CN117318952A - Block chain-based monitoring equipment authentication method, equipment and storage medium - Google Patents
Block chain-based monitoring equipment authentication method, equipment and storage medium Download PDFInfo
- Publication number
- CN117318952A CN117318952A CN202311117895.2A CN202311117895A CN117318952A CN 117318952 A CN117318952 A CN 117318952A CN 202311117895 A CN202311117895 A CN 202311117895A CN 117318952 A CN117318952 A CN 117318952A
- Authority
- CN
- China
- Prior art keywords
- equipment
- private key
- manager
- monitoring
- management center
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 25
- 238000012544 monitoring process Methods 0.000 title claims abstract description 23
- 238000003860 storage Methods 0.000 title claims abstract description 14
- 238000012806 monitoring device Methods 0.000 claims description 31
- 238000012795 verification Methods 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 8
- 238000005304 joining Methods 0.000 claims description 6
- 238000010586 diagram Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000004519 manufacturing process Methods 0.000 description 4
- 238000013461 design Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a monitoring equipment authentication method, equipment and a storage medium based on a blockchain, which are characterized in that a group public key can be issued to the blockchain by an equipment manager through combination of group signature and the blockchain, so that data integrity and usability are ensured.
Description
Technical Field
The present invention relates to the field of blockchain technologies, and in particular, to a blockchain-based monitoring device authentication method, device, and storage medium.
Background
Along with the development of the blockchain technology, the limitation of the traditional blockchain technology is gradually combined with various manufacturing production fields, for example, in the intelligent manufacturing and intelligent management fields, a large number of monitoring devices exist, the monitoring devices are usually connected with a server in advance and then monitor and transmit data, however, along with the continuous improvement of production requirements, some mobile monitoring devices or devices for monitoring mobile objects are used in a large amount, for example, the air quality monitoring in a park is realized, the cost of the large-area air quality monitoring devices is huge, the maintenance cost is increased by times, the requirements of the park can be well solved by the mobile air monitoring devices, however, in the actual use process, due to the fact that the different monitoring servers of the park are different, the mobile devices need to be re-authenticated each time, so that monitoring data can be uploaded, and the reality and effectiveness of the monitoring data and the data safety of the whole monitoring system are ensured.
Disclosure of Invention
In order to solve the technical problems, the invention provides a monitoring equipment authentication method, equipment and a storage medium based on a blockchain, which enable an equipment manager to issue a group public key to the blockchain through combination of group signature and the blockchain, ensure data integrity and availability.
The present invention is achieved by the following scheme, and in a first aspect, the present invention provides a blockchain-based monitoring device authentication method, the method is applicable to a blockchain-based monitoring system, the system includes a monitoring device, a device manager, a blockchain network, a monitoring server, and a device management center, and the method includes the following steps:
the initialization algorithm generates a device manager private key through inputting a security parameter, and an identity revealing private key and a group public key, wherein the device manager registers for monitoring devices in the blockchain network through the device manager private key in advance;
uploading an identity revealing private key to an equipment management center by an equipment manager, and storing by the equipment management center;
uploading a group public key to a blockchain network by an equipment manager for certification;
when a new monitoring device is added, firstly generating a device ID and a device private key by a device administrator, distributing the device private key to a corresponding monitoring device, receiving the private key by the monitoring device and storing the private key locally, and simultaneously, uploading and managing a corresponding group public key by the device administrator, wherein the device information comprises the device ID;
the equipment manager sends identity revealing information signed by the private key of the equipment manager to the equipment management center, the equipment management center verifies the private key signature of the equipment manager, verifies the identity revealing information after verification is passed, adds the newly added equipment into the equipment revealing list after verification is passed, and stores the hash value of the identity revealing information into the blockchain network after the private key signature of the equipment management center; the identity revealing information comprises an identity revealing value and an equipment ID;
generating authentication information by newly joining the monitoring device and sending an authentication request to the monitoring server, wherein the authentication information comprises a signature and a device ID formed based on a device private key and a group public key of the newly joining monitoring device;
the monitoring server receives the authentication information, acquires a group public key corresponding to the authentication information from the blockchain network according to the equipment ID in the authentication information, verifies the signature in the authentication information based on the acquired group public key, passes the verification, and uploads the authentication information of the equipment and an additional authentication result identifier to the blockchain network.
In a second aspect, the invention provides a computer device characterized by one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method as described in the first aspect above.
In a third aspect, the present invention provides a storage medium storing a computer program which, when executed by a processor, implements a method as described in the first aspect above.
The application has the following beneficial effects:
by combining the group signature and the blockchain, a device manager can issue a group public key to the blockchain, so that the data integrity and the availability are ensured, when the device manager generates a private key for monitoring equipment, in order to achieve a traceable target, a device management center is introduced into an authentication mechanism design to serve as an identity revealing manager in a group signature scheme, and the group signature can be revealed to correspond to a real signature member when required.
Drawings
Fig. 1 is a schematic structural diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to specific examples and figures of the specification. Those of ordinary skill in the art will be able to implement the invention based on these descriptions. In addition, the embodiments of the present invention referred to in the following description are typically only some, but not all, embodiments of the present invention. Therefore, all other embodiments, which can be made by one of ordinary skill in the art without undue burden, are intended to be within the scope of the present invention, based on the embodiments of the present invention. It should be noted that, in the case of no conflict, the embodiments and features in the embodiments may be combined with each other. The methods outlined in the examples of the present invention are all those known to those skilled in the art unless specifically stated otherwise.
Examples:
in this embodiment, a blockchain-based monitoring device authentication method is provided, and the method is applicable to a blockchain-based monitoring system, where the system includes a monitoring device, a device manager, a blockchain network, a monitoring server, and a device management center, and the method includes the following steps:
the initialization algorithm generates a device manager private key through inputting a security parameter, and an identity revealing private key and a group public key, wherein the device manager registers for monitoring devices in the blockchain network through the device manager private key in advance;
uploading an identity revealing private key to an equipment management center by an equipment manager, and storing by the equipment management center;
uploading a group public key to a blockchain network by an equipment manager for certification;
when a new monitoring device is added, firstly generating a device ID and a device private key by a device administrator, distributing the device private key to a corresponding monitoring device, receiving the private key by the monitoring device and storing the private key locally, and simultaneously, uploading and managing a corresponding group public key by the device administrator, wherein the device information comprises the device ID;
the equipment manager sends identity revealing information signed by the private key of the equipment manager to the equipment management center, the equipment management center verifies the private key signature of the equipment manager, verifies the identity revealing information after verification is passed, adds the newly added equipment into the equipment revealing list after verification is passed, and stores the hash value of the identity revealing information into the blockchain network after the private key signature of the equipment management center; the identity revealing information comprises an identity revealing value and an equipment ID;
generating authentication information by newly joining the monitoring device and sending an authentication request to the monitoring server, wherein the authentication information comprises a signature and a device ID formed based on a device private key and a group public key of the newly joining monitoring device;
the monitoring server receives the authentication information, acquires a group public key corresponding to the authentication information from the blockchain network according to the equipment ID in the authentication information, verifies the signature in the authentication information based on the acquired group public key, passes the verification, and uploads the authentication information of the equipment and an additional authentication result identifier to the blockchain network.
The embodiment has the advantages that by combining the group signature and the blockchain, a device manager can issue the group public key to the blockchain, so that the data integrity and the usability are ensured, and when the device manager generates the private key for the monitoring device, in order to achieve the traceable aim, a device management center is introduced into the authentication mechanism design to serve as an identity revealing manager in the group signature scheme, and the group signature can be revealed to correspond to a real signature member when needed.
Fig. 1 is a schematic structural diagram of an apparatus according to an embodiment of the present invention.
As shown in fig. 1, as still another embodiment of the present invention, there is provided a computer apparatus 100 including one or more Central Processing Units (CPUs) 101 which can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 102 or a program loaded from a storage portion 108 into a Random Access Memory (RAM) 103. In the RAM103, various programs and data required for the operation of the device 100 are also stored. The CPU101, ROM102, and RAM103 are connected to each other through a bus 104. An input/output (I/O) interface 105 is also connected to bus 104.
The following components are connected to the I/O interface 105: an input section 106 including a keyboard, a mouse, and the like; an output section 107 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker, and the like; a storage section 108 including a hard disk or the like; and a communication section 109 including a network interface card such as a LAN card, a modem, and the like. The communication section 109 is also connected to the I/O interface 105 as necessary via a network execution communication processing driver 110 such as the internet. A removable medium 111 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed on the drive 110 as needed, so that a computer program read out therefrom is installed into the storage section 108 as needed.
In particular, according to embodiments of the present disclosure, the method described in embodiment 1 above may be implemented as a computer software program. For example, embodiments disclosed herein include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the method described in any of the embodiments above. In such an embodiment, the computer program may be downloaded and installed from a network through the communication portion 109, and/or installed from the removable medium 111.
As yet another aspect, the present application also provides a computer-readable storage medium, which may be a computer-readable storage medium contained in the apparatus of the above-described embodiment; or may be a computer-readable storage medium, alone, that is not assembled into a device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the methods described herein.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or can be implemented by special purpose hardware in combination with computer instructions, for self-expressed parallel chain cross-chain transaction state synchronization information based on compressed account number addresses, which are compressed for the purpose of saving the number of transaction bytes, and which express asset type information. The design saves the number of transaction bytes, and can complete the synchronization of the states without the need of a main chain to pull the historical height blocks.
The units or modules described in the embodiments of the present application may be implemented by software, or may be implemented by hardware. The described units or modules may also be provided in a processor, for example, each of the units may be a software program provided in a computer or a mobile smart device, or may be separately configured hardware devices. Wherein the names of the units or modules do not in some cases constitute a limitation of the units or modules themselves.
The foregoing description is only of the preferred embodiments of the present application and is presented as a description of the principles of the technology being utilized. It will be appreciated by persons skilled in the art that the scope of the invention referred to in this application is not limited to the specific combinations of features described above, but also covers other embodiments which may be formed by any combination of features described above or their equivalents without departing from the spirit of the application. Such as the above-described features and technical features having similar functions (but not limited to) disclosed in the present application are replaced with each other.
Claims (3)
1. A blockchain-based monitoring device authentication method, wherein the method is applied to a blockchain-based monitoring system, the system comprising a monitoring device, a device manager, a blockchain network, a monitoring server and a device management center, the method comprising the steps of:
the initialization algorithm generates a device manager private key through inputting a security parameter, and an identity revealing private key and a group public key, wherein the device manager registers for monitoring devices in the blockchain network through the device manager private key in advance;
uploading an identity revealing private key to an equipment management center by an equipment manager, and storing by the equipment management center;
uploading a group public key to a blockchain network by an equipment manager for certification;
when a new monitoring device is added, firstly generating a device ID and a device private key by a device administrator, distributing the device private key to a corresponding monitoring device, receiving the private key by the monitoring device and storing the private key locally, and simultaneously, uploading and managing a corresponding group public key by the device administrator, wherein the device information comprises the device ID;
the equipment manager sends identity revealing information signed by the private key of the equipment manager to the equipment management center, the equipment management center verifies the private key signature of the equipment manager, verifies the identity revealing information after verification is passed, adds the newly added equipment into the equipment revealing list after verification is passed, and stores the hash value of the identity revealing information into the blockchain network after the private key signature of the equipment management center; the identity revealing information comprises an identity revealing value and an equipment ID;
generating authentication information by newly joining the monitoring device and sending an authentication request to the monitoring server, wherein the authentication information comprises a signature and a device ID formed based on a device private key and a group public key of the newly joining monitoring device;
the monitoring server receives the authentication information, acquires a group public key corresponding to the authentication information from the blockchain network according to the equipment ID in the authentication information, verifies the signature in the authentication information based on the acquired group public key, passes the verification, and uploads the authentication information of the equipment and an additional authentication result identifier to the blockchain network.
2. A computer device, characterized by one or more processors;
a memory for storing one or more programs,
the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of claim 1.
3. A storage medium storing a computer program, which when executed by a processor implements the method of claim 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311117895.2A CN117318952A (en) | 2023-09-01 | 2023-09-01 | Block chain-based monitoring equipment authentication method, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311117895.2A CN117318952A (en) | 2023-09-01 | 2023-09-01 | Block chain-based monitoring equipment authentication method, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117318952A true CN117318952A (en) | 2023-12-29 |
Family
ID=89259291
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311117895.2A Pending CN117318952A (en) | 2023-09-01 | 2023-09-01 | Block chain-based monitoring equipment authentication method, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117318952A (en) |
-
2023
- 2023-09-01 CN CN202311117895.2A patent/CN117318952A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110490305B (en) | Machine learning model processing method based on block chain network and node | |
| US10997125B2 (en) | Proof of lottery (PoL) blockchain | |
| US20190013948A1 (en) | Internet of things blockchain interface | |
| US9893896B1 (en) | System and method for remote storage auditing | |
| EP3887991A1 (en) | Enhanced privacy federated learning system | |
| US20220232014A1 (en) | Vehicle communication method, apparatus, storage medium and program product | |
| CN112732297A (en) | Method and device for updating federal learning model, electronic equipment and storage medium | |
| WO2023124219A1 (en) | Joint learning model iterative update method, apparatus, system, and storage medium | |
| CN108650289A (en) | A kind of method and apparatus of the management data based on block chain | |
| CN111291420B (en) | Distributed off-link data storage method based on block chain | |
| CN112231755A (en) | Data authorization method, device and system based on block chain | |
| CN113141404B (en) | Intelligent gateway and data sharing system | |
| CN113177092B (en) | Sharing method, alliance chain and system for ship manufacturing inspection data | |
| CN114024723A (en) | Online signing method, device, equipment and medium based on ESOP system | |
| CN117318952A (en) | Block chain-based monitoring equipment authentication method, equipment and storage medium | |
| CN116596094A (en) | Data auditing system, method, computer equipment and medium based on federal learning | |
| CN114095200B (en) | Resource access authority management method and device, electronic equipment and medium | |
| CN112926981B (en) | Transaction information processing method, device and medium for block chain and electronic equipment | |
| CN113051585B (en) | Data verification method and device, electronic equipment and storage medium | |
| CN114329368A (en) | Transaction account management method and device, computer readable medium and electronic equipment | |
| CN113344551A (en) | Multi-head credit granting method, device, equipment and medium based on zero-knowledge proof technology | |
| CN112165527A (en) | File distribution method, file distribution device and electronic equipment | |
| CN107612763A (en) | Metadata management method, application server, operation system, medium and controller | |
| CN117081824A (en) | Hierarchical blockchain data sharing method, device and storage medium | |
| CN117097537A (en) | Block chain broadcast data verification optimization method, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |