CN116055069A - Distributed CA (conditional access) implementation method based on block chain - Google Patents

Distributed CA (conditional access) implementation method based on block chain Download PDF

Info

Publication number
CN116055069A
CN116055069A CN202310342282.2A CN202310342282A CN116055069A CN 116055069 A CN116055069 A CN 116055069A CN 202310342282 A CN202310342282 A CN 202310342282A CN 116055069 A CN116055069 A CN 116055069A
Authority
CN
China
Prior art keywords
certificate
user certificate
node
user
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202310342282.2A
Other languages
Chinese (zh)
Other versions
CN116055069B (en
Inventor
请求不公布姓名
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Microchip Sensing Technology Co ltd
Original Assignee
Beijing Microchip Sensing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Microchip Sensing Technology Co ltd filed Critical Beijing Microchip Sensing Technology Co ltd
Priority to CN202310342282.2A priority Critical patent/CN116055069B/en
Publication of CN116055069A publication Critical patent/CN116055069A/en
Application granted granted Critical
Publication of CN116055069B publication Critical patent/CN116055069B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention discloses a distributed CA (conditional access) implementation method based on a block chain, which comprises the following steps: broadcasting transaction information applied by the user certificate to a consensus node through a synchronous node, and utilizing a root certificate to issue the user certificate so as to apply and issue the user certificate; broadcasting transaction information of a user certificate revocation application to a consensus node through a synchronous node, and signing original certificate revocation by utilizing a root certificate to realize the revocation of the user certificate; and verifying the authenticity of the user certificate according to the digital signature by a verification party, and sending the verification party to a synchronous node to verify the state of the user certificate, so as to realize the verification of the user certificate. The issuing and withdrawing processes of the digital certificate are put on the blockchain, so that the security of the encrypted storage of the certificate is improved.

Description

Distributed CA (conditional access) implementation method based on block chain
Technical Field
The invention relates to the technical field of network communication, in particular to a distributed CA (conditional access) implementation method based on a block chain.
Background
A digital certificate is a certificate issued by an authority for proving the identity of a user over a network, and the process of issuing a digital certificate may also be referred to as a Certification Authority (CA) process.
The security of the current certificate encryption storage mode is low, the certificate state of the centralized CA in the alliance chain system has synchronous delay, and the problems of low operation efficiency and the like caused by the fault of the centralized node and the cross-network verification exist.
The patent application with publication number of CN106372941A discloses a CA authentication management method, device and system based on a blockchain, which at least can solve the technical problem that the security of a root CA certificate caused by the existing CA authentication mode is difficult to guarantee, and the accuracy of the whole authentication process is reduced. Wherein the blockchain further includes an originating block and a regular block, and the originating block is used to store the root CA certificate, the method comprising: receiving an application certificate transaction which is sent by a node to be authenticated in a blockchain network and contains an unsigned certificate; acquiring an unsigned certificate contained in the application certificate transaction, and generating a signed certificate according to the unsigned certificate; an issued certificate transaction including the signed certificate is sent to the node to be authenticated in a blockchain network. Although the scheme adopts the blockchain technology, the application and the issuing of the certificate are stored on the chain as two issuing records by only utilizing the certificate storage capability of the blockchain, and the capability of a certificate revocation part is lacking.
Therefore, how to implement the issue, revocation and verification of the digital certificate by adopting the blockchain technology based on the issue and revocation of the existing digital certificate becomes a problem to be solved by those skilled in the art.
Disclosure of Invention
In view of the above problems, the present invention provides a distributed CA implementation method based on a blockchain, which at least solves some of the above technical problems, and puts the issuing and revocation procedures of a digital certificate on the blockchain, so as to improve the security of encrypted storage of the certificate.
The embodiment of the invention provides a distributed CA (conditional access) implementation method based on a block chain, which comprises the following steps:
broadcasting transaction information applied by the user certificate to a consensus node through a synchronous node, and utilizing a root certificate to issue the user certificate so as to apply and issue the user certificate;
broadcasting transaction information of a user certificate revocation application to a consensus node through a synchronous node, and signing original certificate revocation by utilizing a root certificate to realize the revocation of the user certificate;
and verifying the authenticity of the user certificate according to the digital signature by a verification party, and sending the verification party to a synchronous node to verify the state of the user certificate, so as to realize the verification of the user certificate.
Further, broadcasting transaction information applied by the user certificate to the consensus node through the synchronization node, and issuing the user certificate by utilizing the root certificate, thereby realizing application and issuing of the user certificate, comprising the following steps:
s11, sending a user certificate application to a synchronous node;
s12, broadcasting transaction information applied by the user certificate to any consensus node by the synchronous node;
s13, the arbitrary consensus node puts the transaction information applied by the user certificate into a transaction pool to be packaged;
s14, utilizing the root certificate to issue a user certificate, and encrypting and storing the user certificate in a blockchain to be packaged;
s15, broadcasting transaction information applied by the user certificate to other consensus nodes, enabling a plurality of consensus nodes to agree, and outputting blocks of the block chain to be packaged;
s16, the consensus node synchronizes the user certificate to the synchronization node, and application and issuing of the user certificate are achieved.
Further, a certificate application is initiated by the synchronization node, and the generated user certificate is received by the synchronization node.
Further, broadcasting transaction information of the user certificate revocation application to the consensus node through the synchronization node, signing the original certificate revocation by using the root certificate, and realizing the revocation of the user certificate, comprising the following steps:
s21, sending a user certificate revocation application to a synchronous node;
s22, broadcasting transaction information of the user certificate revocation application to any consensus node by the synchronous node;
s23, the arbitrary consensus node puts the transaction information of the user certificate revocation application into a transaction pool to be packaged;
s24, signing the original certificate revocation by utilizing a root certificate, and storing the signature in a block chain to be packaged;
s25, broadcasting transaction information of the user certificate revocation application to other consensus nodes, enabling a plurality of consensus nodes to agree, and outputting blocks of the block chains to be packaged;
s26, the common node synchronizes the signature to the synchronization node, and the user certificate is revoked.
Further, the verification of the user certificate is realized by verifying the authenticity of the user certificate according to the digital signature by the verification party and transmitting the verification party to the synchronous node to verify the state of the user certificate, and the method comprises the following steps:
s31, decrypting the user certificate to be verified and submitting the user certificate to a verification party for verification;
s32, the verifier verifies the authenticity of the user certificate according to the digital signature and sends the user certificate to a synchronous node to verify the state of the user certificate;
s33, the synchronous node receives a certificate verification application sent by the verifier, acquires an existing certificate list, verifies the CRL of the certificate revocation list and acquires a certificate state verification result;
s34, returning the certificate state verification result to the verifier;
and S35, the verification party generates a verification result of the user certificate according to the returned certificate state verification result, and verification of the user certificate is achieved.
Further, the verifying party verifies the authenticity of the user certificate according to the digital signature, including:
the verifier verifies whether the user certificate is issued by a root certificate;
and the verifier verifies the validity period of the user certificate.
The technical scheme provided by the embodiment of the invention has the beneficial effects that at least:
the distributed CA implementation method based on the block chain provided by the embodiment of the invention comprises the following steps: broadcasting transaction information applied by the user certificate to a consensus node through a synchronous node, and utilizing a root certificate to issue the user certificate so as to apply and issue the user certificate; broadcasting transaction information of a user certificate revocation application to a consensus node through a synchronous node, and signing original certificate revocation by utilizing a root certificate to realize the revocation of the user certificate; and verifying the authenticity of the user certificate according to the digital signature by a verification party, and sending the verification party to a synchronous node to verify the state of the user certificate, so as to realize the verification of the user certificate. The issuing and withdrawing processes of the digital certificate are put on the blockchain, so that the security of the encrypted storage of the certificate is improved.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.
The technical scheme of the invention is further described in detail through the drawings and the embodiments.
Drawings
The accompanying drawings are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate the invention and together with the embodiments of the invention, serve to explain the invention. In the drawings:
FIG. 1 is a flowchart of a method for implementing distributed CA based on block chain according to an embodiment of the present invention;
FIG. 2 is a flowchart of the application and issuance of digital certificates according to an embodiment of the present invention;
fig. 3 is a flowchart of a revocation procedure of a digital certificate according to an embodiment of the present invention;
fig. 4 is a flowchart of verification of a digital certificate according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The embodiment of the invention provides a distributed CA implementation method based on a block chain, which is shown by referring to FIG. 1 and comprises the following steps:
broadcasting transaction information applied by the user certificate to a consensus node through a synchronous node, and utilizing a root certificate to issue the user certificate so as to apply and issue the user certificate;
broadcasting transaction information of a user certificate revocation application to a consensus node through a synchronous node, and signing original certificate revocation by utilizing a root certificate to realize the revocation of the user certificate;
and verifying the authenticity of the user certificate according to the digital signature by a verification party, and sending the verification party to a synchronous node to verify the state of the user certificate, so as to realize the verification of the user certificate.
According to the distributed CA implementation method based on the blockchain, the blockchain technology is adopted, the issuing and cancelling processes of the digital certificate are put on the blockchain, the security of certificate encryption storage is improved, and the traceability and non-falsifiability of the uplink of the CA whole life process are improved.
Referring to fig. 2, the application and issuance of the digital certificate includes the following steps:
a user initiates a certificate application, fills in materials required by the certificate application, assembles transaction application information and sends the transaction application information to a synchronous node;
the synchronous node receives a user certificate application, and the transaction information is broadcast to the consensus nodes (any consensus nodes can be adopted);
any consensus node puts the transaction information into a transaction pool to be packaged;
issuing a user certificate by using the root certificate, and encrypting and storing the user certificate in a blockchain to be packaged;
broadcasting transaction information applied by the user certificate to other consensus nodes, enabling the plurality of consensus nodes to agree, and outputting blocks to be packaged by a block chain;
the consensus node synchronizes the issued user certificate to the synchronization node, and the user receives the generated digital certificate.
Referring to fig. 3, revocation of a digital certificate includes the following processes:
a user initiates a certificate revocation application, fills in materials required by the certificate revocation application, assembles transaction application information and sends the transaction application information to a synchronous node;
the synchronous node receives a user certificate revocation application, and the transaction information is broadcast to the consensus node;
the consensus node puts the transaction information into a transaction pool to be packaged;
signing the original certificate revocation by utilizing a root certificate, and storing the signature in a block chain to be packaged;
broadcasting transaction information of the user certificate revocation application to other consensus nodes, enabling a plurality of consensus nodes to agree, and outputting blocks to be packaged by a block chain;
the consensus node synchronizes the signature (transaction information comprising the user certificate revocation application) to the synchronization node.
Referring to fig. 4, the verification of the digital certificate includes the following process:
decrypting the held certificate by the user and submitting the decrypted certificate to a verification party for verification;
the verification party firstly verifies the authenticity of the user certificate according to the digital signature; secondly, the digital certificate needs to be sent to a synchronous node to verify whether the state of the digital certificate is normal or not and whether the digital certificate is revoked or not;
the synchronous node receives a certificate verification application sent by a verification party, acquires an existing certificate list, verifies the CRL of the certificate revocation list and obtains a certificate state verification result;
returning the certificate state verification result to the verification party;
and the verification party generates a verification result of the user certificate according to the returned certificate state verification result, and realizes the verification of the user certificate.
Specifically, the verifying party verifies the authenticity of the user certificate according to the digital signature, including:
the verifier verifies whether the user certificate is issued by the root certificate;
the verifier verifies the validity period of the user certificate.
The distributed CA implementation method based on the block chain, provided by the embodiment, meets the requirements of on-chain application, issuing, verification and revocation of the digital certificate; and keeping the root certificate private key on the common node, and utilizing the common node to package the block, and placing the certificate issuing and withdrawing process on the blockchain. The method improves the traceability and non-tamperability of the uplink of the CA whole life process; the method solves the privacy security problem by adopting a certificate encryption storage mode, solves the certificate state synchronization delay of the centralized CA in the alliance chain system, and avoids the problems of low operation efficiency and the like caused by the failure of the centralized node and the cross-network verification.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims (6)

1. A distributed CA implementation method based on a blockchain, comprising:
broadcasting transaction information applied by the user certificate to a consensus node through a synchronous node, and utilizing a root certificate to issue the user certificate so as to apply and issue the user certificate;
broadcasting transaction information of a user certificate revocation application to a consensus node through a synchronous node, and signing original certificate revocation by utilizing a root certificate to realize the revocation of the user certificate;
and verifying the authenticity of the user certificate according to the digital signature by a verification party, and sending the verification party to a synchronous node to verify the state of the user certificate, so as to realize the verification of the user certificate.
2. The method for realizing the distributed CA based on the blockchain as in claim 1, wherein the transaction information applied by the user certificate is broadcast to the consensus node through the synchronization node, the user certificate is issued by the root certificate, and the application and the issuance of the user certificate are realized, comprising the following steps:
s11, sending a user certificate application to a synchronous node;
s12, broadcasting transaction information applied by the user certificate to any consensus node by the synchronous node;
s13, the arbitrary consensus node puts the transaction information applied by the user certificate into a transaction pool to be packaged;
s14, utilizing the root certificate to issue a user certificate, and encrypting and storing the user certificate in a blockchain to be packaged;
s15, broadcasting transaction information applied by the user certificate to other consensus nodes, enabling a plurality of consensus nodes to agree, and outputting blocks of the block chain to be packaged;
s16, the consensus node synchronizes the user certificate to the synchronization node, and application and issuing of the user certificate are achieved.
3. A blockchain-based distributed CA implementation as in claim 2 wherein a certificate application is initiated by the synchronization node and the generated user certificate is received by the synchronization node.
4. The method for realizing the distributed CA based on the blockchain according to claim 1, wherein the transaction information of the user certificate revocation application is broadcasted to the consensus node through the synchronization node, the original certificate revocation behavior is signed by the root certificate, and the user certificate is revoked, comprising the following steps:
s21, sending a user certificate revocation application to a synchronous node;
s22, broadcasting transaction information of the user certificate revocation application to any consensus node by the synchronous node;
s23, the arbitrary consensus node puts the transaction information of the user certificate revocation application into a transaction pool to be packaged;
s24, signing the original certificate revocation by utilizing a root certificate, and storing the signature in a block chain to be packaged;
s25, broadcasting transaction information of the user certificate revocation application to other consensus nodes, enabling a plurality of consensus nodes to agree, and outputting blocks of the block chains to be packaged;
s26, the common node synchronizes the signature to the synchronization node, and the user certificate is revoked.
5. The method for realizing the distributed CA based on the blockchain as in claim 1, wherein the verifying of the user certificate is realized by the verifying party verifying the authenticity of the user certificate according to the digital signature and transmitting to the synchronous node to verify the state of the user certificate, comprising the following steps:
s31, decrypting the user certificate to be verified and submitting the user certificate to a verification party for verification;
s32, the verifier verifies the authenticity of the user certificate according to the digital signature and sends the user certificate to a synchronous node to verify the state of the user certificate;
s33, the synchronous node receives a certificate verification application sent by the verifier, acquires an existing certificate list, verifies the CRL of the certificate revocation list and acquires a certificate state verification result;
s34, returning the certificate state verification result to the verifier;
and S35, the verification party generates a verification result of the user certificate according to the returned certificate state verification result, and verification of the user certificate is achieved.
6. The method for implementing a blockchain-based distributed CA of claim 5, wherein the verifying party verifies the authenticity of the user certificate based on a digital signature, comprising:
the verifier verifies whether the user certificate is issued by a root certificate;
and the verifier verifies the validity period of the user certificate.
CN202310342282.2A 2023-04-03 2023-04-03 Distributed CA (conditional access) implementation method based on block chain Active CN116055069B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310342282.2A CN116055069B (en) 2023-04-03 2023-04-03 Distributed CA (conditional access) implementation method based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310342282.2A CN116055069B (en) 2023-04-03 2023-04-03 Distributed CA (conditional access) implementation method based on block chain

Publications (2)

Publication Number Publication Date
CN116055069A true CN116055069A (en) 2023-05-02
CN116055069B CN116055069B (en) 2023-06-27

Family

ID=86127685

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310342282.2A Active CN116055069B (en) 2023-04-03 2023-04-03 Distributed CA (conditional access) implementation method based on block chain

Country Status (1)

Country Link
CN (1) CN116055069B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106372941A (en) * 2016-08-31 2017-02-01 江苏通付盾科技有限公司 CA authentication management method, device and system based on block chain
CH713421A2 (en) * 2017-02-01 2018-08-15 Dayli Intelligence Inc Apparatus and method for generating, revoking and verifying a certificate using a blockchain as certification authority.
CN108737106A (en) * 2018-05-09 2018-11-02 深圳壹账通智能科技有限公司 User authentication method, device, terminal device and storage medium on block catenary system
CN109150539A (en) * 2018-07-24 2019-01-04 深圳前海益链网络科技有限公司 A kind of Distributed CA System based on block chain, method and device
WO2021018088A1 (en) * 2019-07-30 2021-02-04 华为技术有限公司 Trusted authentication method, network device, system and storage medium
CN112398658A (en) * 2020-11-13 2021-02-23 浙江数秦科技有限公司 Distributed digital certificate management method, system, equipment and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106372941A (en) * 2016-08-31 2017-02-01 江苏通付盾科技有限公司 CA authentication management method, device and system based on block chain
CH713421A2 (en) * 2017-02-01 2018-08-15 Dayli Intelligence Inc Apparatus and method for generating, revoking and verifying a certificate using a blockchain as certification authority.
CN108737106A (en) * 2018-05-09 2018-11-02 深圳壹账通智能科技有限公司 User authentication method, device, terminal device and storage medium on block catenary system
CN109150539A (en) * 2018-07-24 2019-01-04 深圳前海益链网络科技有限公司 A kind of Distributed CA System based on block chain, method and device
WO2021018088A1 (en) * 2019-07-30 2021-02-04 华为技术有限公司 Trusted authentication method, network device, system and storage medium
CN112398658A (en) * 2020-11-13 2021-02-23 浙江数秦科技有限公司 Distributed digital certificate management method, system, equipment and storage medium

Also Published As

Publication number Publication date
CN116055069B (en) 2023-06-27

Similar Documents

Publication Publication Date Title
EP3642997B1 (en) Secure communications providing forward secrecy
CN112491846B (en) Cross-chain block chain communication method and device
CN110581854B (en) Intelligent terminal safety communication method based on block chain
US9490979B2 (en) System and method for providing credentials
CN110958229A (en) Credible identity authentication method based on block chain
CN103490881B (en) Authentication service system, user authentication method, and authentication information processing method and system
US20020154782A1 (en) System and method for key distribution to maintain secure communication
EP1912376A1 (en) Method and apparatus for authentication
CN104506503B (en) A kind of security certification system based on broadcasting and TV one-way transport network
CN102594558A (en) Anonymous digital certificate system and verification method of trustable computing environment
CN102739626A (en) Method and device for time synchronization, time stamping device and trusted time server
CN111130777B (en) Issuing management method and system for short-lived certificate
CN113872760A (en) SM9 key infrastructure and security system
WO2023184858A1 (en) Timestamp generation method and apparatus, and electronic device and storage medium
CN112351019A (en) Identity authentication system and method
Zhang et al. NDN-MPS: supporting multiparty authentication over named data networking
KR20010047563A (en) Public key based mutual authentication method in wireless communication system
GB2543359A (en) Methods and apparatus for secure communication
CN114598455A (en) Method, device, terminal entity and system for signing and issuing digital certificate
CN115883102B (en) Cross-domain identity authentication method and system based on identity credibility and electronic equipment
CN116055069B (en) Distributed CA (conditional access) implementation method based on block chain
CN114254284B (en) Digital certificate generation and identity authentication method, quantum CA authentication center and system
CN113676330B (en) Digital certificate application system and method based on secondary secret key
CN111818072B (en) Verification method of digital certificate, user node and authentication authorization center
Tedeschi et al. When blockchain makes ephemeral keys authentic: a novel key agreement mechanism in the IoT world

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant