CN110213046A - Auth method, equipment and storage medium based on alliance's block chain - Google Patents

Auth method, equipment and storage medium based on alliance's block chain Download PDF

Info

Publication number
CN110213046A
CN110213046A CN201910466555.8A CN201910466555A CN110213046A CN 110213046 A CN110213046 A CN 110213046A CN 201910466555 A CN201910466555 A CN 201910466555A CN 110213046 A CN110213046 A CN 110213046A
Authority
CN
China
Prior art keywords
user
service node
encryption data
broadcast message
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910466555.8A
Other languages
Chinese (zh)
Inventor
路成业
王凌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Iallchain Co Ltd
Original Assignee
Iallchain Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Iallchain Co Ltd filed Critical Iallchain Co Ltd
Priority to CN201910466555.8A priority Critical patent/CN110213046A/en
Publication of CN110213046A publication Critical patent/CN110213046A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0815Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the present invention provides a kind of auth method based on alliance's block chain, equipment and storage medium.This method includes that the first service node in alliance's block chain receives the user name that user is submitted by user node;First service node is that user name generates a random number, it and will include user name and the first broadcast of random number into alliance's block chain, so that the second service node in user node and alliance's block chain receives the first broadcast message, it wherein include user name and corresponding first user key of user name in second service node;First service node receives the second broadcast message that user node is sent and the third broadcast message that second service node is sent;And compare the second encryption data carried in the first encryption data carried in the second broadcast message and third broadcast message, if the two is consistent, the authentication of user passes through, otherwise authentication failed.The embodiment of the present invention improves safety and the convenience of authentication.

Description

Auth method, equipment and storage medium based on alliance's block chain
Technical field
The present embodiments relate to block chain technical field more particularly to a kind of authentication sides based on alliance's block chain Method, equipment and storage medium.
Background technique
There are many Internet Service Providers (Internet Service Provider, abbreviation on the internet ISP)/Web content service provider (Internet Content Provider, abbreviation ICP), each user are enjoying ISP/ICP It must be registered on the ISP/ICP before the service of offer, for example currently everyone generally has wechat, Alipay etc. each Kind of APP, and if each APP is registered, and if the account registered on different APP as password, is easy to Library attack is hit, the safety of account is lower, and if the account registered on different APP, password are different, and hold very much Easily pass into silence, give for change again account, password it is cumbersome.
Summary of the invention
The embodiment of the present invention provides a kind of auth method based on alliance's block chain, equipment and storage medium, to When improving user and using Internet service, the convenience of authentication and safety avoid user from remembering a large number of users name and close The trouble of code, solve the multiple Internet services of user username and password it is consistent caused by be easy asked by hit that library attacks Topic.
In a first aspect, the embodiment of the present invention provides a kind of auth method based on alliance's block chain, this method comprises:
First service node in alliance's block chain receives the user name that user is submitted by user node;First clothes Node be engaged in as the user name one random number of generation, and will include that the user name and the random number first broadcast the message, It is broadcast in alliance's block chain, so that the second service node in the user node and alliance's block chain receives First broadcast message, wherein including the user name and the user name corresponding the in the second service node One user key;The first service node receives the second broadcast message that the user node is sent and second clothes The third that node is sent of being engaged in broadcasts the message, and includes the first encryption data, first encryption data in second broadcast message For the second user key for the user name that the user node is inputted based on the user, using the first preset algorithm to institute State what random number encryption obtained, third broadcast message includes the second encryption data, and second encryption data is described the Two service nodes are based on first user key, are obtained using first preset algorithm to the random number encryption;Institute First service node is stated to compare first encryption data and second encryption data, it is described if the two is consistent The authentication of user passes through, otherwise authentication failed.
In one embodiment, the first encryption data described in second broadcast message is included in third and encrypts number In, the third encryption data is the public key and the second preset algorithm pair that the user node uses the first service node What first encryption data encrypted.
In one embodiment, the second encryption data described in third broadcast message is included in the 4th encryption number In, the 4th encryption data is that the second service node uses the public key and described second of the first service node in advance Imputation method encrypts second encryption data.
In one embodiment, the first service node receive it is described second broadcast message and the third it is wide After broadcasting message, the method also includes:
The first service node is according to the corresponding decipherment algorithm of second preset algorithm and the first service section The private key of point itself obtains first encryption data and institute from second broadcast message and third broadcast message decryption State the second encryption data.
Second aspect, the embodiment of the present invention provide a kind of service node, and the service node is suitable for a kind of alliance's block Chain, the service node include:
Memory;
Processor;
Communication interface;And
Computer program;
Wherein, the computer program stores in the memory, and is configured as being executed by the processor following Operation:
Receive the user name that user is submitted by the user node in alliance's block chain;One is generated for the user name A random number, and will include that the user name and the random number first broadcast the message, it is broadcast in alliance's block chain, with The second service node in the user node and alliance's block chain is set to receive first broadcast message, wherein described It include the user name and corresponding first user key of the user name in second service node;Receive user's section The third broadcast message that the second broadcast message and the second service node that point is sent are sent, second broadcast message In include the first encryption data, first encryption data is the user name that is inputted based on the user of the user node Second user key, the random number encryption is obtained using the first preset algorithm, third broadcast message includes the Two encryption datas, second encryption data is that the second service node is based on first user key, using described the One preset algorithm obtains the random number encryption;First encryption data and second encryption data are carried out pair Than if the two is consistent, the authentication of the user passes through, otherwise authentication failed.
In one embodiment, the first encryption data described in second broadcast message is included in third and encrypts number In, the third encryption data is the public key and the second preset algorithm pair that the user node uses the first service node What first encryption data encrypted.
In one embodiment, the second encryption data described in third broadcast message is included in the 4th encryption number In, the 4th encryption data is that the second service node uses the public key and described second of the first service node in advance Imputation method encrypts second encryption data.
In one embodiment, according to the corresponding decipherment algorithm of second preset algorithm and the clothes where it The private key of business node obtains first encryption data and institute from second broadcast message and third broadcast message decryption State the second encryption data.
The third aspect, the embodiment of the present invention provide a kind of alliance's block chain, which includes above-mentioned second aspect The service node.
Fourth aspect, the embodiment of the present invention provide a kind of computer readable storage medium, are stored thereon with computer program, The computer program is executed by processor to realize method described in first aspect.
Provided in an embodiment of the present invention in the auth method of alliance's block chain, equipment and storage medium, alliance First service node in block chain is after receiving the user name that user is submitted by user node;By being generated for the user name One random number, and will include that the user name and random number first broadcast the message, it is broadcast in alliance's block chain, and described in reception The second service section in the second broadcast message and alliance's block chain that user node is sent after receiving the first broadcast message The third broadcast message that point is sent, wherein include the first encryption data in the second broadcast message, the first encryption data is the use The second user key for the user name that family node is inputted based on user, using the first preset algorithm to the random number encryption It obtains, third broadcast message includes the second encryption data, and the second encryption data is that second service node is based on user on it Corresponding first user key of the user name of registration, obtains the random number encryption using the first preset algorithm;So The second encryption data in the first encryption data and third broadcast message in the second broadcast message is compared afterwards, if the two Unanimously, then authentication passes through, otherwise authentication failed.Technical solution based on the embodiment of the present invention, as long as user is joining User name and user key are had registered on any service node on alliance's block chain, so that it may be stepped on using the user name and user key Other service nodes on alliance's block chain are recorded, and enjoy the service of the service node, remember a large amount of use so as to avoid user The trouble of name in an account book and key improves the convenience of authentication, in addition, since the security mechanism of alliance's block chain itself has Higher safety, thus the identity of user is verified by alliance's block chain, it can be improved the safety of authentication, And even if user logs in different server nodes using identical user name and key, it also can be avoided hacker and hit library attack The problem of.
Detailed description of the invention
Fig. 1 is a kind of schematic diagram of communication system provided in an embodiment of the present invention;
Fig. 2 is a kind of flow chart of the auth method based on alliance's block chain provided in an embodiment of the present invention;
Fig. 3 is a kind of flow chart of auth method based on alliance's block chain provided in an embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of service node provided in an embodiment of the present invention.
Through the above attached drawings, it has been shown that the specific embodiment of the disclosure will be hereinafter described in more detail.These attached drawings It is not intended to limit the scope of this disclosure concept by any means with verbal description, but is by referring to specific embodiments Those skilled in the art illustrate the concept of the disclosure.
Specific embodiment
Example embodiments are described in detail here, and the example is illustrated in the accompanying drawings.Following description is related to When attached drawing, unless otherwise indicated, the same numbers in different drawings indicate the same or similar elements.Following exemplary embodiment Described in embodiment do not represent all implementations consistent with this disclosure.On the contrary, they be only with it is such as appended The example of the consistent device and method of some aspects be described in detail in claims, the disclosure.
Auth method provided in an embodiment of the present invention based on alliance's block chain, it is intended to solve in the prior art if The account that user registers in different application programs (APP) is then easy to be hit library attack, the safety of account as password Property is lower, and if the account registered on different APP, password are different, it is easy to pass into silence again, gives account for change again Number, the cumbersome technical problem of password, this method can be adapted for communication system shown in FIG. 1.As shown in Figure 1, this is logical Letter system includes: first service node 11, second service node 12, user node 13, the service section of third service node the 14, the 4th Point 15 and the 5th service node 16, wherein first service node 11, second service node 12, user node 13, third clothes Business node 14, the 4th service node 15 and the 5th service node 16 belong to same alliance's block chain.Wherein, second service section Point 12, third service node 14, the 4th service node 15 and the 5th service node 16 can provide different clothes for user Business, for example, second service node 12, third service node 14, the 4th service node 15 and the 5th service node 16 can To be respectively configured to provide " pushing away spy " service, " facebook " service, " wechat " service and " Alipay " service, it is only for examples certainly Illustrate rather than uniquely limits.In addition, only schematically illustrate herein, structure and the alliance of alliance's block chain are not limited The node number of block chain.
How technical solution of the present invention and technical solution of the present invention are solved with specifically embodiment below above-mentioned Technical problem is described in detail.These specific embodiments can be combined with each other below, for the same or similar concept Or process may repeat no more in certain embodiments.Below in conjunction with attached drawing, the embodiment of the present invention is described.
Fig. 2 is a kind of flow chart of the auth method based on alliance's block chain provided in an embodiment of the present invention.The party Method is suitable for a kind of alliance's block chain, and the structure of alliance's block chain is referred to Fig. 1, and specific step is as follows for this method:
First service node in step 201, alliance's block chain receives the user name that user is submitted by user node.
Step 202, the first service node are the user name one random number of generation, and will include the user name It broadcasts the message, is broadcast in alliance's block chain, so that the user node and the area, alliance with the random number first Second service node in block chain receives first broadcast message.
It wherein include that the user name and corresponding first user of the user name are close in the second service node Key.
Step 203, the first service node receive the second broadcast message that the user node is sent and described the The third broadcast message that two service nodes are sent.
It wherein, include the first encryption data in second broadcast message, first encryption data is user section The second user key for the user name that point is inputted based on the user, using the first preset algorithm to the random number encryption It obtains, the third broadcast message includes the second encryption data, and second encryption data is the second service node base In first user key, the random number encryption is obtained using first preset algorithm
Step 204, the first service node compare first encryption data and second encryption data, If the two is consistent, the authentication of the user passes through, otherwise authentication failed.
By taking Fig. 1 as an example, second service node 12, third service node 14, the 4th service node 15, Yi Ji in Fig. 1 The building of five service nodes 16 forms alliance's block chain, and provides authentication service for other service nodes or user node.It should Preserved in the wound generation block of alliance's block chain second service node 12, third service node 14, the 4th service node 15 and The information such as the block chain mark of the 5th service node 16 and public key, second service node 12, third service node the 14, the 4th service Node 15 and the 5th service node 16 are managed alliance's block chain collectively as the original node of this alliance block chain, It includes whether that some service node is allowed to access this alliance block chain etc..
User carries out user name and key by the mode under block chain chain on the arbitrary node on alliance's block chain Registration registered on some service node of alliance's block chain, in this example, it is assumed that user is in second service It registered on node 12, but was registered not on first service node 11.
Specifically, when (user is not in first service node by the login of user node 13 first service node by user Registered) after, the use once registered on second service node 12 is submitted to first service node 11 by user node 13 Name in an account book, first service node 11 distribute a random number after receiving the user name, for the user name, and using the private of itself Key signs to the user name, random number, and by the user name after signature, random data is carried in the first broadcast message, It is broadcast on alliance's block chain.
Across the chain account book in interrogation zone first after receiving the first broadcast message of user node 13, obtains first service node 11 Public key, then the public key based on first service node 11 verifies the private key signature in the first broadcast message, if verifying is logical It crosses, then user is prompted to input the corresponding user key of above-mentioned user name, and according to the second user key of user's input using the One preset algorithm is encrypted to obtain the first encryption data to the random number in the first broadcast message, and the first encryption data is adopted It is broadcast in alliance's block chain in the second broadcast message with being carried after the private key signature of itself.Alternatively, user node 13 is being counted After calculation obtains the first encryption data, it can also be shown to user, so that first encryption data is input to first service by user On node 11.
Second service node 12 is broadcasted using the public key of first service node first after receiving the first broadcast message Private key signature in message is verified, if being verified, according to the user name carried in the first broadcast message, searches user Once registered the first user key corresponding with the user name, and the first preset algorithm pair is used according to the first user key Random number in first broadcast message is encrypted to obtain the second encryption data, and the second encryption data is used to the private key of itself It carries after signature and is broadcast in alliance's block chain in third broadcast message.
First service node 11 is after receiving the second broadcast message and third broadcast message, respectively from the second broadcast message The first encryption data and the second encryption data are obtained in third broadcast message, and by the first encryption data and the second encryption data It compares, if the two is consistent, illustrates that the user name of user's input and user key are correct, be verified, provide clothes for user Business, otherwise authentication failed, does not provide service.
In the auth method provided in this embodiment based on alliance's block chain, equipment and storage medium, area, alliance First service node in block chain is after receiving the user name that user is submitted by user node;By generating one for the user name A random number, and will include that the user name and random number first broadcast the message, it is broadcast in alliance's block chain, and receive the use The second service node in the second broadcast message and alliance's block chain that family node is sent after receiving the first broadcast message The third of transmission broadcasts the message, wherein includes the first encryption data in the second broadcast message, the first encryption data is the user The second user key for the user name that node is inputted based on user obtains the random number encryption using the first preset algorithm It arrives, third broadcast message includes the second encryption data, and the second encryption data is that second service node is infused on it based on user Corresponding first user key of the user name of volume, obtains the random number encryption using the first preset algorithm;Then The second encryption data in the first encryption data and third broadcast message in second broadcast message is compared, if the two one It causes, then authentication passes through, otherwise authentication failed.Based on technical solution provided in this embodiment, as long as user is in alliance's block User name and user key are had registered on any service node on chain, so that it may log in alliance using the user name and user key Other service nodes on block chain, and enjoy the service of the service node, so as to avoid user remember a large number of users name and The trouble of key improves the convenience of authentication, in addition, since the security mechanism of alliance's block chain itself is with higher Safety, thus the identity of user is verified by alliance's block chain, it can be improved the safety of authentication, and i.e. So that user is logged in different server nodes using identical user name and key, also can be avoided hacker and hit asking for library attack Topic.
Fig. 3 is a kind of flow chart of auth method based on alliance's block chain provided in an embodiment of the present invention, such as Fig. 3 It is shown, on the basis of Fig. 2 embodiment, this method comprises:
First service node in step 301, alliance's block chain receives the user name that user is submitted by user node.
Step 302, the first service node are the user name one random number of generation, and will include the user name It broadcasts the message, is broadcast in alliance's block chain, so that the user node and the area, alliance with the random number first Second service node in block chain receives first broadcast message.
It wherein include that the user name and corresponding first user of the user name are close in the second service node Key.
Step 303, the first service node receive the second broadcast message that the user node is sent and described the The third broadcast message that two service nodes are sent.
It wherein, include the first encryption data in second broadcast message, first encryption data is user section The second user key for the user name that point is inputted based on the user, using the first preset algorithm to the random number encryption It obtains, the third broadcast message includes the second encryption data, and second encryption data is the second service node base In first user key, the random number encryption is obtained using first preset algorithm.
Wherein, the first encryption data described in second broadcast message is included in third encryption data, and described the Three encryption datas are that the user node is added using the public key and the second preset algorithm of the first service node to described first What ciphertext data encrypted.
The second encryption data described in third broadcast message is included in the 4th encryption data, the 4th encryption Data are the public key that the second service node uses the first service node and second preset algorithm to described second What encryption data encrypted.
Step 304, the first service node are according to the corresponding decipherment algorithm of second preset algorithm and described The private key of one service node itself obtains first encryption from second broadcast message and third broadcast message decryption Data and second encryption data.
Step 305, the first service node compare first encryption data and second encryption data, If the two is consistent, the authentication of the user passes through, otherwise authentication failed.
The present embodiment is according to the public key of first service node, using the second preset algorithm respectively to the first encryption data and Two encryption datas are encrypted, and user name and user key can be prevented to be stolen, and further improve the peace of authentication Quan Xing.
Fig. 4 is a kind of structural schematic diagram of service node provided in an embodiment of the present invention, which is suitable for one kind Alliance's block chain, service node provided in an embodiment of the present invention can execute the above-mentioned auth method based on alliance's block chain Execution embodiment of the method process flow.As shown in figure 4, service node 40 includes: memory 41, processor 42, computer Program and communication interface 43;Wherein, the computer program stores in the memory, and is configured as being held by processor 42 The following operation of row:
Receive the user name that user is submitted by the user node in alliance's block chain;One is generated for the user name A random number, and will include that the user name and the random number first broadcast the message, it is broadcast in alliance's block chain, with The second service node in the user node and alliance's block chain is set to receive first broadcast message, wherein described It include the user name and corresponding first user key of the user name in second service node;Receive user's section The third broadcast message that the second broadcast message and the second service node that point is sent are sent, second broadcast message In include the first encryption data, first encryption data is the user name that is inputted based on the user of the user node Second user key, the random number encryption is obtained using the first preset algorithm, third broadcast message includes the Two encryption datas, second encryption data is that the second service node is based on first user key, using described the One preset algorithm obtains the random number encryption;First encryption data and second encryption data are carried out pair Than if the two is consistent, the authentication of the user passes through, otherwise authentication failed.
In one embodiment, the first encryption data described in second broadcast message is included in third and encrypts number In, the third encryption data is the public key and the second preset algorithm pair that the user node uses the first service node What first encryption data encrypted.
In one embodiment, the second encryption data described in third broadcast message is included in the 4th encryption number In, the 4th encryption data is that the second service node uses the public key and described second of the first service node in advance Imputation method encrypts second encryption data.
In one embodiment, according to the corresponding decipherment algorithm of second preset algorithm and the clothes where it The private key of business node obtains first encryption data and institute from second broadcast message and third broadcast message decryption State the second encryption data.
The service node of embodiment illustrated in fig. 4 can be used for executing the technical solution of above method embodiment, realization principle Similar with technical effect, details are not described herein again.
The embodiment of the present invention also provides a kind of alliance's block chain, which includes as described in above-mentioned Fig. 4 embodiment Service node.
In addition, the embodiment of the present invention also provides a kind of computer readable storage medium, it is stored thereon with computer program, institute Computer program is stated to be executed by processor to realize the auth method based on alliance's block chain described in above-described embodiment Execution method.
In several embodiments provided by the present invention, it should be understood that disclosed device and method can pass through it Its mode is realized.For example, the apparatus embodiments described above are merely exemplary, for example, the division of the unit, only Only a kind of logical function partition, there may be another division manner in actual implementation, such as multiple units or components can be tied Another system is closed or is desirably integrated into, or some features can be ignored or not executed.Another point, it is shown or discussed Mutual coupling, direct-coupling or communication connection can be through some interfaces, the INDIRECT COUPLING or logical of device or unit Letter connection can be electrical property, mechanical or other forms.
The unit as illustrated by the separation member may or may not be physically separated, aobvious as unit The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.It can select some or all of unit therein according to the actual needs to realize the mesh of this embodiment scheme 's.
It, can also be in addition, the functional units in various embodiments of the present invention may be integrated into one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of hardware adds SFU software functional unit.
The above-mentioned integrated unit being realized in the form of SFU software functional unit can store and computer-readable deposit at one In storage media.Above-mentioned SFU software functional unit is stored in a storage medium, including some instructions are used so that a computer It is each that equipment (can be personal computer, server or the network equipment etc.) or processor (processor) execute the present invention The part steps of embodiment the method.And storage medium above-mentioned includes: USB flash disk, mobile hard disk, read-only memory (Read- Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic or disk etc. it is various It can store the medium of program code.
Those skilled in the art can be understood that, for convenience and simplicity of description, only with above-mentioned each functional module Division progress for example, in practical application, can according to need and above-mentioned function distribution is complete by different functional modules At the internal structure of device being divided into different functional modules, to complete all or part of the functions described above.On The specific work process for stating the device of description, can refer to corresponding processes in the foregoing method embodiment, and details are not described herein.
Finally, it should be noted that the above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent Pipe present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: its according to So be possible to modify the technical solutions described in the foregoing embodiments, or to some or all of the technical features into Row equivalent replacement;And these are modified or replaceed, various embodiments of the present invention technology that it does not separate the essence of the corresponding technical solution The range of scheme.

Claims (10)

1. a kind of auth method based on alliance's block chain, which is characterized in that the described method includes:
First service node in alliance's block chain receives the user name that user is submitted by user node;
The first service node is the user name one random number of generation, and will include the user name and the random number First broadcast message, is broadcast in alliance's block chain, so that second in the user node and alliance's block chain Service node receives first broadcast message, wherein including the user name and described in the second service node Corresponding first user key of user name;
The first service node receives the second broadcast message and second service node hair that the user node is sent The third sent broadcasts the message, and includes the first encryption data in second broadcast message, and first encryption data is the use The second user key for the user name that family node is inputted based on the user, using the first preset algorithm to the random number What encryption obtained, the third broadcast message includes the second encryption data, and second encryption data is the second service section Point is based on first user key, is obtained using first preset algorithm to the random number encryption;
The first service node compares first encryption data and second encryption data, if the two is consistent, Then the authentication of the user passes through, otherwise authentication failed.
2. the method according to claim 1, wherein the first encryption data described in second broadcast message Included in third encryption data, the third encryption data is the public key that the user node uses the first service node First encryption data is encrypted with the second preset algorithm.
3. according to the method described in claim 2, it is characterized in that, the second encryption data described in third broadcast message Included in the 4th encryption data, the 4th encryption data is the second service node using the first service node What public key and second preset algorithm encrypted second encryption data.
4. according to the method described in claim 3, it is characterized in that, the first service node is receiving second broadcast After message and third broadcast message, the method also includes:
The first service node according to the corresponding decipherment algorithm of second preset algorithm and the first service node from The private key of body obtains first encryption data and described the from second broadcast message and third broadcast message decryption Two encryption datas.
5. a kind of service node, the service node is suitable for a kind of alliance's block chain, which is characterized in that the service node packet It includes:
Memory;
Processor;
Communication interface;And
Computer program;
Wherein, the computer program stores in the memory, and is configured as executing following operation by the processor:
Receive the user name that user is submitted by the user node in alliance's block chain;
A random number is generated for the user name, and will include that the user name and the random number first broadcast the message, extensively It is multicast in alliance's block chain, so that the second service node in the user node and alliance's block chain receives institute The first broadcast message is stated, wherein including the user name and the user name corresponding first in the second service node User key;
It receives the second broadcast message that the user node is sent and the third broadcast that the second service node is sent disappears It ceases, includes the first encryption data in second broadcast message, first encryption data is described in the user node is based on The second user key of the user name of user's input, obtains the random number encryption using the first preset algorithm, institute Stating third broadcast message includes the second encryption data, and second encryption data is that the second service node is based on described first User key obtains the random number encryption using first preset algorithm;
First encryption data and second encryption data are compared, if the two is consistent, the identity of the user It is verified, otherwise authentication failed.
6. service node according to claim 5, which is characterized in that the first encryption described in second broadcast message Data are included in third encryption data, and the third encryption data is the user node using the first service node What public key and the second preset algorithm encrypted first encryption data.
7. service node according to claim 6, which is characterized in that the second encryption described in third broadcast message Data are included in the 4th encryption data, and the 4th encryption data is that the second service node uses the first service section What the public key and second preset algorithm of point encrypted second encryption data.
8. service node according to claim 7, which is characterized in that the processor receive it is described second broadcast disappear After breath and third broadcast message, it is also used to:
According to the corresponding decipherment algorithm of second preset algorithm and the private key of the service node where it, from described Two broadcast messages and third broadcast message decryption obtain first encryption data and second encryption data.
9. a kind of alliance's block chain, which is characterized in that including the service node as described in any one of claim 5-8.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the computer program Such as method of any of claims 1-4 is realized when being executed by processor.
CN201910466555.8A 2019-05-30 2019-05-30 Auth method, equipment and storage medium based on alliance's block chain Pending CN110213046A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910466555.8A CN110213046A (en) 2019-05-30 2019-05-30 Auth method, equipment and storage medium based on alliance's block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910466555.8A CN110213046A (en) 2019-05-30 2019-05-30 Auth method, equipment and storage medium based on alliance's block chain

Publications (1)

Publication Number Publication Date
CN110213046A true CN110213046A (en) 2019-09-06

Family

ID=67789794

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910466555.8A Pending CN110213046A (en) 2019-05-30 2019-05-30 Auth method, equipment and storage medium based on alliance's block chain

Country Status (1)

Country Link
CN (1) CN110213046A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110611912A (en) * 2019-10-18 2019-12-24 中国联合网络通信集团有限公司 Block chain-based spectrum sharing method, device and system
CN110730450A (en) * 2019-10-18 2020-01-24 中国联合网络通信集团有限公司 Mobile communication method and system
CN111246476A (en) * 2020-01-10 2020-06-05 中国联合网络通信集团有限公司 Method and device for verifying micro base station user
CN111464535A (en) * 2020-03-31 2020-07-28 中国电子科技集团公司第三十研究所 Cross-domain trust transfer method based on block chain
CN113316140A (en) * 2021-05-21 2021-08-27 中国联合网络通信集团有限公司 Wireless network access method, wireless access equipment and terminal
CN113316142A (en) * 2021-05-21 2021-08-27 中国联合网络通信集团有限公司 Wireless network access method and device
CN113316141A (en) * 2021-05-21 2021-08-27 中国联合网络通信集团有限公司 Wireless network access method, sharing server and wireless access point
CN113347627A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Wireless network access method, device and mobile terminal
CN113347629A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Method, access point and terminal for providing network access service
CN113347626A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Wireless network access method, wireless access equipment and terminal equipment
CN113347628A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Method, access point and terminal for providing network access service
CN114385647A (en) * 2021-12-15 2022-04-22 达闼科技(北京)有限公司 Alliance link-out block method and device, electronic equipment and medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105323754A (en) * 2014-07-29 2016-02-10 北京信威通信技术股份有限公司 Distributed authentication method based on pre-shared key
CN106357640A (en) * 2016-09-18 2017-01-25 江苏通付盾科技有限公司 Method, system and server for authenticating identities on basis of block chain networks
CN107079036A (en) * 2016-12-23 2017-08-18 深圳前海达闼云端智能科技有限公司 Registration and authorization method, apparatus and system
CN108259438A (en) * 2016-12-29 2018-07-06 中移(苏州)软件技术有限公司 A kind of method and apparatus of the certification based on block chain technology
US20180234413A1 (en) * 2017-02-13 2018-08-16 Zentel Japan Corporation Authenticated Network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105323754A (en) * 2014-07-29 2016-02-10 北京信威通信技术股份有限公司 Distributed authentication method based on pre-shared key
CN106357640A (en) * 2016-09-18 2017-01-25 江苏通付盾科技有限公司 Method, system and server for authenticating identities on basis of block chain networks
CN107079036A (en) * 2016-12-23 2017-08-18 深圳前海达闼云端智能科技有限公司 Registration and authorization method, apparatus and system
CN108259438A (en) * 2016-12-29 2018-07-06 中移(苏州)软件技术有限公司 A kind of method and apparatus of the certification based on block chain technology
US20180234413A1 (en) * 2017-02-13 2018-08-16 Zentel Japan Corporation Authenticated Network

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
BEINI ZHOU等: ""An Authentication Scheme Using Identity-based Encryption & Blockchain"", 《IEEE》 *
张超等: ""Medical_Chain_联盟式医疗区块链***"", 《自动化学报》 *
***等: ""基于区块链的身份管理认证研究"", 《计算机科学》 *

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110611912B (en) * 2019-10-18 2022-05-20 中国联合网络通信集团有限公司 Block chain-based spectrum sharing method, device and system
CN110730450A (en) * 2019-10-18 2020-01-24 中国联合网络通信集团有限公司 Mobile communication method and system
CN110611912A (en) * 2019-10-18 2019-12-24 中国联合网络通信集团有限公司 Block chain-based spectrum sharing method, device and system
CN110730450B (en) * 2019-10-18 2023-03-24 中国联合网络通信集团有限公司 Mobile communication method and system
CN111246476A (en) * 2020-01-10 2020-06-05 中国联合网络通信集团有限公司 Method and device for verifying micro base station user
CN111246476B (en) * 2020-01-10 2022-09-09 中国联合网络通信集团有限公司 Method and device for verifying micro base station user
CN111464535A (en) * 2020-03-31 2020-07-28 中国电子科技集团公司第三十研究所 Cross-domain trust transfer method based on block chain
CN113316140A (en) * 2021-05-21 2021-08-27 中国联合网络通信集团有限公司 Wireless network access method, wireless access equipment and terminal
CN113347629A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Method, access point and terminal for providing network access service
CN113347626A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Wireless network access method, wireless access equipment and terminal equipment
CN113347628A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Method, access point and terminal for providing network access service
CN113347627A (en) * 2021-05-21 2021-09-03 中国联合网络通信集团有限公司 Wireless network access method, device and mobile terminal
CN113316141A (en) * 2021-05-21 2021-08-27 中国联合网络通信集团有限公司 Wireless network access method, sharing server and wireless access point
CN113347626B (en) * 2021-05-21 2022-12-20 中国联合网络通信集团有限公司 Wireless network access method, wireless access equipment and terminal equipment
CN113347627B (en) * 2021-05-21 2023-01-10 中国联合网络通信集团有限公司 Wireless network access method, device and mobile terminal
CN113316140B (en) * 2021-05-21 2023-03-24 中国联合网络通信集团有限公司 Wireless network access method, wireless access equipment and terminal
CN113316142A (en) * 2021-05-21 2021-08-27 中国联合网络通信集团有限公司 Wireless network access method and device
CN114385647A (en) * 2021-12-15 2022-04-22 达闼科技(北京)有限公司 Alliance link-out block method and device, electronic equipment and medium

Similar Documents

Publication Publication Date Title
CN110213046A (en) Auth method, equipment and storage medium based on alliance's block chain
US8627088B2 (en) System and method for in- and out-of-band multi-factor server-to-user authentication
JP2022017542A (en) Device and method for resonant encryption
US9621341B2 (en) Anonymous verifiable public key certificates
CN110225017A (en) Auth method, equipment and storage medium based on alliance's block chain
CN110166255A (en) Auth method, equipment and storage medium based on alliance's block chain
CN110198316A (en) Auth method, equipment and storage medium based on alliance's block chain
CN110213264A (en) Auth method, equipment and storage medium based on alliance's block chain
Bojjagani et al. Secure authentication and key management protocol for deployment of internet of vehicles (IoV) concerning intelligent transport systems
CN110213263A (en) Auth method, equipment and storage medium based on alliance's block chain
CN107094156A (en) A kind of safety communicating method and system based on P2P patterns
Lounis et al. WPA3 connection deprivation attacks
Jan et al. An authentication scheme for distributed computing environment
Alhaidary et al. Vulnerability analysis for the authentication protocols in trusted computing platforms and a proposed enhancement of the offpad protocol
CN113849815A (en) Unified identity authentication platform based on zero trust and confidential calculation
Indushree et al. Mobile-Chain: Secure blockchain based decentralized authentication system for global roaming in mobility networks
CN110572392A (en) Identity authentication method based on HyperLegger network
CN110138558A (en) Transmission method, equipment and the computer readable storage medium of session key
CN110176994A (en) Session cipher key distributing method, equipment and storage medium based on alliance's block chain
Guo et al. A Novel RLWE‐Based Anonymous Mutual Authentication Protocol for Space Information Network
Aiash A formal analysis of authentication protocols for mobile devices in next generation networks
Verma et al. A lightweight secure authentication protocol for wireless sensor networks
CN110048842A (en) Session key processing method, equipment and computer readable storage medium
Yang et al. Blockchain-based conditional privacy-preserving authentication protocol with implicit certificates for vehicular edge computing
CN110213047A (en) Transmission method, equipment and the computer readable storage medium of session key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned

Effective date of abandoning: 20220517

AD01 Patent right deemed abandoned