CN116961889A

CN116961889A - Password saving and recovering method, device, equipment and storage medium

Info

Publication number: CN116961889A
Application number: CN202210784513.0A
Authority: CN
Inventors: 张高山; 温暖; 杜雪涛; 李文琦; 刘飞龙; ***; 朱华; 方明星; 张琳; 张晨; 王雪; 倪宁宁
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Group Design Institute Co Ltd
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Group Design Institute Co Ltd
Priority date: 2022-07-05
Filing date: 2022-07-05
Publication date: 2023-10-27

Abstract

The invention discloses a password saving and recovering method, a device, equipment and a storage medium, and belongs to the technical field of network information. According to the method, the original password is split to obtain a plurality of password shares, the user can encrypt the password shares and write the password shares into the blockchain by utilizing the blockchain technology, after the user forgets the password, the user can trace back the blockchain and take out the self-collected password shares, and the original password can be recovered after enough password shares are collected without traversing the blockchain.

Description

Password saving and recovering method, device, equipment and storage medium

Technical Field

The present invention relates to the field of network information technologies, and in particular, to a method, an apparatus, a device, and a storage medium for password saving and recovering.

Background

User passwords play a very important role in blockchain applications, and the functions or operations of a blockchain system can be completed by utilizing the passwords, so that the security of data and access control in the blockchain system is ensured.

In the prior art, when the password of the user is stored, the front end generally carries out hash calculation on the password input by the user, the hash value of the password is stored in the back end database, when the password is required to be verified, the back end only needs to compare whether the hash value of the password transmitted by the front end is consistent with the hash value stored in the database or not, and the original password of the user is not stored in the back end of the web application, so that the back end database can be ensured not to leak the password of the user. However, if the user's password is forgotten or lost, it cannot be obtained through the backend database.

Disclosure of Invention

The invention mainly aims to provide a password saving and recovering method, device, equipment and storage medium, which aim to solve the problem that the user password cannot be recovered in the prior art.

In order to achieve the above object, the present invention provides a password saving and recovering method, device, apparatus and storage medium, the password saving method comprising the steps of:

acquiring an original password;

splitting the original password to obtain password shares of a preset encryption number, wherein the preset encryption number is at least two;

the cryptographic shares are stored in different blocks of a blockchain.

Optionally, before the step of obtaining the original password, the method further includes:

receiving the original password created by the user through the web front end;

encrypting the original password through the web front end by using a public key of a web application server to obtain an encrypted password;

and carrying out hash encryption on the original password through the web front end to obtain a first password hash value, and transmitting the encrypted password and the first password hash value to the web back end.

Optionally, the step of obtaining the original password includes:

when the encrypted password and the first password hash value transmitted by the web front end are received, decrypting the encrypted password by using a local private key to obtain original data;

Carrying out hash on the original data through a hash algorithm to obtain a second password hash value;

judging whether the second password hash value is consistent with the first password hash value or not;

and if the original data are consistent, taking the original data as the original password.

Optionally, after the step of taking the original data as the original password if the two data are identical, the method further includes:

performing salted hash encryption on the second password hash value to obtain a salted value and a third password hash value;

and storing the salted value and the third password hash value into a database for subsequent verification of the user input password.

Optionally, the step of storing the encrypted portion of the password in a block in a blockchain includes:

encrypting the password share to obtain an effective block;

randomly generating interference blocks with preset interference quantity, wherein the interference blocks and the effective blocks have the same format;

encrypting a pseudo-random binary sequence through the original password, wherein O and 1 in the pseudo-random binary sequence respectively represent whether the stored encryption block in the current block is a valid block or an interference block;

and uploading the effective block and the interference block into blocks in a block chain respectively.

encrypting the encryption share to obtain an encryption block, and generating a sequence number group initial sequence of the encryption block based on the preset encryption quantity;

acquiring text information input by a user, and generating ASCII codes for the text information;

generating a polynomial based on the binary sequence of the ascii code;

obtaining the extraction sequence of the encryption blocks through the polynomial calculation;

and according to the extraction sequence, extracting the encryption share from the sequence number group initial sequence, encrypting and uploading the encryption share to a block in a block chain, and storing the true sequence number of the encryption partition inserted into the block chain into the sequence number group.

Optionally, the step of splitting the original password to obtain a password share with a preset encryption number includes:

encoding the original password;

generating a higher order polynomial from the encoding;

and calculating coordinates through the high-order polynomial based on the preset encryption quantity to generate a password share of the preset encryption quantity.

Optionally, before the step of splitting the original password to obtain the password shares of the preset encryption number, the method further includes:

Acquiring the initial block number;

judging whether the initial block number meets safety setting or not;

if not, outputting the number of the blocks to set up a security prompt, and circularly executing the step of judging whether the number of the preset blocks meets the security setting or not until the number of the initial blocks meets the security setting, so as to obtain the preset encryption number.

The password recovery method comprises the following steps:

reading a preset number of encrypted shares from a blockchain, wherein the preset number is the minimum encrypted share number capable of being decrypted;

calculating a symmetric key, wherein the symmetric key is obtained by calculating a private key of a password owner and a corresponding public key of a blockchain or by calculating a private key of a share custodian and a corresponding public key of the blockchain on the same blockchain;

decrypting the encrypted portion using the symmetric key to obtain a cryptographic portion;

according to the password share, a Lagrange interpolation method is used for restoring a higher-order polynomial;

and obtaining an original password based on the high-order polynomial.

In addition, to achieve the above object, the present invention also provides a password storage device, including:

the acquisition module is used for acquiring an original password;

the password splitting module is used for splitting the original password to obtain password shares with preset encryption numbers, and the preset encryption numbers are at least two;

And the encryption module is used for storing the password share in different blocks of the blockchain.

Optionally, the acquiring module is further configured to:

receiving the original password created by the user through the web front end;

Optionally, the acquiring module is further configured to:

Optionally, the apparatus further comprises:

the salinized hash module is used for carrying out salinized hash encryption on the second password hash value to obtain a salinized value and a third password hash value;

Optionally, the salinized hash module is further configured to:

Optionally, the encryption module is further configured to:

encrypting the password share to obtain an effective block;

Optionally, the encryption module is further configured to:

generating a polynomial based on the binary sequence of the ascii code;

Optionally, the password splitting module is further configured to:

encoding the original password;

generating a higher order polynomial from the encoding;

Optionally, the password splitting module is further configured to:

acquiring the initial block number;

judging whether the initial block number meets safety setting or not;

In addition, to achieve the above object, the present invention also provides a password recovery apparatus, including:

the block acquisition module is used for reading a preset number of encrypted shares from the blockchain, wherein the preset number is the minimum encrypted share number capable of being decrypted;

the computing module is used for computing a symmetric key, wherein the symmetric key is obtained by computing a private key of a password owner and a corresponding public key of a blockchain or by computing a private key of a share custodian and a corresponding public key of the blockchain on the same blockchain;

The decryption module is used for decrypting the encrypted share by using the symmetric key to obtain a password share;

the interpolation reduction module is used for reducing a higher-order polynomial by using a Lagrange interpolation method according to the password share;

and the original password recovery module is used for obtaining an original password based on the high-order polynomial.

In addition, to achieve the above object, the present invention also provides a password save and restore apparatus, the apparatus comprising: a memory, a processor, and a password save and restore program stored on the memory and executable on the processor, the password save and restore program configured to implement the steps of the password save and restore program method as described above.

In addition, in order to achieve the above object, the present invention also provides a storage medium having stored thereon a password save and restore program which, when executed by a processor, implements the steps of the password save and restore program method as described above.

The method, the device, the equipment and the storage medium for password saving and restoring provided by the embodiment of the invention are characterized in that a user creates a password in a web front-end page, the web front-end encrypts an original password by using a public key of a web application server, calculates the original password by using a hash algorithm to obtain a first password hash value, and sends the encrypted original password and the first password hash value to the web back-end; the web back end decrypts the original data by using a local private key, hashes the original data to determine whether the received first password hash value is consistent with the calculated second password hash value, if so, performs salted hash encryption on the original password, and stores the salted value and the third password hash value locally for subsequent verification of the user input password; and splitting the original password, storing the split original password into a blockchain network, and deleting the local original password. When the user forgets the password, the user can trace back the blockchain, take out the self-collected password shares from the blockchain, and recover the original password after collecting enough password shares. By using the method disclosed by the patent, when a user registers and creates a password in a web application, the password can simultaneously use two storage mechanisms: the cryptographic salted hash is saved to the database and the original cryptographic split is saved to the blockchain. The method ensures that an attacker cannot restore and crack the original password according to the hash value even if the attacker breaks the database, meanwhile, password verification work can be completed through simple hash comparison during password verification, the original password is split by using a high-order polynomial, and the split password share and the original password have no direct relation, namely the original password cannot be restored according to one or a small number of password shares; by using Lagrangian interpolation, it is ensured that when a sufficient number of cryptographic shares are collected, the original cryptographic can be quickly restored by mathematical calculations.

Drawings

FIG. 1 is a schematic diagram of a password save and restore device for a hardware runtime environment according to an embodiment of the present invention;

FIG. 2 is a flowchart of a first embodiment of a password storage method according to the present invention;

FIG. 3 is a flowchart of a second embodiment of a method for password storage according to the present invention, in which a web front end obtains an original password;

FIG. 4 is a diagram illustrating steps for encrypting and storing a cryptographic share according to a third embodiment of the present invention;

FIG. 5 is a flowchart illustrating a password splitting and storing process according to an embodiment of the present invention;

FIG. 6 is a schematic diagram illustrating an embodiment of a password recovery method according to the present invention;

FIG. 7 is a system architecture diagram of an embodiment of a password save and restore method of the present invention;

FIG. 8 is a schematic diagram of a functional module of an embodiment of a password storage method according to the present invention;

fig. 9 is a schematic diagram of a functional module of an embodiment of a password recovery method according to the present invention.

The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.

Detailed Description

It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.

Referring to fig. 1, fig. 1 is a schematic diagram of a password saving and recovering device of a hardware running environment according to an embodiment of the present invention.

As shown in fig. 1, the password save and restore apparatus may include: a processor 1001, such as a central processing unit (Central Processing Unit, CPU), a communication bus 1002, a user interface 1003, a network interface 1004, a memory 1005. Wherein the communication bus 1002 is used to enable connected communication between these components. The user interface 1003 may include a Display, an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may further include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a WIreless interface (e.g., a WIreless-FIdelity (WI-FI) interface). The Memory 1005 may be a high-speed random access Memory (Random Access Memory, RAM) Memory or a stable nonvolatile Memory (NVM), such as a disk Memory. The memory 1005 may also optionally be a storage device separate from the processor 1001 described above.

It will be appreciated by those skilled in the art that the structure shown in fig. 1 does not constitute a limitation of the password save and restore apparatus, and may include more or fewer components than shown, or may combine certain components, or may have a different arrangement of components.

As shown in fig. 1, an operating system, a data storage module, a network communication module, a user interface module, and a password save and restore program may be included in the memory 1005 as one type of storage medium.

In the password save and restore device shown in fig. 1, the network interface 1004 is mainly used for data communication with other devices; the user interface 1003 is mainly used for data interaction with a user; the processor 1001 and the memory 1005 in the password saving and restoring apparatus of the present invention may be provided in the password saving and restoring apparatus, which invokes the password saving and restoring program stored in the memory 1005 through the processor 1001 and performs the password saving and restoring method provided by the embodiment of the present invention.

An embodiment of the present invention provides a method for saving a password, referring to fig. 2, fig. 2 is a schematic flow chart of a first embodiment of a method for saving a password according to the present invention.

In this embodiment, the password storage method includes:

step S10, obtaining an original password;

step S20, splitting the original password to obtain password shares with preset encryption numbers, wherein the preset encryption numbers are at least two;

step S30, the password shares are stored in different blocks of the blockchain.

The password preservation method is applied to the field of blockchain. Aiming at the specific application scene of web application password preservation and recovery, a method for splitting the password into a plurality of desensitized shares and recovering the password according to partial shares is provided based on a blockchain technology, an ECC (elliptic curve encryption) algorithm and a Lagrange interpolation method. The method is characterized in that the original password is encoded and then split, a plurality of password shares are obtained after splitting, a user can encrypt one or a plurality of password shares and write the encrypted password shares into a blockchain by utilizing a blockchain technology, after the user forgets the password, the user can trace back the blockchain, take out the self-collected password shares, and the original password can be recovered after collecting enough password shares without traversing the blockchain by utilizing the method. In addition, the embodiment can ensure the security of the password share by delivering the password share to a plurality of custodians for custody in a manner of encrypting and storing the password share into the blockchain.

The following will explain each step in detail:

step S10, obtaining an original password;

in one embodiment, an original password is obtained. Generally, a user performs password setting through account registration and password setting functions provided by a mobile phone end web application and a computer end web application. In this embodiment, the password input by the user is used as the original password, that is, the original password set by the user at the input end is obtained through the web back end. The composition of the original password is typically in digital form.

in an embodiment, the original password is split to obtain password shares with a preset encryption number, and the preset encryption number is at least two. Specifically, the original password may be converted into data with larger data quantity by means of character coding, for example, the original password may be composed of 7 digits, and then the 7 digits are set to be decimal format data, after the original password is converted into binary, the data quantity is increased, and the original password is more easily split into multiple parts. The original cryptographic encoding is simply to more conveniently divide the data into smaller pieces to further process the cryptographic data into manageable blocks so that the blocks may be distributed across multiple nodes. The preset encryption quantity is the number of split parts of the original password set by the user or the system, if the user password is split into only one piece, namely, the password is encrypted and then uploaded once, the method is low in safety, so that the embodiment divides the original password of the user into at least two parts, namely, the password share is at least two parts, in order to ensure the safety of the original password.

Step S30, storing the password shares in different blocks of a blockchain;

in one embodiment, the split-up portion of the original password is encrypted and stored in a block of the blockchain. The cryptographic shares are uploaded to the blockchain for storage, and it should be noted that the cryptographic shares may be uploaded to different blocks, that is, the cryptographic share stored in each block is not limited, and a cryptographic share may be stored in one block. Assuming that there are A, B, C, D, E shares, A and B may be encrypted together in partition 1, B may be encrypted in partition 2, C in partition 3, and D and E in partition 4. The cryptographic share encryption method may specifically be that the blockchain storage system generates a unique hash, i.e., a fixed-length encrypted output string, from the cryptographic share data. The exact method of generating the hash varies from system to system.

The block generation and the uplink process on the blockchain are as follows:

the structure before signing contains the information of the called contract, the time stamp, the random number, the calling function plus data and the like. After the data before signing is processed, the data is subjected to one-time hash processing, and the hash is signed. The hash is a string of values bound with the data, and the hash value is changed due to the fact that the information is tampered, so that the hash has tamper-proof characteristics.

The hash value of the information is then signed. The signature is an asymmetric encryption method, and the sender can be confirmed to hold the corresponding private key through the public key and the signature information under the condition that the private key of the sender is not revealed. Signing the hash can also bind the identity of the sender with the information, and can prevent other people from impersonating the sender, so that the processing can ensure the tamper resistance of the information and authenticate the identity of the sender at the same time, thereby preventing repudiation.

The processing stage before service uplink mainly converts service data into a block chain readable mode through a tool, binds the identity of a sender with the sending information through a signature, plays roles of identity authentication and repudiation prevention, and finally sends the processed information to a block chain node. The uplink pre-processing is centralized and these processes do not involve blockchain nodes, so nodes are not required to participate in this stage. Some systems, such as edge computing systems, have limited performance and storage space, and are not suitable for use as blockchain nodes, but can serve as a platform for business uplink preprocessing. The current node sends the prepared block to the user on the chain. After each user receives the transaction, the received transaction is broadcast to other nodes so as to form a unified transaction pool to prepare for consensus. The application scene of the embodiment of the invention is a alliance chain. Because the alliance chain has a certain admittance mechanism, the partner can send the transaction, so the principle of processing the transaction is to pack the transaction which can be processed into blocks as much as possible.

The block mainly comprises block hash, block header and transaction data information, wherein the block header generally comprises consensus information, a time stamp, block height and the like, and records the hash of the previous block to point to the previous block; the transaction data comprises hashes of the packaged transactions in the block, and the transactions need to be ordered according to a unified sequence; after validating the block header and hash, the block hash can be calculated. Thus, the chain is formed by connecting the hash of the previous block and the hash of the previous block, the content of any block on the chain is modified to enable the hash of the previous block of the following block to be different from the modified hash, and therefore, the block has the tamper-proof characteristic. The modification can only be done if the contents of the block and all blocks in the future are modified and each node is modified in the same way. The main purpose of the consensus is to generate blocks in some agreed manner that can be accepted by most nodes. For the alliance chain, the consensus algorithm needs to keep the block data of the nodes consistent as much as possible, so that the block can be stopped under the condition that a certain number of nodes have network problems. The block hash, the block header and the transaction data are contents of a block before the encryption block is added to the block, and after the encryption block data is added, the encryption block data can be combined with the transaction data to be called a block body, and in an actual application scenario of an embodiment, the block body can be called a "web application password block", and the web application password block comprises: the blocks and the traffic data are encrypted.

After the consensus phase is completed, the blocks of each node remain consistent. The traffic data at this time obtains data acknowledged and traceable by each node. After the uplink processing is completed, for the service of simple evidence, the storage of the current block is completed. The processed result is written into a contract state database, and the database contains historical states besides the latest state, thereby being convenient for tracing and inquiring.

Further, in one embodiment, the original password is deleted locally.

In one embodiment, the locally stored original password is deleted. It can be appreciated that, when the original password is split and stored in the blockchain, the original password stored locally is deleted, so that the original password can be prevented from passing the password verification when the original password stored locally is maliciously acquired. When the user needs to verify the identity, the user identity is confirmed by comparing the password hash value input by the user with the stored original password hash value.

According to the method, the original password is split to obtain the password share with the preset encryption quantity, the web application password data block (encryption data) is obtained through encryption and is used as block data of a certain blockchain or part of data in the block, and the uplink operation is carried out after the user authorization, so that the split storage of the original password of the user is realized, and the user can retrieve the related password from the blockchain record when forgetting the password. Therefore, the problem that password information is completely lost due to irreversible faults of the database when the user password exists in the database can be avoided.

Further, based on the first embodiment of the password storage method of the present invention, a second embodiment of the password storage method of the present invention is proposed.

Referring to fig. 3, fig. 3 is a schematic flow chart of an original password obtained by a web front end according to a second embodiment of the password storage method of the present invention, where the second embodiment of the password storage method is different from the first embodiment of the password storage method in that, before the step of obtaining the original password, the method further includes:

step S11, receiving the original password created by the user through the web front end;

step S12, encrypting the original password through the web front end by using the public key of the web application server to obtain an encrypted password;

and S13, carrying out hash encryption on the original password through the web front end to obtain a first password hash value, and transmitting the encrypted password and the first password hash value to the web back end.

In this embodiment, the web front end receives the original password, encrypts the original password to obtain an encrypted password, and hashes the encrypted password to obtain a first password hash value. And transmitting the first password hash value and the encrypted password to the web back end through the web front end, so that the encrypted transmission of the original password is realized.

The following will explain each step in detail:

in one embodiment, a user receives a user-created original password at a front end of a web application. For example: when the user clicks the "create account" link in the login page, a registry is displayed in which the user enters his own information and password.

in one embodiment, a public-private key is first prepared, specifically, the web application provides a public-private key of ECDSA (Elliptic Curve Digital Signature Algorithm ), which is a public-private key that the web application registers for use in the blockchain. When creating the password, the user inputs the original password at the front end, and the web application front end encrypts the password by using the ECDSA public key of the application to obtain an encrypted password.

In one embodiment, the front end performs hash computation on the encrypted password to obtain a first password hash value, and the encrypted password and the first password hash value are transmitted to the web application back end through a secure channel. Specifically, the SHA256 algorithm may be used to hash the original password to obtain a password hash; where SHA-2, the name comes from the abbreviation of secure hash algorithm 2 (English: secure Hash Algorithm), a cryptographic hash function algorithm standard, SHA256 is one of the algorithm standards, and SHA256 generates a 256-bit hash value, called message digest, for messages of arbitrary length. This summary corresponds to an array of 32 bytes in length, typically represented by a hexadecimal string of 64 bytes in length, where 1 byte = 8 bits and a hexadecimal character is 4 bits in length. It should be noted that the hash algorithm is not limited herein, and the SH256 algorithm is used herein as a preferred embodiment.

Further, in an embodiment, the step of obtaining the original password includes:

step S14, when the encrypted password and the first password hash value transmitted by the web front end are received, the encrypted password is decrypted by using a local private key, and original data are obtained;

In one embodiment, when the web back end receives the encrypted password transmitted by the web front end, the back end decrypts the encrypted password by using the local private key to obtain the original data. It can be appreciated that when the web backend receives the encrypted password and the first password hash value, verification is required to ensure that the corresponding encrypted password to be processed is transmitted, and therefore the hash value of the encrypted password needs to be verified. The private key corresponds here to the public key described above and is therefore the ECDSA private key. It should be noted that, the process of decrypting using the ECDSA private key is the prior art, and thus will not be described in detail herein.

Step S15, carrying out hash on the original data through a hash algorithm to obtain a second password hash value;

in one embodiment, the web backend hashes the original data using a hashing algorithm to obtain a second cryptographic hash value corresponding to the original data. Specifically, the original password may be hashed by SHA256. It will be appreciated that the hash algorithm used in the hash of this step is a hash algorithm corresponding to the front-end encryption process, and the hash algorithm used in the back-end to hash the original data is SHA256 if SHA256 is used in the front-end to hash the same. The algorithm is not limited as long as a hash value can be calculated.

Step S16, judging whether the second password hash value is consistent with the first password hash value;

in an embodiment, after the hash calculation obtains the second password hash value, it is determined whether the second password hash value is consistent with the first password hash value. By comparing whether the first password hash value transmitted from the front end is consistent with the second password hash value calculated by the front end, the verification of the encrypted password can be realized.

And S17, if the original data are consistent, taking the original data as the original password.

In an embodiment, if the first cryptographic hash value and the second cryptographic hash value are identical, since the hash values have uniqueness, it is the data corresponding to the original password of the user that is the original data that is transmitted.

Further, in an embodiment, after the step of taking the original data as the original password if the two data are identical, the method further includes:

s18, performing salted hash encryption on the second password hash value to obtain a salted value and a third password hash value;

and step S19, storing the salted value and the third password hash value into a database for subsequent verification of the user input password.

In one embodiment, the second cryptographic hash value is re-salted Ha Xihou to the database and the cryptographic hash is compared only in the subsequent cryptographic verification process. Specifically, the sha256 algorithm can be used for carrying out salted hash on the password and storing the password in the database, so that an attacker cannot restore and crack the original password according to the hash value even if the attacker breaks the database, and meanwhile, password verification work can be completed through simple hash comparison during password verification.

It is known that if a password is hashed directly, a hacker can obtain a password for a user by obtaining this password hash value and then by looking up a hash value dictionary (e.g., MD5 password cracking web site). Salt addition can solve the problem to a certain extent. The salt adding method is to add a point of "seasoning". When a user first provides a password (typically at registration), some "seasoning" is automatically spilt into this password by the system and then hashed. When the user logs in, the system sprinkles the same "seasoning" on the code provided by the user, then hashes, and then compares the hashed values to determine if the password is correct. The "seasoning" is referred to herein as the "Salt value" which is randomly generated by the system and is known only to the system. Thus, even if two users use the same password, their hash values are different because the salt values that the system generates for them are different. Since the "same" seasoning is used when verifying the password as when the password was initially hashed. The Salt value is stored in the database. Thus, the salted value and the third cryptographic hash value are stored in a database.

In this embodiment, the original password is received through the web front end, the public key of the application server is used to encrypt the original password to obtain an encrypted password, and further, hash encryption is performed through the web front end to obtain a first password hash value. After the web back end receives the first password hash value and the encrypted password, decryption and hash are carried out to obtain a second password hash value, whether the second password hash value is identical to the first password hash value or not is judged, so that an original password is obtained, and further, the second password hash value is subjected to salted hash and is stored in a database. The method ensures that an attacker cannot restore and crack the original password according to the hash value even if the attacker breaks the database, and meanwhile, password verification work can be completed through simple hash comparison during password verification.

Further, based on the first and second embodiments of the password storage method of the present invention, a third embodiment of the password storage method of the present invention is provided.

Referring to fig. 4, fig. 4 is a schematic diagram illustrating steps of encrypting and storing a portion of a password according to a third embodiment of the present invention, wherein the third embodiment of the password storing method is different from the first and second embodiments of the password storing method in that the steps of encrypting and storing the portion of the password in a block in a blockchain include:

Step S31, encrypting the password share to obtain an effective block;

step S32, randomly generating interference blocks with preset interference quantity, wherein the interference blocks and the effective blocks have the same format;

step S33, encrypting a pseudo-random binary sequence through the original password, wherein O and 1 in the pseudo-random binary sequence respectively represent whether the stored encrypted block in the current block is a valid block or an interference block;

and step S34, uploading the effective block and the interference block to the blocks in the block chain respectively.

According to the embodiment, the interference block is inserted in the process of encrypting and uploading the password share to the blockchain, so that uploading of the password share is protected, and part of blocks in the blockchain are blocks which do not contain password information, so that the effect of 'confusing audio-visual' is achieved.

The following will explain each step in detail:

step S31, encrypting the password share to obtain an effective block;

in one embodiment, the cryptographic shares are encrypted to obtain valid blocks. Specifically, the encryption method for encrypting the cryptographic shares to upload to the blockchain is not limited, and is specifically selected according to the blockchain or actual requirements, for example, a common symmetric encryption technology is adopted, and each block of data containing the cryptographic shares is independently encrypted by using the same key, so as to obtain an encrypted data block, namely a valid block.

in one embodiment, after encrypting the crypto portion to obtain a valid block, a predetermined number of interfering blocks are randomly generated. It will be appreciated that to further secure the crypto-share in the blockchain, an interfering block of the same format as the valid block containing the crypto-share is generated, as both the valid block and the interfering block are encrypted and stored in the blockchain. Then it cannot be determined whether the data contained in the broken blockchain is a true crypto share or otherwise interferes with the data when the blockchain is under attack.

The preset interference quantity can be set according to the user demand, and can also be set by the system.

In one embodiment, a "total security code a" may be set by the user, which may be modified, and the user must keep in mind "total security code a" which will encrypt a pseudo-random 2-ary sequence B. O and 1 in the sequence represent whether the "web application cryptographic block" stored in the current block is a "valid block" or an "interfering block", respectively. Since cryptographic applications mostly use algorithms to generate random numbers. These algorithms are deterministic, so the resulting sequence is not statistically random, and so such numbers are commonly referred to as pseudo-random numbers. Since we also need to know which of the blocks are actually holding valid blocks during the subsequent recovery of the original cipher, we preserve the relevant information by pseudo-random binary sequences. And uploading the effective blocks and the interference blocks into the block of the block chain, or uploading the interference blocks and the effective blocks as the block of the block chain.

Further, in an embodiment, the step of storing the encrypted portion of the password in a block in a blockchain includes:

step S35, encrypting the password share to obtain an encrypted block, and generating a sequence number group initial sequence of the encrypted block based on the preset encryption quantity;

step S36, acquiring text information input by a user, and generating ASCII codes for the text information;

step S37, generating a polynomial based on the binary sequence of the ASCII code;

step S38, calculating the extraction sequence of the encryption block through the polynomial;

and step S39, extracting the encrypted blocks from the initial sequence of the sequence number group according to the extraction sequence, uploading the encrypted blocks to different blocks in a blockchain, and storing the real sequence numbers of the encrypted blocks inserted into the blockchain into the sequence number group.

In this embodiment, a sequence number group is also protected that holds the "web application cryptographic chunking", or the actual order in which the cryptographic share encryption data is uploaded to the blockchain. And for the split encrypted web application password blocking, adopting a pseudo-disordered mode, and submitting the encrypted web application password blocking to different blocks in a block chain one by one according to the disordered sequence. The commit process is not done once, but rather, in the chunk generation process, each time a chunk is generated, the user commits a portion of the web application cryptographic chunk. If the user divides the WEB password into n blocks according to the algorithm, the user finishes the encryption block uploading of all the WEB application passwords from the time of submitting the first block to the time of newly generating the nth block by the block chain.

The following will explain each step in detail:

step S35, generating a sequence number group initial sequence of the password share;

in one embodiment, a corresponding sequence number set initial sequence is generated based on the uploaded cryptographic share. The sequence number group is an array for storing the uploading sequence of the password share. For example, the current web application password needs to be divided into 60 blocks for uploading, 60 password shares are obtained, the password shares are marked, and the initial sequence of the serial number group is [ 12 3 … 59 ].

in one embodiment, when the user performs system setting, a section of text is required to be input, and an ASC II code is generated according to text information input by the user. ASCII ((American Standard Code for Information Interchange): american standard code for information interchange) is a set of computer coding systems based on latin letters. ASCII codes represent 128 or 256 possible characters using specified 7-bit or 8-bit binary combinations. It should be noted that the text information may be the total security code set as described above, so that the user does not need to record multiple security codes.

in one embodiment, the system calculates the extraction order of the initial sequence order of the sequence number group according to the binary sequence of the ASCII code in a polynomial mode, and the rule is as follows:

let the binary sequence of the literal ascii code be C. And C is partitioned by taking L as a window, and zero is filled into 1 block if the number of the blocks is less than one. The blocks are exclusive-ored one by one, the L binary numbers are obtained finally, 1 in the binary numbers are added, and the addition result represents the sequence number from the initial sequence of the sequence number group. For example, there are 5 1 s in a certain binary sequence, then the crypto-share of sequence number 5 is extracted from the initial sequence for encryption uploading. The specific bit generation polynomial is:

G(D)＝[D ⁷ +D ⁶ +D ⁵ +D ³ +D+1]

assuming that the initial sequence character number of the sequence number group is L, after a user inputs binary information of the text ASCII code, the binary information is processed by the polynomial, and an idx is obtained each time, wherein the value range of the idx is as follows: idx is more than or equal to 1 and L is more than or equal to L. After each idx, l=l-1. Sequence numbers of the sequence number group insertion blockchain are generated accordingly.

Step S39, according to the extraction sequence, the encryption of the password share is extracted from the initial sequence of the sequence number group and uploaded to the block in the block chain, and the true sequence number of the password share inserted block chain is saved in the sequence number group.

In one embodiment, after the extraction order is calculated, the extracted crypto shares are encrypted and uploaded to the blockchain according to the calculated extraction order. And stores the true extraction order into the sequence number group. The security of the cryptographic shares is protected by randomly generating the order in which the cryptographic shares are uploaded.

According to the embodiment, when the password share is generated, disorder and insertion interference processing are carried out on the password share, the real sequence after disorder is stored as a sequence number group, interference conditions are recorded through a sequence, and the sequence number group and the sequence are stored in an encrypted mode by utilizing the total security password of the user, so that the password share encryption and chaining process is safer.

Further, based on the previous embodiment of the method for saving a password of the present invention, a fourth embodiment of the method for saving a password of the present invention is provided, and the fourth embodiment of the method for saving a password of the present invention is different from the previous embodiment in that the step of splitting the original password to obtain a password share of a preset encryption number includes:

step S21, the original password is encoded;

in one embodiment, the original password is encoded, specifically, the original password may be encoded into a hexadecimal string, and then the hexadecimal string is converted into a decimal positive integer, where the decimal positive integer is denoted as a_0 for convenience of subsequent description.

Step S22, generating a higher order polynomial according to the code;

in one embodiment, after encoding to obtain the encoding of the original password, a higher order polynomial is generated. Specifically, a polynomial of order t in the Zp (p is a large prime number, zp is an integer domain from 0 to p-1) domain is generated, the 0 th order coefficient of the polynomial is set to a_0, and the other coefficients are randomly generated, the polynomial is as follows:

y＝a ₀ +a ₁ x+a ₂ x ² +...+a _t x ^t (modp)

step S23, based on the preset encryption quantity, calculating coordinates through the high-order polynomial to generate a password share of the preset encryption quantity.

In one embodiment, the corresponding number of coordinates, i.e. the cryptographic shares, is calculated from the predetermined number of encryptions by means of a higher order polynomial. Specifically, assuming that the password is to be split into n parts (n > t+1), x=1, 2,3,..n is taken into the above polynomials to calculate the y-value, respectively, resulting in n coordinates: (1, y_1), (2, y_2), (3, y_3), and (n, y_n). Let n coordinates be n crypto shares, denoted share_i (i=1, 2,3,..and n).

Referring to fig. 5, fig. 5 is a flowchart illustrating a password splitting and storing method according to an embodiment of the present invention, in this embodiment, an original password is first encoded into numbers, a higher order polynomial is further generated, and coordinates are calculated as password shares.

Further, in an embodiment, before the step of splitting the original password to obtain the password shares of the preset encryption number, the method further includes:

step S24, obtaining the initial block number;

in an embodiment, the initial block number is obtained, where the initial block number is the block number set by the user, but the block number may affect the security of the password to some extent, for example, setting 1, that is, uploading is completed once after encrypting the password, which is obviously that no multi-block out-of-order uploading is safe. Therefore, to further secure the secure preservation of the cryptographic shares, the initial number of blocks set by the user is first obtained.

Step S25, judging whether the initial block number meets safety setting;

and S26, if not, outputting a block number setting safety prompt, and circularly executing the step of judging whether the preset block number meets the safety setting or not until the initial block number meets the safety setting, so as to obtain the preset encryption number.

In one embodiment, it is determined whether the initial number of tiles set by the user satisfies the security setting, and if the security setting is not satisfied, a security hint is output for the number of tiles set. Wherein, the safety setting is the system preferably minimum block setting quantity, and the requirement of the safety setting can be adjusted according to the actual situation. If the initial block number is smaller than the safety setting number, judging that the preset block number does not meet the safety setting. In order to ensure the security of the user password, the initial block number set by the user is required to meet the security setting to confirm the preset encryption number, namely the split number of the original password.

The number of the blocks is set to be a security prompt, and the prompt can be performed in a text mode in an application system, for example, the user is informed that the web application password encryption block is set to be more than s blocks (for example, s > 10) to be safer. Here s may be adjusted based on factors such as the rate of generation of each block on the blockchain, i.e., the number of cryptographic shares may be determined based on the rate at which the blockchain generates blocks. For example, the block generation speed on a blockchain is 10 blocks per hour (average 6 minutes of one block), and the user can consider that each web application password allows uploading to be completed within 6 hours, and thus can be divided into 10×6=60 blocks. It should be noted that, here, consider the case where the user sets up "web application password encryption block" and then turns off after saving. The web application password encryption block is accessed to the block chain after the user is started next time, and the block uploading is continued in the period.

If the user sets the "web application password encryption block" to save, the block uplink may not be completed in the time before the power-off due to the lack of power of the device or the active power-off of the user. The application may prompt the user that the "web application cryptographic chunking" uplink process is not complete. The program provides options including "continue to be booted next time" and "fast monolithic chaining". Wherein the "fast monolithic uplink" option would pack the remaining blocks into one candidate block, attempting to complete the uplink before shutdown. If not, the next start-up subsequent set communication is waited.

The embodiment uses a randomly generated higher order polynomial to store password information, and uses polynomial coordinates as the split password shares; in addition, when the password shares are divided, whether the initial encryption quantity meets the security setting is judged, so that the preset encryption quantity with higher security is obtained, and the split password shares are safer.

Further, the present invention provides a password recovery method, referring to fig. 6, fig. 6 is a schematic diagram of an embodiment of the password recovery method of the present invention.

In this embodiment, the password recovery method includes:

step S40, reading a preset number of encrypted shares from the blockchain, wherein the preset number is the minimum encrypted share number capable of being decrypted;

step S50, calculating a symmetric key, wherein the symmetric key is obtained by calculating a private key of a password owner and a corresponding public key of a blockchain or by calculating a private key of a share custodian and a corresponding public key of the blockchain on the same blockchain;

step S60, decrypting the encrypted share by using the symmetric key to obtain a password share;

step S70, according to the password share, a Lagrange interpolation method is used for restoring a higher order polynomial;

and step S80, obtaining an original password based on the high-order polynomial.

The embodiment provides a password recovery method, which aims at the problem that a user forgets an original password, and can recover a higher-order polynomial by using a Lagrange interpolation method according to the collected password shares so as to recover the original password.

The following will explain each step in detail:

in one embodiment, it is assumed that m (m=t+1) shares need to be collected to recover the original password, and the shares to be collected are: share_i (i=1, 2 3./v m). First read from the blockchain to encrypted shares es_i (i=1 2, 3, a m). The public and private keys are obtained according to ECDSA (Elliptic Curve Digital Signature Algorithm ).

in one embodiment, the owner of the password is denoted as user_0, and the identity of user_0 in the blockchain, i.e., the public key and the private key, are denoted as: p_0 and s_0. Calculating a symmetric key secret _ i (i=1, 2, 3,..and m), if user _0 loses its own private key s _0, then the user_i (i=1, 2, 3, the.. m) ask for a symmetric key (user i calculates a symmetric key using the formula secret i=s i x P0), if user_0 holds its own private key properly, it is calculated using the formula secret_i=s_0×p_i. It will be appreciated that the essence of the private key is a large positive integer, the essence of the public key is a point on the elliptic curve, and if the private key is denoted as s and the public key is denoted as P, they satisfy the following formula: p=s×g, where G is a base point, a fixed point on the elliptic curve, where the multiplication is a multiplication operation on the elliptic curve that satisfies the distribution law. That is, the symmetric key may be restored by obtaining the private key of the other user on the elliptic curve.

in one embodiment, after the symmetric key is obtained, the encrypted shares are decrypted to obtain the cryptographic shares. According to the encryption process: encrypting the key share_i, the encryption key being denoted secret_i (i=1, 2, 3,..once., n), the encrypted share being denoted es_i, the generation formula of the encryption key secret_i being as follows:

secret_i＝s_0×P_i

correspondingly, at decryption, the secret_i is used to decrypt es_i to obtain the share share_i.

in one embodiment, m crypto shares are obtained, i.e., t+1 coordinates (i, y_i) (i=1, 2, 3,..once, t+1) from which a unique t-th order polynomial is recovered using lagrangian interpolation: y=a ₀ +a ₁ x+a ₂ x ² +...+a _t x ^t (modp)。

In one embodiment, the zero order coefficient a_0 is obtained by taking x=0 into a polynomial. It can be understood that key sharing is based on a geometric principle, a key is represented as a point coordinate in a two-dimensional space (an x-axis coordinate value is 0, and a y-axis value is a key number), then points in some spaces are randomly generated, the points and the points represented by the key are generated into a curve, the randomly generated points are key synthesis components shared to each key backup party, in theory, the points on the curve can be used as sharing components, so that when the password recovery is performed, only enough points are acquired, then a curve equation is calculated, x=0 is further caused, and the value of y, namely the key number is calculated. In general, assuming that at least t key backups are required to recover the key, then a polynomial is constructed: f (x) =a0+a1x+a2x2+ & gt-1 xt-1f (0) =a0 is the original key, and the polynomial can be solved by using lagrangian interpolation or variable elimination. And converting the a_0 into hexadecimal character strings, and decoding the hexadecimal character strings to obtain the original password.

Referring to fig. 7, fig. 7 is a system architecture diagram of an embodiment of a password save and restore method of the present invention, where the password save and restore system includes a terminal layer, a front-end container layer, an API interface layer, a platform function layer, an encoding layer, and a data storage layer; the method mainly comprises the steps of mainly providing web access service in a terminal layer, and based on a Vue framework, including a Vue page component, a Vue Router route configuration, a Vue state management and a UI component library in a front-end container layer; providing authentication service, authority service, user service, data service, coding service and decoding service at an API interface layer; at the platform function layer, the user can perform password verification, password acquisition, password splitting, uplink processing, share collection and password reduction; at the coding layer, mainly performing system user data collection, docking system data collection and business process coding; the data storage mainly comprises Mysql, redis and file storage. It should be noted that the system architecture diagram shown above is only an embodiment of the present invention, and is not meant to limit the password splitting and recovering system of the present invention.

According to the embodiment, the public and private keys of the password owner and the share custodian are utilized to calculate the symmetric key of the encrypted share, the encrypted share is decrypted by using the symmetric key, the password share is obtained, the higher-order polynomial is restored by utilizing the Lagrange interpolation method according to the collected password share, and then the original password is restored, so that the restoration problem when the user password is lost is solved. Meanwhile, since the encrypted secret key can be obtained only by the password owner and the share custodian through calculation, the password share is ensured not to be easily leaked, and meanwhile, the encrypted password share is stored on the blockchain, and the share data is ensured not to be easily lost.

The invention also provides a password storage device. Fig. 8 is a schematic diagram of a functional module of an embodiment of a password storage method according to the present invention. The device comprises:

an acquisition module 10 for acquiring an original password;

the password splitting module 20 is configured to split the original password to obtain a password share with a preset encryption number, where the preset encryption number is at least two;

an encryption module 30 for storing the cryptographic shares in different blocks of the blockchain.

Optionally, the acquiring module is further configured to:

receiving the original password created by the user through the web front end;

Optionally, the acquiring module is further configured to:

Optionally, the apparatus further comprises:

optionally, the salinized hash module is further configured to:

Optionally, the encryption module is further configured to:

encrypting the password share to obtain an effective block;

Optionally, the encryption module is further configured to:

generating a polynomial based on the binary sequence of the ascii code;

Optionally, the password splitting module is further configured to:

encoding the original password;

generating a higher order polynomial from the encoding;

Optionally, the password splitting module is further configured to:

acquiring the initial block number;

judging whether the initial block number meets safety setting or not;

The invention also provides a password recovery device. Fig. 9 is a schematic diagram of a functional module of an embodiment of a password recovery method according to the present invention. The device comprises:

The invention also provides a storage medium.

The storage medium of the present invention has stored thereon a password save and restore program which, when executed by a processor, implements the steps of the password save and restore method as described above.

The method implemented when the password saving and recovering program running on the processor is executed may refer to various embodiments of the password saving and recovering method of the present invention, which are not described herein.

It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.

The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.

From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) as described above, comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, or a network device, etc.) to perform the method according to the embodiments of the present invention.

The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.

Claims

1. A method of password preservation, the method being applied to a web backend, the method comprising:

acquiring an original password;

the cryptographic shares are stored in different blocks of a blockchain.

2. The password-preserving method of claim 1, wherein prior to the step of acquiring the original password, the method further comprises:

receiving the original password created by the user through the web front end;

3. The password preservation method of claim 2, wherein the step of obtaining the original password comprises:

4. The method of claim 3, wherein, if the two are identical, the step of using the original data as the original password is followed by the step of:

5. The method of claim 1, wherein the step of storing the encrypted portion of the password in a block in a blockchain comprises:

Encrypting the password share to obtain an effective block;

6. The method of claim 1, wherein the step of storing the encrypted portion of the password in a block in a blockchain comprises:

generating a sequence number group initial sequence of the password share;

generating a polynomial based on the binary sequence of the ascii code;

and according to the extraction sequence, extracting the encryption share from the sequence of the initial sequence number group, encrypting and uploading the encryption share to a block in a blockchain, and storing the true sequence number of the encryption share inserted blockchain into the sequence number group.

7. The method for preserving passwords as claimed in claim 1, wherein the step of splitting the original password to obtain a preset number of encrypted password shares comprises:

encoding the original password;

generating a higher order polynomial from the encoding;

8. The method of claim 1, wherein prior to the step of splitting the original password to obtain a predetermined number of encrypted shares, the method further comprises:

acquiring an initial encryption quantity;

judging whether the initial encryption quantity meets safety setting or not;

if not, outputting the block quantity to set up a security prompt, and circularly executing the step of judging whether the preset encryption quantity meets the security setting or not until the initial encryption quantity meets the security setting, so as to obtain the preset encryption quantity.

9. A method of password recovery, the method comprising:

and obtaining an original password based on the high-order polynomial.

10. A password storage device, the device comprising:

the acquisition module is used for acquiring an original password;

11. A password recovery device, the device comprising:

12. A password save and restore device, the device comprising: a memory, a processor, and a password save and restore program stored on the memory and executable on the processor, the password save and restore program configured to implement the steps of the password save and restore method of any one of claims 1 to 9.

13. A storage medium having stored thereon a password save and restore program which, when executed by a processor, implements the steps of the password save and restore method of any of claims 1 to 9.