CN113094675B - User authentication method and device based on distributed model training - Google Patents

User authentication method and device based on distributed model training Download PDF

Info

Publication number
CN113094675B
CN113094675B CN202110475267.6A CN202110475267A CN113094675B CN 113094675 B CN113094675 B CN 113094675B CN 202110475267 A CN202110475267 A CN 202110475267A CN 113094675 B CN113094675 B CN 113094675B
Authority
CN
China
Prior art keywords
base station
user
random number
user terminal
target base
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110475267.6A
Other languages
Chinese (zh)
Other versions
CN113094675A (en
Inventor
孔庆磊
尹峰
崔曙光
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chinese University of Hong Kong Shenzhen
Original Assignee
Chinese University of Hong Kong Shenzhen
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chinese University of Hong Kong Shenzhen filed Critical Chinese University of Hong Kong Shenzhen
Priority to CN202110475267.6A priority Critical patent/CN113094675B/en
Publication of CN113094675A publication Critical patent/CN113094675A/en
Application granted granted Critical
Publication of CN113094675B publication Critical patent/CN113094675B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application relates to a user authentication method and device based on distributed model training, computer equipment and a storage medium. The method in one embodiment comprises: issuing a model training task through a target base station; receiving training join requests sent by user terminals through the target base station, and acquiring shared secrets of the user terminals based on the training join requests, wherein the shared secrets of the user terminals are determined according to anonymous user information of the user terminals and shared keys; verifying the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station; when the shared secret of the user terminal passes verification, decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value; and acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal. By adopting the method, the privacy security of the user can be improved.

Description

User authentication method and device based on distributed model training
Technical Field
The present application relates to the field of computer technologies, and in particular, to a user authentication method and apparatus based on distributed model training, a computer device, and a storage medium.
Background
With the development of the technology in the computer field, the related processing through the machine learning model is increasingly important in the computer technology. Before processing with the machine learning model, a sample set needs to be provided, and a model training process needs to be performed on the sample set to obtain a final machine learning model. In the traditional model training process, an independent device, such as a terminal or a server, completes the whole training process, and the single training mode easily causes leakage of data of a sample set and affects data security. Therefore, a distributed learning technology is provided, in which each terminal participating in training respectively uses its own data as a sample set for training, obtains a model training result and sends the model training result to a training server, the training server fuses the model training results of each device to obtain a current model training result, and then sends the current model training result to each terminal, and repeats the next iterative training process until the training is completed.
In this distributed learning method, each terminal serves as a data owner, and the cooperation of model training can be performed without exchanging data between terminals, and each terminal of the model obtained by training can also be used to serve locally. Based on the model training result obtained by the distributed learning, the wireless approach is to gather the data owned by each terminal to a training result. Under the distributed learning mechanism, the identity status of the participants is the same, a shared data strategy can be established, and the data is not transferred, so that the privacy of the user or the data specification is not influenced.
However, in this distributed model training method, since the data trained by each terminal is stored locally in each terminal, the authenticity of the data cannot be verified. If an illegal terminal is added into the training process, unreal data is used for training, and the training model obtained by final fusion is undoubtedly influenced. Therefore, in order to ensure the reliability of the model training data, it is necessary to verify the location information of the terminal (or the user) at a certain time point to verify whether the user meets the requirements. However, in the traditional manner of authenticating the user location in the distributed learning process, there still exists a problem that the privacy of the user may be unnecessarily exposed, which affects the privacy security of the user.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a user authentication method, apparatus, computer device and storage medium based on distributed model training.
The user authentication method based on distributed model training in one embodiment comprises the following steps:
issuing a model training task through a target base station;
receiving training join requests sent by user terminals through the target base station, and acquiring shared secrets of the user terminals based on the training join requests, wherein the shared secrets of the user terminals are determined according to anonymous user information of the user terminals and shared keys;
verifying the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station; when the shared secret of the user terminal passes verification, decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value;
and acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal.
In one embodiment, the method further comprises:
after receiving, by the target base station, the training join request sent by each user terminal, and before acquiring the shared secret of the user terminal based on the training join request, the method further includes: establishing a secure communication channel between the target base station and each user terminal;
obtaining the shared secret of the user terminal based on the training join request, comprising: and respectively obtaining the shared secret of each user terminal through a secure communication channel between the target base station and each user terminal.
The user authentication method based on distributed model training in one embodiment comprises the following steps:
selecting a first random number, a second random number and a second numerical value at the beginning stage of the time slot;
generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
receiving a position authentication request sent by a user terminal, and acquiring user identity information of the user terminal based on the position authentication request;
generating anonymous user information of the user terminal based on the second numerical value and the user identity information;
generating a sharing key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
generating a position authentication response, and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key;
and generating a second blockchain transaction at the end of the time slot, and uploading the second blockchain transaction to a blockchain, wherein the second blockchain transaction carries the base station cipher text and a first numerical value determined based on the first random number.
In one embodiment, the method further comprises:
after receiving a location authentication request sent by a user terminal, and before obtaining user identity information of the user terminal based on the location authentication request, the method further includes: establishing a secure communication channel between the target base station and each user terminal;
obtaining user identity information of the user terminal based on the location authentication request, including: and obtaining the user identity information of the user terminal through a secure communication channel between the target base station and the user terminal.
In one embodiment, the shared key comprises a first shared key and a second shared key;
the first shared key is generated based on the third numerical value, the third random number, and the anonymous user information, and the second shared key is generated based on the third random number.
In one embodiment, after generating the location authentication response, the method further comprises the steps of:
and generating authentication identity information of the user terminal based on the user identity information and the second numerical value, and inserting the authentication identity information into a valley laying filter.
A user authentication apparatus based on distributed model training, the apparatus comprising:
the task issuing module is used for issuing a model training task through the target base station;
the shared secret acquisition module is used for receiving training join requests sent by user terminals through the target base station and acquiring the shared secret of the user terminals based on the training join requests, wherein the shared secret of the user terminals is determined according to anonymous user information of the user terminals and a shared secret key;
a shared secret verification module, configured to verify the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station;
the first ciphertext decryption module is used for decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value when the shared secret of the user terminal passes verification;
and the real information acquisition module is used for acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal.
A user authentication apparatus based on distributed model training, the apparatus comprising:
the base station cryptograph generation module is used for selecting a first random number, a second random number and a second numerical value at the beginning stage of the time slot; generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
the authentication request receiving module is used for receiving a position authentication request sent by a user terminal and acquiring user identity information of the user terminal based on the position authentication request;
an anonymous user information generating module, configured to generate anonymous user information of the user terminal based on the second numerical value and the user identity information;
a shared key generation module, configured to generate a shared key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
the authentication response module is used for generating a position authentication response and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key;
and the uplink module is used for generating a second block chain transaction at the end of the time slot and uploading the second block chain transaction to a block chain, wherein the second block chain transaction carries the base station ciphertext and a first numerical value determined based on the first random number.
A computer device comprising a memory storing a computer program and a processor implementing the steps of the method as in any of the embodiments described above when the processor executes the computer program.
A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor, carries out the steps of the method in any of the embodiments as described above.
According to the user authentication method, the device, the computer equipment and the storage medium based on the distributed model training, the base station can be combined with the first preset number of encrypted ciphertexts to authenticate the user in the process of authenticating the user identity by the base station, and the server is combined with the first preset number of encrypted ciphertexts of the base station to authenticate the user identity in the process of authenticating the user identity by the model training, so that the user identity is authenticated only under the condition that the first preset number of users participate when the distributed model training is required, the privacy leakage of the user is avoided, and the privacy safety of the user is improved.
Drawings
FIG. 1 is a diagram of an application environment of a user authentication method based on distributed model training in one embodiment;
FIG. 2 is a flowchart illustrating a user authentication method based on distributed model training in one embodiment;
FIG. 3 is a flowchart illustrating a user authentication method based on distributed model training in another embodiment;
FIG. 4 is a block diagram of a user authentication device based on distributed model training in one embodiment;
FIG. 5 is a block diagram showing the structure of a user authentication apparatus trained on a distributed model according to another embodiment;
FIG. 6 is a diagram of the internal structure of a computer device in one embodiment;
FIG. 7 is a diagram of the internal structure of an electronic device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more clearly understood, the present application is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad application.
The method for training the model provided by the present application may be applied to an application environment as shown in fig. 1, where the application environment relates to more than one base station, multiple user terminals, and an edge Server Fog Server. The base station may have a plurality of ues within its coverage area, where the ue may be a ue in a vehicle, or may be another type of ue, which may move and freely enter and leave the coverage area of the base station, such as a mobile terminal. When the user terminal enters the coverage area of the base station, the mobile terminal sends a position authentication request to the base station, the base station authenticates the identity information of the user terminal, and the authentication identity information can also store a block chain. When model training is needed, the edge server issues a model training task through the base station, is located in the coverage area of the base station, and can initiate a training adding request for a user terminal needing to be added in the model training process. The user terminal may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, portable wearable devices, vehicle-mounted terminals, and the like, and the server may be implemented by an independent server or a server cluster formed by a plurality of servers.
In one embodiment, as shown in fig. 2, a user authentication method based on distributed model training is provided, which is described by taking the method as an example applied to the edge server in fig. 1, and includes the following steps S201 to S204.
Step S201: and issuing a model training task through the target base station.
The target base station may be any possible base station selected by the edge server when the model training is required, and the selected target base station may be only one or more than two.
When the model training task is issued, the model training task may be issued based on the model to be trained. The model to be trained can be provided to the edge server by a model service provider, or the edge server can issue a model training task by taking the model as the model to be trained when the model needs to be trained and updated aiming at the obtained model.
Step S202: receiving training join requests sent by user terminals through the target base station, acquiring shared secrets of the user terminals based on the training join requests, and determining the shared secrets of the user terminals according to anonymous user information of the user terminals and shared keys.
After the edge server issues the model training task through the target base station, the user terminal in the coverage area of the target base station receives the model training task, and if the model training task needs to be added, the user terminal sends a training adding request.
In one embodiment, after the training join request sent by each ue is received by the target base station, a secure communication channel may be further established between the target base station and each ue. The method for establishing the secure communication channel may be performed in any method for establishing the secure communication channel, and the embodiment of the present application is not particularly limited.
Accordingly, when the shared secret of the user terminal is obtained based on the training join request, the shared secret of each user terminal is obtained through the secure communication channel between the target base station and each user terminal when the secure communication channel is established.
In some specific examples, the shared secret of the user terminal is determined according to anonymous user information of the user terminal and a shared key, and the shared key may be information obtained by encrypting the anonymous user information based on the shared key.
Step S203: verifying the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station; and when the shared secret of the user terminal passes the verification, decrypting the first ciphertext part uploaded by the target base station to obtain a decrypted value.
In one embodiment, the verifying the shared secret of each user terminal based on the first predetermined number of encrypted ciphertexts of the target base station may specifically include step S2031 and step S2032.
Step S2031: based on a first preset number of encrypted ciphertexts of the target base station, authenticating the anonymous user information of each user terminal to obtain an authentication result;
step S2032: and verifying the authentication result according to the sharing key of each user terminal.
In one embodiment, decrypting the first ciphertext portion uploaded by the target base station to obtain a decrypted value may include:
and decrypting the first ciphertext part uploaded by the target base station based on the second ciphertext part, the third ciphertext part uploaded by the target base station and the shared key of each user terminal to obtain a decrypted value.
Step S204: and acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal.
The user authentication method based on the distributed model training combines the first preset number of encrypted ciphertexts of the base station to carry out verification in the process of carrying out the model training to verify the user identity, so that the user identity is verified only when the first preset number of users participate in the distributed model training, the privacy leakage of the user is avoided, and the privacy safety of the user is improved.
In one embodiment, after obtaining the true identity information of each of the user terminals, the method further includes:
and determining each user terminal added into the model training task based on the obtained real identity information of each user terminal.
Therefore, each user terminal added in the model training task can be determined based on the obtained real identity information of each user terminal. Then, the user terminals can perform the subsequent distributed model training process. The embodiment of the present application is not limited in particular to a specific distributed model training process.
In one embodiment, as shown in fig. 3, a user authentication method based on distributed model training is provided, which is described by taking the method as an example for being applied to the base station in fig. 1, and includes the following steps S301 to S306.
Step S301: in the beginning stage of the time slot, a first random number, a second random number and a second numerical value are selected, and a base station cipher text is generated based on the first random number, the second numerical value and a base station identifier.
In one embodiment, before selecting the first random number, the second random number, and the second value in the beginning stage of the timeslot, steps S3001 to S3003 may be further included.
Step S3001: a first predetermined number of random numbers is selected.
The first predetermined number may be determined by combining the number of users who need to participate in training when the model needs to be trained, or a threshold value of the number of users required for user authentication.
Step S3002: and respectively encrypting each random number to obtain a first preset number of encrypted ciphertexts.
The process of encrypting each random number may be set in accordance with actual technical requirements, and the embodiment of the present application is not particularly limited.
Step S3003: and generating a first blockchain transaction, and uploading the first blockchain transaction to a blockchain, wherein the first blockchain transaction carries the first preset number of encrypted ciphertexts.
The method for generating the blockchain transaction may be generated by combining with an actual method for generating the blockchain transaction, and the embodiment of the present application is not particularly limited as long as the generated first blockchain transaction can carry the first predetermined number of encrypted ciphertexts.
In one embodiment, generating a base station cryptogram based on the first random number, the second numerical value, and the base station identifier includes the following steps S3011 to S3014.
Step S3011: a first value is generated based on the first random number.
In one embodiment, when generating the first value based on the first random number, the first value may be generated in combination with actual needs, such as encryption and the like. In some specific examples, the first random number may also be considered as a private key, and a corresponding public key is generated by using the first random number as the private key, and the generated public key is taken as the first numerical value.
In one specific example, the first random number is denoted as β, and the generated first value may be denoted as g β
Step S3012: obtaining a first ciphertext portion based on the first value, the second nonce, and the second value.
In one embodiment, the first ciphertext portion may be obtained using the following equation:
C 1 =e(g β ,g 2 ) s ·x
wherein, C 1 Representing a first ciphertext part, g β Representing a first value, s a second random number, and x a second value.
Step S3013: a second ciphertext portion is obtained based on the second random number.
In one embodiment, the second ciphertext portion may be obtained using the following equation:
C 2 =g s
wherein, C 2 Representing a second ciphertext portion, s represents a second random number.
Step S3014: and obtaining a third ciphertext part based on the first numerical value, the base station identifier and the second random number.
In one embodiment, the third ciphertext portion may be obtained using the following equation:
C 3 =(g β·ID ·h 1 ) s
wherein, C 3 Representing the third ciphertext part, s represents the second random number, and the ID represents the base station identity.
The base station ciphertext comprises the first ciphertext part, the second ciphertext part and the third ciphertext part.
Step S302: receiving a position authentication request sent by a user terminal, and acquiring user identity information of the user terminal based on the position authentication request.
In one embodiment, after receiving the location authentication request sent by the user terminal, a secure communication channel may also be established between the base station and the user terminal. The method for establishing the secure communication channel may be performed in any method for establishing the secure communication channel, and the embodiment of the present application is not particularly limited.
Accordingly, when the user identity information of the user terminal is obtained based on the location authentication request, the user identity information of the user terminal is obtained through the secure communication channel between the base station and the user terminal under the condition that the secure communication channel is established.
Step S303: and generating anonymous user information of the user terminal based on the second numerical value and the user identity information.
Step S304: and generating a sharing key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station.
In an embodiment, the generating the sharing key of the user equipment based on the anonymous user information and the first predetermined number of encrypted ciphertexts of the target base station includes steps S3041 to S3043.
Step S3041: generating a third value based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station.
In one embodiment, the third value may be generated using the following equation:
Figure BDA0003046793970000101
wherein, f (pid) i ) Denotes a third value, α j J (th) encrypted ciphertext, pid, of a first predetermined number of encrypted ciphertexts representing a target base station i Denotes anonymous user information of the user i, and β denotes a first random number.
Step S3042: a third random number is selected.
Step S3043: and generating a sharing key of the user terminal based on the third numerical value, the third random number and the anonymous user information.
In one embodiment, the shared key includes a first shared key and a second shared key. The first shared key is generated based on the third numerical value, the third random number, and the anonymous user information, and the second shared key is generated based on the third random number.
In one embodiment, the sharing key may be generated using the following formula:
Figure BDA0003046793970000102
wherein, ω is i,1 Representing a first shared key, ω i,2 Denotes the second shared key, f (pid) i ) Denotes a third value, pid i Anonymous user information representing user i, r i Representing a third random number.
Step S305: and generating a position authentication response, and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key.
Step S306: and generating a second blockchain transaction at the end of the time slot, and uploading the second blockchain transaction to a blockchain, wherein the second blockchain transaction carries the base station cipher text and a first numerical value determined based on the first random number.
In one embodiment, after generating the location authentication response, the method may further include the steps of:
and generating authentication identity information of the user terminal based on the user identity information and the second numerical value, and inserting the authentication identity information into a valley laying filter.
Based on the above embodiments, the following detailed description is given with reference to a specific application example, and when the embodiment of the present application is implemented, the embodiment may include four parts: the method comprises the steps of system initialization, training task release, model ciphertext generation and model ciphertext aggregation.
The system main body of the scheme of the invention is divided into three parts: 1) Initializing a system; 2) Generating location authentication; 3) And (5) verifying location authentication. The working process is as follows:
first, system initialization is performed.
In the process of initializing the system, a group of base stations cooperate to initialize the encryption system based on a given security parameter k, i.e. to generate a bilinear parameter (q, G) T ,e,g,g 2 ,h 1 ) Where q is a prime number associated with a given security parameter k, and prime | q | = k, parameter (g, g) 2 ,h 1 ) E.g. G, G is a selected curve, e.g. elliptic curve, G 2 ,h 1 Respectively, points on the curve G, e is a bilinear mapping operation, and satisfies the condition: e: GXG → G T . Meanwhile, a group of base stations uniformly selects a hash function
Figure BDA0003046793970000111
And one valley filter was selected. On the other hand, a group of base stations simultaneously determines a slot length ts. />
In the system initialization process, ID registration is required. For any base station, during the base station ID registration process, the base station selects (k-1) (i.e. a first preset number) random numbers:
Figure BDA0003046793970000112
and generates corresponding encrypted ciphertext according to the selected (k-1) random numbers>
Figure BDA0003046793970000113
On this basis, the base station generates a new blockchain transaction (referred to as a first blockchain transaction in the embodiment of the present application) and uploads the first blockchain transaction to the blockchain. Wherein the first blockchain transaction comprises: a transaction ID, a transaction subject, transaction data, and a transaction signature. The transaction ID is used to uniquely identify the first blockchain transaction, the transaction summary may be used as the transaction ID, and the summary of the transaction may be generated in any manner of generating the summary, which is not specifically limited in the embodiments of the present application. The transaction body is used to identify the subject information of the blockchain transaction, and may specifically include a timestamp and a service provider ID. The transaction data contains the information of the generated encrypted random number, and can be expressed as
Figure BDA0003046793970000114
The transaction signature is a signature of the facilitator ID. The information contained in the first blockchain transaction in one specific example may be as shown in table 1 below.
Figure BDA0003046793970000115
TABLE 1
After the initialization process is completed, the location authentication information generation phase can be entered. In the position authentication information generation stage, the position authentication information of each terminal is generated. For each base station, the base station selects a first random number at the beginning of each time slot TS
Figure BDA0003046793970000116
At the same time, the base station selects a second random number->
Figure BDA0003046793970000117
And a second value x ∈ G T And then generating a base station cryptograph based on the first random number beta, the second random number s, the second numerical value x and the base station ID. Wherein the base station cipher text is generatedThen, the first value g may be calculated based on the first random number β β Is generated on the basis of the first value g β The second random number s, the second value x, and the base station ID generate a base station cryptogram, which may include three cryptogram portions.
In one embodiment, the first ciphertext portion C 1 May be based on the first value g β A second random number s, a second numerical value x, a second ciphertext part C 2 May be generated based on the second random number s and the third ciphertext portion may be based on the first value g β And a base station ID and a second random number s. In one specific example, three ciphertexts may be generated using the following formula:
Figure BDA0003046793970000121
when the user is
Figure BDA0003046793970000122
And when the vehicle travels to the coverage range of the base station ID, sending a position authentication request to the base station to request position authentication.
Based on the location authentication request, the user vid i The first establishment of a secure communication channel with the base station ID, and in particular the secure communication channel establishment, can be performed in any known manner. User vid based on established secure communication channel i User identity information vid i ||t i Sending the information to a base station ID, wherein the user identity information carries a current time stamp t i
User-based vid i The base station ID is first based on the transmitted user identity information, vid i ||t i Generating anonymous user information pid i =vid i ·H(x||t i )。
Then, the base station ID is based on the generated anonymous user information pid i Generating a third value f (pid) i ). In one specific example, the base station ID may be combined with (k-1) random numbers (α) it selects 12 ,…,α k-1 ) Generate the third value f (pid) i ) In one example, the formula can be expressed as
Figure BDA0003046793970000123
Figure BDA0003046793970000124
At the same time, the base station ID selects a third random number
Figure BDA0003046793970000125
And based on the third random number r i Generating a corresponding shared secret ss i =(ω i,1i,2 ). Wherein the shared secret key ss i Comprising a first shared key omega i,1 And a second shared secret ω i,2 The first shared key may be based on a value f (pid) i ) And a third random number r i Generating, a second shared secret ω i,2 Can be given a third random number r i The generation, which can be formulated as:
Figure BDA0003046793970000126
subsequently, the base station ID generates a location authentication response message, which may carry anonymous user information pid i Sharing secret key ss i And a current time stamp t i In one example, the location authentication response message may be expressed as: msg i =pid i ||ss i ||t i . Then, the base station ID sends the location authentication response message msg i To a user vehicle vid i
In addition, the base station ID is also based on the user identity information vid i Generating authentication identity information cid by using the second numerical value x i In one embodiment, the authentication identity information may be represented as: cid i =H(vid i ||x||t i ). Then, the authentication identity information vid i Insertion into the cuckoo filter CF:
Figure BDA0003046793970000131
in the valley filter, for each data that needs to be inserted into the valley filter, the location of the data in two tables based on the valley filter mechanism will be calculated and the data will be stored in one of the two locations. In combination with the above, the authentication identity information cid i Possibly inserted into the valley filter at a position h 1 (cid i ) H, which may also be inserted into the cuffed filter 2 (cid i )。
Then, at the end of each time slot, the base station ID generates a second blockchain transaction based on the relevant information for that time slot and uploads the second blockchain transaction into the blockchain. Wherein the second blockchain transaction comprises: a transaction ID, a transaction subject, transaction data, and a transaction signature. The transaction ID is used to uniquely identify the first blockchain transaction, the transaction summary may be used as the transaction ID, and the summary of the transaction may be generated in any manner of generating the summary, which is not specifically limited in the embodiments of the present application. The transaction body is used to identify subject information of the blockchain transaction, and may specifically include a timestamp and a service provider ID. The transaction data includes related data in the time slot, such as time slot information TS of the time slot, and the three generated ciphertexts (C) 1 ,C 2 ,C 3 ) A first value g β And valley filter information CF, which may be expressed as ID TS (C) 1 ,C 2 ,C 3 )||g β CF, transaction signature is the signature of the facilitator ID. The information contained in the second blockchain transaction in one specific example may be as shown in table 2 below.
ID Trade abstractTo be administered
Main body Time stamp, service provider ID
Data of ID||TS||(C 1 ,C 2 ,C 3 )||g β ||CF
Signature Signature of facilitator ID
TABLE 2
Meanwhile, the other base stations in the group generate blocks through a PoS consensus mechanism, wherein the blocks comprise: block ID, block subject, block data, and block signature. The block ID is used to uniquely identify the block, the digest of the block may be used as the block ID, and the digest generation method may be any digest generation method, which is not specifically limited in the embodiment of the present application. The block body is used to identify the related topic information of the block, and specifically may include a timestamp, a base station ID (e.g., minerID), a pre-block digest, and a block consensus mechanism (e.g., poS) used. The block data includes all transactions generated by the base station during the timeslot, and the block signature is the signature of Miner (e.g., the signature of the base station). The information contained in the first blockchain transaction in one particular example may be as shown in table 3 below.
Figure BDA0003046793970000141
TABLE 3
Subsequently, a verification phase of the location authentication information is entered.
If an edge server (also called as a training server) intends to improve a position location model of a certain area or train a certain position location model, the edge server firstly broadcasts a training task ID | | | TS to all users, and the model training task is issued through the broadcast training task. The training task ID | | TS may include model information ID and time slot information of the model to be trained.
If a group of users (pid) i ,ss i ),
Figure BDA0003046793970000142
In order to participate in the training process, these users send a train join request to the edge server, the train join request carrying a shared secret (pid) i ,ss i ),/>
Figure BDA0003046793970000143
Wherein, in a specific example, the shared secret may be a shared secret ss i For anonymous user information pid i The encrypted information.
After the edge server receives the user's train join request, the edge server first verifies the shared secret (pid) of these users i ,ss i ),
Figure BDA0003046793970000144
And after the verification is passed, anonymous user information pid for the group of users i Then, authentication is performed to obtain an authentication result vk. In one specific example, the encrypted random numbers, anonymous user information for each user, and the first value g of the base station in the first blockchain transaction uploaded onto the blockchain may be combined β The operation is performed to obtain the authentication result vk, which can be expressed as:
Figure BDA0003046793970000145
secondly, the edge server verifies the computed authentication result vk. The authentication result vk may be verified in combination with the shared key of each user, and in a specific example, the authentication result vk may be represented by a formula:
Figure BDA0003046793970000151
if the above formula is verified, the server combines the second ciphertext C 2 And a third ciphertext C 3 For the first ciphertext C 1 Decrypting to obtain decrypted value
Figure BDA0003046793970000152
In one embodiment, the decryption process may be formulated as:
Figure BDA0003046793970000153
wherein the content of the first and second substances,
Figure BDA0003046793970000154
and->
Figure BDA0003046793970000155
The edge server then decrypts the value based on the decrypted value
Figure BDA0003046793970000158
And anonymous user information->
Figure BDA0003046793970000156
The server obtains the real identity information of each user:
Figure BDA0003046793970000157
based on the obtained real identity information of each user, the edge server may further verify the authenticity of the obtained real identity information through the authentication identity information stored in the valley filter.
If the obtained real identity information passes the verification, the group of users can be added into a training user set, and a training addition response is returned to the group of users. Thus, the group of users can join the model training process, and the system trains out the target model to be trained.
In the above-described scheme of the embodiment of the present application, the block chain is used to issue the non-tampered user location certificate, that is, the location certificate can be shared between the base stations without a central authority. Moreover, because the location certificate comprises the identity and the location information of the user, privacy disclosure can be caused by directly issuing the location certificate, and because the storage space of a single block is limited, the storage of the location certificate fingerprint is carried out by using the cuckoo filter, so that the storage efficiency of the location certificate is improved. I.e. based on data stored in the blockchain, no user to whom the location certificate corresponds can be inferred. Moreover, based on the characteristics of the distributed training model, the training process needs the participation of a plurality of users, and the real identity of the user can be recovered only on the premise that more users than the specified book entries participate, so that the position certification of the user can be further verified through the bloom filter. The bloom filter is used for storing the position authentication information, so that the privacy of a user who publishes the position authentication on the block chain is effectively protected. Moreover, because the process of the distributed training model needs a plurality of users to participate, based on the scheme, a threshold encryption scheme based on secret sharing is actually realized, and the identity of the user is protected; that is, when the number of the participating users is more than the threshold number, the server can obtain the real identity of the user, and the authentication is performed through the bloom filter on the block chain, so that the security of the identity privacy of the user is improved.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially displayed as indicated by arrows, the steps are not necessarily performed sequentially as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in these flowcharts may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of performing the steps or stages is not necessarily sequential, but may be performed alternately or alternately with other steps or at least some of the steps or stages in other steps.
In one embodiment, as shown in fig. 4, there is provided a user authentication apparatus based on distributed model training, which may be disposed on an edge server shown in fig. 1, and includes:
a task issuing module 401, configured to issue a model training task through a target base station;
a shared secret obtaining module 402, configured to receive, through the target base station, a training join request sent by each user terminal, and obtain, based on the training join request, a shared secret of the user terminal, where the shared secret of the user terminal is determined according to anonymous user information of the user terminal and a shared key;
a shared secret verification module 403, configured to verify the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station;
a first ciphertext decryption module 404, configured to decrypt the first ciphertext portion uploaded by the target base station when the shared secret of the user terminal passes verification, to obtain a decrypted value;
a real information obtaining module 405, configured to obtain real identity information of each user terminal based on the decryption value and the anonymous user information of each user terminal.
In one embodiment, the shared secret verification module 403 includes:
the fusion module is used for authenticating the anonymous user information of each user terminal based on a first preset number of encrypted ciphertexts of the target base station to obtain an authentication result;
and the verification module is used for verifying the authentication result according to the sharing key of each user terminal.
In one embodiment, the first ciphertext decryption module 404 decrypts the first ciphertext part uploaded by the target base station based on the second ciphertext part, the third ciphertext part uploaded by the target base station and the shared key of each ue, so as to obtain a decrypted value.
In one embodiment, the apparatus further comprises:
a user determining module, configured to determine, based on the obtained real identity information of each user terminal, the user terminal to which each model training task is added
In one embodiment, as shown in fig. 5, there is provided a user authentication apparatus based on distributed model training, which may be disposed on the base station shown in fig. 1, and includes:
a base station ciphertext generating module 501, configured to select a first random number, a second random number, and a second numerical value at a beginning stage of a timeslot; generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
an authentication request receiving module 502, configured to receive a location authentication request sent by a user terminal, and obtain user identity information of the user terminal based on the location authentication request;
an anonymous information generating module 503, configured to generate anonymous user information of the user terminal based on the second value and the user identity information;
a shared key generation module 504, configured to generate a shared key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
an authentication response module 505, configured to generate a location authentication response and send the location authentication response to the user terminal, where the location authentication response carries the anonymous user information and the sharing key;
an uplink module 506, configured to generate a second blockchain transaction at the end of the timeslot, and upload the second blockchain transaction to a blockchain, where the second blockchain transaction carries the base station cipher text and a first numerical value determined based on the first random number.
In one embodiment, the apparatus further comprises:
the ciphertext generating module is used for selecting a first preset number of random numbers; encrypting each random number respectively to obtain a first preset number of encrypted ciphertexts; and generating a first blockchain transaction, and uploading the first blockchain transaction to a blockchain, wherein the first blockchain transaction carries the first preset number of encrypted ciphertexts.
In one embodiment, the base station cryptogram generating module 501 generates a first numerical value based on the first random number; obtaining a first ciphertext portion based on the first value, the second random number, and the second value; obtaining a second ciphertext portion based on the second random number; obtaining a third ciphertext part based on the first numerical value, the base station identifier and the second random number; the base station cipher text includes the first cipher text portion, the second cipher text portion, and the third cipher text portion.
In one embodiment, the shared key generating module 504 generates a third value based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station; selecting a third random number; and generating a sharing key of the user terminal based on the third numerical value, the third random number and the anonymous user information.
For a specific implementation manner of the user authentication apparatus based on distributed model training, refer to the above description of the embodiment of the user authentication method based on distributed model training, and are not described herein again. The various modules in the apparatus for training a model described above may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent of a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer equipment is used for storing relevant data such as a model to be trained. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of user authentication based on distributed model training.
In one embodiment, an electronic device is provided, which may be disposed in a base station, and its internal structure diagram may be as shown in fig. 7. The electronic device includes a processor, a memory, and a communication interface connected by a system bus. Wherein the processor of the electronic device is configured to provide computing and control capabilities. The memory of the electronic equipment comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The communication interface of the computer device is used for communicating with an external terminal in a wired or wireless manner, and the wireless manner can be realized through WIFI, an operator network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a method of user authentication based on distributed model training.
Those skilled in the art will appreciate that the configurations shown in fig. 6 and 7 are merely block diagrams of some configurations relevant to the present disclosure, and do not constitute a limitation on the computing devices and electronic devices to which the present disclosure may be applied, and that a particular computing device may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In an embodiment, a computer device is provided, comprising a memory in which a computer program is stored and a processor which, when executing the computer program, implements the steps of the method in any of the embodiments described above.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which computer program, when being executed by a processor, carries out the steps of the method of training a model according to any of the embodiments described above.
In one embodiment, a computer program product or computer program is provided that includes computer instructions stored in a computer readable storage medium. The computer instructions are read by a processor of a computer device from a computer-readable storage medium, and the computer instructions are executed by the processor to cause the computer device to perform the steps in the above-mentioned method embodiments.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above may be implemented by hardware instructions of a computer program, which may be stored in a non-volatile computer-readable storage medium, and when executed, may include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), for example.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. A user authentication method based on distributed model training is characterized by comprising the following steps:
issuing a model training task through a target base station;
receiving training join requests sent by user terminals through the target base station, and acquiring shared secrets of the user terminals based on the training join requests, wherein the shared secrets of the user terminals are determined according to anonymous user information of the user terminals and shared keys; the anonymous user information is generated based on a second numerical value and user identity information, and the sharing key is generated based on the anonymous user information and a first preset number of encrypted ciphertexts of a target base station;
verifying the shared secret of each of the user terminals based on a first predetermined number of encrypted ciphertexts of the target base station; when the shared secret of the user terminal passes verification, decrypting a first ciphertext part uploaded by the target base station to obtain a decrypted value, wherein the first ciphertext part is obtained based on a first value, a second random number and the second value;
and acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal.
2. The method of claim 1, wherein: verifying the shared secret of each of the user terminals based on a first predetermined number of encrypted ciphertexts of the target base station, comprising:
based on a first preset number of encrypted ciphertexts of the target base station, authenticating the anonymous user information of each user terminal to obtain an authentication result;
and verifying the authentication result according to the sharing key of each user terminal.
3. The method of claim 1, wherein decrypting the first ciphertext portion uploaded by the target base station to obtain a decrypted value comprises:
and decrypting the first ciphertext part uploaded by the target base station based on the second ciphertext part, the third ciphertext part uploaded by the target base station and the shared key of each user terminal to obtain a decrypted value.
4. The method of claim 1, further comprising, after obtaining true identity information of each of the user terminals:
and determining the user terminals added into the model training tasks based on the obtained real identity information of the user terminals.
5. A user authentication method based on distributed model training is characterized by comprising the following steps:
selecting a first random number, a second random number and a second numerical value at the beginning stage of the time slot; generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
receiving a position authentication request sent by a user terminal, and acquiring user identity information of the user terminal based on the position authentication request;
generating anonymous user information of the user terminal based on the second numerical value and the user identity information;
generating a sharing key of the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of a target base station;
generating a position authentication response, and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key;
generating a second blockchain transaction at the end of the time slot, and uploading the second blockchain transaction to a blockchain, wherein the second blockchain transaction carries the base station cipher text and a first numerical value determined based on the first random number;
generating a base station cryptograph based on the first random number, the second numerical value and a base station identifier, including:
generating a first value based on the first random number;
obtaining a first ciphertext part based on the first value, the second random number, and the second value;
obtaining a second ciphertext portion based on the second random number;
obtaining a third ciphertext part based on the first numerical value, the base station identifier and the second random number;
the base station cipher text includes the first cipher text portion, the second cipher text portion, and the third cipher text portion.
6. The method of claim 5, wherein before selecting the first random number, the second random number, and the second value at the beginning of the time slot, further comprising the steps of:
selecting a first predetermined number of random numbers;
encrypting each random number respectively to obtain a first preset number of encrypted ciphertexts;
and generating a first blockchain transaction, and uploading the first blockchain transaction to a blockchain, wherein the first blockchain transaction carries the first predetermined number of encrypted ciphertexts.
7. The method of claim 5, wherein generating the shared key for the user terminal based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station comprises:
generating a third numerical value based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station;
selecting a third random number;
and generating a sharing key of the user terminal based on the third numerical value, the third random number and the anonymous user information.
8. An apparatus for user authentication based on distributed model training, the apparatus comprising:
the task issuing module is used for issuing a model training task through the target base station;
the shared secret acquisition module is used for receiving training join requests sent by user terminals through the target base station and acquiring the shared secret of the user terminals based on the training join requests, wherein the shared secret of the user terminals is determined according to anonymous user information of the user terminals and a shared secret key; the anonymous user information is generated based on a second numerical value and user identity information, and the sharing key is generated based on the anonymous user information and a first preset number of encrypted ciphertexts of a target base station;
a shared secret verification module, configured to verify the shared secret of each user terminal based on a first predetermined number of encrypted ciphertexts of the target base station;
a first ciphertext decryption module, configured to decrypt the first ciphertext portion uploaded by the target base station when the shared secret of the user terminal passes verification, to obtain a decrypted value, where the first ciphertext portion is obtained based on a first value, a second random number, and the second value;
and the real information acquisition module is used for acquiring the real identity information of each user terminal based on the decryption numerical value and the anonymous user information of each user terminal.
9. An apparatus for user authentication based on distributed model training, the apparatus comprising:
the base station cryptograph generation module is used for selecting a first random number, a second random number and a second numerical value at the beginning stage of the time slot; generating a base station cipher text based on the first random number, the second numerical value and a base station identifier;
the authentication request receiving module is used for receiving a position authentication request sent by a user terminal and acquiring user identity information of the user terminal based on the position authentication request;
an anonymous user information generating module, configured to generate anonymous user information of the user terminal based on the second numerical value and the user identity information;
the sharing key generation module is used for generating a sharing key of the user terminal based on the anonymous user information and a first preset number of encrypted ciphertexts of a target base station;
the authentication response module is used for generating a position authentication response and sending the position authentication response to the user terminal, wherein the position authentication response carries the anonymous user information and the sharing key;
an uplink module, configured to generate a second blockchain transaction at the end of the timeslot and upload the second blockchain transaction to a blockchain, where the second blockchain transaction carries the base station cipher text and a first value determined based on the first random number,
the base station ciphertext generating module is further configured to generate a first numerical value based on the first random number; obtaining a first ciphertext portion based on the first value, the second random number, and the second value; obtaining a second ciphertext portion based on the second random number; obtaining a third ciphertext part based on the first numerical value, the base station identifier and the second random number; the base station cipher text includes the first cipher text portion, the second cipher text portion, and the third cipher text portion.
10. The apparatus of claim 9, wherein the shared key generation module is further configured to generate a third value based on the anonymous user information and a first predetermined number of encrypted ciphertexts of the target base station; selecting a third random number; and generating a sharing key of the user terminal based on the third numerical value, the third random number and the anonymous user information.
CN202110475267.6A 2021-04-29 2021-04-29 User authentication method and device based on distributed model training Active CN113094675B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110475267.6A CN113094675B (en) 2021-04-29 2021-04-29 User authentication method and device based on distributed model training

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110475267.6A CN113094675B (en) 2021-04-29 2021-04-29 User authentication method and device based on distributed model training

Publications (2)

Publication Number Publication Date
CN113094675A CN113094675A (en) 2021-07-09
CN113094675B true CN113094675B (en) 2023-03-28

Family

ID=76680660

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110475267.6A Active CN113094675B (en) 2021-04-29 2021-04-29 User authentication method and device based on distributed model training

Country Status (1)

Country Link
CN (1) CN113094675B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116170239B (en) * 2023-04-26 2023-07-14 成都天用唯勤科技股份有限公司 Multi-centralised data processing method, system and storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110263928A (en) * 2019-06-18 2019-09-20 中国科学技术大学 Protect the mobile device-based distributed deep learning training method of data-privacy
CN110572253A (en) * 2019-09-16 2019-12-13 济南大学 Method and system for enhancing privacy of federated learning training data

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2429116B1 (en) * 2001-08-13 2013-07-10 The Board of Trustees of the Leland Stanford Junior University Method for identity-based encryption and related crytographic techniques
WO2006121307A1 (en) * 2005-05-13 2006-11-16 Samsung Electronics Co., Ltd. Authentication method for wireless distributed system
US8478988B2 (en) * 2007-05-15 2013-07-02 At&T Intellectual Property I, L.P. System and method for authentication of a communication device
US9674158B2 (en) * 2015-07-28 2017-06-06 International Business Machines Corporation User authentication over networks
GB2598112A (en) * 2020-08-18 2022-02-23 Nchain Holdings Ltd Threshold signatures

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110263928A (en) * 2019-06-18 2019-09-20 中国科学技术大学 Protect the mobile device-based distributed deep learning training method of data-privacy
CN110572253A (en) * 2019-09-16 2019-12-13 济南大学 Method and system for enhancing privacy of federated learning training data

Also Published As

Publication number Publication date
CN113094675A (en) 2021-07-09

Similar Documents

Publication Publication Date Title
CN111949953B (en) Identity authentication method, system and device based on block chain and computer equipment
CN109471844B (en) File sharing method and device, computer equipment and storage medium
CN111970129B (en) Data processing method and device based on block chain and readable storage medium
CN111935080B (en) Data sharing method and device of block chain, computer equipment and storage medium
US11115418B2 (en) Registration and authorization method device and system
KR101985179B1 (en) Blockchain based id as a service
CN107948736A (en) A kind of audio and video preservation of evidence method and system
CN110830245B (en) Anti-quantum-computation distributed Internet of vehicles method and system based on identity secret sharing and implicit certificate
CN110913390B (en) Anti-quantum computing Internet of vehicles method and system based on identity secret sharing
CN108964897B (en) Identity authentication system and method based on group communication
CN101350718A (en) Method for protecting play content authority range base on user identification module
CN114239857B (en) Data right determining method, device, equipment and medium based on federal learning
CN111065101A (en) 5G communication information encryption and decryption method and device based on block chain and storage medium
CN114168922B (en) User CA certificate generation method and system based on digital certificate
CN114168923B (en) Group CA certificate generation method and system based on digital certificate
CN114143108A (en) Session encryption method, device, equipment and storage medium
CN113094675B (en) User authentication method and device based on distributed model training
CN114172747A (en) Method and system for group members to obtain authentication certificate based on digital certificate
CN110166460B (en) Service account registration method and device, storage medium and electronic device
CN113094735B (en) Privacy model training method
KR101256114B1 (en) Message authentication code test method and system of many mac testserver
CN115913677A (en) Block chain-based collaboration edge storage data privacy protection system and method
CN115567203A (en) Method, device, equipment and storage medium for recovering secret information
CN114124515A (en) Bidding transmission method, key management method, user verification method and corresponding device
CN111311412B (en) Decentralized transaction confirmation method and device and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant