CN112529588A - Method and device for preventing hardware wallet from being maliciously paired - Google Patents

Method and device for preventing hardware wallet from being maliciously paired Download PDF

Info

Publication number
CN112529588A
CN112529588A CN202011609459.3A CN202011609459A CN112529588A CN 112529588 A CN112529588 A CN 112529588A CN 202011609459 A CN202011609459 A CN 202011609459A CN 112529588 A CN112529588 A CN 112529588A
Authority
CN
China
Prior art keywords
information
user identity
identity information
data
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011609459.3A
Other languages
Chinese (zh)
Inventor
蒋曲明
邬亮
郭树超
彭浩毅
刘宗文
张烨
祁春媛
谭春华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chutian Dragon Co ltd
Original Assignee
Chutian Dragon Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chutian Dragon Co ltd filed Critical Chutian Dragon Co ltd
Priority to CN202011609459.3A priority Critical patent/CN112529588A/en
Publication of CN112529588A publication Critical patent/CN112529588A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/105Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems involving programming of a portable memory device, e.g. IC cards, "electronic purses"
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a method and a device for preventing a hardware wallet from being paired maliciously, wherein the method comprises the steps of receiving user access information sent by a user access end and establishing an access connection request; according to the access connection request, sending the user access information to an identification library, and matching a user account corresponding to the user identity information in the identification library; receiving a detection user related configuration from a cloud server, and collecting and storing data corresponding to the reserved user identity information through each reserved user identity information module based on an access connection request; and acquiring the account information in an identification library, and performing pairing verification on the account information and the data record of the reserved user identity information. The method and the system prevent misconnection of other users or some illegal molecules from pairing and connecting with the hardware wallet by some means, and prevent the potential safety hazard condition that the other party can check the asset amount and the transaction record stored in the hardware wallet at will.

Description

Method and device for preventing hardware wallet from being maliciously paired
Technical Field
The invention relates to the technical field of hardware wallets, in particular to a method and a device for preventing the hardware wallets from being paired maliciously.
Background
The hardware wallet can be paired with a plurality of mobile terminals at will, meanwhile, misconnection of other users can be caused, or some illegal persons want to be connected with the hardware wallet through some means, once the connection is successful, the opposite side can check the asset amount and the transaction record stored in the hardware wallet at will, and the digital assets in the hardware wallet can be cracked and stolen, so that potential safety hazards exist.
Disclosure of Invention
In order to overcome the defects of the prior art, the invention provides a method and a device for preventing a hardware wallet from being paired maliciously.
The technical scheme adopted by the invention for solving the technical problems is as follows:
a method of preventing malicious pairing of a hardware wallet, the method comprising:
receiving user access information sent by a user access terminal to establish an access connection request, wherein the user access information is user identity information;
according to the access connection request, sending the user access information to an identification library, and matching a user account corresponding to the user identity information in the identification library;
receiving a detection user related configuration from a cloud server, wherein the detection user related configuration comprises reserved user identity information, and collecting and storing data corresponding to the reserved user identity information through each reserved user identity information module based on an access connection request;
and acquiring the account information in an identification library, performing pairing verification on the account information and the data record of the reserved user identity information, and determining whether the generated account information is the unique pairing information stored in the data of the reserved user identity information.
As a preferred technical solution of the present invention, the pairing verification of the account information and the data record of the reserved user identity information includes:
after a pairing request is sent to the data of the reserved user identity information, a second temporary public key is obtained;
the method comprises the steps of generating a first temporary public key and a first temporary private key, generating a first intermediate value based on a dynamic password of the hardware wallet, generating a second intermediate value based on the first temporary public key and the second temporary public key, generating a first verification code based on the first intermediate value and the second intermediate value, sending the first verification key and the first verification code to a cloud server for first verification, and judging whether the first verification passes or not.
As a preferable aspect of the present invention, the method further includes:
performing a predetermined operation based on the dynamic password to obtain a first calculated value, and taking a predetermined part of the first calculated value as a first intermediate value;
and performing a predetermined operation based on the first verification key and the second verification key to obtain a second calculated value, and taking a predetermined part of the second calculated value as a second intermediate value.
As a preferred technical solution of the present invention, the generating a first verification code by using the first intermediate value and the second intermediate value includes:
calculating a first decoding factor from between the first intermediate value and the second intermediate value; a first decode is generated according to the first decoding factor, and a first verification code is generated based on the first decode.
As a preferred technical solution of the present invention, the user identity information includes:
the ID of the digital certificate and the message main body information are judged, whether the ID of the digital certificate is in accordance is judged, if the ID of the digital certificate is in accordance, a private key corresponding to the digital certificate is obtained, and the code information is decrypted through the private key corresponding to the digital certificate;
and judging whether the first decryption key has the authorization of the digital certificate, if so, decrypting the message main body information through the second decryption key, understanding the encrypted information, and sending a processing result to an identification library of the hardware wallet.
As a preferable aspect of the present invention, the method further includes:
and if the ID of the digital certificate does not conform to the authorization of the digital certificate or the first key does not have the authorization of the digital certificate, sending an error message prompt to the hardware wallet, and finishing data processing.
As a preferred technical solution of the present invention, the method includes receiving basic information and a first decryption key application request sent by the hardware wallet, generating the first decryption key and a digital certificate corresponding to the first decryption key according to the basic information, and sending the first decryption key and the digital certificate corresponding to the first decryption key to an identification library of the hardware wallet.
As a preferred technical solution of the present invention, after confirming that the generated unique pairing information stored in the data whose account information is not the reserved user identity information is generated, the method further includes:
acquiring user identity information of the illegal user access terminal, acquiring stolen data corresponding to the illegal user access terminal, analyzing the stolen data to obtain dimension information, confirming a data replay mode according to the dimension information, and resampling and combining the stolen data in the replay mode to obtain non-characteristic information data; and putting the non-characteristic information data into a database corresponding to the stolen data so as to be stolen by an illegal user access terminal.
As a preferred technical solution of the present invention, the number of the dimension information is judged, and if the number of the dimension information is one, the data playback mode is determined to be the first data playback mode; and if the number of the dimension information is multiple, detecting whether the dimension information has a relevant relationship or not according to the name of the dimension information.
An apparatus for preventing a hardware wallet from being maliciously paired, comprising:
the receiving module is used for receiving user access information sent by a user access terminal and establishing an access connection request, wherein the user access information is user identity information;
the identification module is used for sending the user access information to an identification library according to the access connection request, and matching a user account corresponding to the user identity information in the identification library;
the system comprises a reserved user identity information module, a cloud server and a plurality of reserved user identity information modules, wherein the reserved user identity information module receives relevant configuration of a detected user from the cloud server, the relevant configuration of the detected user comprises reserved user identity information, and data corresponding to the reserved user identity information are collected and stored through the reserved user identity information modules on the basis of an access connection request;
and the pairing verification module is used for acquiring the account information in the identification library, performing pairing verification on the account information and the data record of the reserved user identity information, and confirming whether the generated account information is the unique pairing information stored in the data of the reserved user identity information.
Compared with the prior art, the invention has the beneficial effects that:
the invention can prevent the misconnection of other users or the pairing connection of some illegal persons and the hardware wallet by some means, and prevent the other party from randomly checking the amount of assets and transaction records stored in the hardware wallet and possibly cracking and stealing digital assets therein, thereby having potential safety hazard.
Drawings
Fig. 1 is a flowchart of an implementation of a method for preventing a hardware wallet from being maliciously paired according to an embodiment of the present invention.
Fig. 2 is a flowchart of an implementation of a method for preventing a hardware wallet from being maliciously paired according to another embodiment of the present invention.
Fig. 3 is a flowchart of an implementation of a method for preventing a hardware wallet from being maliciously paired according to another embodiment of the present invention.
Fig. 4 is a flowchart of an implementation of a method for preventing a hardware wallet from being maliciously paired according to another embodiment of the present invention.
Fig. 5 is an overall structural diagram of an apparatus for preventing a hardware wallet from being maliciously paired according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention provides a method and a device for preventing a hardware wallet from being paired maliciously, which are shown in the accompanying drawings 1-4, wherein the method specifically comprises the following steps:
as shown in step 101 of fig. 1, an access connection establishment request is received from a user access terminal, where the user access information is user identity information, where the user access terminal may specifically be a mobile phone, a website, a unit, a device, a multimedia computer, a multimedia tablet, a communicator, a laptop computer, a notebook computer, a netbook computer, a tablet computer, a personal communication system device, a personal navigation device, a personal digital assistant, and the like, and is not limited further.
The access connection request may be to establish a communication link between devices by using wireless technologies such as WiFi, 4G, and bluetooth, and provide a basis for data communication between the devices.
Meanwhile, the user access information includes user identification information and a user access instruction corresponding to the user identification information.
102, according to the access connection request, sending user access information to an identification library, matching a user account corresponding to the user identity information in the identification library, wherein the user access instruction A corresponds to first user identification information, the user access instruction B corresponds to second user identification information, the user access instruction C corresponds to third user identification information, the user access instruction D corresponds to fourth user identification information, each access instruction corresponds to one identification information, and the identification library matches the first account information by using the first user identification information, matches the second account information by using the second user identification information, and the like.
103, receiving the relevant configuration of the detected user from the cloud server, wherein the relevant configuration of the detected user comprises the identity information of the reserved user, collecting and storing data corresponding to the identity information of the reserved user through each reserved user identity information module based on the access connection request, collecting the corresponding data from the reserved user identity information module when the access connection request is received, and then carrying out pairing verification.
Acquiring account information in an identification library, performing pairing verification on the account information and the data record of the reserved user identity information according to step 104, confirming whether the generated account information is the only pairing information stored in the data of the reserved user identity information in step 105, and if so, confirming that the result is yes, so that the hardware wallet is corresponding to a user access terminal, and the user identity can check the asset amount and the transaction record stored in the hardware wallet at will.
The user identity information specifically includes:
judging whether the ID of the digital certificate is in accordance with the ID of the digital certificate and the message main body information in step 301, if so, executing step 302 to obtain a private key corresponding to the digital certificate and decrypting code information through the private key corresponding to the digital certificate;
then, according to step 303, it is determined whether the first decryption key has the authorization of the digital certificate, and if the first decryption key has the authorization of the digital certificate, step 304 is performed, the message body information is decrypted by the second decryption key, the decrypted information is understood, and the processing result is sent to the identification library of the hardware wallet.
By checking the ID legitimacy of the digital certificate, if the digital certificate is legal, the transmitted data is safely processed by combining an asymmetric encryption mode and a symmetric encryption algorithm, whether the first decryption key has the authorization of the digital certificate or not is judged, so that the interactive client is identified, the distributed security risk is facilitated, the data is safer in the transmission processes of networks and the like, the data is effectively prevented from being stolen, tampered, misconnected and the like by a third party in the transmission process, and the confidentiality and the integrity of a large amount of data with various types in the transmission process are realized.
Under the condition that the user access terminal does not have a first decryption key and a digital certificate corresponding to the first decryption key, sending basic information of the user access terminal and a first decryption key application request to a hardware wallet; and then, the interactive client is identified by sending the basic information of the client and the first decryption key application request to the server and acquiring the first decryption key and the digital certificate, so that whether the authorization is made to the user access terminal or not is judged, and the distributed security risk is facilitated. And the digital certificate includes ID account number, public key and owner.
If the ID of the digital certificate does not conform to the ID of the hardware wallet or the first key does not have the authorization of the digital certificate, sending an error message prompt to the hardware wallet, and ending data processing, and when the ID of the digital certificate does not conform to the ID or the first decryption key does not have the authorization of the digital certificate at this time, it is indicated that the current client performing data interaction with the hardware wallet is not a legally authenticated client, at this time, step 305 is implemented, and by sending an error prompt to the user access terminal and ending data processing, data in the hardware wallet is effectively prevented from being stolen or tampered by a third party.
The method comprises the steps of receiving basic information and a first decryption key application request sent by a hardware wallet, generating a first decryption key and a digital certificate corresponding to the first decryption key according to the basic information, and sending the first decryption key and the digital certificate corresponding to the first decryption key to an identification library of the hardware wallet.
In the step, the pairing verification of the account information and the data record of the reserved user identity information is carried out, and the method comprises the following steps:
step 201, after a pairing request is sent to the data of the reserved user identity information, a second temporary public key is obtained;
then, step 202 is implemented, a first temporary public key and a first temporary private key are generated, a first intermediate value is generated based on a dynamic password of the hardware wallet, a second intermediate value is generated based on the first temporary public key and the second temporary public key, step 203, a first verification code is generated based on the first intermediate value and the second intermediate value, the first temporary public key and the first verification code are sent to the cloud server for first verification, and whether the first verification passes or not is judged.
