CN114398678A - Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium - Google Patents

Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium Download PDF

Info

Publication number
CN114398678A
CN114398678A CN202210057530.4A CN202210057530A CN114398678A CN 114398678 A CN114398678 A CN 114398678A CN 202210057530 A CN202210057530 A CN 202210057530A CN 114398678 A CN114398678 A CN 114398678A
Authority
CN
China
Prior art keywords
file
verification
registration
code
nth
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210057530.4A
Other languages
Chinese (zh)
Inventor
陈斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Huadingboshi Data Information Technology Co ltd
Original Assignee
Beijing Huadingboshi Data Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Huadingboshi Data Information Technology Co ltd filed Critical Beijing Huadingboshi Data Information Technology Co ltd
Priority to CN202210057530.4A priority Critical patent/CN114398678A/en
Publication of CN114398678A publication Critical patent/CN114398678A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The present disclosure relates to the field of computer technologies, and in particular, to a registration verification method and apparatus for preventing electronic document from being tampered, an electronic device, and a medium. The method specifically comprises the following steps: the certificate logger extracts the feature information of the current nth registration file based on the file registration request, and generates the first verification code of the nth registration file and the corresponding certificate serial number according to the feature information of the nth registration file and the verification code of the (n-1) th registration file to form a certificate data chain; the certificate logger calculates the second identifying code of the nth registration file to be verified based on the file verification request, and inquires the first identifying code corresponding to the certificate serial number from the certificate data chain according to the certificate serial number provided by the verification demand party; and comparing the second verification code with the first verification code to verify whether the registration file is tampered. Thereby achieving the purpose of verifying whether the registered electronic file is tampered.

Description

Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a registration verification method and apparatus for preventing electronic document from being tampered, an electronic device, and a medium.
Background
With the development of computer networks and the advent of the digital era, more and more online services are developed through the internet, and more application scenes are generated by computers or electronic files are transmitted through computer networks in the service handling process. When electronic files transferred in the internet are tampered with, a huge potential risk or loss may be caused. When a plurality of file users diverge from each other when the electronic files are tampered, the target electronic files need to be verified to determine whether the target electronic files are tampered, so that data needs to be protected against tampering, certificates of the electronic files are reserved, and the electronic files can be timely discovered through verification after being tampered, so that the safety of the data is ensured.
Disclosure of Invention
The present disclosure provides a method, an apparatus, an electronic device, and a storage medium for registration verification for electronic document tamper resistance.
According to an aspect of the present disclosure, there is provided a registration verification method for preventing an electronic document from being tampered, including:
a certificate logger obtains a file registration request initiated by a registration demander;
the certificate logger extracts feature information of the current nth registration file based on the file registration request, and generates a first verification code of the nth registration file and a corresponding certificate serial number according to the feature information of the nth registration file and a verification code of the (n-1) th registration file to form a certificate data chain;
the certificate logger obtains a file verification request initiated by a verification demand party;
the certificate logger calculates a second verification code of the nth registration file to be verified based on the file verification request, and inquires the first verification code corresponding to the certificate serial number from the certificate data chain according to the certificate serial number provided by the verification demander;
and the certificate logger compares the second verification code with the inquired first verification code to verify whether the nth registration file provided by the verification demander is consistent with the nth registration file provided by the registration demander.
Optionally, the characteristic information includes a hash value of the file, and/or a generation time of the file, and/or an author of the file.
Optionally, the verifying whether the nth registration file provided by the verification demander and the nth registration file provided by the registration demander are consistent comprises: if the first verification code is the same as the second verification code, judging that the first verification code and the second verification code are consistent; and if the first verification code is different from the second verification code, judging that the first verification code and the second verification code are inconsistent.
Optionally, the credential logger generates the first verification code and the second verification code by calculating according to the following formulas:
Vn=F[V(n-1),Hn]
wherein;
f represents a verification code generation algorithm function;
vn represents the authentication code of the nth registration file;
v (n-1) represents the authentication code of the (n-1) th registration file;
hn represents a hash value of the nth registered file.
Optionally, when n is 1, that is, when the current registered file is the first registered file, the random value R1 is used as the root of the credential data chain, and V1 is F [ R1, H1 ].
Optionally, the credential logger generates the first verification code and the second verification code by calculating according to the following formulas:
Vn=F[V(n-1),Hn,Tn,Wn]
wherein;
f represents a verification code generation algorithm function;
vn represents the authentication code of the nth registration file;
v (n-1) represents the authentication code of the (n-1) th registration file;
hn represents a hash value of the nth registration file;
tn represents the generation time of the nth registration file;
wn denotes an author of the nth registration file.
Optionally, when n is 1, that is, when the current registered file is the first registered file, the random value R1 is used as the root code of the credential data chain, and V1 is F [ R1, H1, T1, W1 ].
According to another aspect of the present disclosure, there is provided a registration verification apparatus for electronic document tamper-proofing, including:
the registration module is configured to acquire a file registration request initiated by a registration demander;
a first verification code generation module configured to extract feature information of a current nth registration file based on the file registration request, and generate a first verification code of the nth registration file and a corresponding certificate serial number according to the feature information of the nth registration file and a verification code of an n-1 th registration file to form a certificate data chain;
the acquisition module is configured to acquire a file verification request initiated by a verification demander;
a second verification code generation module configured to calculate a second verification code of the nth registered file to be verified based on the file verification request;
the query module is configured to query the first verification code corresponding to the certificate serial number from the certificate data chain according to the certificate serial number provided by the verification demander;
a verification module configured to compare the second verification code with the queried first verification code to verify whether the nth registration file provided by the verification demander is consistent with the nth registration file provided by the registration demander.
Optionally, the characteristic information includes a hash value of the file, and/or a generation time of the file, and/or an author of the file.
Optionally, the verifying module verifies whether the nth registration file provided by the verification demander and the nth registration file provided by the registration demander are consistent includes: if the first verification code is the same as the second verification code, judging that the first verification code and the second verification code are consistent; and if the first verification code is different from the second verification code, judging that the first verification code and the second verification code are inconsistent.
Optionally, the first verification code generation module and the second verification code generation module calculate and generate the first verification code and the second verification code through the following formulas:
Vn=F[V(n-1),Hn]
wherein;
f represents a verification code generation algorithm function;
vn represents the authentication code of the nth registration file;
v (n-1) represents the authentication code of the (n-1) th registration file;
hn represents a hash value of the nth registered file.
Optionally, when n is 1, that is, when the current registered file is the first registered file, the random value R1 is used as the root of the credential data chain, and V1 is F [ R1, H1 ].
Optionally, the first verification code generation module and the second verification code generation module calculate and generate the first verification code and the second verification code through the following formulas:
Vn=F[V(n-1),Hn,Tn,Wn]
wherein;
f represents a verification code generation algorithm function;
vn represents the authentication code of the nth registration file;
v (n-1) represents the authentication code of the (n-1) th registration file;
hn represents a hash value of the nth registration file;
tn represents the generation time of the nth registration file;
wn denotes an author of the nth registration file.
Optionally, when n is 1, that is, when the current registered file is the first registered file, the random value R1 is used as the root code of the credential data chain, and V1 is F [ R1, H1, T1, W1 ].
The present disclosure also provides an electronic device, including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of the above aspects.
The present disclosure also provides a non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to execute the enrollment verification method according to any one of the above embodiments.
The present disclosure also provides a computer program product comprising a computer program which, when executed by a processor, implements the enrolment verification method according to any one of the above embodiments.
The invention provides a method, a device, electronic equipment and a storage medium for registration verification of electronic file tamper resistance, wherein a verification code is formed by registering a target file, the verification codes of a plurality of registered files are associated to form a certificate data chain which is connected in series and verified mutually, and the verification code corresponding to each registered file is associated with the verification code of the previous registered file, so that any piece of verification information in the certificate data chain cannot be tampered, otherwise, the logic verification of the whole data certificate chain is invalid, and the aim of verifying whether the registered electronic file is tampered is achieved; in addition, when the document is registered, the verification code is generated without extracting the specific content of the target document, and the privacy of electronic document registration can be ensured.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
FIG. 1 is a diagram illustrating the steps of a method for verifying the registration of an electronic document against tampering in an embodiment of the present disclosure;
FIG. 2 is a schematic illustration of the principle of tamper resistance of a credential data chain in an embodiment of the disclosure;
fig. 3 is a functional block diagram of an electronic document tamper-proof enrollment verification apparatus in an embodiment of the present disclosure.
Description of reference numerals:
a registration module 301; a first verification code generation module 302; an acquisition module 303; a second verification code generation module 304; a query module 305; a verification module 306.
Detailed Description
Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
The present disclosure provides a registration verification method for preventing electronic document from being tampered, as shown in fig. 1, including:
step S101, a certificate logger obtains a file registration request initiated by a registration demander;
step S102, the certificate logger extracts the feature information of the current nth registration file based on the file registration request, and generates the first verification code of the nth registration file and the corresponding certificate serial number according to the feature information of the nth registration file and the verification code of the (n-1) th registration file to form a certificate data chain;
step S103, the certificate logger obtains a file verification request initiated by a verification demand party;
step S104, the certificate logger calculates a second verification code of the nth registration file to be verified based on the file verification request, and inquires a first verification code corresponding to the certificate serial number from the certificate data chain according to the certificate serial number provided by the verification demand party;
step S105, the credential logger compares the second verification code with the queried first verification code to verify whether the nth registration file provided by the verification demander is consistent with the nth registration file provided by the registration demander.
Specifically, in the present embodiment, there are at least three parties, a registration requesting party, a verification requesting party, and a credential recording party. The registration demander and the verification demander are demanders, namely, parties needing to register and verify the files, and the registration demander and the verification demander are usually users of the files, and the requirements of the registration demander and the verification demander coincide with each other, namely, the registration demander can be a verification demander, and the verification demander can be a registration demander. The credential logger is a third party that provides enrollment verification services other than the enrollment requester and the verification requester, and is a party that performs enrollment, generates credentials, and provides verification services according to the enrollment verification method of the present disclosure.
The present disclosure may use MD5(MD5 Message-Digest Algorithm) Algorithm as the credential calculation function, and MD5 is a widely used cryptographic hash function that generates a 128-bit (16-byte) hash value (hash value) to ensure the integrity and consistency of information transmission. Other encryption algorithms may also be employed for credential calculation. At the time of electronic file registration, since only the characteristic information of the target file, such as the hash value of the file, is extracted, and the specific content of the electronic file is not extracted, the privacy of electronic file registration can be ensured.
The electronic file registration means that the registration request of the electronic file is sent to the certificate recorder, the certificate recorder extracts the characteristic information required to be verified of the electronic file according to the registration request of the registration request party, then the verification code of the electronic file is generated according to an encryption algorithm, and then the verification code and the certificate serial number after the electronic file registration are returned to the registration request party. When the registration demand party transmits the electronic file to other users, the certificate serial number and the electronic file can be transmitted to the users together, and the party receiving the file can verify the electronic file as required. For example, the verification demander a downloads an electronic file C from a website B, the website B serves as the source of the electronic file C, and the verification code E and the certificate serial number F are obtained by automatically registering on the certificate recorder D when the electronic file C is downloaded by the verification demander a. Suppose that file C was tampered with after a was downloaded and has undesirable consequences. A and B diverge from the tampering result, and A recognizes that the electronic file C is downloaded from B. In this case, the electronic file and the certificate serial number submitted by the certificate recorder D through the a can be used for verification, the certificate recorder D generates the second verification code again by using the electronic file submitted by the a, and queries the corresponding first verification code in the existing certificate data chain by using the certificate serial number submitted by the a to verify whether the electronic file used by the a is the electronic file C downloaded from the B at the beginning, that is, whether the C is tampered, and if the first verification code is inconsistent with the second verification code, the electronic file submitted by the a is verified to be tampered.
It should be noted that the electronic files in this embodiment include all kinds of files stored on a storage medium on a computer, including but not limited to various kinds of electronic documents, video data, audio data, binary sequences of executable programs, and the like. When the certificate recorder registers to generate the verification code, the certificate recorder extracts the feature information of the current nth registered file, and generates the first verification code of the nth registered file and the corresponding certificate serial number according to the feature information of the nth registered file and the verification code of the (n-1) th registered file to form a certificate data chain. When the electronic document is verified, the certificate logger generates a second verification code according to the same algorithm, and if the electronic document is tampered, the second verification code will be inconsistent with the first verification code when the electronic document is registered. In the technical scheme, each verification code generated by the certificate recording party is associated with the verification code of the last registration file to form a certificate data chain which cannot be tampered, any piece of verification information in the certificate data chain cannot be tampered, otherwise, the logic verification of the whole data certificate chain is invalid, and the data security is further improved.
As an alternative embodiment, the characteristic information includes, but is not limited to, a hash value of the electronic file, and/or a generation time of the file, and/or an author of the file. That is, the feature information is not limited to extracting the hash value, and in some application scenarios with strict requirements, the verification code may also be generated by combining with other variables such as file generation time and file author.
As an alternative embodiment, the credential logger generates the first and second verification codes by calculating the following equations:
Vn=F[V(n-1),Hn]
wherein;
f represents a verification code generation algorithm function;
vn denotes the authentication code of the nth registered file;
v (n-1) represents the authentication code of the (n-1) th registered file;
hn denotes a hash value of the nth registered file.
Specifically, as shown in fig. 2, in the present embodiment, an MD5 algorithm or the like is adopted as a function of the verification code algorithm, which is denoted by F. The result of the calculation of the F algorithm function is the authentication code of the registered document, denoted by V. The F algorithm function includes at least two functions V (n-1) and Hn. When n is 1, since the currently registered file is the first file and cannot be associated with the last registered file, a randomly generated GUID (global Unique Identifier) value is adopted as the root code R1 of the credential data chain, that is, V1=F[R1,H1]。
As another alternative, the credential logger generates the first and second verification codes by calculating the following equations:
Vn=F[V(n-1),Hn,Tn,Wn]
wherein;
f represents a verification code generation algorithm function;
vn denotes the authentication code of the nth registered file;
v (n-1) represents the authentication code of the (n-1) th registered file;
hn represents a hash value of the nth registered file;
tn represents the generation time of the nth registration file;
wn denotes the author of the nth registered file.
Specifically, in this embodiment, the MD5 algorithm is still used as the verification code algorithm function, which is denoted by F. The result of the calculation of the F algorithm function is the authentication code of the registered document, denoted by V. The calculation variables of the F algorithm function may include characteristic information required for registration verification, such as the generation time T of the file, the author W of the file, and the like, in addition to the two functions V (n-1) and Hn. When n is 1, that is, when the current registered file is the first registered file, V1 is F [ R1, H1, T1, W1] using a random value R1 as the root code of the certificate data chain.
It should be noted that the above manner for calculating and generating the verification code is only an optional implementation manner of the present disclosure, and the variables for calculating the verification code are not limited to the combination of one or more items of the hash value, the file generation time, and the file author listed in the formula, and may also include other attributes specific to the file, that is, other types of feature information, according to the needs of a specific application scenario.
The present disclosure also provides a registration verification apparatus for preventing an electronic document from being tampered, as shown in fig. 3, including:
a registration module 301 configured to obtain a file registration request initiated by a registration demander;
a first verification code generation module 302 configured to extract feature information of a current nth registration file based on the file registration request, and generate a first verification code of the nth registration file and a corresponding certificate serial number according to the feature information of the nth registration file and the verification code of an n-1 th registration file to form a certificate data chain;
an obtaining module 303, configured to obtain a file verification request initiated by a verification demander;
a second verification code generation module 304 configured to calculate a second verification code of the nth registered file to be verified based on the file verification request;
the query module 305 is configured to query a first verification code corresponding to the certificate serial number from the certificate data chain according to the certificate serial number provided by the verification demander;
the verification module 306 is configured to compare the second verification code with the queried first verification code to verify whether the nth registration file provided by the verification demander is consistent with the nth registration file provided by the registration demander.
Specifically, the registration demander and the verification demander are both usually file users, and the requirements of the registration demander and the verification demander coincide with each other, that is, the registration demander may also be the verification demander, and the verification demander may also be the registration demander. The registration verification apparatus of the present disclosure can provide a verification service to an electronic document when a document user (two or more parties) diverges whether a registered electronic document is tampered with. The MD5 algorithm can be adopted as the certificate calculation function in the present disclosure, and other encryption algorithms can also be adopted for certificate calculation. At the time of electronic file registration, since only the characteristic information of the target file, such as the hash value of the file, is extracted, and the specific content of the electronic file is not extracted, the privacy of electronic file registration can be ensured.
First, a registration request of a registration demander can be obtained by the registration module 301, the first verification code generation module 302 extracts feature information required to be verified of the electronic file according to the registration request of the registration demander, then generates a first verification code of the electronic file according to an encryption algorithm, and returns the first verification code and a certificate serial number after registration of the electronic file to the registration demander. When a registration demand party transmits an electronic file to other users, the certificate serial number and the electronic file can be transmitted to the users together, one party receiving the file can verify the electronic file as required, when multiple parties are diverged or not, the acquisition module 303 acquires a file verification request of the verification demand party, the second verification code generation module 304 generates a second verification code according to the electronic file and the certificate serial number provided by the verification demand party, meanwhile, the query module 305 queries a corresponding first verification code according to the certificate serial number provided by the verification demand party, finally, the verification module 306 judges whether the electronic file is tampered or not by comparing the first verification code with the second verification code, if the first verification code is consistent with the second verification code, the electronic file is not tampered, and if the first verification code is inconsistent with the second verification code, the electronic file is tampered.
Illustratively, the verification demander a downloads an electronic file C from a website B, which serves as the source of the electronic file C, and automatically registers on the registration verification device D when downloading the electronic file C, and obtains a verification code E and a certificate number F. Suppose that file C was tampered with after a was downloaded and has undesirable consequences. A and B diverge from the tampering result, and A recognizes that the electronic file C is downloaded from B. In this case, the electronic file and the certificate serial number submitted by a can be used for verification through the registration verification device D, the registration verification device D generates the second verification code again by using the electronic file submitted by a, and queries the corresponding first verification code in the existing certificate data chain by using the certificate serial number submitted by a to verify whether the electronic file used by a is the electronic file C downloaded from B at first, that is, whether C is tampered, and if the first verification code is inconsistent with the second verification code, the electronic file submitted by a is verified to be tampered.
It should be noted that the electronic files in this embodiment include all kinds of files stored on a storage medium on a computer, including but not limited to various kinds of electronic documents, video data, audio data, binary sequences of executable programs, and the like. When the first verification code generation module 302 performs registration to generate a verification code, it extracts the feature information of the current nth registration file, and generates the first verification code of the nth registration file and the corresponding certificate serial number according to the feature information of the nth registration file and the verification code of the (n-1) th registration file to form a certificate data chain. When the electronic document is verified, the second verification code generation module 304 generates the second verification code according to the same algorithm, and if the electronic document is tampered, the second verification code may be inconsistent with the first verification code at the time of registration. In the technical scheme, each verification code generated by the certificate recording party is associated with the verification code of the last registration file to form a certificate data chain which cannot be tampered, any piece of verification information in the certificate data chain cannot be tampered, otherwise, the logic verification of the whole data certificate chain is invalid, and the data security is further improved.
As an alternative embodiment, the feature information extracted by the first verification code generation module 302 and the second verification code generation module 304 includes, but is not limited to, a hash value of the electronic file, and/or a generation time of the file, and/or an author of the file. That is, the feature information is not limited to extracting the hash value, and in some application scenarios with strict requirements, the verification code may also be generated by combining with other variables such as file generation time and file author.
As an alternative embodiment, the first verification code generation module 302 and the second verification code generation module 304 generate the first verification code and the second verification code by calculating according to the following formulas:
Vn=F[V(n-1),Hn]
wherein;
f represents a verification code generation algorithm function;
vn denotes the authentication code of the nth registered file;
v (n-1) represents the authentication code of the (n-1) th registered file;
hn denotes a hash value of the nth registered file.
Specifically, as shown in fig. 2, in the present embodiment, an MD5 algorithm or the like is adopted as a function of the verification code algorithm, which is denoted by F. The result of the calculation of the F algorithm function is the authentication code of the registered document, denoted by V. The F algorithm function includes at least two functions V (n-1) and Hn. When n is 1, since the currently registered file is the first file and cannot be associated with the last registered file, the randomly generated GUID value is adopted as the root code R1 of the certificate data chain, namely V1=F[R1,H1]。
As another alternative implementation, the first verification code generation module 302 and the second verification code generation module 304 generate the first verification code and the second verification code by calculating according to the following formulas:
Vn=F[V(n-1),Hn,Tn,Wn]
wherein;
f represents a verification code generation algorithm function;
vn denotes the authentication code of the nth registered file;
v (n-1) represents the authentication code of the (n-1) th registered file;
hn represents a hash value of the nth registered file;
tn represents the generation time of the nth registration file;
wn denotes the author of the nth registered file.
Specifically, in this embodiment, the MD5 algorithm is still used as the verification code algorithm function, which is denoted by F. The result of the calculation of the F algorithm function is the authentication code of the registered document, denoted by V. The calculation variables of the F algorithm function may include characteristic information required for registration verification, such as the generation time T of the file, the author W of the file, and the like, in addition to the two functions V (n-1) and Hn. When n is 1, that is, when the current registered file is the first registered file, V1 is F [ R1, H1, T1, W1] using a random value R1 as the root code of the certificate data chain.
It should be noted that the above manner for generating the verification code by calculation is only an optional implementation manner of the present disclosure, and the variables for calculating the verification code are not limited to the combination of one or more items of the hash value, the file generation time, and the file author listed in the formula, and may also include other attributes specific to the file according to the needs of a specific application scenario, that is, other types of feature information are used as the calculation variables.
The present disclosure also provides an electronic device, a readable storage medium, and a computer program product according to embodiments of the present disclosure.
In particular, electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
The apparatus comprises a computing unit which may perform various suitable actions and processes in accordance with a computer program stored in a Read Only Memory (ROM) or a computer program loaded from a storage unit into a Random Access Memory (RAM). In the RAM, various programs and data required for the operation of the device can also be stored. The computing unit, the ROM, and the RAM are connected to each other by a bus. An input/output (I/O) interface is also connected to the bus.
A plurality of components in the device are connected to the I/O interface, including: an input unit such as a keyboard, a mouse, etc.; an output unit such as various types of displays, speakers, and the like; storage units such as magnetic disks, optical disks, and the like; and a communication unit such as a network card, modem, wireless communication transceiver, etc. The communication unit allows the device to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
The computing unit may be a variety of general purpose and/or special purpose processing components having processing and computing capabilities. Some examples of computational units include, but are not limited to, Central Processing Units (CPUs), Graphics Processing Units (GPUs), various specialized Artificial Intelligence (AI) computational chips, various computational units running machine learning model algorithms, Digital Signal Processors (DSPs), and any suitable processors, controllers, microcontrollers, etc. The calculation unit executes the respective methods and processes described above, such as the registration verification method in the above-described embodiments. For example, in some embodiments, the enrollment verification method may be implemented as a computer software program tangibly embodied in a machine-readable medium, such as a storage unit. In some embodiments, part or all of the computer program may be loaded and/or installed onto the device via ROM and/or the communication unit. When the computer program is loaded into RAM and executed by a computing unit, one or more steps of the enrolment verification method described above may be performed. Alternatively, in other embodiments, the computing unit may be configured to perform the enrollment verification method in any other suitable manner (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the enrollment verification methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), and the Internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server may be a cloud server, a server of a distributed system, or a server with a combined blockchain.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present disclosure may be executed in parallel or sequentially or in different orders, and are not limited herein as long as the desired results of the technical solutions disclosed in the present disclosure can be achieved.
The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the scope of protection of the present disclosure.

Claims (17)

1. A registration verification method for preventing electronic document from being tampered is characterized by comprising the following steps:
a certificate logger obtains a file registration request initiated by a registration demander;
the certificate logger extracts feature information of the current nth registration file based on the file registration request, and generates a first verification code of the nth registration file and a corresponding certificate serial number according to the feature information of the nth registration file and a verification code of the (n-1) th registration file to form a certificate data chain;
the certificate logger obtains a file verification request initiated by a verification demand party;
the certificate logger calculates a second verification code of the nth registration file to be verified based on the file verification request, and inquires the first verification code corresponding to the certificate serial number from the certificate data chain according to the certificate serial number provided by the verification demander;
and the certificate logger compares the second verification code with the inquired first verification code to verify whether the nth registration file provided by the verification demander is consistent with the nth registration file provided by the registration demander.
2. The enrollment verification method of claim 1, wherein the characteristic information includes a hash value of the document, and/or a generation time of the document, and/or an author of the document.
3. The enrollment verification method of claim 1, wherein the verifying whether the nth enrollment file provided by the verification demander and the nth enrollment file provided by the enrollment demander are consistent comprises: if the first verification code is the same as the second verification code, judging that the first verification code and the second verification code are consistent; and if the first verification code is different from the second verification code, judging that the first verification code and the second verification code are inconsistent.
4. An enrollment authentication method according to claim 1, characterised in that the credential logger computationally generates the first and second authentication codes by the following formulas:
Vn=F[V(n-1),Hn]
wherein;
f represents a verification code generation algorithm function;
vn represents the authentication code of the nth registration file;
v (n-1) represents the authentication code of the (n-1) th registration file;
hn represents a hash value of the nth registered file.
5. The enrollment verification method according to claim 4, wherein when n ═ 1, i.e. the current enrollment file is the first one, V uses a random value R1 as the root code of the credential data chain, V1=F[R1,H1]。
6. An enrollment authentication method according to claim 1, characterised in that the credential logger computationally generates the first and second authentication codes by the following formulas:
Vn=F[V(n-1),Hn,Tn,Wn]
wherein;
f represents a verification code generation algorithm function;
vn represents the authentication code of the nth registration file;
v (n-1) represents the authentication code of the (n-1) th registration file;
hn represents a hash value of the nth registration file;
tn represents the generation time of the nth registration file;
wn denotes an author of the nth registration file.
7. The enrollment verification method of claim 6, wherein when n-1, i.e. the current enrollment file is the first enrollment file, V1-F [ R1, H1, T1, W1] uses a random value R1 as the root code of the credential data chain.
8. An electronic document registration verification apparatus that is tamper-resistant, comprising:
the registration module is configured to acquire a file registration request initiated by a registration demander;
a first verification code generation module configured to extract feature information of a current nth registration file based on the file registration request, and generate a first verification code of the nth registration file and a corresponding certificate serial number according to the feature information of the nth registration file and a verification code of an n-1 th registration file to form a certificate data chain;
the acquisition module is configured to acquire a file verification request initiated by a verification demander;
a second verification code generation module configured to calculate a second verification code of the nth registered file to be verified based on the file verification request;
the query module is configured to query the first verification code corresponding to the certificate serial number from the certificate data chain according to the certificate serial number provided by the verification demander;
a verification module configured to compare the second verification code with the queried first verification code to verify whether the nth registration file provided by the verification demander is consistent with the nth registration file provided by the registration demander.
9. The registration verification apparatus according to claim 8, wherein the characteristic information includes a hash value of the file, and/or a generation time of the file, and/or an author of the file.
10. The enrollment verification apparatus of claim 8, wherein the verification module verifying whether the nth enrollment file provided by the verification demander and the nth enrollment file provided by the enrollment demander are consistent comprises: if the first verification code is the same as the second verification code, judging that the first verification code and the second verification code are consistent; and if the first verification code is different from the second verification code, judging that the first verification code and the second verification code are inconsistent.
11. The enrollment authentication device of claim 8, wherein the first authentication code generation module and the second authentication code generation module computationally generate the first authentication code and the second authentication code by the following formulas:
Vn=F[V(n-1),Hn]
wherein;
f represents a verification code generation algorithm function;
vn represents the authentication code of the nth registration file;
v (n-1) represents the authentication code of the (n-1) th registration file;
hn represents a hash value of the nth registered file.
12. The apparatus according to claim 11, wherein when n is 1, that is, when the current registered file is the first registered file, V is a root code of the certificate data chain using a random value R11=F[R1,H1]。
13. The enrollment authentication device of claim 8, wherein the first authentication code generation module and the second authentication code generation module computationally generate the first authentication code and the second authentication code by the following formulas:
Vn=F[V(n-1),Hn,Tn,Wn]
wherein;
f represents a verification code generation algorithm function;
vn represents the authentication code of the nth registration file;
v (n-1) represents the authentication code of the (n-1) th registration file;
hn represents a hash value of the nth registration file;
tn represents the generation time of the nth registration file;
wn denotes an author of the nth registration file.
14. The apparatus according to claim 13, wherein when n is 1, that is, when the current registered file is the first registered file, V1 is F [ R1, H1, T1, W1] using a random value R1 as a root code of the certificate data chain.
15. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the enrollment verification method of any of claims 1-7.
16. A non-transitory computer readable storage medium having stored thereon computer instructions for causing the computer to perform the enrollment verification method according to any one of claims 1-7.
17. A computer program product comprising a computer program which, when executed by a processor, implements the enrollment verification method according to any one of claims 1-7.
CN202210057530.4A 2022-01-19 2022-01-19 Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium Pending CN114398678A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210057530.4A CN114398678A (en) 2022-01-19 2022-01-19 Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210057530.4A CN114398678A (en) 2022-01-19 2022-01-19 Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium

Publications (1)

Publication Number Publication Date
CN114398678A true CN114398678A (en) 2022-04-26

Family

ID=81230296

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210057530.4A Pending CN114398678A (en) 2022-01-19 2022-01-19 Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium

Country Status (1)

Country Link
CN (1) CN114398678A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113722690A (en) * 2021-09-08 2021-11-30 北京华鼎博视数据信息技术有限公司 Data transmitting method, data receiving device, certificate recording method and certificate recording device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113722690A (en) * 2021-09-08 2021-11-30 北京华鼎博视数据信息技术有限公司 Data transmitting method, data receiving device, certificate recording method and certificate recording device
CN113722690B (en) * 2021-09-08 2023-11-10 北京华鼎博视数据信息技术有限公司 Data transmitting and receiving and certificate recording method and device

Similar Documents

Publication Publication Date Title
CN109472696B (en) Asset transaction method, device, storage medium and computer equipment
CN111163182B (en) Block chain-based device registration method and apparatus, electronic device, and storage medium
CN109033475B (en) File storage method, device, equipment and storage medium
CN111989893A (en) Chain of proof and decomposition
US10270757B2 (en) Managing exchanges of sensitive data
WO2021036086A1 (en) Transaction data processing method, apparatus and system, and computer-readable storage medium
WO2022001526A1 (en) Block chain-based trade data processing method and related device thereof
US20160048703A1 (en) Securing integrity and consistency of a cloud storage service with efficient client operations
CN109743161B (en) Information encryption method, electronic device and computer readable medium
CN110347750B (en) Block chain-based data processing method and device
CN114398678A (en) Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium
US8904508B2 (en) System and method for real time secure image based key generation using partial polygons assembled into a master composite image
CN116015840B (en) Data operation auditing method, system, equipment and storage medium
CN113609156B (en) Data query and write method and device, electronic equipment and readable storage medium
TW201939415A (en) Service verification method and device
CN115589316A (en) Data encryption transmission method and device, electronic equipment and storage medium
CN114745173A (en) Login verification method, login verification device, computer equipment, storage medium and program product
CN110781523B (en) Method and apparatus for processing information
CN112732789A (en) Searchable encryption method based on block chain and electronic equipment
CN110659476A (en) Method and apparatus for resetting password
CN111949738A (en) Block chain-based data storage deduplication method, terminal device and storage medium
CN113761585A (en) Data processing method, device and system
CN112527802B (en) Soft link method and device based on key value database
CN109347869B (en) Method, device, medium and electronic equipment for generating inter-cluster communication security factor
CN116980209A (en) User authentication method, device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination