CN110213046A - Auth method, equipment and storage medium based on alliance's block chain - Google Patents
Auth method, equipment and storage medium based on alliance's block chain Download PDFInfo
- Publication number
- CN110213046A CN110213046A CN201910466555.8A CN201910466555A CN110213046A CN 110213046 A CN110213046 A CN 110213046A CN 201910466555 A CN201910466555 A CN 201910466555A CN 110213046 A CN110213046 A CN 110213046A
- Authority
- CN
- China
- Prior art keywords
- user
- service node
- encryption data
- broadcast message
- node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the present invention provides a kind of auth method based on alliance's block chain, equipment and storage medium.This method includes that the first service node in alliance's block chain receives the user name that user is submitted by user node;First service node is that user name generates a random number, it and will include user name and the first broadcast of random number into alliance's block chain, so that the second service node in user node and alliance's block chain receives the first broadcast message, it wherein include user name and corresponding first user key of user name in second service node;First service node receives the second broadcast message that user node is sent and the third broadcast message that second service node is sent;And compare the second encryption data carried in the first encryption data carried in the second broadcast message and third broadcast message, if the two is consistent, the authentication of user passes through, otherwise authentication failed.The embodiment of the present invention improves safety and the convenience of authentication.
Description
Technical field
The present embodiments relate to block chain technical field more particularly to a kind of authentication sides based on alliance's block chain
Method, equipment and storage medium.
Background technique
There are many Internet Service Providers (Internet Service Provider, abbreviation on the internet
ISP)/Web content service provider (Internet Content Provider, abbreviation ICP), each user are enjoying ISP/ICP
It must be registered on the ISP/ICP before the service of offer, for example currently everyone generally has wechat, Alipay etc. each
Kind of APP, and if each APP is registered, and if the account registered on different APP as password, is easy to
Library attack is hit, the safety of account is lower, and if the account registered on different APP, password are different, and hold very much
Easily pass into silence, give for change again account, password it is cumbersome.
Summary of the invention
The embodiment of the present invention provides a kind of auth method based on alliance's block chain, equipment and storage medium, to
When improving user and using Internet service, the convenience of authentication and safety avoid user from remembering a large number of users name and close
The trouble of code, solve the multiple Internet services of user username and password it is consistent caused by be easy asked by hit that library attacks
Topic.
In a first aspect, the embodiment of the present invention provides a kind of auth method based on alliance's block chain, this method comprises:
First service node in alliance's block chain receives the user name that user is submitted by user node;First clothes
Node be engaged in as the user name one random number of generation, and will include that the user name and the random number first broadcast the message,
It is broadcast in alliance's block chain, so that the second service node in the user node and alliance's block chain receives
First broadcast message, wherein including the user name and the user name corresponding the in the second service node
One user key;The first service node receives the second broadcast message that the user node is sent and second clothes
The third that node is sent of being engaged in broadcasts the message, and includes the first encryption data, first encryption data in second broadcast message
For the second user key for the user name that the user node is inputted based on the user, using the first preset algorithm to institute
State what random number encryption obtained, third broadcast message includes the second encryption data, and second encryption data is described the
Two service nodes are based on first user key, are obtained using first preset algorithm to the random number encryption;Institute
First service node is stated to compare first encryption data and second encryption data, it is described if the two is consistent
The authentication of user passes through, otherwise authentication failed.
In one embodiment, the first encryption data described in second broadcast message is included in third and encrypts number
In, the third encryption data is the public key and the second preset algorithm pair that the user node uses the first service node
What first encryption data encrypted.
In one embodiment, the second encryption data described in third broadcast message is included in the 4th encryption number
In, the 4th encryption data is that the second service node uses the public key and described second of the first service node in advance
Imputation method encrypts second encryption data.
In one embodiment, the first service node receive it is described second broadcast message and the third it is wide
After broadcasting message, the method also includes:
The first service node is according to the corresponding decipherment algorithm of second preset algorithm and the first service section
The private key of point itself obtains first encryption data and institute from second broadcast message and third broadcast message decryption
State the second encryption data.
Second aspect, the embodiment of the present invention provide a kind of service node, and the service node is suitable for a kind of alliance's block
Chain, the service node include:
Memory;
Processor;
Communication interface;And
Computer program;
Wherein, the computer program stores in the memory, and is configured as being executed by the processor following
Operation:
Receive the user name that user is submitted by the user node in alliance's block chain;One is generated for the user name
A random number, and will include that the user name and the random number first broadcast the message, it is broadcast in alliance's block chain, with
The second service node in the user node and alliance's block chain is set to receive first broadcast message, wherein described
It include the user name and corresponding first user key of the user name in second service node;Receive user's section
The third broadcast message that the second broadcast message and the second service node that point is sent are sent, second broadcast message
In include the first encryption data, first encryption data is the user name that is inputted based on the user of the user node
Second user key, the random number encryption is obtained using the first preset algorithm, third broadcast message includes the
Two encryption datas, second encryption data is that the second service node is based on first user key, using described the
One preset algorithm obtains the random number encryption;First encryption data and second encryption data are carried out pair
Than if the two is consistent, the authentication of the user passes through, otherwise authentication failed.
In one embodiment, the first encryption data described in second broadcast message is included in third and encrypts number
In, the third encryption data is the public key and the second preset algorithm pair that the user node uses the first service node
What first encryption data encrypted.
In one embodiment, the second encryption data described in third broadcast message is included in the 4th encryption number
In, the 4th encryption data is that the second service node uses the public key and described second of the first service node in advance
Imputation method encrypts second encryption data.
In one embodiment, according to the corresponding decipherment algorithm of second preset algorithm and the clothes where it
The private key of business node obtains first encryption data and institute from second broadcast message and third broadcast message decryption
State the second encryption data.
The third aspect, the embodiment of the present invention provide a kind of alliance's block chain, which includes above-mentioned second aspect
The service node.
Fourth aspect, the embodiment of the present invention provide a kind of computer readable storage medium, are stored thereon with computer program,
The computer program is executed by processor to realize method described in first aspect.
Provided in an embodiment of the present invention in the auth method of alliance's block chain, equipment and storage medium, alliance
First service node in block chain is after receiving the user name that user is submitted by user node;By being generated for the user name
One random number, and will include that the user name and random number first broadcast the message, it is broadcast in alliance's block chain, and described in reception
The second service section in the second broadcast message and alliance's block chain that user node is sent after receiving the first broadcast message
The third broadcast message that point is sent, wherein include the first encryption data in the second broadcast message, the first encryption data is the use
The second user key for the user name that family node is inputted based on user, using the first preset algorithm to the random number encryption
It obtains, third broadcast message includes the second encryption data, and the second encryption data is that second service node is based on user on it
Corresponding first user key of the user name of registration, obtains the random number encryption using the first preset algorithm;So
The second encryption data in the first encryption data and third broadcast message in the second broadcast message is compared afterwards, if the two
Unanimously, then authentication passes through, otherwise authentication failed.Technical solution based on the embodiment of the present invention, as long as user is joining
User name and user key are had registered on any service node on alliance's block chain, so that it may be stepped on using the user name and user key
Other service nodes on alliance's block chain are recorded, and enjoy the service of the service node, remember a large amount of use so as to avoid user
The trouble of name in an account book and key improves the convenience of authentication, in addition, since the security mechanism of alliance's block chain itself has
Higher safety, thus the identity of user is verified by alliance's block chain, it can be improved the safety of authentication,
And even if user logs in different server nodes using identical user name and key, it also can be avoided hacker and hit library attack
The problem of.
Detailed description of the invention
Fig. 1 is a kind of schematic diagram of communication system provided in an embodiment of the present invention;
Fig. 2 is a kind of flow chart of the auth method based on alliance's block chain provided in an embodiment of the present invention;
Fig. 3 is a kind of flow chart of auth method based on alliance's block chain provided in an embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of service node provided in an embodiment of the present invention.
Through the above attached drawings, it has been shown that the specific embodiment of the disclosure will be hereinafter described in more detail.These attached drawings
It is not intended to limit the scope of this disclosure concept by any means with verbal description, but is by referring to specific embodiments
Those skilled in the art illustrate the concept of the disclosure.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to
When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment
Described in embodiment do not represent all implementations consistent with this disclosure.On the contrary, they be only with it is such as appended
The example of the consistent device and method of some aspects be described in detail in claims, the disclosure.
Auth method provided in an embodiment of the present invention based on alliance's block chain, it is intended to solve in the prior art if
The account that user registers in different application programs (APP) is then easy to be hit library attack, the safety of account as password
Property is lower, and if the account registered on different APP, password are different, it is easy to pass into silence again, gives account for change again
Number, the cumbersome technical problem of password, this method can be adapted for communication system shown in FIG. 1.As shown in Figure 1, this is logical
Letter system includes: first service node 11, second service node 12, user node 13, the service section of third service node the 14, the 4th
Point 15 and the 5th service node 16, wherein first service node 11, second service node 12, user node 13, third clothes
Business node 14, the 4th service node 15 and the 5th service node 16 belong to same alliance's block chain.Wherein, second service section
Point 12, third service node 14, the 4th service node 15 and the 5th service node 16 can provide different clothes for user
Business, for example, second service node 12, third service node 14, the 4th service node 15 and the 5th service node 16 can
To be respectively configured to provide " pushing away spy " service, " facebook " service, " wechat " service and " Alipay " service, it is only for examples certainly
Illustrate rather than uniquely limits.In addition, only schematically illustrate herein, structure and the alliance of alliance's block chain are not limited
The node number of block chain.
How technical solution of the present invention and technical solution of the present invention are solved with specifically embodiment below above-mentioned
Technical problem is described in detail.These specific embodiments can be combined with each other below, for the same or similar concept
Or process may repeat no more in certain embodiments.Below in conjunction with attached drawing, the embodiment of the present invention is described.
Fig. 2 is a kind of flow chart of the auth method based on alliance's block chain provided in an embodiment of the present invention.The party
Method is suitable for a kind of alliance's block chain, and the structure of alliance's block chain is referred to Fig. 1, and specific step is as follows for this method:
First service node in step 201, alliance's block chain receives the user name that user is submitted by user node.
Step 202, the first service node are the user name one random number of generation, and will include the user name
It broadcasts the message, is broadcast in alliance's block chain, so that the user node and the area, alliance with the random number first
Second service node in block chain receives first broadcast message.
It wherein include that the user name and corresponding first user of the user name are close in the second service node
Key.
Step 203, the first service node receive the second broadcast message that the user node is sent and described the
The third broadcast message that two service nodes are sent.
It wherein, include the first encryption data in second broadcast message, first encryption data is user section
The second user key for the user name that point is inputted based on the user, using the first preset algorithm to the random number encryption
It obtains, the third broadcast message includes the second encryption data, and second encryption data is the second service node base
In first user key, the random number encryption is obtained using first preset algorithm
Step 204, the first service node compare first encryption data and second encryption data,
If the two is consistent, the authentication of the user passes through, otherwise authentication failed.
By taking Fig. 1 as an example, second service node 12, third service node 14, the 4th service node 15, Yi Ji in Fig. 1
The building of five service nodes 16 forms alliance's block chain, and provides authentication service for other service nodes or user node.It should
Preserved in the wound generation block of alliance's block chain second service node 12, third service node 14, the 4th service node 15 and
The information such as the block chain mark of the 5th service node 16 and public key, second service node 12, third service node the 14, the 4th service
Node 15 and the 5th service node 16 are managed alliance's block chain collectively as the original node of this alliance block chain,
It includes whether that some service node is allowed to access this alliance block chain etc..
User carries out user name and key by the mode under block chain chain on the arbitrary node on alliance's block chain
Registration registered on some service node of alliance's block chain, in this example, it is assumed that user is in second service
It registered on node 12, but was registered not on first service node 11.
Specifically, when (user is not in first service node by the login of user node 13 first service node by user
Registered) after, the use once registered on second service node 12 is submitted to first service node 11 by user node 13
Name in an account book, first service node 11 distribute a random number after receiving the user name, for the user name, and using the private of itself
Key signs to the user name, random number, and by the user name after signature, random data is carried in the first broadcast message,
It is broadcast on alliance's block chain.
Across the chain account book in interrogation zone first after receiving the first broadcast message of user node 13, obtains first service node 11
Public key, then the public key based on first service node 11 verifies the private key signature in the first broadcast message, if verifying is logical
It crosses, then user is prompted to input the corresponding user key of above-mentioned user name, and according to the second user key of user's input using the
One preset algorithm is encrypted to obtain the first encryption data to the random number in the first broadcast message, and the first encryption data is adopted
It is broadcast in alliance's block chain in the second broadcast message with being carried after the private key signature of itself.Alternatively, user node 13 is being counted
After calculation obtains the first encryption data, it can also be shown to user, so that first encryption data is input to first service by user
On node 11.
Second service node 12 is broadcasted using the public key of first service node first after receiving the first broadcast message
Private key signature in message is verified, if being verified, according to the user name carried in the first broadcast message, searches user
Once registered the first user key corresponding with the user name, and the first preset algorithm pair is used according to the first user key
Random number in first broadcast message is encrypted to obtain the second encryption data, and the second encryption data is used to the private key of itself
It carries after signature and is broadcast in alliance's block chain in third broadcast message.
First service node 11 is after receiving the second broadcast message and third broadcast message, respectively from the second broadcast message
The first encryption data and the second encryption data are obtained in third broadcast message, and by the first encryption data and the second encryption data
It compares, if the two is consistent, illustrates that the user name of user's input and user key are correct, be verified, provide clothes for user
Business, otherwise authentication failed, does not provide service.
In the auth method provided in this embodiment based on alliance's block chain, equipment and storage medium, area, alliance
First service node in block chain is after receiving the user name that user is submitted by user node;By generating one for the user name
A random number, and will include that the user name and random number first broadcast the message, it is broadcast in alliance's block chain, and receive the use
The second service node in the second broadcast message and alliance's block chain that family node is sent after receiving the first broadcast message
The third of transmission broadcasts the message, wherein includes the first encryption data in the second broadcast message, the first encryption data is the user
The second user key for the user name that node is inputted based on user obtains the random number encryption using the first preset algorithm
It arrives, third broadcast message includes the second encryption data, and the second encryption data is that second service node is infused on it based on user
Corresponding first user key of the user name of volume, obtains the random number encryption using the first preset algorithm;Then
The second encryption data in the first encryption data and third broadcast message in second broadcast message is compared, if the two one
It causes, then authentication passes through, otherwise authentication failed.Based on technical solution provided in this embodiment, as long as user is in alliance's block
User name and user key are had registered on any service node on chain, so that it may log in alliance using the user name and user key
Other service nodes on block chain, and enjoy the service of the service node, so as to avoid user remember a large number of users name and
The trouble of key improves the convenience of authentication, in addition, since the security mechanism of alliance's block chain itself is with higher
Safety, thus the identity of user is verified by alliance's block chain, it can be improved the safety of authentication, and i.e.
So that user is logged in different server nodes using identical user name and key, also can be avoided hacker and hit asking for library attack
Topic.
Fig. 3 is a kind of flow chart of auth method based on alliance's block chain provided in an embodiment of the present invention, such as Fig. 3
It is shown, on the basis of Fig. 2 embodiment, this method comprises:
First service node in step 301, alliance's block chain receives the user name that user is submitted by user node.
Step 302, the first service node are the user name one random number of generation, and will include the user name
It broadcasts the message, is broadcast in alliance's block chain, so that the user node and the area, alliance with the random number first
Second service node in block chain receives first broadcast message.
It wherein include that the user name and corresponding first user of the user name are close in the second service node
Key.
Step 303, the first service node receive the second broadcast message that the user node is sent and described the
The third broadcast message that two service nodes are sent.
It wherein, include the first encryption data in second broadcast message, first encryption data is user section
The second user key for the user name that point is inputted based on the user, using the first preset algorithm to the random number encryption
It obtains, the third broadcast message includes the second encryption data, and second encryption data is the second service node base
In first user key, the random number encryption is obtained using first preset algorithm.
Wherein, the first encryption data described in second broadcast message is included in third encryption data, and described the
Three encryption datas are that the user node is added using the public key and the second preset algorithm of the first service node to described first
What ciphertext data encrypted.
The second encryption data described in third broadcast message is included in the 4th encryption data, the 4th encryption
Data are the public key that the second service node uses the first service node and second preset algorithm to described second
What encryption data encrypted.
Step 304, the first service node are according to the corresponding decipherment algorithm of second preset algorithm and described
The private key of one service node itself obtains first encryption from second broadcast message and third broadcast message decryption
Data and second encryption data.
Step 305, the first service node compare first encryption data and second encryption data,
If the two is consistent, the authentication of the user passes through, otherwise authentication failed.
The present embodiment is according to the public key of first service node, using the second preset algorithm respectively to the first encryption data and
Two encryption datas are encrypted, and user name and user key can be prevented to be stolen, and further improve the peace of authentication
Quan Xing.
Fig. 4 is a kind of structural schematic diagram of service node provided in an embodiment of the present invention, which is suitable for one kind
Alliance's block chain, service node provided in an embodiment of the present invention can execute the above-mentioned auth method based on alliance's block chain
Execution embodiment of the method process flow.As shown in figure 4, service node 40 includes: memory 41, processor 42, computer
Program and communication interface 43;Wherein, the computer program stores in the memory, and is configured as being held by processor 42
The following operation of row:
Receive the user name that user is submitted by the user node in alliance's block chain;One is generated for the user name
A random number, and will include that the user name and the random number first broadcast the message, it is broadcast in alliance's block chain, with
The second service node in the user node and alliance's block chain is set to receive first broadcast message, wherein described
It include the user name and corresponding first user key of the user name in second service node;Receive user's section
The third broadcast message that the second broadcast message and the second service node that point is sent are sent, second broadcast message
In include the first encryption data, first encryption data is the user name that is inputted based on the user of the user node
Second user key, the random number encryption is obtained using the first preset algorithm, third broadcast message includes the
Two encryption datas, second encryption data is that the second service node is based on first user key, using described the
One preset algorithm obtains the random number encryption;First encryption data and second encryption data are carried out pair
Than if the two is consistent, the authentication of the user passes through, otherwise authentication failed.
In one embodiment, the first encryption data described in second broadcast message is included in third and encrypts number
In, the third encryption data is the public key and the second preset algorithm pair that the user node uses the first service node
What first encryption data encrypted.
In one embodiment, the second encryption data described in third broadcast message is included in the 4th encryption number
In, the 4th encryption data is that the second service node uses the public key and described second of the first service node in advance
Imputation method encrypts second encryption data.
In one embodiment, according to the corresponding decipherment algorithm of second preset algorithm and the clothes where it
The private key of business node obtains first encryption data and institute from second broadcast message and third broadcast message decryption
State the second encryption data.
The service node of embodiment illustrated in fig. 4 can be used for executing the technical solution of above method embodiment, realization principle
Similar with technical effect, details are not described herein again.
The embodiment of the present invention also provides a kind of alliance's block chain, which includes as described in above-mentioned Fig. 4 embodiment
Service node.
In addition, the embodiment of the present invention also provides a kind of computer readable storage medium, it is stored thereon with computer program, institute
Computer program is stated to be executed by processor to realize the auth method based on alliance's block chain described in above-described embodiment
Execution method.
In several embodiments provided by the present invention, it should be understood that disclosed device and method can pass through it
Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, only
Only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components can be tied
Another system is closed or is desirably integrated into, or some features can be ignored or not executed.Another point, it is shown or discussed
Mutual coupling, direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING or logical of device or unit
Letter connection can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit
The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple
In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme
's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit
It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list
Member both can take the form of hardware realization, can also realize in the form of hardware adds SFU software functional unit.
The above-mentioned integrated unit being realized in the form of SFU software functional unit can store and computer-readable deposit at one
In storage media.Above-mentioned SFU software functional unit is stored in a storage medium, including some instructions are used so that a computer
It is each that equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute the present invention
The part steps of embodiment the method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (Read-
Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. it is various
It can store the medium of program code.
Those skilled in the art can be understood that, for convenience and simplicity of description, only with above-mentioned each functional module
Division progress for example, in practical application, can according to need and above-mentioned function distribution is complete by different functional modules
At the internal structure of device being divided into different functional modules, to complete all or part of the functions described above.On
The specific work process for stating the device of description, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to
So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into
Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution
The range of scheme.
Claims (10)
1. a kind of auth method based on alliance's block chain, which is characterized in that the described method includes:
First service node in alliance's block chain receives the user name that user is submitted by user node;
The first service node is the user name one random number of generation, and will include the user name and the random number
First broadcast message, is broadcast in alliance's block chain, so that second in the user node and alliance's block chain
Service node receives first broadcast message, wherein including the user name and described in the second service node
Corresponding first user key of user name;
The first service node receives the second broadcast message and second service node hair that the user node is sent
The third sent broadcasts the message, and includes the first encryption data in second broadcast message, and first encryption data is the use
The second user key for the user name that family node is inputted based on the user, using the first preset algorithm to the random number
What encryption obtained, the third broadcast message includes the second encryption data, and second encryption data is the second service section
Point is based on first user key, is obtained using first preset algorithm to the random number encryption;
The first service node compares first encryption data and second encryption data, if the two is consistent,
Then the authentication of the user passes through, otherwise authentication failed.
2. the method according to claim 1, wherein the first encryption data described in second broadcast message
Included in third encryption data, the third encryption data is the public key that the user node uses the first service node
First encryption data is encrypted with the second preset algorithm.
3. according to the method described in claim 2, it is characterized in that, the second encryption data described in third broadcast message
Included in the 4th encryption data, the 4th encryption data is the second service node using the first service node
What public key and second preset algorithm encrypted second encryption data.
4. according to the method described in claim 3, it is characterized in that, the first service node is receiving second broadcast
After message and third broadcast message, the method also includes:
The first service node according to the corresponding decipherment algorithm of second preset algorithm and the first service node from
The private key of body obtains first encryption data and described the from second broadcast message and third broadcast message decryption
Two encryption datas.
5. a kind of service node, the service node is suitable for a kind of alliance's block chain, which is characterized in that the service node packet
It includes:
Memory;
Processor;
Communication interface;And
Computer program;
Wherein, the computer program stores in the memory, and is configured as executing following operation by the processor:
Receive the user name that user is submitted by the user node in alliance's block chain;
A random number is generated for the user name, and will include that the user name and the random number first broadcast the message, extensively
It is multicast in alliance's block chain, so that the second service node in the user node and alliance's block chain receives institute
The first broadcast message is stated, wherein including the user name and the user name corresponding first in the second service node
User key;
It receives the second broadcast message that the user node is sent and the third broadcast that the second service node is sent disappears
It ceases, includes the first encryption data in second broadcast message, first encryption data is described in the user node is based on
The second user key of the user name of user's input, obtains the random number encryption using the first preset algorithm, institute
Stating third broadcast message includes the second encryption data, and second encryption data is that the second service node is based on described first
User key obtains the random number encryption using first preset algorithm;
First encryption data and second encryption data are compared, if the two is consistent, the identity of the user
It is verified, otherwise authentication failed.
6. service node according to claim 5, which is characterized in that the first encryption described in second broadcast message
Data are included in third encryption data, and the third encryption data is the user node using the first service node
What public key and the second preset algorithm encrypted first encryption data.
7. service node according to claim 6, which is characterized in that the second encryption described in third broadcast message
Data are included in the 4th encryption data, and the 4th encryption data is that the second service node uses the first service section
What the public key and second preset algorithm of point encrypted second encryption data.
8. service node according to claim 7, which is characterized in that the processor receive it is described second broadcast disappear
After breath and third broadcast message, it is also used to:
According to the corresponding decipherment algorithm of second preset algorithm and the private key of the service node where it, from described
Two broadcast messages and third broadcast message decryption obtain first encryption data and second encryption data.
9. a kind of alliance's block chain, which is characterized in that including the service node as described in any one of claim 5-8.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program
Such as method of any of claims 1-4 is realized when being executed by processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910466555.8A CN110213046A (en) | 2019-05-30 | 2019-05-30 | Auth method, equipment and storage medium based on alliance's block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910466555.8A CN110213046A (en) | 2019-05-30 | 2019-05-30 | Auth method, equipment and storage medium based on alliance's block chain |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110213046A true CN110213046A (en) | 2019-09-06 |
Family
ID=67789794
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910466555.8A Pending CN110213046A (en) | 2019-05-30 | 2019-05-30 | Auth method, equipment and storage medium based on alliance's block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110213046A (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110611912A (en) * | 2019-10-18 | 2019-12-24 | 中国联合网络通信集团有限公司 | Block chain-based spectrum sharing method, device and system |
CN110730450A (en) * | 2019-10-18 | 2020-01-24 | 中国联合网络通信集团有限公司 | Mobile communication method and system |
CN111246476A (en) * | 2020-01-10 | 2020-06-05 | 中国联合网络通信集团有限公司 | Method and device for verifying micro base station user |
CN111464535A (en) * | 2020-03-31 | 2020-07-28 | 中国电子科技集团公司第三十研究所 | Cross-domain trust transfer method based on block chain |
CN113316140A (en) * | 2021-05-21 | 2021-08-27 | 中国联合网络通信集团有限公司 | Wireless network access method, wireless access equipment and terminal |
CN113316142A (en) * | 2021-05-21 | 2021-08-27 | 中国联合网络通信集团有限公司 | Wireless network access method and device |
CN113316141A (en) * | 2021-05-21 | 2021-08-27 | 中国联合网络通信集团有限公司 | Wireless network access method, sharing server and wireless access point |
CN113347627A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Wireless network access method, device and mobile terminal |
CN113347629A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Method, access point and terminal for providing network access service |
CN113347626A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Wireless network access method, wireless access equipment and terminal equipment |
CN113347628A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Method, access point and terminal for providing network access service |
CN114385647A (en) * | 2021-12-15 | 2022-04-22 | 达闼科技(北京)有限公司 | Alliance link-out block method and device, electronic equipment and medium |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105323754A (en) * | 2014-07-29 | 2016-02-10 | 北京信威通信技术股份有限公司 | Distributed authentication method based on pre-shared key |
CN106357640A (en) * | 2016-09-18 | 2017-01-25 | 江苏通付盾科技有限公司 | Method, system and server for authenticating identities on basis of block chain networks |
CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
CN108259438A (en) * | 2016-12-29 | 2018-07-06 | 中移(苏州)软件技术有限公司 | A kind of method and apparatus of the certification based on block chain technology |
US20180234413A1 (en) * | 2017-02-13 | 2018-08-16 | Zentel Japan Corporation | Authenticated Network |
-
2019
- 2019-05-30 CN CN201910466555.8A patent/CN110213046A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105323754A (en) * | 2014-07-29 | 2016-02-10 | 北京信威通信技术股份有限公司 | Distributed authentication method based on pre-shared key |
CN106357640A (en) * | 2016-09-18 | 2017-01-25 | 江苏通付盾科技有限公司 | Method, system and server for authenticating identities on basis of block chain networks |
CN107079036A (en) * | 2016-12-23 | 2017-08-18 | 深圳前海达闼云端智能科技有限公司 | Registration and authorization method, apparatus and system |
CN108259438A (en) * | 2016-12-29 | 2018-07-06 | 中移(苏州)软件技术有限公司 | A kind of method and apparatus of the certification based on block chain technology |
US20180234413A1 (en) * | 2017-02-13 | 2018-08-16 | Zentel Japan Corporation | Authenticated Network |
Non-Patent Citations (3)
Title |
---|
BEINI ZHOU等: ""An Authentication Scheme Using Identity-based Encryption & Blockchain"", 《IEEE》 * |
张超等: ""Medical_Chain_联盟式医疗区块链***"", 《自动化学报》 * |
***等: ""基于区块链的身份管理认证研究"", 《计算机科学》 * |
Cited By (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110611912B (en) * | 2019-10-18 | 2022-05-20 | 中国联合网络通信集团有限公司 | Block chain-based spectrum sharing method, device and system |
CN110730450A (en) * | 2019-10-18 | 2020-01-24 | 中国联合网络通信集团有限公司 | Mobile communication method and system |
CN110611912A (en) * | 2019-10-18 | 2019-12-24 | 中国联合网络通信集团有限公司 | Block chain-based spectrum sharing method, device and system |
CN110730450B (en) * | 2019-10-18 | 2023-03-24 | 中国联合网络通信集团有限公司 | Mobile communication method and system |
CN111246476A (en) * | 2020-01-10 | 2020-06-05 | 中国联合网络通信集团有限公司 | Method and device for verifying micro base station user |
CN111246476B (en) * | 2020-01-10 | 2022-09-09 | 中国联合网络通信集团有限公司 | Method and device for verifying micro base station user |
CN111464535A (en) * | 2020-03-31 | 2020-07-28 | 中国电子科技集团公司第三十研究所 | Cross-domain trust transfer method based on block chain |
CN113316140A (en) * | 2021-05-21 | 2021-08-27 | 中国联合网络通信集团有限公司 | Wireless network access method, wireless access equipment and terminal |
CN113347629A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Method, access point and terminal for providing network access service |
CN113347626A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Wireless network access method, wireless access equipment and terminal equipment |
CN113347628A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Method, access point and terminal for providing network access service |
CN113347627A (en) * | 2021-05-21 | 2021-09-03 | 中国联合网络通信集团有限公司 | Wireless network access method, device and mobile terminal |
CN113316141A (en) * | 2021-05-21 | 2021-08-27 | 中国联合网络通信集团有限公司 | Wireless network access method, sharing server and wireless access point |
CN113347626B (en) * | 2021-05-21 | 2022-12-20 | 中国联合网络通信集团有限公司 | Wireless network access method, wireless access equipment and terminal equipment |
CN113347627B (en) * | 2021-05-21 | 2023-01-10 | 中国联合网络通信集团有限公司 | Wireless network access method, device and mobile terminal |
CN113316140B (en) * | 2021-05-21 | 2023-03-24 | 中国联合网络通信集团有限公司 | Wireless network access method, wireless access equipment and terminal |
CN113316142A (en) * | 2021-05-21 | 2021-08-27 | 中国联合网络通信集团有限公司 | Wireless network access method and device |
CN114385647A (en) * | 2021-12-15 | 2022-04-22 | 达闼科技(北京)有限公司 | Alliance link-out block method and device, electronic equipment and medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110213046A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
US8627088B2 (en) | System and method for in- and out-of-band multi-factor server-to-user authentication | |
JP2022017542A (en) | Device and method for resonant encryption | |
US9621341B2 (en) | Anonymous verifiable public key certificates | |
CN110225017A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
CN110166255A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
CN110198316A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
CN110213264A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
Bojjagani et al. | Secure authentication and key management protocol for deployment of internet of vehicles (IoV) concerning intelligent transport systems | |
CN110213263A (en) | Auth method, equipment and storage medium based on alliance's block chain | |
CN107094156A (en) | A kind of safety communicating method and system based on P2P patterns | |
Lounis et al. | WPA3 connection deprivation attacks | |
Jan et al. | An authentication scheme for distributed computing environment | |
Alhaidary et al. | Vulnerability analysis for the authentication protocols in trusted computing platforms and a proposed enhancement of the offpad protocol | |
CN113849815A (en) | Unified identity authentication platform based on zero trust and confidential calculation | |
Indushree et al. | Mobile-Chain: Secure blockchain based decentralized authentication system for global roaming in mobility networks | |
CN110572392A (en) | Identity authentication method based on HyperLegger network | |
CN110138558A (en) | Transmission method, equipment and the computer readable storage medium of session key | |
CN110176994A (en) | Session cipher key distributing method, equipment and storage medium based on alliance's block chain | |
Guo et al. | A Novel RLWE‐Based Anonymous Mutual Authentication Protocol for Space Information Network | |
Aiash | A formal analysis of authentication protocols for mobile devices in next generation networks | |
Verma et al. | A lightweight secure authentication protocol for wireless sensor networks | |
CN110048842A (en) | Session key processing method, equipment and computer readable storage medium | |
Yang et al. | Blockchain-based conditional privacy-preserving authentication protocol with implicit certificates for vehicular edge computing | |
CN110213047A (en) | Transmission method, equipment and the computer readable storage medium of session key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20220517 |
|
AD01 | Patent right deemed abandoned |