The user access terminal sends a pairing request to the hardware wallet through a mobile device and the like. And after receiving the communication pairing request from the user access terminal, the hardware wallet generates a second temporary public key and a second temporary private key, and sends the second temporary public key to the mobile equipment of the user access terminal. And verifying the temporary public key and the dynamic password, and exchanging the pairing public key by the two devices after the verification is passed so as to carry out pairing and communication.
Performing a predetermined operation based on the dynamic password to obtain a first calculated value, and taking a predetermined part of the first calculated value as a first intermediate value;
and performing a predetermined operation based on the first verification key and the second verification key to obtain a second calculated value, and taking a predetermined part of the second calculated value as a second intermediate value.
And the user inputs the dynamic password into the mobile equipment of the user access terminal, and the user access terminal generates a first intermediate value based on the dynamic password. The dynamic password can be generated by the hardware wallet and sent to the mobile device of the user access terminal, and then input by the user. The mobile device and the hardware wallet of the user access terminal may pre-negotiate an algorithm for generating a first intermediate value based on a dynamic password so that both devices can generate the same first intermediate value based on the same dynamic password.
Calculating a first decoding factor from between the first intermediate value and the second intermediate value; a first decode is generated according to the first decoding factor, and a first verification code is generated based on the first decode. When the first verification code is generated, the first intermediate value and the second intermediate value can be obtained by directly using algorithms such as MD5, SHA1, MAC and the like.
After the step of confirming that the generated account information is not the unique pairing information stored in the data of the reserved user identity information, the method further comprises the following steps:
and acquiring user identity information of the illegal user access terminal, and acquiring user access terminal information corresponding to the illegal person according to the secondary data stealing event when the hardware wallet detects the secondary data stealing event, and then acquiring stolen data corresponding to the user access terminal information of the illegal person.
Then, obtaining stolen data corresponding to an illegal user access terminal, analyzing the stolen data to obtain dimension information, confirming a data replay mode according to the dimension information, and resampling and combining the stolen data in the replay mode to obtain non-characteristic information data; and delivering non-characteristic information data to a database corresponding to the stolen data so as to be stolen by an illegal user access terminal.
In step 401, since there may be more than one dimension information amount, it is necessary to determine the number of dimension information, and if the number of dimension information is one, step 402 is performed to determine that the data playback mode is the first data playback mode; if the number of the dimension information is multiple, step 403 is performed, and whether there is a relationship in each dimension information is detected according to the name of the dimension information.
When the number of the dimensions is multiple, the type of the data playback mode needs to be further determined according to the feature dimension name, specifically, whether the dimension information with the association relationship exists in each feature dimension is detected according to the dimension name, wherein the association relationship means that data under the dimension information partially coincide or are substantially the same, for example, some user identity information data on a user access terminal may have the same dimension information, and if a partial or complete coincidence relationship exists between the two pieces of dimension information, the two pieces of dimension information have an association relationship; for another example, for a name and a pinyin-type name, which are substantially the same, there is an association between the two. The method for detecting the association relationship may include, but is not limited to, establishing an association relationship table in advance, where the association relationship table includes a plurality of combinations of dimension information having association relationships, and then detecting whether there is dimension information having association relationships in each of the dimension information according to the association relationship table, and of course, in a specific embodiment, besides detecting according to a name of the dimension information, it may also analyze whether there is an overlapping or partially overlapping portion or a substantially identical portion between data corresponding to each of the selected stolen data by selecting a certain amount of stolen data, and if there is an overlapping or partially overlapping portion or a substantially identical portion, determine that there is an association relationship between the dimension information corresponding to the overlapping or partially overlapping.
According to the embodiment, when a lawbreaker wants to look up data after pairing connection, the data stolen before the lawbreaker is resampled and combined and put into the corresponding database to mislead the lawbreaker to continuously look up the stolen data after being recombined, so that the lawbreaker can be prevented from quickly perceiving that the illegal action is found, and the malicious countermeasure frequency can be reduced.
The invention also provides a device for preventing a hardware wallet from being paired maliciously, which is shown in the attached figure 5 and comprises:
the receiving module is used for receiving user access information sent by a user access terminal and establishing an access connection request, wherein the user access information is user identity information;
the identification module is used for sending the user access information to an identification library according to the access connection request, and matching a user account corresponding to the user identity information in the identification library;
the system comprises a reserved user identity information module, a cloud server and a plurality of reserved user identity information modules, wherein the reserved user identity information module receives relevant configuration of a detected user from the cloud server, the relevant configuration of the detected user comprises reserved user identity information, and data corresponding to the reserved user identity information are collected and stored through the reserved user identity information modules on the basis of an access connection request;
and the pairing verification module is used for acquiring the account information in the identification library, performing pairing verification on the account information and the data record of the reserved user identity information, and confirming whether the generated account information is the unique pairing information stored in the data of the reserved user identity information.
The specific definition of the device for preventing the hardware wallet from being maliciously paired can be referred to the above definition of the method for preventing the hardware wallet from being maliciously paired, and is not described herein again. The various modules in the above-described apparatus for preventing a hardware wallet from being maliciously paired may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a processor in a mobile terminal device in a hardware form, or can be stored in a memory in other mobile computer devices in a software form, so that the processor can call and execute the corresponding operations of the modules.
Compared with the prior art, the invention can prevent misconnection of other users or pairing and connecting some illegal persons with the hardware wallet by some means, and prevent the other party from randomly checking the asset amount and transaction record stored in the hardware wallet and possibly cracking and stealing digital assets therein, thereby having potential safety hazard.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.

Claims (10)

1. A method of preventing malicious pairing of a hardware wallet, the method comprising:
receiving user access information sent by a user access terminal to establish an access connection request, wherein the user access information is user identity information;
according to the access connection request, sending the user access information to an identification library, and matching a user account corresponding to the user identity information in the identification library;
receiving a detection user related configuration from a cloud server, wherein the detection user related configuration comprises reserved user identity information, and collecting and storing data corresponding to the reserved user identity information through each reserved user identity information module based on an access connection request;
and acquiring the account information in an identification library, performing pairing verification on the account information and the data record of the reserved user identity information, and determining whether the generated account information is the unique pairing information stored in the data of the reserved user identity information.
2. The method of claim 1, wherein performing pair verification on the account information and a data record of reserved user identity information comprises:
after a pairing request is sent to the data of the reserved user identity information, a second temporary public key is obtained;
the method comprises the steps of generating a first temporary public key and a first temporary private key, generating a first intermediate value based on a dynamic password of the hardware wallet, generating a second intermediate value based on the first temporary public key and the second temporary public key, generating a first verification code based on the first intermediate value and the second intermediate value, sending the first verification key and the first verification code to a cloud server for first verification, and judging whether the first verification passes or not.
3. The method of claim 2, further comprising:
performing a predetermined operation based on the dynamic password to obtain a first calculated value, and taking a predetermined part of the first calculated value as a first intermediate value;
and performing a predetermined operation based on the first verification key and the second verification key to obtain a second calculated value, and taking a predetermined part of the second calculated value as a second intermediate value.
4. The method of claim 2, wherein the first intermediate value and the second intermediate value generate a first verification code comprising:
calculating a first decoding factor from between the first intermediate value and the second intermediate value; a first decode is generated according to the first decoding factor, and a first verification code is generated based on the first decode.
5. The method of claim 1, wherein the user identity information comprises:
the ID of the digital certificate and the message main body information are judged, whether the ID of the digital certificate is in accordance is judged, if the ID of the digital certificate is in accordance, a private key corresponding to the digital certificate is obtained, and the code information is decrypted through the private key corresponding to the digital certificate;
and judging whether the first decryption key has the authorization of the digital certificate, if so, decrypting the message main body information through the second decryption key, understanding the encrypted information, and sending a processing result to an identification library of the hardware wallet.
6. The method of claim 5, further comprising:
and if the ID of the digital certificate does not conform to the authorization of the digital certificate or the first key does not have the authorization of the digital certificate, sending an error message prompt to the hardware wallet, and finishing data processing.
7. The method of claim 6, wherein the basic information and the first decryption key application request sent by the hardware wallet are received, the first decryption key and the digital certificate corresponding to the first decryption key are generated according to the basic information, and the first decryption key and the digital certificate corresponding to the first decryption key are sent to the identification library of the hardware wallet.
8. The method of claim 1, wherein after confirming that the unique pairing information is generated that is not a data save of reserved user identity information, further comprising:
acquiring user identity information of the illegal user access terminal, acquiring stolen data corresponding to the illegal user access terminal, analyzing the stolen data to obtain dimension information, confirming a data replay mode according to the dimension information, and resampling and combining the stolen data in the replay mode to obtain non-characteristic information data; and putting the non-characteristic information data into a database corresponding to the stolen data so as to be stolen by an illegal user access terminal.
9. The method according to claim 8, wherein the number of the dimension information is judged, and if the number of the dimension information is one, the data playback mode is determined to be the first data playback mode; and if the number of the dimension information is multiple, detecting whether the dimension information has a relevant relationship or not according to the name of the dimension information.
10. An apparatus for preventing a hardware wallet from being maliciously paired, comprising:
the receiving module is used for receiving user access information sent by a user access terminal and establishing an access connection request, wherein the user access information is user identity information;
the identification module is used for sending the user access information to an identification library according to the access connection request, and matching a user account corresponding to the user identity information in the identification library;
the system comprises a reserved user identity information module, a cloud server and a plurality of reserved user identity information modules, wherein the reserved user identity information module receives relevant configuration of a detected user from the cloud server, the relevant configuration of the detected user comprises reserved user identity information, and data corresponding to the reserved user identity information are collected and stored through the reserved user identity information modules on the basis of an access connection request;
and the pairing verification module is used for acquiring the account information in the identification library, performing pairing verification on the account information and the data record of the reserved user identity information, and confirming whether the generated account information is the unique pairing information stored in the data of the reserved user identity information.
CN202011609459.3A 2020-12-30 2020-12-30 Method and device for preventing hardware wallet from being maliciously paired Pending CN112529588A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011609459.3A CN112529588A (en) 2020-12-30 2020-12-30 Method and device for preventing hardware wallet from being maliciously paired

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011609459.3A CN112529588A (en) 2020-12-30 2020-12-30 Method and device for preventing hardware wallet from being maliciously paired

Publications (1)

Publication Number Publication Date
CN112529588A true CN112529588A (en) 2021-03-19

Family

ID=74977614

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011609459.3A Pending CN112529588A (en) 2020-12-30 2020-12-30 Method and device for preventing hardware wallet from being maliciously paired

Country Status (1)

Country Link
CN (1) CN112529588A (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100138347A1 (en) * 2007-10-30 2010-06-03 Alibaba Group Holding Capital Place Account Transaction Management Using Dynamic Account Numbers
US20110251931A1 (en) * 2010-02-05 2011-10-13 Linkage Technology Group Co., Ltd. Accurate Method of Account Checking in the Situation of 7*24 Hours Transactions Between Telecom Multiple Systems
CN106651363A (en) * 2016-12-28 2017-05-10 飞天诚信科技股份有限公司 Hardware wallet and hardware wallet holder identity verification method
CN109067544A (en) * 2018-07-26 2018-12-21 海南新软软件有限公司 A kind of private key verification method, the apparatus and system of soft or hard combination
CN109146468A (en) * 2018-08-22 2019-01-04 爱刷(北京)科技股份有限公司 A kind of backup and restoration methods of the logical card of number
CN109727008A (en) * 2018-12-25 2019-05-07 深圳市元征科技股份有限公司 A kind of data processing method and relevant device based on block chain
CN109844787A (en) * 2018-11-27 2019-06-04 区链通网络有限公司 A kind of hardware wallet, transaction system and storage medium based on block chain
CN110022320A (en) * 2019-04-08 2019-07-16 北京深思数盾科技股份有限公司 A kind of communication partner method and communication device
CN110602676A (en) * 2019-09-09 2019-12-20 飞天诚信科技股份有限公司 Method for preventing hardware wallet from being maliciously paired
CN111191218A (en) * 2019-12-30 2020-05-22 江苏恒宝智能***技术有限公司 Authorization authentication method and device

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100138347A1 (en) * 2007-10-30 2010-06-03 Alibaba Group Holding Capital Place Account Transaction Management Using Dynamic Account Numbers
US20110251931A1 (en) * 2010-02-05 2011-10-13 Linkage Technology Group Co., Ltd. Accurate Method of Account Checking in the Situation of 7*24 Hours Transactions Between Telecom Multiple Systems
CN106651363A (en) * 2016-12-28 2017-05-10 飞天诚信科技股份有限公司 Hardware wallet and hardware wallet holder identity verification method
CN109067544A (en) * 2018-07-26 2018-12-21 海南新软软件有限公司 A kind of private key verification method, the apparatus and system of soft or hard combination
CN109146468A (en) * 2018-08-22 2019-01-04 爱刷(北京)科技股份有限公司 A kind of backup and restoration methods of the logical card of number
CN109844787A (en) * 2018-11-27 2019-06-04 区链通网络有限公司 A kind of hardware wallet, transaction system and storage medium based on block chain
CN109727008A (en) * 2018-12-25 2019-05-07 深圳市元征科技股份有限公司 A kind of data processing method and relevant device based on block chain
CN110022320A (en) * 2019-04-08 2019-07-16 北京深思数盾科技股份有限公司 A kind of communication partner method and communication device
CN110602676A (en) * 2019-09-09 2019-12-20 飞天诚信科技股份有限公司 Method for preventing hardware wallet from being maliciously paired
CN111191218A (en) * 2019-12-30 2020-05-22 江苏恒宝智能***技术有限公司 Authorization authentication method and device

Similar Documents

Publication Publication Date Title
CN109150835B (en) Cloud data access method, device, equipment and computer readable storage medium
CN109274652B (en) Identity information verification system, method and device and computer storage medium
CN106330850B (en) Security verification method based on biological characteristics, client and server
CN110086608A (en) User authen method, device, computer equipment and computer readable storage medium
WO2021184755A1 (en) Application access method and apparatus, and electronic device and storage medium
CN107864124B (en) Terminal information security protection method, terminal and Bluetooth lock
CN113221128B (en) Account and password storage method and registration management system
CN111538784A (en) Block chain-based digital asset transaction method and device and storage medium
CN112437068A (en) Authentication and key agreement method, device and system
CN112272089A (en) Cloud host login method, device, equipment and computer readable storage medium
CN112769789B (en) Encryption communication method and system
CN108900595B (en) Method, device and equipment for accessing data of cloud storage server and computing medium
CN108667800B (en) Access authority authentication method and device
CN107888548A (en) A kind of Information Authentication method and device
CN111148213B (en) Registration method of 5G user terminal, user terminal equipment and medium
CN111934862B (en) Server access method and device, readable medium and electronic equipment
CN111132149A (en) Registration method of 5G user terminal, user terminal equipment and medium
CN111628985A (en) Security access control method, security access control device, computer equipment and storage medium
CN113127818A (en) Block chain-based data authorization method and device and readable storage medium
CN111078649A (en) Block chain-based on-cloud file storage method and device and electronic equipment
CN106533685B (en) Identity authentication method, device and system
CN112529588A (en) Method and device for preventing hardware wallet from being maliciously paired
CN116132986A (en) Data transmission method, electronic equipment and storage medium
CN114745115A (en) Information transmission method and device, computer equipment and storage medium
CN111132156B (en) Registration method of 5G user terminal, user terminal equipment and medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination