA
Complete pre-master password.At the same time, auditor and by audit side can generate respectively ServerMac Key and other three dialogue
Key.Wherein Server Mac Key is the authentication secret that auditor is used for verify data.
Finally, in step 103, auditor can use the data validity that ServerMac Key obtains client
It is verified.Specifically, by audit side after obtaining the data from server, while being responsible for generating a documentary evidence.It should
Documentary evidence mainly includes the cryptographic Hash of server external data and the signature of auditor.It is careful due to needing to write exactly in documentary evidence
ServerMacKey that core person obtains but in order to guarantee that external data will not be distorted again after the complete key of acquisition by audit side,
Therefore auditor needs to sign to the cryptographic Hash of the external data obtained from server.This documentary evidence, which is supplied to, to be made
User with this come prove we provide data actually from source server.Later, the embodiment of the present invention can also be proved
The verifying of file, verification step is determined according to generation step, is concentrated mainly on the verifying of public key, cryptographic Hash and signature.
A kind of truthful data verification method provided in an embodiment of the present invention, by third party's audit come authentication server and by
TLS/SSL connection between audit side.Audit side is communicated with by between audit side with specific protocol, while starting is connected to service
Device, audit side state to be provided the data from server by audit side in which can determine by audit.
On the basis of the above embodiments, the TLS/SSL connection that the client is established between server includes:
Client sends the encryption method of client random number and client support to the server, for the service
Device sends digital certificate and server random number to the client after confirming the encryption method;
The digital certificate and the server random number that the server is sent are received, and verifies the number card
Book be effectively after, generate pre-master password, and using being sent to institute after pre-master password described in the public key encryption in the digital certificate
Server is stated, so that the server decrypts the pre-master password according to the private key of server;
Server and client side generates session key according to the encryption method, completes TLS/SSL connection and establishes.
By the content of above-described embodiment it is found that the realization of the embodiment of the present invention is based upon third party auditor to verify
Server and by the TLS/SSL connection between audit side.Then, auditor is communicated with by between audit side with specific protocol, together
Shi Qidong is connected to server, and auditor states to be provided the number from server by audit side in which can determine by audit
According to.
So specifically establish TLS/SSL connection procedure are as follows: first client provide protocol version, one generation with
The encryption method that machine number (Client random) and client are supported;Then the encryption side that server confirmation both sides use
Method, and provide the random number (Server random) that digital certificate and a server generate;And then client confirms
Digital certificate is effective, then generates a new pre-master password, and uses public key encryption this random number in digital certificate, hair
To server;So server uses oneself private key, obtains the pre-master password that client is sent.Client and server according to
The encryption method of agreement, three random numbers before use generate " session key ", for encrypting next entire talked with
Journey.Wherein session key includes ClientWrite Key, Server Write Key, Client MacKey, Server
MacKey.It should be noted that data transmission procedure provided in an embodiment of the present invention only counts as common Http request
According to being encrypted using Client Write Key and Server Write Key.
On the basis of the above embodiments, described in the creation by the dialogue between audit terminal and the audit terminal,
Include:
It is described to be received the audit terminal hair by audit terminal after Transport Layer Security tls protocol is shaken hands for the first time
The the first pre-master password by rsa encryption sent;
It is described that oneself is also passed through into rsa encryption with described by the second pre-master password of rsa encryption by audit terminal
The first pre-master password be multiplied after be sent to the server, so that the server is decrypted according to the multiplicative homomorphic of RSA
Complete pre-master password.
By the content of above-described embodiment it is found that the embodiment of the present invention can be interacted so in the side of audit and the side of being reviewed, handing over
During mutually, auditor and the pre-master password that all will be responsible for generating half by audit side.Auditor sends by the on trial of encryption
Pre-master password required for core side is given by audit side, therefore can be generated " session key " by audit.Meanwhile auditor will from by
Part needed for audit side obtains generation authentication key generates authentication key (SeverMac Key).In this way, by audit side
Do not know the key of other side with auditor, and by audit side in the case where no Server Mac Key, vacation can not be made
Data are to cheat auditor.Finally it is responsible for the multiplicative homomorphic attribute by two parts key by encryption according to RSA by audit side
Pass to server.
Further, it after demonstrating the digital certificate of server, is passed respectively using server by audit side and auditor
The public key come carries out rsa encryption.In order to allow each party of client in the case where the pre-master password of not shared two parts
Also complete pre-master password can be transmitted to server, the morphism attribute of rsa encryption is utilized in the embodiment of the present invention:
(RSA (x1) × RSA (x2)) mod n=RSA (x1 × x2);
In order to which two parts that the random data of a string of 48 bytes is spliced can be obtained after decrypting privacy key
Pre-master password should provide the special digit of pre-master password 1 (S1) and pre-master password 2 (S2), as follows:
Preceding 24bytes is S1 --- 48bytes:03 01 | | 12random bytes | | 33bytes 00 | | after 01
24bytes is S2 --- 48bytes:24bytes 00 | | 9random bytes | | 14bytes 00 | | 01
At the same time, it is provided since RSA Algorithm encrypts, string of filling character at random should be added before the message to be encrypted
(if not filling, rsa encryption is unsafe), therefore the complete sequence by audit side and auditor eventually formed
It is:
By audit side: [39bytes P1 | | 00 | | 03 01 | | 12random bytes | | 33bytes 00 | | 01] audit
Member: [119bytes P2 | | 25bytes 00 | | 9random bytes | | 14bytes 00 | | 01] multiplication of two such sequence
Afterwards, the last 48bytes of the product obtained be before S1 and S2 splicing, form is as follows:
00||02||...205bytes of padding...||00||S1||S2
So server receive by this string data of rsa encryption and with the private key of oneself decryption after can be obtained by
Complete pre-master password (S1 | | S2).
It is on the basis of the above embodiments, described to generate authentication key SeverMac Key for the audit terminal,
Include:
According to pseudo-random function, four keys are generated, one of key is the SeverMac Key, for authenticating
Data are stated whether from the server, the other three key is communicated for data grabber and with the server.
By the content of above-described embodiment it is found that the embodiment of the present invention can generate key to allow auditor to test according to key
Card.
Specifically, the embodiment of the present invention use pseudo-random function verified, by audit side and auditor use puppet with
Machine function:
PRF (secret, label, seed)=PMD5 (S1, label+seed) ⊕ PSHA-1 (S2, label+seed) points
Server MacKey and ClientWriteKey/Server Mac Key/Client Mac Key such four Dui Ying not generated
Key, wherein audit side only generates ServerMacKey, and whether SeverMac Key is for authenticating the data from described
Server;The other three key is generated by audit side, they are mainly used for data grabber and communicate with the server;Clothes
Business device end oneself possesses complete pre-master password therefore complete four session keys can be generated.
On the basis of the above embodiments, the audit terminal verifies the client according to the SeverMac Key
The data of acquisition come from the server, comprising:
The audit terminal according to the SeverMac Key, data that verifying is provided by audit terminal whether with the clothes
The Data Matching that business device provides;
If the Data Matching that the data provided by audit terminal and the server provide, verifies the client
The data of acquisition come from the server.
By the content of above-described embodiment it is found that the embodiment of the present invention may require that audit side verifies data, and it is on trial
It is responsible for generating a documentary evidence after obtaining the data from server in core side.
So specific verification process are as follows: when auditor receives documentary evidence, whether the public key of first authentication server
With the public key match of documentary evidence, verification method is divided into two steps, first step are as follows: it is credible whether verifying digital certificate has
CA signature;Second step are as follows: the public key that server transmits is extracted and is carried out with the public key contained in documentary evidence pair
Than.After having verified public key, the information contained by documentary evidence is verified step by step.It creates and is initialized by audit side and careful first
The session of core person.Certificate is extracted in the documentary evidence of upload, then is verified by whether audit side provides effective auditor's label
Name.After verifying effectively signature, auditor verifies whether the data provided by audit side mention with server with Server Mac Key
The Data Matching of confession.If correctly illustrating that the documentary evidence is credible, data come from former server, without distorting.Otherwise, it verifies
Documentary evidence failure, data and former server mismatch.
Fig. 2 is a kind of truthful data verifying system structure diagram provided in an embodiment of the present invention, as shown in Figure 2, comprising:
Connection establishment module 201, authentication secret generation module 202 and Data Verification module 203, in which:
Connection establishment module 201 establishes the TLS/SSL connection between server for client, and by the client
It is divided by audit terminal and audit terminal;
Authentication secret generation module 202 is described by the dialogue between audit terminal and the audit terminal, institute for creating
It states and is generated key ServerwriteKey, key clientmackey and key clientwritekey, institute by audit terminal
It states audit terminal and only generates authentication key SeverMac Key;
For Data Verification module 203 for the audit terminal according to the SeverMac Key, verifying is described whole by audit
Hold the data obtained consistent with the data of the server.
It is specific how to pass through connection establishment module 201, authentication secret generation module 202 and Data Verification module 203
Carrying out truthful data verifying can be used for executing the technical solution of truthful data verification method embodiment shown in FIG. 1, realize former
Reason is similar with technical effect, and details are not described herein again.
A kind of truthful data provided in an embodiment of the present invention verifies system, by third party's audit come authentication server and by
TLS/SSL connection between audit side.Audit side is communicated with by between audit side with specific protocol, while starting is connected to service
Device, audit side state to be provided the data from server by audit side in which can determine by audit.
The embodiment of the present invention provides a kind of electronic equipment, comprising: at least one processor;And with the processor communication
At least one processor of connection, in which:
Fig. 3 is the structural block diagram of electronic equipment provided in an embodiment of the present invention, referring to Fig. 3, the electronic equipment, comprising:
Processor (processor) 301, communication interface (Communications Interface) 302, memory (memory) 303
With bus 304, wherein processor 301, communication interface 302, memory 303 complete mutual communication by bus 304.Place
Reason device 301 can call the logical order in memory 303, and to execute following method: client is established between server
TLS/SSL connection, and the client is divided by audit terminal and audit terminal;Creation is described by audit terminal and described
Dialogue between audit terminal, it is described by audit terminal generate key ServerwriteKey, key clientmackey and
Key clientwritekey, the audit terminal only generate authentication key SeverMac Key;The audit terminal root
According to the SeverMac Key, the verifying data obtained by audit terminal are consistent with the data of the server.
The embodiment of the present invention discloses a kind of computer program product, and the computer program product is non-transient including being stored in
Computer program on computer readable storage medium, the computer program include program instruction, when described program instructs quilt
Computer execute when, computer is able to carry out method provided by above-mentioned each method embodiment, for example, client establish with
TLS/SSL connection between server, and the client is divided by audit terminal and audit terminal;It creates described on trial
Dialogue between core terminal and the audit terminal, it is described to be generated key ServerwriteKey, key by audit terminal
Clientmackey and key clientwritekey, the audit terminal only generate authentication key SeverMac
Key;The audit terminal is according to the SeverMac Key, the verifying data obtained by audit terminal and the server
Data it is consistent.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium, the non-transient computer readable storage
Medium storing computer instruction, the computer instruction make the computer execute side provided by above-mentioned each method embodiment
Method, for example, client establishes the TLS/SSL connection between server, and the client is divided by audit eventually
End and audit terminal;Creation is described by the dialogue between audit terminal and the audit terminal, described close by audit terminal generation
Key ServerwriteKey, key clientmackey and key clientwritekey, the audit terminal only generate body
Part authentication secret SeverMac Key;According to the SeverMac Key, verifying is described to be obtained the audit terminal by audit terminal
The data taken are consistent with the data of the server.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can
It realizes by means of software and necessary general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, on
Stating technical solution, substantially the part that contributes to existing technology can be embodied in the form of software products in other words, should
Computer software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including several fingers
It enables and using so that a computer equipment (can be personal computer, server or the network equipment etc.) executes each implementation
Method described in certain parts of example or embodiment.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used
To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features;
And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and
Range.
Claims (8)
1. a kind of truthful data verification method characterized by comprising
Client establishes the TLS/SSL connection between server, and the client is divided by audit terminal and audit
Terminal;
Creation is described by the dialogue between audit terminal and the audit terminal, described to be generated key by audit terminal
ServerwriteKey, key clientmackey and key clientwritekey, the audit terminal only generate identity
Authentication secret SeverMac Key;
The audit terminal is according to the SeverMac Key, the verifying data obtained by audit terminal and the server
Data it is consistent.
2. the method according to claim 1, wherein the client establishes the TLS/SSL between server
Connection includes:
Client sends the encryption method of client random number and client support to the server, so that the server is true
Digital certificate and server random number are sent to the client after recognizing the encryption method;
The digital certificate and the server random number that the server is sent are received, and verifies the digital certificate and is
After effectively, pre-master password is generated, and using being sent to the clothes after pre-master password described in the public key encryption in the digital certificate
Business device, so that the server decrypts the pre-master password according to the private key of server;
Server and client side generates session key according to the encryption method, completes TLS/SSL connection and establishes.
3. the method according to claim 1, wherein by audit terminal and the audit terminal described in the creation
Between dialogue, comprising:
It is described to be received what the audit terminal was sent by audit terminal after Transport Layer Security tls protocol is shaken hands for the first time
By the first pre-master password of rsa encryption;
It is described by audit terminal by the second pre-master password by rsa encryption of oneself with also pass through described the of rsa encryption
One pre-master password is sent to the server after being multiplied, so that the server decrypts completely according to RSA multiplicative homomorphic
Pre-master password.
4. according to the method described in claim 3, it is characterized in that, described generate authentication key for the audit terminal
SeverMac Key, comprising:
According to pseudo-random function, four keys are generated, one of key is the SeverMac Key, for authenticating the number
Whether according to from the server, the other three key is communicated for data grabber and with the server.
5. according to the method described in claim 4, it is characterized in that, the audit terminal is tested according to the SeverMac Key
It demonstrate,proves the data that the client obtains and comes from the server, comprising:
The audit terminal according to the SeverMac Key, data that verifying is provided by audit terminal whether with the server
The Data Matching of offer;
If the Data Matching that the data provided by audit terminal and the server provide is verified the client and is obtained
Data come from the server.
6. a kind of truthful data verifies system characterized by comprising
Connection establishment module establishes the TLS/SSL connection between server for client, and the client is divided into
By audit terminal and audit terminal;
Authentication secret generation module, it is described by the dialogue between audit terminal and the audit terminal for creating, it is described on trial
Core terminal generates key ServerwriteKey, key clientmackey and key clientwritekey, the audit
Terminal only generates authentication key SeverMac Key;
Data Verification module, for the audit terminal according to the SeverMac Key, verifying is described to be obtained by audit terminal
Data it is consistent with the data of the server.
7. a kind of electronic equipment, which is characterized in that including memory and processor, the processor and the memory pass through always
Line completes mutual communication;The memory is stored with the program instruction that can be executed by the processor, the processor tune
Method as claimed in claim 1 to 5 is able to carry out with described program instruction.
8. a kind of non-transient computer readable storage medium, which is characterized in that the non-transient computer readable storage medium is deposited
Computer instruction is stored up, the computer instruction makes the computer execute such as method described in any one of claim 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910023880.7A CN109902515B (en) | 2019-01-10 | 2019-01-10 | True data verification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910023880.7A CN109902515B (en) | 2019-01-10 | 2019-01-10 | True data verification method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109902515A true CN109902515A (en) | 2019-06-18 |
| CN109902515B CN109902515B (en) | 2021-07-20 |
Family
ID=66943584
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910023880.7A Active CN109902515B (en) | 2019-01-10 | 2019-01-10 | True data verification method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109902515B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110674531A (en) * | 2019-10-11 | 2020-01-10 | 腾讯科技(深圳)有限公司 | Residence information management method, device, server and medium based on block chain |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932350A (en) * | 2012-10-31 | 2013-02-13 | 华为技术有限公司 | TLS (Transport Layer Security) scanning method and device |
| CN102984127A (en) * | 2012-11-05 | 2013-03-20 | 武汉大学 | User-centered mobile internet identity managing and identifying method |
| CN103118027A (en) * | 2013-02-05 | 2013-05-22 | 中金金融认证中心有限公司 | Transport layer security (TLS) channel constructing method based on cryptographic algorithm |
| US20160080337A1 (en) * | 2014-04-08 | 2016-03-17 | Cloudflare, Inc. | Secure session capability using public-key cryptography without access to the private key |
| CN105827402A (en) * | 2016-05-18 | 2016-08-03 | 武汉理工大学 | Distributed public verifiable random number generation method |
| CN106790090A (en) * | 2016-12-23 | 2017-05-31 | 北京奇虎科技有限公司 | Communication means, apparatus and system based on SSL |
| CN107172056A (en) * | 2017-05-31 | 2017-09-15 | 福建中金在线信息科技有限公司 | A kind of channel safety determines method, device, system, client and server |
| KR20180078509A (en) * | 2016-12-30 | 2018-07-10 | 홍익대학교 산학협력단 | A system and method for encryption of pointers to virtual function tables |
-
2019
- 2019-01-10 CN CN201910023880.7A patent/CN109902515B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102932350A (en) * | 2012-10-31 | 2013-02-13 | 华为技术有限公司 | TLS (Transport Layer Security) scanning method and device |
| CN102984127A (en) * | 2012-11-05 | 2013-03-20 | 武汉大学 | User-centered mobile internet identity managing and identifying method |
| CN103118027A (en) * | 2013-02-05 | 2013-05-22 | 中金金融认证中心有限公司 | Transport layer security (TLS) channel constructing method based on cryptographic algorithm |
| US20160080337A1 (en) * | 2014-04-08 | 2016-03-17 | Cloudflare, Inc. | Secure session capability using public-key cryptography without access to the private key |
| CN105827402A (en) * | 2016-05-18 | 2016-08-03 | 武汉理工大学 | Distributed public verifiable random number generation method |
| CN106790090A (en) * | 2016-12-23 | 2017-05-31 | 北京奇虎科技有限公司 | Communication means, apparatus and system based on SSL |
| KR20180078509A (en) * | 2016-12-30 | 2018-07-10 | 홍익대학교 산학협력단 | A system and method for encryption of pointers to virtual function tables |
| CN107172056A (en) * | 2017-05-31 | 2017-09-15 | 福建中金在线信息科技有限公司 | A kind of channel safety determines method, device, system, client and server |
Non-Patent Citations (1)
| Title |
|---|
| 刘新亮等: ""针对SSL/TLS协议会话密钥的安全威胁与防御方法"", 《计算机工程》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110674531A (en) * | 2019-10-11 | 2020-01-10 | 腾讯科技(深圳)有限公司 | Residence information management method, device, server and medium based on block chain |
| CN110674531B (en) * | 2019-10-11 | 2023-06-27 | 腾讯科技(深圳)有限公司 | Residential information management method, device, server and medium based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109902515B (en) | 2021-07-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110708170B (en) | Data processing method and device and computer readable storage medium | |
| CN109756485B (en) | Electronic contract signing method, electronic contract signing device, computer equipment and storage medium | |
| CN109309565B (en) | Security authentication method and device | |
| CN106961336B (en) | A kind of key components trustship method and system based on SM2 algorithm | |
| CN109067539B (en) | Alliance chain transaction method, alliance chain transaction equipment and computer readable storage medium | |
| CN105007279B (en) | Authentication method and Verification System | |
| CN103338215B (en) | The method setting up TLS passage based on the close algorithm of state | |
| WO2021120683A1 (en) | Method and apparatus for secure communication based on identity authentication | |
| CN103095456B (en) | The processing method of transaction message and system | |
| CN108092776A (en) | A kind of authentication server and authentication token | |
| CN107592293A (en) | The means of communication, digital certificate management method, device and electronic equipment between block chain node | |
| CA3061266A1 (en) | Transferring digital tickets based on blockchain networks | |
| CN106161449A (en) | Transmission method without key authentication and system | |
| CN112054906B (en) | Key negotiation method and system | |
| CN108377190A (en) | A kind of authenticating device and its working method | |
| CN106060078B (en) | User information encryption method, register method and verification method applied to cloud platform | |
| CN111464315B (en) | Digital signature processing method, device, computer equipment and storage medium | |
| CN109741068A (en) | Internetbank inter-bank contracting method, apparatus and system | |
| CN109767218A (en) | Block chain certificate processing method and system | |
| CN114866323B (en) | User-controllable privacy data authorization sharing system and method | |
| CN108632042A (en) | A kind of class AKA identity authorization systems and method based on pool of symmetric keys | |
| CN110380859A (en) | Based on unsymmetrical key pond to and DH agreement quantum communications service station identity identifying method and system | |
| CN105471896B (en) | Proxy Method, apparatus and system based on SSL | |
| CN113328854B (en) | Service processing method and system based on block chain | |
| CN109902515A (en) | A kind of truthful data verification method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CB03 | Change of inventor or designer information |
Inventor after: Yang Wentao Inventor after: Wang Hu Inventor after: Chen Chang Inventor after: Tang Yiwen Inventor after: Tang Ling Inventor after: Xuan Songtao Inventor before: Wang Hu Inventor before: Yang Wentao Inventor before: Chen Chang Inventor before: Tang Yiwen Inventor before: Tang Ling Inventor before: Xuan Songtao |
|
| CB03 | Change of inventor or designer information |