CN113781045A - High-safety digital currency value realization method - Google Patents

High-safety digital currency value realization method Download PDF

Info

Publication number
CN113781045A
CN113781045A CN202111065859.7A CN202111065859A CN113781045A CN 113781045 A CN113781045 A CN 113781045A CN 202111065859 A CN202111065859 A CN 202111065859A CN 113781045 A CN113781045 A CN 113781045A
Authority
CN
China
Prior art keywords
user
key
transaction
signature
currency
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111065859.7A
Other languages
Chinese (zh)
Inventor
郭建伟
杜丽萍
胡祥义
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202111065859.7A priority Critical patent/CN113781045A/en
Publication of CN113781045A publication Critical patent/CN113781045A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

A high-safety digital currency value realizing method is characterized in that a digital currency issuing bank adopts a public key algorithm and a symmetric algorithm in advance to sign all digital currency values to be issued for the second time, a public key algorithm and a symmetric algorithm are adopted in a mobile phone end encryption chip in the digital currency transaction process to sign a transaction order for the second time, when point-to-point transaction is carried out, the public key algorithm is adopted to sign the signature of the transaction order in the user mobile phone end encryption chip, the signatures of all digital currency values to be issued are respectively signed and checked, when the transaction is carried out in a central transaction, the symmetric algorithm is adopted to sign the signature of the transaction order in a verification center end or a block chain node end encryption device chip, the signatures of all digital currency values to be issued are respectively signed and checked, the false signature of the transaction order is prevented, and the currency values of the digital currency are prevented from being falsified or cloned, thus, a high security digital currency denomination system is established.

Description

High-safety digital currency value realization method
The technical field is as follows:
the invention relates to the field of digital currency information security.
Background art:
the currency value of the digital currency has a unique identification number, in the transaction process of the digital currency, a user can browse all transaction accounts of any digital currency or bit currency value in a digital wallet, but whether the currency value of the digital currency is credible or not is judged, a digital currency system does not adopt effective security verification technology to prevent the currency value of the digital currency from being falsified or cloned, in addition, the security problem of the digital currency system mainly solves the problem of preventing false signature of a transaction order and the problem of preventing false signature of the digital currency value, and in the existing digital currency including the bit currency system, the technology and the security strategy for preventing false signature of the digital currency value are not adopted, so the existing digital currency technology and products have great potential safety hazards and cannot meet the requirements of a digital currency market.
The invention content is as follows:
a high-safety digital currency value realizing method is characterized in that a digital currency issuing bank adopts a public key algorithm and a symmetric algorithm in advance to sign all digital currency values to be issued for the second time, a public key algorithm and a symmetric algorithm are adopted in a mobile phone end encryption chip in the digital currency transaction process to sign a transaction order for the second time, when point-to-point transaction is carried out, the public key algorithm is adopted to sign the signature of the transaction order in the user mobile phone end encryption chip, the signatures of all digital currency values to be issued are respectively signed and checked, when the transaction is carried out in a central transaction, the symmetric algorithm is adopted to sign the signature of the transaction order in a verification center end or a block chain node end encryption device chip, the signatures of all digital currency values to be issued are respectively signed and checked, the false signature of the transaction order is prevented, and the currency values of the digital currency are prevented from being falsified or cloned, thus, a high security digital currency value system is established, the method of which is technically characterized in that:
each currency value of the digital currency has a unique identification number, and the following items are set: the total number of denominations of digital currency is 16, such as: 1000 yuan, 500 yuan, 200 yuan, 100 yuan, 50 yuan, 1.... cndot.;
in order to strengthen the security protection of digital currency, 16 public and private key pairs are set in advance for banks issuing digital currency, and the key pairs are set as follows: the private keys are SY1, SY2, the.. once, SY16, the corresponding public keys are GY1, GY2, the.. once, GY16, 16 private keys are adopted to respectively sign currency values of 16 digital currencies, meanwhile, a set of 'key seed' table KK is preset for a bank issuing the digital currencies, the 'key seed' table KK is adopted to generate once-changed signature keys according to a combined key generation algorithm, the currency values of the 16 digital currencies are respectively subjected to secondary signature, the currency value of each digital currency corresponds to the signature of one private key, and the signature of a group of signature keys is generated according to the combined key generation algorithm corresponding to the set of 'key seed' table KK;
at the mobile phone end of the user, the users of both trading parties respectively adopt respective private keys to sign the trading orders between the users, and meanwhile, the users of both trading parties respectively adopt a set of 'key seed' table i of the respective mobile phone end to generate signature keys according to a combined key generation algorithm and respectively carry out secondary signing on the trading orders; when the transaction is in the centerless state: during point-to-point transaction, at a mobile phone end of a user, the users of both transaction parties respectively adopt public keys of the other party to respectively sign and check the signatures of the transaction order, and then adopt 16 kinds of public keys at the mobile phone end to respectively sign and check the currency value signatures of 16 kinds of digital currencies related to the transaction order; when the transaction is in the center, the verification center or the block chain link point end encryption system respectively calls a set of 'key seed' table i corresponding to the double-party user of the transaction list, generates a signing and verifying key according to a combined key generation algorithm, respectively signs and verifies the secondary signature of the transaction list, generates a signing and verifying key according to a combined key generation algorithm, then calls a 'key seed' table KK, generates a signing and verifying key according to a combined key generation algorithm, and respectively signs and verifies the signatures of 16 digital currency values related to the transaction list, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
the method comprises the steps that an encryption chip is deployed at a mobile phone end, the encryption chip at the mobile phone end is used as a digital wallet of a mobile phone end of a user and is also called as a 'hard' digital wallet of the user, a digital currency issuing unit is responsible for sending and storing digital currency values to be sent to the user into the digital wallet of the mobile phone end of the user respectively, funds are stored like a bank card or a bankbook, a currency value receiving/counting record is stored in the digital wallet, a digital wallet is deployed at a digital currency platform end for each user, an authentication center is deployed at the digital currency platform end, encryption hardware equipment is deployed at the authentication center end, a transaction record of the specific digital currency values of the user is stored in the digital wallet of the user at the digital currency platform end or stored in a transaction record of a block chain at the digital currency platform end;
the invention is to arrange an encryption system in an encryption chip at a mobile phone end of a user, write an identification, a symmetric algorithm, a public key algorithm, a digest algorithm, a combined key generation algorithm, a group of private keys, a group of public keys and a set of 'key seed' table i of the user into the encryption chip, and store 16 public keys, namely: GY1, GY2, GY16, establish the public key cryptograph database of cell-phone end "friend's circle" user, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
a verification center is deployed on a digital currency platform, encryption hardware equipment is deployed at a verification center end, an encryption system at the verification center end is established, and a symmetric algorithm, an abstract algorithm and a combined key generation algorithm, a set of key seed tables KK and a set of key seed tables LL are written in a chip of the encryption hardware;
establishing a 'key seed' ciphertext database, generating a one-time-variable encryption key by using a set of 'key seed' table LL in an authentication center end encryption equipment chip in advance according to a combined key generation algorithm, respectively encrypting elements of a 'key seed' table i corresponding to all user identifications i into ciphertexts, and storing the ciphertexts in the 'key seed' ciphertext database;
establishing a public key ciphertext database, generating a one-time-variable encryption key by using a set of key seed table LL in a verification center encryption device chip in advance according to a combined key generation algorithm, respectively encrypting public keys i corresponding to all user identifications i into ciphertexts, and storing the ciphertexts in the public key ciphertext database, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
establishing a digital currency block chain community, wherein each node of a block chain consists of 1-20 servers and 1-20 encryption devices, and connecting a verification center with each block chain community through a network;
arranging encryption hardware equipment at each digital currency block chain node end, establishing a node end encryption system, writing a symmetric algorithm, a digest algorithm, a combined key generation algorithm, a set of key seed tables KK and a set of key seed tables L into a chip of the encryption hardwarefEstablishing a 'key seed' ciphertext database;
in advance, a set of 'key seeds' in the chip is encrypted by using a node end"watch LfGenerating an encryption key which is changed once according to a combined key generation algorithm, respectively encrypting the 'key seed' table i elements corresponding to all users into ciphertexts, and storing the ciphertexts in a 'key seed' cipher text database, wherein: f is 10-1000, f is the sum of block chain communities, i is 1-n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
each node end encryption system of the digital currency block chain adopts a signature verification protocol established by a symmetric algorithm respectively to verify the signature of the transaction order and verify the currency value signature related to the transaction order, and the digital currency transaction system verifies whether the transaction records of the electronic wallets of the users of both sides of the transaction are real and credible respectively, and stores the transaction order into the records of an account book database if the transaction records are verified;
the combined key generation algorithm is a selection parameter consisting of a group of timestamps and random numbers to select elements of a group of key seed tables, and synthesizes a group of encryption keys, decryption keys, signature keys or signature keys by using the selected Y elements, wherein: y is 16 or 32;
when a user A and a user B are in a central transaction, a user A mobile phone end and a user B mobile phone end encryption system respectively generate a group of signature keys according to a combined key generation algorithm by using elements in a key seed table a and elements in a key seed table B, and sign a transaction list; the verification center end encryption system calls a key seed table a element ciphertext corresponding to the user A and a key seed table B element ciphertext corresponding to the user B from a key seed ciphertext database, decrypts the key seed table a element ciphertext and the key seed table B element ciphertext in a chip of the encryption hardware equipment respectively, generates a group of verification keys respectively according to a combined key generation algorithm, and verifies the signatures of the transaction order respectively; then, calling a 'key seed' table KK from an encryption hardware device chip, respectively generating signing and verifying keys corresponding to currency values according to a combined key generating algorithm, respectively signing and verifying currency value signatures related to a transaction sheet, if the signing and verifying are passed, a digital currency transaction system transfers the amount of money of the transaction sheet from an electronic wallet of a user A to an electronic wallet of a user B, and meanwhile, the transaction sheet is taken as a record and is respectively stored in the electronic wallet of the user A and the electronic wallet of the user B, thereby completing the process of central transaction between the user A and the user B;
when a user A and a user B are in a centerless transaction, a mobile phone end encryption system of the user A adopts a private key of the user A to sign a transaction list in a mobile phone end encryption chip of the user A, a group of signature keys are generated by elements of a key seed table a according to a combined key generation algorithm, and secondary signature is carried out on the transaction list; in the encryption chip of the user B end, the private key of the user B is adopted to sign the transaction order, a group of signature keys are generated by the elements of a key seed table B according to a combined key generation algorithm, and the transaction order is signed for the second time; data exchange of public keys of both parties, a transaction order and a transaction order signature is carried out through two-dimension codes of mobile phone terminals of users of both parties of the transaction, NFC or network transmission; user B cell-phone end encryption system calls cell-phone end user A's public key ciphertext, decrypts in cell-phone end encryption chip, adopts user A's credible public key, signs the verification to transaction list user A's private key signature, recalls 16 public keys in user A cell-phone end encryption chip, promptly: the method comprises the following steps of GY1, GY2, GY.. once and GY16, respectively checking monetary signatures related to a transaction order, calling a public key ciphertext of a user B at a mobile phone end by a user A mobile phone end encryption system, decrypting in a mobile phone end encryption chip, and checking a private key signature of the user B at the transaction order by adopting a credible public key of the user B; then 16 public keys in an encryption chip of a mobile phone end of the user B are called, the monetary value signatures related to the transaction list are respectively signed and verified, if the monetary value signatures related to the transaction list pass through the encryption chip, the digital currency transaction system transfers the corresponding monetary value in the transaction list which passes through the signing and verification from the electronic wallet of the mobile phone end of the user A to the electronic wallet of the mobile phone end of the user B, and meanwhile, the transaction list is taken as a record and is respectively stored in the electronic wallet of the user A and the electronic wallet of the user B, so that the centerless transaction process between the user A and the user B is completed;
if a block chain of digital currency is established, a digital currency transaction system sends a transaction order which is signed twice by a user A and a user B to a block chain community of the digital currency, each node end encryption system of the block chain of the digital currency calls a cipher text of a table a element of a key seed corresponding to the user A and a cipher text of a table B element of a key seed corresponding to the user B from a cipher text database of the key seed, decrypts the cipher texts in a chip of an encryption hardware device, generates a group of signing and verifying keys respectively, signs of the transaction order are checked respectively, a KK table of the key seed is called from the chip of the encryption hardware device, a signing and verifying key is generated according to a combined key generation algorithm, the monetary value signature related to the transaction order is signed respectively, if the signing and verifying pass, the digital currency transaction system verifies each node end user A electronic wallet and a user digital B wallet, if the verification is passed, the transaction list is respectively stored in a transaction database of each node end to be used as a record of a block in a block chain, wherein: a is more than or equal to 1 and less than or equal to n, B is more than or equal to 1 and less than or equal to n, A is not equal to B, n is less than or equal to 60 hundred million, and n is the total number of users of the whole digital currency;
the trade list of each trade between users corresponds to a public key algorithm and a signature of a private key, and corresponds to a symmetric algorithm and a set of 'key seed' table LL, and a group of signatures of signature keys are generated according to a combined key generation algorithm;
in a word, the security strategy of the digital currency system is that encryption chips are deployed at a mobile phone end, a verification center end and a block chain link point end, and a chip-level signature protocol and a signature verification protocol are established; the elements of the 'key seed' table i corresponding to each user are different pairwise; the combined key generation algorithm ensures that an encryption key and a signature key based on a symmetric algorithm are generated in real time and are changed once; in advance, encrypting every two different 'key seed' table i elements corresponding to all users into ciphertext and storing the ciphertext in a 'key seed' ciphertext database at a verification center end, and encrypting the public keys i corresponding to all the users into ciphertext and storing the ciphertext in a public key ciphertext database at the verification center end; in advance, signing various currency values of issued digital currency by respectively adopting 16 private keys, generating once-to-once signature keys by adopting a set of key seed table KK elements according to a combined key generation algorithm, and respectively signing various currency values of the digital currency twice; at a user mobile phone end, establishing a public key ciphertext database of a friend circle user, and storing 16 public keys in an encryption chip; the respective private keys of the users are adopted, the transaction orders are respectively signed in the mobile phone end encryption chip, then a set of 'key seed' tables corresponding to the users of both parties of the transaction are adopted, a signature key which is changed once is generated according to a combined key generation algorithm, and the transaction orders are respectively signed for the second time, so that the security level of the digital currency transaction system based on the block chain technology is improved, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
adopting a public key algorithm to establish the centerless of the digital currency, namely: the point-to-point transaction protocol is used for improving the efficiency and convenience of the centerless transaction and improving the efficiency of verifying the currency value of the digital currency; a central transaction protocol of the digital currency is established by adopting a symmetric algorithm, so that the speed of issuing and checking the transaction order and the currency value of the digital currency is improved, and the operation efficiency of a digital currency transaction system is ensured; the whole process is realized by combining software and hardware, and the specific method is as follows:
1. the mobile phone or tablet machine of the user is collectively called as the mobile phone end of the user, and the smart card is embedded into the mobile phone end, if: the method comprises the following steps of establishing a mobile phone end encryption system in an intelligent card chip by using a SIM (subscriber identity module) card, an SD (secure digital) card, a TF (TransFlash) card or a built-in intelligent card, writing a symmetric algorithm, a public key algorithm, a digest algorithm, a combined key generation algorithm, a group of private keys i, a group of public keys i, 16 public keys GYz, a user identifier i and a group of key seeds table i into the encryption chip, and deploying a user public key ciphertext database of a friend circle at a mobile phone end, wherein: the elements of a 'key seed' table i at the mobile phone end are different pairwise, z is 1-16, i is 1-n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users.
2. A verification center is deployed at a digital currency platform end, encryption hardware equipment is deployed at the verification center end, an encryption system at the verification center end is established, and a symmetric algorithm, a digest algorithm, a combined key generation algorithm, a set of 'key seed' table LL and a set of 'key seed' table KK are written into an encryption chip of the encryption hardware equipment;
establishing a cipher text database of 'key seeds' at the verification center end, and generating a group of time stamps H in advance1 iAnd a random number S1 iGenerating a once-changed encryption key CK by using a set of 'key seed' table LL of the verification center end according to a combined key generation algorithm1 iRespectively encrypting the 'key seed' table i elements corresponding to all users, encrypting the identifiers i of all users and the element ciphertext of the 'key seed' table i, and a group of timestamps H1 iAnd a random number S1 iAnd is stored in a 'key seed' ciphertext database of the verification center end;
establishing a public key ciphertext database at an authentication center end, and generating a group of timestamps H in advance2 iAnd a random number S2 iA set of 'key seed' table LL elements at the verification center end generate an encryption key CK which changes once according to a combined key generation algorithm2 iEncrypting the public key i corresponding to the user identifier i into a ciphertext, and encrypting the identifiers i of all users, the ciphertext of the public key i and a group of timestamps H2 iAnd a random number S2 iAnd the data is stored in a public key ciphertext database of the verification center, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of users of the whole digital currency.
3. Arranging encryption hardware equipment at each digital currency block chain node end, establishing a node end encryption system, writing a symmetric algorithm, a digest algorithm, a combined key generation algorithm, a set of key seed tables KK and a set of key seed tables L into a chip of the encryption hardwaref
Establishing a node end 'key seed' ciphertext database, and generating a group of timestamps HH in advancef iAnd a random number SSf iUsing a set of 'key seed' table L at the verification center endfGenerating a one-time-varying encryption key CCK according to a combined key generation algorithmf iRespectively encrypting the 'key seed' table i elements corresponding to all users, encrypting the identifiers i of all users and the element ciphertext of the 'key seed' table i, and a group of timestamps HHf iAnd a random number SSf iAnd the key seeds are stored in a cipher text database of the node end, wherein: f is 10-1000, f is the sum of the digital currency block chain communities, the number of nodes in each block chain community is 5 in small, and the number of nodes in each block chain community is 100 in large, in each digital currency block chain community, every two of the 'key seed' tables of each node end are the same, or every two of the 'key seed' tables of each node end in all the digital currency block chains are the same, i is 1-n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users.
4. Deploying 'friend circle' user public key ciphertext database at mobile phone terminal
Firstly, at the mobile phone end of a user j, sending a user identifier i which is to be used as a 'friend circle' of the user to a verification center end, and in an encryption equipment chip at the verification center end, sending an element ciphertext of a 'key seed' table i corresponding to the identifier i and a group of timestamps H1 iAnd a random number S1 iGenerating a decryption key CK according to a combined key generation algorithm1 iDecrypting the element ciphertext of the 'key seed' table i corresponding to the identifier i into a plaintext, and generating a group of time stamps EH in real timej iAnd a random number ESj iGenerating an encryption key EK according to a combined key generation algorithmj iThe identification of the user j, the cipher text of the public key i corresponding to the user i and the time stamp EHj iAnd a random number ESj iAnd sending the data to a user mobile phone end corresponding to the user j identifier as a record of a user public key ciphertext database of a mobile phone end 'friend circle' corresponding to the user identifier j, wherein: the mobile phone end user of "friend circle" means: and j is 1 to n, i is 1 to n, j is not equal to i, n is less than or equal to 60 hundred million, and n is the total number of the users of the whole digital currency.
5. Monetary value and transaction order for digital currency
The transaction mode of the digital currency transaction system comprises the following steps: 1) with central transaction, 2) without central transaction: point-to-point transactions;
(1) monetary value of digital currency
The currency value of each digital currency has a unique identification number, and the following are set: the total number of denominations of digital currency is 16, such as: 1000 yuan, 500 yuan, 200 yuan, 100 yuan, 50 yuan, 1.... cndot.;
setting: the bank issuing the digital money sets in advance 16 kinds of private keys as: SY1, SY2, SY16, and the corresponding public keys are GY1, GY2, GY 16;
if the digital money value in a digital wallet of a certain user is: the currency value of 1000 yuan 2, 500 yuan 10, 200 yuan 8, 1 fen currency value 150, then the currency value of each digital currency is signed by adopting a public key algorithm and 16 kinds of private keys in advance, namely: respectively signing 2 1000 currency values by using a private key SY1, respectively signing 10 currency values by using a private key SY2, respectively signing 8 currency values of 200 currency values by using a private key SY3, and respectively signing 150 currency values of 1 currency by using SY 16;
in advance, the currency values of the digital currencies are subjected to secondary signature, a set of key seed table KK is used for generating a once-changed signature key according to a combined key generation algorithm, 2 pieces of secondary signatures with 1000-yuan currency values are respectively carried out, 10 pieces of secondary signatures with 500-yuan currency values are respectively carried out, 8 pieces of secondary signatures with 200-yuan currency values are respectively carried out, and 150 pieces of secondary signatures with 1-minute currency values are respectively carried out;
the currency value of each digital currency stores a signature corresponding to a public key algorithm, and at the same time, stores a signature corresponding to a symmetric algorithm, and a set of timestamps and random numbers, wherein: the key signed based on the symmetric algorithm is generated in real time and is changed once by a set of 'key seed' table KK and a group of time stamps and random numbers according to a combined key generation algorithm;
(2) trade bill
The main contents of the transaction list comprise: forming a timestamp of the transaction ticket, an electronic wallet number of the payer user, an electronic wallet number of the payee user, a name of the payer user, a name of the payee user, a shopping name, a unit price, a payment amount and a message, a currency value type and quantity of the payment amount, and a signature of the currency value;
the digital currency transaction process includes: commodity offer, commodity inquiry price, commodity confirmation price and transaction order confirmation are as follows: transaction order signatures, the verification of transaction orders, and the payment of transaction order amounts.
6. The user identification is composed of a group of numbers or numbers and English letters, the electronic wallet number of the user is generated by encoding and converting a public key of the user, or the electronic wallet number of the user is composed of a group of numbers, the electronic wallet numbers of the user are different pairwise, the user identification is also different pairwise, and the identification of each user corresponds to a group of electronic wallet numbers, a set of 'key seed' table and a pair of private keys and public keys.
7. Symmetric algorithms, such as: SM1, SM4, ancestral, AES, RC6, public key algorithms, such as: SM2, SM9, ECC, RSA, digest algorithms such as: SM3, SHA-2.
8. The time stamp is composed of 14 digits, such as the following, of year, month, day, hour, minute and second: 2021-09-11-18-02-56, and can take partial time stamps of year, month, day and time, such as: 2021-09-11-18, if the time stamp is: 14-bit digital components, namely: "year" consists of 4 digits, i.e.: XXX 0-XXX 9, namely: the number of the year is 0-9, and the month is composed of 2 digits: the month takes 01-12, and the day consists of 2 digits: the 'day' is 01-31, and the 'hour' is composed of 2 digits: when the number is 01-24, the number is composed of 2 digits: the minute is 01-60, the second is composed of 2 digits: the second is 01-60, such as: 2021-09-11-18-02-56, which means 09/month, 11/day, 18/o, 2/min, 56/s in 2021;
the random number is composed of 16, or 32-bit, binary numbers, and when Y is 16, each bit of the random number is a 4-bit binary number, that is: each random number occupies 4 bits, 16 random numbers occupy 64 bits, and the value of binary data of each random number is 0-15, such as: 0011, 1010, 0000, a...., 1111, 0110, the value of the binary data is: 3, 10, 0, 15, 6;
when Y is equal to 32, each bit of random number occupies 5 bits, and the 32-bit random number occupies 160 bits in total, and the binary number of each bit of random number has the following numerical value: 0 to 31, such as: 00110, 10100, 00000, a...., 11111, 01100, the values of the binary data are: 6,20,0,......,31, 12.
9. The symmetric algorithm uses SM1, SM4, RC5, 3DES or AES algorithm, the key length is 128, 210 or 256 bits, or the key length is defined according to the key length requirement of the symmetric algorithm; the digest algorithm uses an SM3 algorithm and an SHA-2 algorithm, the length of the digest information is 256 bits, if the length of the digest information is relatively short, the security level of the signature system is reduced, and the digest algorithm needs to be guaranteed to be 256 bits.
10. The password management unit is responsible for generating, filling, distributing and destroying the user key; generating a group of F2 byte random numbers by a password management unit by using a random number generator in a CPU chip of the encryption equipment, taking the group of random numbers as a group of 'key seeds', and if a time stamp is: 10 bits, namely: year, month, day and time, then: take F2 ═ 1424 or 1680 bytes, and compose a random number of F2 bytes, a set of W × Y "key seed" table D,
Figure BSA0000252486760000081
wherein: the element of Table D is Du v,u=0~w-1,v=0~y-1,Du v0.5 byte, or 1 byte, W89, or 105, Y16, or 32;
12. a combined key and key generation algorithm is characterized in that elements of a group of 'key seed' tables are selected through a group of selection parameters consisting of a time stamp and a random number, row elements of the 'key seed' tables are selected through the time stamp, sub-tables of 'key seed' tables of Y rows and Y columns are selected, then column elements of the 'key seed' tables of Y rows and Y columns are selected according to the random number, Y elements are selected, and a group of encryption keys, decryption keys, storage keys, authentication keys, signature keys and signature keys is synthesized, wherein: y is 16 or 32;
the specific implementation method of the combined key generation algorithm is as follows:
taking table D as an example to illustrate a specific implementation method of the combined key generation algorithm, when the elements of table D are 89 rows and 16 columns, that is: 89 × 16 ═ 1424 elements, each element takes 1 byte, for a total of 1424 bytes, when table D elements are selected as 105 rows and 32 columns of elements, that is: 3360 elements, each element occupying, 0.5 byte or 1 byte, 1680 bytes, or 3360 bytes, 105 × 32;
(1) the 'year' of the timestamp corresponds to the 1 st to 10 th rows in the table D, the total number of the rows is 10, the 'month' corresponds to the 11 th to 22 th rows in the table D, the total number of the rows is 12, the 'day' corresponds to the 23 rd to 53 th rows in the table D, the total number of the rows is 31, the 'hour' corresponds to the 54 th to 77 th rows in the table D, the total number of the rows is 24, and when the elements of the table D are 89 rows and 16 columns, the elements of the table D also have 12 rows and do not correspond to the timestamp; when the selected table D element is 105 rows and 32 columns, table D also has 28 rows of elements that do not correspond to timestamps;
the 4 rows are selected from the elements of table D according to the time stamp by: from the 10 rows 1 to 10 in Table D, 1 row is: using the numerical value of the single digit in the number of the year of the timestamp as the row number corresponding to the year in the table D, such as: the time stamp is: 2013 XXXXXXX, then: taking row 4 in table D, taking 1 out of 12 in rows 11-22 of table D: the numerical value of the time stamp 'month' number is used as a row corresponding to the 'month' in the table D, such as: the time stamp is: 20XX11XXXX, then: taking row 21 in table D, taking 1 out of 31 in rows 23-53 of table D: the numerical value of the time stamp "day" is used as the "row" corresponding to "day" in the table D, such as: the time stamp is: 20XXXX30XX, then: taking row 52 in table D, taking 1 out of 24 rows 54-77 of table D: the numerical value of the time stamp time is used as the row corresponding to the time in the table D, such as: the time stamp is: 20XXXXXX21, then: taking the 74 th row in the table D, and selecting the W-78+1 rows from the 78 th row to the W th row of the table D to select the Y rows, wherein: y ═ 16 or 32 rows, consisting of: sub-table D1 of Y x Y table D,
Figure BSA0000252486760000101
wherein: the elements of table D1 are: dv v,v=0~Y-1,Dv v0.5 or 1 byte, Y16 or 32; the elements in rows 5 to Y in Table D1 are identical to the elements in rows 78 to W of Table D;
(2) setting: the random number is: q1, Q2.......... and QY, corresponding values are: l1, L2.. said., LY, when Y is 16, the 16-bit random number corresponds to a value of: between 0 and 15, use: l1, L2...., L16, column of table D1 was chosen, namely: selecting elements in a L1+1 column of a1 st row of a table D1 by using a value L1 of a1 st random number Q1, selecting elements in a L2+1 column of a 2 nd row of a table D1 by using a value L2 of a 2 nd random number Q2, and selecting elements in a L16+1 column of a 16 th row of the table D1 by using a value L16 of a 16 th random number Q16, wherein 16 elements are selected;
when Y is 32, the value of the 32-bit random number is: 0 to 31, using: l1, L2...., L32, column of table D1 was chosen, namely: selecting elements in a L1+1 column of a1 st row of a table D1 by using a value L1 of a1 st random number Q1, selecting elements in a L2+1 column of a 2 nd row of a table D1 by using a value L2 of a 2 nd random number Q2, and selecting elements in a L32+1 column of a 32 nd row of the table D1 by using a value L32 of a 32 nd random number Q32, wherein 32 elements are selected;
since the key length of the country specified symmetric algorithm is 128 bits, the Y elements selected from table D are combined into one key, if the elements of table D are: if the key is 128 bits, the key is composed of 16 groups of elements selected from table D, and if the elements in table D are: 4 bits, Y is 32, then the key combined from 32 groups of elements selected from table D is also 128 bits, let: the encryption key, decryption key, signature key and signature key are all 128 bits.
13. According to the combined key and key generation algorithm, the key can be generated in real time, and is changed once, if the time stamp takes 10 bits, namely: year, month, day and hour, the "key seed" table is 89 × 16, and the random number takes 16-bit binary numbers, where: each random number occupies 4 bits, and there are 16 kinds of changes, so the key variation is: 264Hour/hour; if the timestamp takes 10 bits: year, month, day and hour, the "key seed" table is 105 × 32, and the random number takes 32-bit binary numbers, where: each random number occupies 5 bits, and there are 32 changes, so the key variation is: 2160In terms of hours.
14. In the generation and distribution process of a 'key seed' table i of all users, a random number generator is called in a chip of encryption equipment, 1) a first group of random numbers are generated to serve as a set of 'key seed' table 1 elements corresponding to a user identifier 1, 2) a second group of random numbers are generated to serve as a set of 'key seed' table 2 elements corresponding to a user identifier 2, and N) a nth group of random numbers are generated to serve as a set of 'key seed' table N elements corresponding to a user identifier N;
distributing keys at the mobile phone end, namely filling a key seed table i of all users into encryption chips at the mobile phone ends of all users respectively, and distributing the keys through the encryption chips at the mobile phone ends;
the method comprises the steps that a key at a verification center end is distributed, a key seed table LL generates an encryption key which changes once in a chip of encryption equipment hardware according to a combined key generation algorithm, all user key seed tables i are respectively encrypted into ciphertexts and then stored in a cipher text database of all user key seeds, a key seed table LL generates an encryption key which changes once in a chip of the encryption equipment hardware according to the combined key generation algorithm, all user public keys i are respectively encrypted into the ciphertexts and then stored in a cipher text database of all user public keys, and the distribution of the key at the verification center end and the safe distribution of the key seeds tables i and the public keys i of all users are carried out through the verification center end encryption equipment;
distributing the key at the node end of the block chain, generating an encryption key which is changed once in a chip of the hardware of the encryption equipment according to a combined key generating algorithm by a key seed table Lf, respectively encrypting all user key seed tables i into ciphertexts, storing the ciphertexts in a cipher text database of all user key seeds, and distributing the key at the node end and safely distributing the key seeds table i of all users by the encryption equipment at the node end, wherein: f is 10-1000, f is the sum of the digital currency block chain communities, the number of nodes of each block chain community is 5, and the number of nodes of each block chain community is 100, i is 1-n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users.
15. The digital currency issuing bank collects all digital currency values to be issued in advance in the encryption equipment chipThe 16 private keys SY1, SY2, SY16 are used for signing respectively, and then a time stamp YHz ez and a random number YSz e are generatedzA set of 'key seed' table KK generates a signature key KKz e according to a combined key generation algorithmzRespectively carrying out secondary signature on the currency values of all digital currencies to be issued, wherein: z is 1 to 16, ez=1~XzNamely: e.g. of the type1=1~X1,e2=1~X2,......,e16=1~X16,X1In order to issue a total number of sheets with a monetary value of 1000 yuan in all digital currencies, X2To issue a total number of sheets with a currency value of 500 yuan in all digital currencies16The total number of the currency value of 1 minute in all digital currency to be issued;
examples are: if 1000 yuan 1000 ten thousand, 500 yuan 2000 ten thousand, 200 yuan 3000 ten thousand, 100 yuan 4000 ten thousand, 50 yuan 5000 ten thousand, 20 yuan 6000 ten thousand, 10 yuan 7000 ten thousand, 5 yuan 8000 ten thousand, 2 yuan 9000 ten thousand, 1 yuan 10000 ten thousand, 5 yuan 20000 ten thousand, 2 yuan 30000 ten thousand, 1 yuan 40000 ten thousand, 5 fen 50000 ten thousand, 2 fen 60000 ten thousand and 1 fen coin value 70000 ten thousand of the issued digital currency;
X11000 (ten thousand), X22000 (ten thousand), X33000 (ten thousand), X44000 (ten thousand), X55000 (ten thousand), X66000 (ten thousand), X77000 (ten thousand), X88000 (ten thousand), X99000 (ten thousand), X1010000 (ten thousand), X1120000 (ten thousand), X1230000 (ten thousand), X1340000 (ten thousand), X1450000 (ten thousand), X1560000 (ten thousand), X1670000 (ten thousand sheets);
then: XX ═ X1+X2+X3+X4+X5+X6+X7+X8+X9+X10+X11+X12+X13+X14+X15+X161000+2000+3000+4000+5000+6000+7000+8000+9000+10000+20000+30000+40000+50000+60000+ 70000-325000 (ten thousand) 32.5 (hundred sheets), wherein: XX is pseudoIssuing the sum of the total number of each currency value of all digital currencies;
1000 ten thousand 1000-dollar values are respectively signed by a private key SY1, 2000 ten thousand 500-dollar values are respectively signed by a SY2, and 70000 ten thousand 1-dollar values are respectively signed by a SY 16;
generating timestamps YH in real time1 1And a random number YS1 1Generating a signature key KK from a key seed table KK according to a combined key generation algorithm1 1Using signature key KK1 1Carrying out secondary signature on the 1000-Yuan currency value of the 1 st page;
generating timestamps YH in real time1 2And a random number YS1 2Generating a signature key KK from a key seed table KK according to a combined key generation algorithm1 2Using signature key KK1 2Carrying out secondary signature on the 2 nd 1000-yuan currency value;
...; generating timestamps YH in real time1 10000000And a random number YS1 10000000Generating a signature key KK from a key seed table KK according to a combined key generation algorithm1 10000000Using signature key KK1 10000000Carrying out secondary signature on 10000000 th 1000-yuan currency value;
generating timestamps YH in real time2 1And a random number YS2 1Generating a signature key KK from a key seed table KK according to a combined key generation algorithm2 1Using signature key KK2 1Carrying out secondary signature on the 1 st 500-yuan currency value;
generating timestamps YH in real time2 2And a random number YS2 2Generating a signature key KK from a key seed table KK according to a combined key generation algorithm2 2Using signature key KK2 2Carrying out secondary signature on the 2 nd 500-yuan currency value;
...; generating timestamps YH in real time2 20000000And a random number YS2 20000000Generating a signature key KX from a key seed table KK according to a combined key generation algorithm2 20000000Using signature key KK2 20000000Performing secondary signature on 20000000 sheets of 500-yuan currency values;
......;
generating timestamps YH in real time16 1And a random number YS16 1Generating a signature key KK from a key seed table KK according to a combined key generation algorithm16 1Using signature key KK16 1Carrying out secondary signature on the 1 st currency value;
generating timestamps YH in real time16 2And a random number YS16 2Generating a signature key KK from a key seed table KK according to a combined key generation algorithm16 2Using signature key KK16 2Carrying out secondary signature on the 2 nd piece of the 1 st currency value;
...; generating timestamps YH in real time16 700000000And a random number YS16 700000000Generating a signature key KK from a key seed table KK according to a combined key generation algorithm16 700000000Using signature key KK16 700000000Performing secondary signature on 700000000 st 1 st currency value;
in the process of initializing the currency values of the digital currency, 16 kinds of private keys are used for signing the currency values of all digital currencies to be issued in advance, then a set of 'key seed' table KK is used for generating one-time-varying signature keys according to a combined key generation algorithm, and the various currency values of the digital currency are respectively signed for the second time, so that the currency values of the digital currency can be effectively prevented from being falsified or cloned.
16. The digital currency issuing bank adopts a symmetric algorithm and a public key algorithm to sign the currency values of all digital currencies to be issued twice respectively in advance, and then issues the currency values of all digital currencies and the corresponding twice signatures as a complete digital currency value together, the issuing method can send a plurality of digital currency values to be issued to users into a digital wallet of the users by using an encryption transmission mode, and the specific encryption transmission protocol is as follows:
in the hardware chip of the encryption equipment, a digest algorithm is called, the digital currency value to be sent to a user is taken as a file 1 to be subjected to hash operation to obtain a hash value 1, and the hash value is encrypted by a private key of an issuing bank, namely: signing, generating a group of random numbers as an encryption key LK, encrypting the file 1 into a ciphertext, encrypting the encryption key LK into the ciphertext by using a public key of a verification center end, sending the identification of the user, the ciphertext of the file 1, the public key of an issuing bank and the ciphertext of the encryption key LK into a digital wallet of the user, calling a private key of the verification center end in an encryption equipment chip by using a verification center end encryption system, and decrypting the received ciphertext of the encryption key LK into a plaintext, namely: obtaining a decryption key LK, decrypting the ciphertext of the file 1 into a plaintext by using the decryption key LK, calling a public key of an issuing bank, and signing and verifying the private key signature of the issuing bank, namely: decrypting the private key signature of the issuer bank to obtain a hash value 1, calling an abstract algorithm, performing hash operation on the file 1 to obtain a hash value 2, and comparing the hash value 1 with the hash value 2 to judge whether the file 1 received by the verification center end is credible, namely: and if the hash value 1 is equal to the hash value 2, the signature is passed, the digital currency sent to the user is true, and the digital currency transaction system writes the digital currency value which is supposed to be sent to the user into a digital wallet of the user.
17. When the user A and the user B are in the centered transaction, the centered transaction protocol between the user A and the user B is as follows:
setting: the payer is user A, the payee is user B,
firstly, a transaction sheet is generated at a mobile phone end of a user A, the encryption system of the mobile phone end of the user A calls a summary algorithm to summarize the transaction sheet, and summary information M1 is obtained: the verification code M1 generates a group of time stamps a1 and random numbers a1, a group of signature keys aK1 are generated in an encryption chip according to a combined key generation algorithm by using a key seed table a element, and the signature of the user A on the transaction list is obtained by encrypting the verification code M1 by using the signature keys aK 1: the signature code 1 is obtained by identifying the user A and signing the transaction list by the user A: the signature code 1, the transaction list, the timestamp a1 and the random number a1 are sent to a verification center;
and the user B mobile phone terminal encryption system calls the summary algorithm to summarize the transaction list to obtain summary information M2, namely: the verification code M2 generates a group of time stamps B1 and random numbers B1, a group of signature keys bK1 are generated in an encryption chip according to a combined key generation algorithm by using a key seed table B element, the verification code M2 is encrypted by using the signature keys bK1, and the signature of the user B on the transaction order is obtained, namely: the signature code 2 is obtained by identifying the user B and signing the transaction list by the user B: signature code 2, transaction order, timestamp b1 and random number b1, as well as user a's identification, user a's signature on the transaction order, namely: the signature code 1, the timestamp a1 and the random number a1 are sent to a verification center;
the verification center end encryption system calls the ciphertext of the key seed table a element and the ciphertext of the key seed table B element corresponding to the user A and the user B respectively in a key seed database, and the key seed table LL and the timestamp H are used in a verification center end encryption equipment chip1 aAnd a random number S1 aGenerating a decryption key CK according to a combined key generation algorithm1 aDecrypting the cipher text of the element a of the 'key seed' table corresponding to the user A into a plaintext;
in the chip of the encryption equipment at the verification center end, a 'key seed' table LL and a timestamp H are used1 bAnd a random number S1 bGenerating a decryption key CK according to a combined key generation algorithm1 bDecrypting the cipher text of the element B of the 'key seed' table corresponding to the user B into a plaintext;
in the verification center encryption device chip, a verification key aK2 is generated by a key seed table a element of a user A, a timestamp a1 and a random number a1 according to a combined key generation algorithm, and the signature of a transaction single user A is verified, namely: decrypting the signature code 1 by using the signature key aK2 to obtain a verification code M1;
in the verification center encryption device chip, a verification key bK2 is generated by a key seed table B element of a user B, a timestamp B1 and a random number B1 according to a combined key generation algorithm, and the signature of a trade single user B is verified, namely: decrypting the signature code 2 by using the signature key bK2 to obtain a verification code M2;
at the center of the verification, addIn the secret device chip, the summary algorithm is called to summarize the transaction list, and summary information is obtained, namely: the verification code M3 judges whether the signature of the user A on the transaction order is credible and complete by comparing whether the verification codes M1 and M3 are the same or not, judges whether the signature of the user B on the transaction order is credible and complete by comparing whether the verification codes M2 and M3 are the same or not, if the verification code M1 is not equal to M3 or the verification code M2 is not equal to M3, the verification fails and the transaction fails, if M1 is M3 and M2 is M3, the verification passes, and then a set of 'key seed' table KK and a time stamp YHz e generated in the signature process are called from a verification center end encryption device chip and used for storing the verification code M3 and the time stamp YHe generated in the signature processzAnd random number YSz ezGenerating a signature key KKz e corresponding to the currency value according to a combined key generation algorithmzRespectively verifying the monetary value signatures related to the transaction list, if the monetary value signatures related to the transaction list are not passed, the monetary value of the digital currency related to the transaction list is forged, abandoning the transaction, and if the monetary value signatures are passed, the digital currency transaction system transfers the monetary value in the transaction list from the electronic wallet of the user A to the electronic wallet of the user B, and simultaneously stores the transaction list as a record in the electronic wallet of the user A and the electronic wallet of the user B, so as to complete the centralized transaction process between the user A and the user B, wherein: n is more than or equal to 1 and less than or equal to A, n is more than or equal to 1 and less than or equal to B, A is not equal to B, n is not equal to 60 hundred million, n is the total number of users of the whole digital currency, z is 1-16, ez=1~XzNamely: e.g. of the type1=1~X1,e2=1~X2,......,e16=1~X16,X1In order to issue a total number of sheets with a monetary value of 1000 yuan in all digital currencies, X2To issue a total number of sheets with a currency value of 500 yuan in all digital currencies16The total number of the currency value of 1 minute in all digital currency to be issued;
in the process of the central transaction, users of both transaction parties respectively adopt a symmetric algorithm and a public key algorithm at a mobile phone end to sign a transaction order twice, the verification process is that only the symmetric algorithm and elements of a set of 'key seed' table corresponding to the signing user are adopted at a verification center end to generate a signing and verifying key to sign and verify the signature of the transaction order, the public key algorithm and the public key thereof are not called to sign and verify the transaction order, the encryption/decryption speed of the symmetric algorithm is high, and the efficiency of the verification center end for signing and verifying the transaction order can be greatly improved; the elements of the 'key seed' table LL table stored in the verification center end encryption equipment chip are protected by the hardware chip, the verification center end encryption equipment is not easy to steal by lawbreakers, and the elements of the 'key seed' table LL table in the chip are stolen by destructive dissection, so that the safety level of the digital currency transaction system can be greatly improved;
in addition, in the verification center side encryption device chip, a 'key seed' table KK is called, the verification keys are respectively generated according to a combined key generation algorithm, the digital currency values related in the transaction list are respectively verified, the digital currency values related in the transaction list can be guaranteed to be real and credible, meanwhile, elements of the 'key seed' table KK are also stored in the verification center side encryption device encryption chip and are also protected by chip hardware, the security level of digital currency value signature can be effectively improved, and the verification efficiency of the digital currency values under the condition of center transaction can be greatly improved.
18. When the user A and the user B are in the centerless transaction, the centerless transaction protocol between the user A and the user B is as follows:
setting: the payer is a user A, the payee is a user B, firstly, a transaction sheet is generated at a mobile phone end of the user A, an encryption system at the mobile phone end of the user A calls a summary algorithm to summarize the transaction sheet, and summary information M1 is obtained: the verification code M1 adopts the private key of the user a to encrypt the digest information M1 to obtain the signature code 1, that is: signature of the trading order by adopting a private key of the user A, a group of time stamps a1 and random numbers a1 are generated, a group of signature keys aK1 are generated by a key seed table a element according to a combined key generation algorithm, the user A adopts the signature keys aK1 to encrypt digest information M1, and a signature code 2 is obtained, namely: the user A signs the transaction order secondarily;
the user A uses the network, the two-dimension code of the mobile phone terminal or the NFC function to identify the user A and the public key of the user AaTransaction order and signature code 1, namely: the signature of the user A on the transaction order by using the private key is transmitted to the user BA mobile phone terminal;
the user B mobile phone end encryption system calls a mobile phone end 'friend circle' public key ciphertext database, and takes out the public key corresponding to the user AaCipher text is encrypted in the mobile phone end encryption chip by the 'key seed' table b and the corresponding time stamp EHb aAnd a random number ESb aGenerating a decryption key Ek based on a combined key generation algorithmb aPublic key of user AaThe ciphertext is decrypted into plaintext: public key of user Aa1Comparison of public keysa1And public keyaIs it the same? If the public keya1Not equal to public keyaThen the public key of user AaThe signature of the user A to the transaction order is a pseudo signature, the user B terminates the transaction, and if the public key is not crediblea1Public keyaThen the public key of user AaTruthful and credible, and adopting the public key of the user AaThe private key signature of the transaction single user A is signed, namely: using the public key of user AaDecrypting the signature code 1 to obtain a verification code M1, calling a digest algorithm to digest the transaction list to obtain digest information, namely: the verification code M3 judges whether the signature of the private key used by the user a is authentic and complete by comparing whether M1 and M3 are the same, and if M1 ≠ M3, the signature of the user a to the transaction ticket is false, that is: the user B gives up the transaction, and if M1 is M3, the signature of the user A on the transaction list is authentic and credible;
the encryption system of the mobile phone terminal of the user B calls 16 public keys in an encryption chip of the mobile phone terminal of the user B, namely: GY1, GY2, GY.. and GY16, respectively checking the currency value signatures related to the transaction order, if the checks do not pass, the currency value of the digital currency related to the transaction order is forged, the user B abandons the transaction, if the checks pass, the currency value of the digital currency related to the transaction order is credible and complete, and thus, the verification of the transaction order by the mobile phone terminal encryption system of the user B is finished;
the user B mobile phone terminal encryption system calls the private key encryption summary information M1 of the user B to obtain the signature code 3, namely: signing the transaction list by using a private key of a user B, then generating a group of time stamps B1 and random numbers B1, generating a group of signature keys bK1 by using a key seed table B element according to a combined key generation algorithm, and encrypting digest information M1 by using a signature key bK1 to obtain a signature code 4, namely: the user B signs the transaction ticket a second time,
the user B identifies the user B and a public key of the user B through a network, a two-dimensional code of a mobile phone terminal or an NFC functionbAnd signature code 3 namely: the user B signs the transaction order by using a private key and transmits the signature to the mobile phone end of the user A;
the user A mobile phone end encryption system calls a mobile phone end 'friend circle' public key ciphertext database, and takes out the public key corresponding to the user BbCipher text is encrypted in the mobile phone end encryption chip by the 'key seed' table a and the corresponding time stamp EHa bAnd a random number ESa bGenerating a decryption key EK according to a combined key generation algorithma bWill use the public key of BbThe ciphertext is decrypted into plaintext, namely: public key of user Bb1Comparison of public keysb1And public keybIs it the same? If the public keyb1Not equal to public keybThen the public key of user BbIf the signature of the user B to the transaction order is not credible, the transaction is terminated, and if the public key is usedb1Public keybThen the public key of user BbTruthful, trusted, using the public key of user BbThe private key signature of the transaction single user B is signed, namely: using the public key of user BbDecrypting the signature code 3 to obtain a verification code M1, calling a digest algorithm to digest the transaction list to obtain digest information, namely: the verification code M5 judges whether the signature of the private key used by the user B is authentic and complete by comparing whether M1 and M5 are the same, and if M1 ≠ M5, the signature of the user B to the transaction ticket is false, that is: the user A gives up the transaction, and if M1 is M5, the signature of the user B on the transaction list is authentic and credible;
the encryption system of the mobile phone end of the user A calls 16 public keys in an encryption chip of the mobile phone end of the user A, namely: GY1, GY2, GY.. and GY16, respectively checking the currency value signatures related to the transaction order, if the checks do not pass, the currency value of the digital currency related to the transaction order is forged, the user A abandons the transaction, if the checks pass, the currency value of the digital currency related to the transaction order is credible and complete, and then the verification of the transaction order by the mobile phone terminal encryption system of the user A is finished;
the digital currency transaction system transfers the amount of money corresponding to the signed transaction sheet into the electronic wallet of the user B, and simultaneously, the transaction sheet is taken as a record and is respectively stored in the electronic wallet of the user A and the electronic wallet of the user B, so that the centerless transaction process between the user A and the user B is completed;
if a block chain of the digital currency needs to be established, sending a transaction list between a user A and a user B, an identifier of the user A, a double signature of the user A on the transaction list, a timestamp a1 and a random number a1, an identifier of the user B, a double signature of the user B on the transaction list, a timestamp B1 and a random number B1 to a block chain community of the digital currency, and verifying the signatures of the user A and the user B of the transaction list by an encryption system at each node end of the block chain, wherein the specific process is as follows:
in the encryption equipment chip at each node end of the block chain, a key seed table L is used for storing the cipher text of the element of the key seed table a and the cipher text of the element of the key seed table B corresponding to the user A and the user B respectivelyfAnd a time stamp HHf aAnd a random number SSf aGenerating a decryption key CCK according to a combined key generation algorithmf aDecrypting the cipher text of the 'key seed' table a element corresponding to the user A into a plaintext, and using the 'key seed' table LfAnd a time stamp HHf bAnd a random number SSf bGenerating a decryption key CCK according to a combined key generation algorithmf bDecrypting the cipher text of the element B of the 'key seed' table corresponding to the user B into a plaintext;
in the encryption device chip at each node end of the block chain, a signature key aK2 is generated by a key seed table a element of the user a, a timestamp a1 and a random number a1 according to a combined key generation algorithm, and the signature of the transaction single user a is signed, that is: decrypting the signature code 1 by using the signature key aK2 to obtain a verification code M1;
in the encryption device chip at each node end of the block chain, a signature key bK2 is generated by a key seed table B element of the user B, a timestamp B1 and a random number B1 according to a combined key generation algorithm, and the signature of the transaction ticket user B is signed, namely: decrypting the signature code 2 by using the signature key bK2 to obtain a verification code M2, and calling a digest algorithm to digest the transaction list to obtain digest information, namely: the verification code M3 judges whether the signature of the user A on the transaction order is credible and complete by comparing whether the verification codes M1 and M3 are the same or not, judges whether the signature of the user B on the transaction order is credible and complete by comparing whether the verification codes M2 and M3 are the same or not, if the verification code M1 is not equal to M3 or the verification code M2 is not equal to M3, the signature check fails and the transaction fails, and if the verification code M1 is M3 and the verification code M2 is M3, the signature check passes;
calling a set of 'key seed' table KK and a timestamp YHz e generated in the signing process in an encryption equipment chip at each node end of a block chainzAnd random number YSz ezGenerating a signature key KKz e corresponding to the currency value according to a combined key generation algorithmzAnd respectively signing and checking the monetary value signatures related to the transaction lists, if the signatures pass, the digital currency transaction system verifies whether a record which is the same as the transaction list is stored in an electronic wallet of a user A and a wallet of a user B, and the paid money of the wallet of the user A is the same as the received money of the wallet of the user B, if the signatures pass, the transaction lists are respectively stored in a transaction database at the node end of each block chain and serve as a record of one block in the block chain, wherein: n is more than or equal to 1 and less than or equal to A, n is more than or equal to 1 and less than or equal to B, A is not equal to B, n is not equal to 60 hundred million, n is the total number of users of the whole digital currency, z is 1-16, ez=1~XzNamely: e.g. of the type1=1~X1,e2=1~X2,......,e16=1~X16,X1In order to issue a total number of sheets with a monetary value of 1000 yuan in all digital currencies, X2To issue a total number of sheets with a currency value of 500 yuan in all digital currencies16The total number of the currency value of 1 minute in all digital currency to be issued;
according to the credit consensus POC algorithm, an bookkeeper takes all transaction sheets which pass the signing and verification as a block for bookkeeping in T time, a block chain system adopts an abstract algorithm to connect all the blocks together to establish a block chain and form an account book database, and therefore the process of establishing the digital currency block chain is completed;
in the absence of a center: in the point-to-point transaction process, users of both parties of the transaction respectively adopt a symmetric algorithm and a public key algorithm to sign a transaction order twice, in the verification process, only the public key of a signature user is called at the mobile phone end of each user, and the signature of the transaction order is respectively signed, namely: calling a 'friend circle' public key ciphertext database of a mobile phone end of each user, and decrypting the public key ciphertext database in a mobile phone end encryption chip to realize the safe exchange of the public keys between users of both sides of a transaction, thereby ensuring the authenticity and credibility of the public key of the user; the transaction bill is not checked again by calling the symmetric algorithm, so that the transaction efficiency of the digital currency can be greatly improved on the premise of ensuring the transaction safety of the digital currency;
in addition, 16 public keys are adopted in respective mobile phone end encryption chips of users at both sides of a transaction to respectively sign and verify the signatures of the transaction list related to the digital currency value, so that the credibility of the digital currency value related in the transaction list can be ensured, meanwhile, a 'key seed' table KK is not stored in the mobile phone end encryption chip in advance, a hacker can be prevented from obtaining the core key data of the 'key seed' table KK by unfastening and digging the mobile phone end encryption chip, and therefore the security level of the digital currency transaction system can be further improved.

Claims (5)

1. A high-safety digital currency value realizing method is characterized in that a digital currency issuing bank adopts a public key algorithm and a symmetric algorithm in advance to sign all digital currency values to be issued for the second time, a public key algorithm and a symmetric algorithm are adopted in a mobile phone end encryption chip in the digital currency transaction process to sign a transaction order for the second time, when point-to-point transaction is carried out, the public key algorithm is adopted to sign the signature of the transaction order in the user mobile phone end encryption chip, the signatures of all digital currency values to be issued are respectively signed and checked, when the transaction is carried out in a central transaction, the symmetric algorithm is adopted to sign the signature of the transaction order in a verification center end or a block chain node end encryption device chip, the signatures of all digital currency values to be issued are respectively signed and checked, the false signature of the transaction order is prevented, and the currency values of the digital currency are prevented from being falsified or cloned, thus, a high security digital currency value system is established, the method of which is technically characterized in that:
each currency value of the digital currency has a unique identification number, and the following items are set: the total number of denominations of digital currency is 16, such as: 1000 yuan, 500 yuan, 200 yuan, 100 yuan, 50 yuan, 1.... cndot.;
in order to strengthen the security protection of digital currency, 16 public and private key pairs are set in advance for banks issuing digital currency, and the key pairs are set as follows: the private keys are SY1, SY2, the.. once, SY16, the corresponding public keys are GY1, GY2, the.. once, GY16, 16 private keys are adopted to respectively sign currency values of 16 digital currencies, meanwhile, a set of 'key seed' table KK is preset for a bank issuing the digital currencies, the 'key seed' table KK is adopted to generate once-changed signature keys according to a combined key generation algorithm, the currency values of the 16 digital currencies are respectively subjected to secondary signature, the currency value of each digital currency corresponds to the signature of one private key, and the signature of a group of signature keys is generated according to the combined key generation algorithm corresponding to the set of 'key seed' table KK; at the mobile phone end of the user, the users of both trading parties respectively adopt respective private keys to sign the trading orders between the users, and meanwhile, the users of both trading parties respectively adopt a set of 'key seed' table i of the respective mobile phone end to generate signature keys according to a combined key generation algorithm and respectively carry out secondary signing on the trading orders; when the transaction is in the centerless state: during point-to-point transaction, at a mobile phone end of a user, the users of both transaction parties respectively adopt public keys of the other party to respectively sign and check the signatures of the transaction order, and then adopt 16 kinds of public keys at the mobile phone end to respectively sign and check the currency value signatures of 16 kinds of digital currencies related to the transaction order; when the transaction is in the center, the verification center or the block chain link point end encryption system respectively calls a set of 'key seed' table i corresponding to the double-party user of the transaction list, generates a signing and verifying key according to a combined key generation algorithm, respectively signs and verifies the secondary signature of the transaction list, generates a signing and verifying key according to a combined key generation algorithm, then calls a 'key seed' table KK, generates a signing and verifying key according to a combined key generation algorithm, and respectively signs and verifies the signatures of 16 digital currency values related to the transaction list, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
the method comprises the steps that an encryption chip is deployed at a mobile phone end, the encryption chip at the mobile phone end is used as a digital wallet of a mobile phone end of a user and is also called as a 'hard' digital wallet of the user, a digital currency issuing unit is responsible for sending and storing digital currency values to be sent to the user into the digital wallet of the mobile phone end of the user respectively, funds are stored like a bank card or a bankbook, a currency value receiving/counting record is stored in the digital wallet, a digital wallet is deployed at a digital currency platform end for each user, an authentication center is deployed at the digital currency platform end, encryption hardware equipment is deployed at the authentication center end, a transaction record of the specific digital currency values of the user is stored in the digital wallet of the user at the digital currency platform end or stored in a transaction record of a block chain at the digital currency platform end;
the invention is to arrange an encryption system in an encryption chip at a mobile phone end of a user, write an identification, a symmetric algorithm, a public key algorithm, a digest algorithm, a combined key generation algorithm, a group of private keys, a group of public keys and a set of 'key seed' table i of the user into the encryption chip, and store 16 public keys, namely: GY1, GY2, GY16, establish the public key cryptograph database of cell-phone end "friend's circle" user, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
a verification center is deployed on a digital currency platform, encryption hardware equipment is deployed at a verification center end, an encryption system at the verification center end is established, and a symmetric algorithm, an abstract algorithm and a combined key generation algorithm, a set of key seed tables KK and a set of key seed tables LL are written in a chip of the encryption hardware;
establishing a 'key seed' ciphertext database, generating a one-time-variable encryption key by using a set of 'key seed' table LL in an authentication center end encryption equipment chip in advance according to a combined key generation algorithm, respectively encrypting elements of a 'key seed' table i corresponding to all user identifications i into ciphertexts, and storing the ciphertexts in the 'key seed' ciphertext database;
establishing a public key ciphertext database, generating a one-time-variable encryption key by using a set of key seed table LL in a verification center encryption device chip in advance according to a combined key generation algorithm, respectively encrypting public keys i corresponding to all user identifications i into ciphertexts, and storing the ciphertexts in the public key ciphertext database, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
establishing a digital currency block chain community, wherein each node of a block chain consists of 1-20 servers and 1-20 encryption devices, and connecting a verification center with each block chain community through a network;
arranging encryption hardware equipment at each digital currency block chain node end, establishing a node end encryption system, writing a symmetric algorithm, a digest algorithm, a combined key generation algorithm, a set of key seed tables KK and a set of key seed tables L into a chip of the encryption hardwarefEstablishing a 'key seed' ciphertext database;
in advance, a set of 'key seed' table L in the chip is encrypted by a node endfGenerating an encryption key which is changed once according to a combined key generation algorithm, respectively encrypting the 'key seed' table i elements corresponding to all users into ciphertexts, and storing the ciphertexts in a 'key seed' cipher text database, wherein: f is 10-1000, f is the sum of block chain communities, i is 1-n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
each node end encryption system of the digital currency block chain adopts a signature verification protocol established by a symmetric algorithm respectively to verify the signature of the transaction order and verify the currency value signature related to the transaction order, and the digital currency transaction system verifies whether the transaction records of the electronic wallets of the users of both sides of the transaction are real and credible respectively, and stores the transaction order into the records of an account book database if the transaction records are verified;
the combined key generation algorithm is a selection parameter consisting of a group of timestamps and random numbers to select elements of a group of key seed tables, and synthesizes a group of encryption keys, decryption keys, signature keys or signature keys by using the selected Y elements, wherein: y is 16 or 32;
when a user A and a user B are in a central transaction, a user A mobile phone end and a user B mobile phone end encryption system respectively generate a group of signature keys according to a combined key generation algorithm by using elements in a key seed table a and elements in a key seed table B, and sign a transaction list; the verification center end encryption system calls a key seed table a element ciphertext corresponding to the user A and a key seed table B element ciphertext corresponding to the user B from a key seed ciphertext database, decrypts the key seed table a element ciphertext and the key seed table B element ciphertext in a chip of the encryption hardware equipment respectively, generates a group of verification keys respectively according to a combined key generation algorithm, and verifies the signatures of the transaction order respectively; then, calling a 'key seed' table KK from an encryption hardware device chip, respectively generating signing and verifying keys corresponding to currency values according to a combined key generating algorithm, respectively signing and verifying currency value signatures related to a transaction sheet, if the signing and verifying are passed, a digital currency transaction system transfers the amount of money of the transaction sheet from an electronic wallet of a user A to an electronic wallet of a user B, and meanwhile, the transaction sheet is taken as a record and is respectively stored in the electronic wallet of the user A and the electronic wallet of the user B, thereby completing the process of central transaction between the user A and the user B;
when a user A and a user B are in a centerless transaction, a mobile phone end encryption system of the user A adopts a private key of the user A to sign a transaction list in a mobile phone end encryption chip of the user A, a group of signature keys are generated by elements of a key seed table a according to a combined key generation algorithm, and secondary signature is carried out on the transaction list; in the encryption chip of the user B end, the private key of the user B is adopted to sign the transaction order, a group of signature keys are generated by the elements of a key seed table B according to a combined key generation algorithm, and the transaction order is signed for the second time; data exchange of public keys of both parties, a transaction order and a transaction order signature is carried out through two-dimension codes of mobile phone terminals of users of both parties of the transaction, NFC or network transmission; user B cell-phone end encryption system calls cell-phone end user A's public key ciphertext, decrypts in cell-phone end encryption chip, adopts user A's credible public key, signs the verification to transaction list user A's private key signature, recalls 16 public keys in user A cell-phone end encryption chip, promptly: the method comprises the following steps of GY1, GY2, GY.. once and GY16, respectively checking monetary signatures related to a transaction order, calling a public key ciphertext of a user B at a mobile phone end by a user A mobile phone end encryption system, decrypting in a mobile phone end encryption chip, and checking a private key signature of the user B at the transaction order by adopting a credible public key of the user B; then 16 public keys in an encryption chip of a mobile phone end of the user B are called, the monetary value signatures related to the transaction list are respectively signed and verified, if the monetary value signatures related to the transaction list pass through the encryption chip, the digital currency transaction system transfers the corresponding monetary value in the transaction list which passes through the signing and verification from the electronic wallet of the mobile phone end of the user A to the electronic wallet of the mobile phone end of the user B, and meanwhile, the transaction list is taken as a record and is respectively stored in the electronic wallet of the user A and the electronic wallet of the user B, so that the centerless transaction process between the user A and the user B is completed;
if a block chain of digital currency is established, a digital currency transaction system sends a transaction order which is signed twice by a user A and a user B to a block chain community of the digital currency, each node end encryption system of the block chain of the digital currency calls a cipher text of a table a element of a key seed corresponding to the user A and a cipher text of a table B element of a key seed corresponding to the user B from a cipher text database of the key seed, decrypts the cipher texts in a chip of an encryption hardware device, generates a group of signing and verifying keys respectively, signs of the transaction order are checked respectively, a KK table of the key seed is called from the chip of the encryption hardware device, a signing and verifying key is generated according to a combined key generation algorithm, the monetary value signature related to the transaction order is signed respectively, if the signing and verifying pass, the digital currency transaction system verifies each node end user A electronic wallet and a user digital B wallet, if the verification is passed, the transaction list is respectively stored in a transaction database of each node end to be used as a record of a block in a block chain, wherein: a is more than or equal to 1 and less than or equal to n, B is more than or equal to 1 and less than or equal to n, A is not equal to B, n is less than or equal to 60 hundred million, and n is the total number of users of the whole digital currency;
the trade list of each trade between users corresponds to a public key algorithm and a signature of a private key, and corresponds to a symmetric algorithm and a set of 'key seed' table LL, and a group of signatures of signature keys are generated according to a combined key generation algorithm;
in a word, the security strategy of the digital currency system is that encryption chips are deployed at a mobile phone end, a verification center end and a block chain link point end, and a chip-level signature protocol and a signature verification protocol are established; the elements of the 'key seed' table i corresponding to each user are different pairwise; the combined key generation algorithm ensures that an encryption key and a signature key based on a symmetric algorithm are generated in real time and are changed once; in advance, encrypting every two different 'key seed' table i elements corresponding to all users into ciphertext and storing the ciphertext in a 'key seed' ciphertext database at a verification center end, and encrypting the public keys i corresponding to all the users into ciphertext and storing the ciphertext in a public key ciphertext database at the verification center end; in advance, signing various currency values of issued digital currency by respectively adopting 16 private keys, generating once-to-once signature keys by adopting a set of key seed table KK elements according to a combined key generation algorithm, and respectively signing various currency values of the digital currency twice; at a user mobile phone end, establishing a public key ciphertext database of a friend circle user, and storing 16 public keys in an encryption chip; the respective private keys of the users are adopted, the transaction orders are respectively signed in the mobile phone end encryption chip, then a set of 'key seed' tables corresponding to the users of both parties of the transaction are adopted, a signature key which is changed once is generated according to a combined key generation algorithm, and the transaction orders are respectively signed for the second time, so that the security level of the digital currency transaction system based on the block chain technology is improved, wherein: i is 1 to n, n is less than or equal to 60 hundred million, and n is the total number of all digital currency users;
adopting a public key algorithm to establish the centerless of the digital currency, namely: the point-to-point transaction protocol is used for improving the efficiency and convenience of the centerless transaction and improving the efficiency of verifying the currency value of the digital currency; a central transaction protocol of the digital currency is established by adopting a symmetric algorithm, so that the speed of concurrent issuing and checking of the transaction order and the currency value of the digital currency is improved, and the operation efficiency of a digital currency transaction system is ensured.
2. A method according to claim 1, characterized in that:
setting: the bank issuing the digital money sets in advance 16 kinds of private keys as: SY1, SY2, SY16, and the corresponding public keys are GY1, GY2, GY 16;
if the digital money value in a digital wallet of a certain user is: the currency value of 1000 yuan 2, 500 yuan 10, 200 yuan 8, 1 fen currency value 150, then the currency value of each digital currency is signed by adopting a public key algorithm and 16 kinds of private keys in advance, namely: respectively signing 2 1000 currency values by using a private key SY1, respectively signing 10 currency values by using a private key SY2, respectively signing 8 currency values of 200 currency values by using a private key SY3, and respectively signing 150 currency values of 1 currency by using SY 16;
in advance, the currency values of the digital currencies are subjected to secondary signature, a set of key seed table KK is used for generating a once-changed signature key according to a combined key generation algorithm, 2 pieces of secondary signatures with 1000-yuan currency values are respectively carried out, 10 pieces of secondary signatures with 500-yuan currency values are respectively carried out, 8 pieces of secondary signatures with 200-yuan currency values are respectively carried out, and 150 pieces of secondary signatures with 1-minute currency values are respectively carried out;
the currency value of each digital currency stores a signature corresponding to a public key algorithm, and at the same time, stores a signature corresponding to a symmetric algorithm, and a set of timestamps and random numbers, wherein: the key based on the symmetric algorithm signature is generated in real time and is changed once by a set of 'key seed' table KK and a group of time stamps and random numbers according to a combined key generation algorithm.
3. A method according to claim 1, characterized in that:
a digital currency issuing bank collects all digital currency values to be issued in advance in an encryption device chip, adopts 16 private keys SY1, SY2, SY16 to carry out signature respectively, and generates a time stamp YHz eZAnd random number YSz eZA set of 'key seed' table KK generates a signature key KKz e according to a combined key generation algorithmZRespectively carrying out secondary signature on the currency values of all digital currencies to be issued, wherein: z is 1 to 16, eZ=1~XZNamely: e.g. of the type1=1~X1,e2=1~X2,......,e16=1~X16,X1In order to issue a total number of sheets with a monetary value of 1000 yuan in all digital currencies, X2To issue a total number of sheets with a currency value of 500 yuan in all digital currencies16The total number of the currency value of 1 minute in all digital currency to be issued;
examples are: if 1000 yuan 1000 ten thousand, 500 yuan 2000 ten thousand, 200 yuan 3000 ten thousand, 100 yuan 4000 ten thousand, 50 yuan 5000 ten thousand, 20 yuan 6000 ten thousand, 10 yuan 7000 ten thousand, 5 yuan 8000 ten thousand, 2 yuan 9000 ten thousand, 1 yuan 10000 ten thousand, 5 yuan 20000 ten thousand, 2 yuan 30000 ten thousand, 1 yuan 40000 ten thousand, 5 fen 50000 ten thousand, 2 fen 60000 ten thousand and 1 fen coin value 70000 ten thousand of the issued digital currency;
X11000 (ten thousand), X22000 (ten thousand), X33000 (ten thousand), X44000 (ten thousand), X55000 (ten thousand), X66000 (ten thousand), X77000 (ten thousand), X88000 (ten thousand), X99000 (ten thousand), X1010000 (ten thousand), X1120000 (ten thousand), X1230000 (ten thousand), X1340000 (ten thousand), X1450000 (ten thousand), X1560000 (ten thousand), X1670000 (ten thousand sheets);
then: XX ═ X1+X2+X3+X4+X5+X6+X7+X8+X9+X10+X11+X12+X13+X14+X15+X161000+2000+3000+4000+5000+6000+7000+8000+9000+10000+20000+30000+40000+50000+60000+ 70000-325000 (ten thousand) 32.5 (hundred sheets), wherein: XX is the sum of the total number of all the currency values of all the digital currencies to be issued;
1000 ten thousand 1000-dollar values are respectively signed by a private key SY1, 2000 ten thousand 500-dollar values are respectively signed by a SY2, and 70000 ten thousand 1-dollar values are respectively signed by a SY 16;
generating timestamps YH in real time1 1And a random number YS1 1Generating a signature key KK from a key seed table KK according to a combined key generation algorithm1 1Using signature key KK1 1Carrying out secondary signature on the 1000-Yuan currency value of the 1 st page;
generating timestamps YH in real time1 2And a random number YS1 2Generating a signature key KK from a key seed table KK according to a combined key generation algorithm1 2Using signature key KK1 2Carrying out secondary signature on the 2 nd 1000-yuan currency value;
...; generating timestamps YH in real time1 10000000And a random number YS1 10000000Generating a signature key KK from a key seed table KK according to a combined key generation algorithm1 10000000Using signature key KK1 10000000Carrying out secondary signature on 10000000 th 1000-yuan currency value;
generating timestamps YH in real time2 1And a random number YS2 1Generating a signature key KK from a key seed table KK according to a combined key generation algorithm2 1Using signature key KK2 1Carrying out secondary signature on the 1 st 500-yuan currency value;
generating timestamps YH in real time2 2And a random number YS2 2Generating a signature key KK from a key seed table KK according to a combined key generation algorithm2 2Using signature key KK2 2Carrying out secondary signature on the 2 nd 500-yuan currency value;
...; generating timestamps YH in real time2 20000000And a random number YS2 20000000Generating a signature key KK from a key seed table KK according to a combined key generation algorithm2 20000000Using signature key KK2 20000000Performing secondary signature on 20000000 sheets of 500-yuan currency values;
......;
generating timestamps YH in real time16 1And a random number YS16 1Generating a signature key KK from a key seed table KK according to a combined key generation algorithm16 1Using signature key KK16 1Carrying out secondary signature on the 1 st currency value;
generating timestamps YH in real time16 2And a random number YS16 2Generating a signature key KK from a key seed table KK according to a combined key generation algorithm16 2Using signature key KK16 2Carrying out secondary signature on the 2 nd piece of the 1 st currency value;
...; generating timestamps YH in real time16 700000000And a random number YS16 700000000Generating a signature key KK from a key seed table KK according to a combined key generation algorithm16 700000000Using signature key KK16 700000000Performing secondary signature on 700000000 st 1 st currency value;
in the process of initializing the currency values of the digital currency, 16 kinds of private keys are used for signing the currency values of all digital currencies to be issued in advance, then a set of 'key seed' table KK is used for generating one-time-varying signature keys according to a combined key generation algorithm, and the various currency values of the digital currency are respectively signed for the second time, so that the currency values of the digital currency can be effectively prevented from being falsified or cloned.
4. A method according to claim 1, characterized in that:
(1) when the user A and the user B are in the centered transaction, the centered transaction protocol between the user A and the user B is as follows:
setting: the payer is user A, the payee is user B,
firstly, a transaction sheet is generated at a mobile phone end of a user A, the encryption system of the mobile phone end of the user A calls a summary algorithm to summarize the transaction sheet, and summary information M1 is obtained: the verification code M1 generates a group of time stamps a1 and random numbers a1, a group of signature keys aK1 are generated in an encryption chip according to a combined key generation algorithm by using a key seed table a element, and the signature of the user A on the transaction list is obtained by encrypting the verification code M1 by using the signature keys aK 1: the signature code 1 is obtained by identifying the user A and signing the transaction list by the user A: the signature code 1, the transaction list, the timestamp a1 and the random number a1 are sent to a verification center;
and the user B mobile phone terminal encryption system calls the summary algorithm to summarize the transaction list to obtain summary information M2, namely: the verification code M2 generates a group of time stamps B1 and random numbers B1, a group of signature keys bK1 are generated in an encryption chip according to a combined key generation algorithm by using a key seed table B element, the verification code M2 is encrypted by using the signature keys bK1, and the signature of the user B on the transaction order is obtained, namely: the signature code 2 is obtained by identifying the user B and signing the transaction list by the user B: signature code 2, transaction order, timestamp b1 and random number b1, as well as user a's identification, user a's signature on the transaction order, namely: the signature code 1, the timestamp a1 and the random number a1 are sent to a verification center;
the verification center end encryption system calls the ciphertext of the key seed table a element and the ciphertext of the key seed table B element corresponding to the user A and the user B respectively in a key seed database, and the key seed table LL and the timestamp H are used in a verification center end encryption equipment chip1 aAnd a random number S1 aGenerating a decryption key CK according to a combined key generation algorithm1 aDecrypting the cipher text of the element a of the 'key seed' table corresponding to the user A into a plaintext;
in the chip of the encryption equipment at the verification center end, a 'key seed' table LL and a timestamp H are used1 bAnd a random number S1 bGenerating a decryption key CK according to a combined key generation algorithm1 bDecrypting the cipher text of the element B of the 'key seed' table corresponding to the user B into a plaintext;
in the verification center encryption device chip, a verification key aK2 is generated by a key seed table a element of a user A, a timestamp a1 and a random number a1 according to a combined key generation algorithm, and the signature of a transaction single user A is verified, namely: decrypting the signature code 1 by using the signature key aK2 to obtain a verification code M1;
in the verification center encryption device chip, a verification key bK2 is generated by a key seed table B element of a user B, a timestamp B1 and a random number B1 according to a combined key generation algorithm, and the signature of a trade single user B is verified, namely: decrypting the signature code 2 by using the signature key bK2 to obtain a verification code M2;
in the verification center end encryption equipment chip, an abstract algorithm is called to abstract the transaction list, and abstract information is obtained: the verification code M3 judges whether the signature of the user A on the transaction order is credible and complete by comparing whether the verification codes M1 and M3 are the same or not, judges whether the signature of the user B on the transaction order is credible and complete by comparing whether the verification codes M2 and M3 are the same or not, if the verification code M1 is not equal to M3 or the verification code M2 is not equal to M3, the verification fails and the transaction fails, if M1 is M3 and M2 is M3, the verification passes, and then a set of 'key seed' table KK and a time stamp YHz e generated in the signature process are called from a verification center end encryption device chip and used for storing the verification code M3 and the time stamp YHe generated in the signature processZAnd random number YSz eZGenerating a signature key KKz e corresponding to the currency value according to a combined key generation algorithmZRespectively verifying the monetary value signatures related to the transaction list, if the monetary value signatures related to the transaction list are not passed, the monetary value of the digital currency related to the transaction list is forged, abandoning the transaction, and if the monetary value signatures are passed, the digital currency transaction system transfers the monetary value in the transaction list from the electronic wallet of the user A to the electronic wallet of the user B, and simultaneously stores the transaction list as a record in the electronic wallet of the user A and the electronic wallet of the user B, so as to complete the centralized transaction process between the user A and the user B, wherein: n is more than or equal to 1 and less than or equal to A, n is more than or equal to 1 and less than or equal to B, A is not equal to B, n is not equal to 60 hundred million, n is the total number of users of the whole digital currency, z is 1-16, eZ=1~XZNamely: e.g. of the type1=1~X1,e2=1~X2,......,e16=1~X16,X1In order to issue a total number of sheets with a monetary value of 1000 yuan in all digital currencies, X2To issue a total number of sheets with a currency value of 500 yuan in all digital currencies16The total number of the currency value of 1 minute in all digital currency to be issued;
(2) in the process of the central transaction, users of both transaction parties respectively adopt a symmetric algorithm and a public key algorithm at a mobile phone end to sign a transaction order twice, the verification process is that only the symmetric algorithm and elements of a set of 'key seed' table corresponding to the signing user are adopted at a verification center end to generate a signing and verifying key to sign and verify the signature of the transaction order, the public key algorithm and the public key thereof are not called to sign and verify the transaction order, the encryption/decryption speed of the symmetric algorithm is high, and the efficiency of the verification center end for signing and verifying the transaction order can be greatly improved; the elements of the 'key seed' table LL table stored in the verification center end encryption equipment chip are protected by the hardware chip, the verification center end encryption equipment is not easy to steal by lawbreakers, and the elements of the 'key seed' table LL table in the chip are stolen by destructive dissection, so that the safety level of the digital currency transaction system can be greatly improved;
in addition, in the verification center side encryption device chip, a 'key seed' table KK is called, the verification keys are respectively generated according to a combined key generation algorithm, the digital currency values related in the transaction list are respectively verified, the digital currency values related in the transaction list can be guaranteed to be real and credible, meanwhile, elements of the 'key seed' table KK are also stored in the verification center side encryption device encryption chip and are also protected by chip hardware, the security level of digital currency value signature can be effectively improved, and the verification efficiency of the digital currency values under the condition of center transaction can be greatly improved.
5. A method according to claim 1, characterized in that:
(1) when the user A and the user B are in the centerless transaction, the centerless transaction protocol between the user A and the user B is as follows:
setting: the payer is a user A, the payee is a user B, firstly, a transaction sheet is generated at a mobile phone end of the user A, an encryption system at the mobile phone end of the user A calls a summary algorithm to summarize the transaction sheet, and summary information M1 is obtained: the verification code M1 adopts the private key of the user a to encrypt the digest information M1 to obtain the signature code 1, that is: signature of the trading order by adopting a private key of the user A, a group of time stamps a1 and random numbers a1 are generated, a group of signature keys aK1 are generated by a key seed table a element according to a combined key generation algorithm, the user A adopts the signature keys aK1 to encrypt digest information M1, and a signature code 2 is obtained, namely: the user A signs the transaction order secondarily;
the user A uses the network, the two-dimension code of the mobile phone terminal or the NFC function to identify the user A and the public key of the user AaTransaction order and signature code 1, namely: the user A signs the transaction order by using a private key and transmits the signature to the mobile phone end of the user B;
the user B mobile phone end encryption system calls a mobile phone end 'friend circle' public key ciphertext database, and takes out the public key corresponding to the user AaCipher text is encrypted in the mobile phone end encryption chip by the 'key seed' table b and the corresponding time stamp EHb aAnd a random number ESb aGenerating a decryption key EK according to a combined key generation algorithmb aPublic key of user AaThe ciphertext is decrypted into plaintext: public key of user Aa1Comparison of public keysa1And public keyaIs it the same? If the public keya1Not equal to public keyaThen the public key of user AaThe signature of the user A to the transaction order is a pseudo signature, the user B terminates the transaction, and if the public key is not crediblea1Public keyaThen the public key of user AaTruthful and credible, and adopting the public key of the user AaThe private key signature of the transaction single user A is signed, namely: using the public key of user AaDecrypting the signature code 1 to obtain a verification code M1, calling a digest algorithm to digest the transaction list to obtain digest information, namely: the verification code M3 judges whether the signature of the private key used by the user a is authentic and complete by comparing whether M1 and M3 are the same, and if M1 ≠ M3, the signature of the user a to the transaction ticket is false, that is: the user B gives up the transaction, and if M1 is M3, the signature of the user A on the transaction list is authentic and credible;
the encryption system of the mobile phone terminal of the user B calls 16 public keys in an encryption chip of the mobile phone terminal of the user B, namely: GY1, GY2, GY.. and GY16, respectively checking the currency value signatures related to the transaction order, if the checks do not pass, the currency value of the digital currency related to the transaction order is forged, the user B abandons the transaction, if the checks pass, the currency value of the digital currency related to the transaction order is credible and complete, and thus, the verification of the transaction order by the mobile phone terminal encryption system of the user B is finished;
the user B mobile phone terminal encryption system calls the private key encryption summary information M1 of the user B to obtain the signature code 3, namely: signing the transaction list by using a private key of a user B, then generating a group of time stamps B1 and random numbers B1, generating a group of signature keys bK1 by using a key seed table B element according to a combined key generation algorithm, and encrypting digest information M1 by using a signature key bK1 to obtain a signature code 4, namely: the user B signs the transaction ticket a second time,
the user B identifies the user B and a public key of the user B through a network, a two-dimensional code of a mobile phone terminal or an NFC functionbAnd signature code 3 namely: the user B signs the transaction order by using a private key and transmits the signature to the mobile phone end of the user A;
the user A mobile phone end encryption system calls a mobile phone end 'friend circle' public key ciphertext database, and takes out the public key corresponding to the user BbCipher text is encrypted in the mobile phone end encryption chip by the 'key seed' table a and the corresponding time stamp EHa bAnd a random number ESa bGenerating a decryption key EK according to a combined key generation algorithma bWill use the public key of BbThe ciphertext is decrypted into plaintext, namely: public key of user Bb1Comparison of public keysb1And public keybIs it the same? If the public keyb1Not equal to public keybThen the public key of user BbIf the signature of the user B to the transaction order is not credible, the transaction is terminated, and if the public key is usedb1Public keybThen the public key of user BbTruthful, trusted, using the public key of user BbThe private key signature of the transaction single user B is signed, namely: using the public key of user BbDecrypting the signature code 3 to obtain a verification code M1, calling a digest algorithm to digest the transaction list to obtain digest information, namely: the verification code M5 judges whether the signature of the private key used by the user B is authentic and complete by comparing whether M1 and M5 are the same, and if M1 ≠ M5, the signature of the user B to the transaction ticket is false, that is: the user A gives up the transaction, and if M1 is M5, the signature of the user B on the transaction list is authentic and credible;
the encryption system of the mobile phone end of the user A calls 16 public keys in an encryption chip of the mobile phone end of the user A, namely: GY1, GY2, GY.. and GY16, respectively checking the currency value signatures related to the transaction order, if the checks do not pass, the currency value of the digital currency related to the transaction order is forged, the user A abandons the transaction, if the checks pass, the currency value of the digital currency related to the transaction order is credible and complete, and then the verification of the transaction order by the mobile phone terminal encryption system of the user A is finished;
the digital currency transaction system transfers the amount of money corresponding to the signed transaction sheet into the electronic wallet of the user B, and simultaneously, the transaction sheet is taken as a record and is respectively stored in the electronic wallet of the user A and the electronic wallet of the user B, so that the centerless transaction process between the user A and the user B is completed;
if a block chain of the digital currency needs to be established, sending a transaction list between a user A and a user B, an identifier of the user A, a double signature of the user A on the transaction list, a timestamp a1 and a random number a1, an identifier of the user B, a double signature of the user B on the transaction list, a timestamp B1 and a random number B1 to a block chain community of the digital currency, and verifying the signatures of the user A and the user B of the transaction list by an encryption system at each node end of the block chain, wherein the specific process is as follows:
in the encryption equipment chip at each node end of the block chain, a key seed table L is used for storing the cipher text of the element of the key seed table a and the cipher text of the element of the key seed table B corresponding to the user A and the user B respectivelyfAnd a time stamp HHf aAnd a random number SSf aGenerating a decryption key CCK according to a combined key generation algorithmf aDecrypting the cipher text of the 'key seed' table a element corresponding to the user A into a plaintext, and using the 'key seed' table LfAnd a time stamp HHf bAnd a random number SSf bGenerating a decryption key CCK according to a combined key generation algorithmf bDecrypting the cipher text of the element B of the 'key seed' table corresponding to the user B into a plaintext;
in the encryption device chip at each node end of the block chain, a signature key aK2 is generated by a key seed table a element of the user a, a timestamp a1 and a random number a1 according to a combined key generation algorithm, and the signature of the transaction single user a is signed, that is: decrypting the signature code 1 by using the signature key aK2 to obtain a verification code M1;
in the encryption device chip at each node end of the block chain, a signature key bK2 is generated by a key seed table B element of the user B, a timestamp B1 and a random number B1 according to a combined key generation algorithm, and the signature of the transaction ticket user B is signed, namely: decrypting the signature code 2 by using the signature key bK2 to obtain a verification code M2, and calling a digest algorithm to digest the transaction list to obtain digest information, namely: the verification code M3 judges whether the signature of the user A on the transaction order is credible and complete by comparing whether the verification codes M1 and M3 are the same or not, judges whether the signature of the user B on the transaction order is credible and complete by comparing whether the verification codes M2 and M3 are the same or not, if the verification code M1 is not equal to M3 or the verification code M2 is not equal to M3, the signature check fails and the transaction fails, and if the verification code M1 is M3 and the verification code M2 is M3, the signature check passes;
calling a set of 'key seed' table KK and a timestamp YHz e generated in the signing process in an encryption equipment chip at each node end of a block chainZAnd random number YSz eZGenerating a signature key KKz e corresponding to the currency value according to a combined key generation algorithmZAnd respectively signing and checking the monetary value signatures related to the transaction lists, if the signatures pass, the digital currency transaction system verifies whether a record which is the same as the transaction list is stored in an electronic wallet of a user A and a wallet of a user B, and the paid money of the wallet of the user A is the same as the received money of the wallet of the user B, if the signatures pass, the transaction lists are respectively stored in a transaction database at the node end of each block chain and serve as a record of one block in the block chain, wherein: n is more than or equal to 1 and less than or equal to A, n is more than or equal to 1 and less than or equal to B, A is not equal to B, n is not equal to 60 hundred million, n is the total number of users of the whole digital currency, z is 1-16, eZ=1~XZNamely: e.g. of the type1=1~X1,e2=1~X2,......,e16=1~X16,X1In order to issue a total number of sheets with a monetary value of 1000 yuan in all digital currencies, X2To issue a total number of sheets with a currency value of 500 yuan in all digital currencies16The total number of the currency value of 1 minute in all digital currency to be issued;
according to the credit consensus POC algorithm, an bookkeeper takes all transaction sheets which pass the signing and verification as a block for bookkeeping in T time, a block chain system adopts an abstract algorithm to connect all the blocks together to establish a block chain and form an account book database, and therefore the process of establishing the digital currency block chain is completed;
(2) in the absence of a center: in the point-to-point transaction process, users of both parties of the transaction respectively adopt a symmetric algorithm and a public key algorithm to sign a transaction order twice, in the verification process, only the public key of a signature user is called at the mobile phone end of each user, and the signature of the transaction order is respectively signed, namely: calling a 'friend circle' public key ciphertext database of a mobile phone end of each user, and decrypting the public key ciphertext database in a mobile phone end encryption chip to realize the safe exchange of the public keys between users of both sides of a transaction, thereby ensuring the authenticity and credibility of the public key of the user; the transaction bill is not checked again by calling the symmetric algorithm, so that the transaction efficiency of the digital currency can be greatly improved on the premise of ensuring the transaction safety of the digital currency;
in addition, 16 public keys are adopted in respective mobile phone end encryption chips of users at both sides of a transaction to respectively sign and verify the signatures of the transaction list related to the digital currency value, so that the credibility of the digital currency value related in the transaction list can be ensured, meanwhile, a 'key seed' table KK is not stored in the mobile phone end encryption chip in advance, a hacker can be prevented from obtaining the core key data of the 'key seed' table KK by unfastening and digging the mobile phone end encryption chip, and therefore the security level of the digital currency transaction system can be further improved.
CN202111065859.7A 2021-09-13 2021-09-13 High-safety digital currency value realization method Pending CN113781045A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111065859.7A CN113781045A (en) 2021-09-13 2021-09-13 High-safety digital currency value realization method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111065859.7A CN113781045A (en) 2021-09-13 2021-09-13 High-safety digital currency value realization method

Publications (1)

Publication Number Publication Date
CN113781045A true CN113781045A (en) 2021-12-10

Family

ID=78842904

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111065859.7A Pending CN113781045A (en) 2021-09-13 2021-09-13 High-safety digital currency value realization method

Country Status (1)

Country Link
CN (1) CN113781045A (en)

Similar Documents

Publication Publication Date Title
US9424573B2 (en) Batch settlement transactions system and method
US9294268B2 (en) System and method for variable length encryption
AU2004267784B8 (en) Generating a dynamic verification value
EP0047285B1 (en) A system for authenticating users and devices in on-line transaction networks
KR101364210B1 (en) Verification error reduction system
US6944770B2 (en) Methods and systems for generating and validating value-bearing documents
US20080040284A1 (en) Method and system for secured transactions
US20080189214A1 (en) Pin block replacement
US20080110982A1 (en) Anti-crime online transaction system
EP1451786A1 (en) A method of distributing a public key
AU2001286415A1 (en) Linking public key of device to information during manufacture
JP2003534585A (en) Secure payment method and system over computer network
US20070033149A1 (en) Secure transaction string
US20190005495A1 (en) Method for verifying transactions in chip cards
CN1741074B (en) Method for preventing bank credit cards from unauthorized use
CN112001714A (en) Digital currency implementation method based on block chain technology
WO2019035470A2 (en) Data structure, transmission device, reception device, settlement device, method, and computer program
CN102609842A (en) Payment cipher device based on hardware signature equipment, and application method of payment cipher device
CN113781045A (en) High-safety digital currency value realization method
KR100830969B1 (en) Method and System for Implementing Financial Transactions Using OTP
CN113657893B (en) Digital wallet payment encryption and decryption method and digital wallet
WO2023075963A9 (en) Data communication and cryptographic operations using a restricted data channel
CN111144879A (en) Digital wallet initializing and using method and system based on IDA
CN116342265A (en) Block chain-based non-homogeneous digital asset data processing method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication