CN108764904B - Double-key anti-theft method in distributed account system - Google Patents
Double-key anti-theft method in distributed account system Download PDFInfo
- Publication number
- CN108764904B CN108764904B CN201810513403.4A CN201810513403A CN108764904B CN 108764904 B CN108764904 B CN 108764904B CN 201810513403 A CN201810513403 A CN 201810513403A CN 108764904 B CN108764904 B CN 108764904B
- Authority
- CN
- China
- Prior art keywords
- transaction
- code
- character string
- key
- operation code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 239000002131 composite material Substances 0.000 claims abstract description 24
- 238000012546 transfer Methods 0.000 claims abstract description 16
- 238000012795 verification Methods 0.000 claims description 11
- 150000001875 compounds Chemical class 0.000 claims description 2
- 230000009286 beneficial effect Effects 0.000 description 3
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- Strategic Management (AREA)
- Finance (AREA)
- General Health & Medical Sciences (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a double-key anti-theft method in a distributed account system, which comprises the following steps: setting two groups of character strings, wherein each group of character strings comprises at least one string of characters, and the two groups of character strings are a first character string group and a second character string group respectively; generating an operation code and an anti-theft code by using the first character string group and the second character string group, and generating a composite address code by splicing the operation code and the anti-theft code through character strings; inputting and verifying an operation code to transfer to a designated account; if the operation code is stolen in step S3, the first character string set and the second character string set are disclosed and a composite address code is generated, and the transaction is invalidated by verifying the composite address code. The invention changes the original address information controlled by a single key into double-key control, wherein the double keys comprise an operation code for performing normal transaction operation and an anti-theft code for declaring invalid transaction when the account is stolen. If the user operation code is cracked, the transaction invalidity can be declared through the anti-theft code, the electronic transaction safety is improved, and the benefit of the user is guaranteed.
Description
Technical Field
The invention relates to the technical field of electronic transactions, in particular to a double-key anti-theft method in a distributed account system.
Background
With the continuous development of internet technology, electronic transactions are more and more widely applied, including traditional bank account transactions and electronic transactions using blockchain technology such as bitcoin. However, in any electronic transaction method, the user generally signs in a single-key manner in the prior art, and if the correct key is input, the account owner is regarded as performing the transaction operation at will. The single-key authentication mode has the risk that the key is cracked or eavesdropped, and once the key is stolen, the key can cause great property loss for a user.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a double-key anti-theft method in a distributed account system, which realizes account anti-theft by using a double-key mode and improves the security of electronic transaction.
In order to achieve the above purpose, the technical scheme adopted by the invention is as follows:
a double-key anti-theft method in a distributed account system comprises the following steps:
s1, setting two groups of character strings, wherein each group of character string comprises at least one string of characters, and the two groups of character strings are a first character string group and a second character string group respectively;
s2, generating an operation code and an anti-theft code by using the first character string group and the second character string group, and generating a composite address code by splicing the operation code and the anti-theft code through character strings;
s3, inputting and verifying an operation code to transfer accounts to the specified account;
and S4, if the operation code in the step S3 is stolen, disclosing the first character string group and the second character string group and generating a composite address code, and performing invalid transaction by verifying the composite address code.
After the technical scheme is adopted, the invention has the beneficial effects that: compared with the prior art, the invention changes the original address information controlled by a single key into double-key control, wherein the double keys comprise an operation code for performing normal transaction operation and an anti-theft code for declaring invalid transaction when the account is stolen. If the user operation code is cracked, the transaction invalidity can be declared through the anti-theft code, the electronic transaction safety is improved, and the benefit of the user is guaranteed.
Preferably, the generation process of the compound address code is as follows:
a. setting two groups of character strings, wherein each group of character strings comprises at least one string of characters, and the two groups of character strings are a first character string group and a second character string group respectively;
b. inputting a first character string group and generating a group of private keys and public keys through an asymmetric key generation algorithm;
c. encrypting the public key by using an algorithm to generate an operation code;
d. signing the private key and the second character string group by using a signature algorithm and generating signature data;
e. encrypting the signature data by using an algorithm and taking the second character string group as a key to generate an encrypted anti-theft code;
f. and generating a composite address code by the character string splicing operation code and the anti-theft code.
After the scheme is adopted, the composite address code containing the operation code and the anti-theft code can be generated by utilizing the two groups of character strings, and the anti-theft code needs to utilize the public key generated by the first character string group and the second character string group simultaneously in the generation process, so that the anti-theft code is relatively difficult to break, and the safety is higher.
Preferably, in the step S4, all transactions with the transfer account as an input item and subsequent transactions may be regarded as invalid transactions. The invention can not only invalidate the generated transaction, but also invalidate the subsequent transaction of the account, and freeze the account transaction to ensure the property safety of the user.
Preferably, the method for transferring the account to the designated account in the step S3 includes the following steps: firstly, constructing unsigned transaction data, wherein the transaction data comprises a transfer account, a transfer amount and a composite address of the transfer account; then, signing the unsigned transaction data by using the private key; and finally, carrying out validity verification on the transaction data. The invention only needs to input the operation code when carrying out general transaction operation, does not need to input the anti-theft code, is beneficial to improving the convenience of the transaction operation, simultaneously avoids the condition that the anti-theft code is leaked and cracked when carrying out general transaction operation, and improves the safety.
Preferably, the validity verification comprises: firstly, inquiring whether a transaction exists according to a transaction ID, then inquiring all transactions which quote the transaction as an input item, and confirming that a corresponding output item account is not used as the input of any transaction;
secondly, verifying whether the public key can deduce the operation code, namely performing algorithm on the transaction data by using the public key to generate the operation code, verifying whether the obtained operation code is consistent with the operation code input by the user, if so, passing the verification, and if not, deducing that the transaction is illegal;
thirdly, verifying whether the signatures are matched by using a public key, namely calculating the HASH value of the transaction record by using a Hash algorithm, verifying whether the HASH value, the private key K and the public key P of the transaction record are matched by using the algorithm, if so, verifying the transaction, and if not, judging that the transaction record is illegal;
and fourthly, verifying whether the sum of the input amount in the transaction is greater than or equal to the output amount, and if the sum of the input amount in the transaction is greater than or equal to the output amount, the transaction is verified.
After the scheme is adopted, the legality of the transaction is verified through the four verification steps, and the security of the transaction is improved.
Drawings
FIG. 1 is a flow chart of the present invention.
FIG. 2 is a flow chart of the generation process of the composite address code of the present invention.
Detailed Description
The claimed invention will now be described in further detail with reference to the accompanying drawings and specific embodiments.
Referring to fig. 1 and 2, the double-key anti-theft method in the distributed account system of the present invention includes the following steps: and setting two groups of character strings, wherein each group of character strings comprises at least one string of characters, and the two groups of character strings are a first character string group X and a second character string group Y respectively.
The first character string group X and the second character string group Y are utilized to respectively generate an operation code B and an anti-theft code C, and a composite address code A is generated by splicing the operation code B and the anti-theft code C through character strings, wherein the generation process of the composite address code A in the embodiment is as follows: a. inputting the first character string set and generating a set of private key K and public key P by an asymmetric key generation algorithm, in this embodiment, the asymmetric key generation algorithm adopted in this step is Ed25519, RSA, and the like. b. The public key P is encrypted by using an algorithm to generate an operation code B, and the algorithm adopted in the step in this embodiment is hash algorithms such as SHA256 and MD 5; c. signing the private key K and the second character string group Y by using a signature algorithm and generating signature data; d. the signature data is encrypted by using an algorithm and the second character string group as a key to generate an encrypted anti-theft code C, and the algorithm adopted in the step in this embodiment is a symmetric encryption algorithm such as AES and DES, and may also be an asymmetric key generation algorithm such as Ed25519 and RSA. e. And generating a composite address code A by the character string splicing operation code B and the anti-theft code C.
The opcode is entered and verified to transfer to the designated account, which in this embodiment is the following: firstly, constructing unsigned transaction data, wherein the transaction data comprises information such as a transfer account, a transfer amount, a composite address of the transfer account and the like; then, the SHA256 HASH algorithm is used to obtain the HASH value of the unsigned transaction data, and the private key K is used to sign the unsigned transaction data.
After the signature is completed, the system also needs to verify the validity of the transaction, and the validity verification method in this embodiment mainly includes: firstly, whether a transaction exists is inquired according to the transaction ID, then all transactions which quote the transaction as input items are inquired, and the account of the corresponding output item is confirmed not to be used as the input of any transaction. Secondly, whether the operation code can be deduced by the public key P is verified, namely, the HASH 256 Hash algorithm is carried out on the HASH value of the transaction data by the public key P, whether the operation code obtained by the HASH 256 Hash algorithm is consistent with the operation code input by the user is verified, if the operation code is consistent with the operation code input by the user, the verification is passed, and if the operation code is inconsistent with the operation code, the transaction is judged to be illegal.
Thirdly, verifying whether the signatures are matched by using a public key, namely calculating the HASH value of the transaction record by using a Hash algorithm, verifying whether the HASH value, the private key K and the public key P of the transaction record are matched by using the algorithm, if so, verifying the transaction, and if not, judging that the transaction record is illegal; and fourthly, verifying whether the sum of the input amount in the transaction is greater than or equal to the output amount, and if the sum of the input amount in the transaction is greater than or equal to the output amount, the transaction is verified. The mode above shows that when a user carries out general transaction, only the operation code B needs to be input for verification, which is beneficial to improving the convenience of transaction operation, and meanwhile, the condition that the anti-theft code is leaked and cracked when the general transaction operation is carried out is also avoided, and the safety is improved.
When the account of the user is stolen, the transaction is invalidated in a mode of verifying the composite address code A by disclosing the first character string group and the second character string group and generating the composite address code. The specific mode is as follows: first, based on the above-mentioned transaction method, the output item (account) of one transaction can only be referred to as an input item once. If stolen, meaning that the account was consumed once, it can be queried by a transaction id query. After the account is confirmed to be stolen, the first character string group X and the second character string group Y can be disclosed, then the first character string group X and the second character string group Y are enabled to generate a composite address A through an algorithm by using the mode, the composite address A comprises an operation code B and an anti-theft code C, and after the identity of a user is confirmed through verification of the composite address A, the user can declare that all transactions and subsequent transactions taking the transfer account as an input item can be regarded as invalid transactions, so that the benefit of the user is guaranteed. Compared with the prior art, the invention changes the address information controlled by a single key into the operation code and the anti-theft code respectively controlled by double keys. If the user operation code is cracked, the transaction invalidity can be declared through the anti-theft code, the electronic transaction safety is improved, and the benefit of the user is guaranteed.
The above-described embodiments are merely preferred embodiments of the present invention, which is not intended to limit the present invention in any way. Those skilled in the art can make many changes and modifications to the disclosed embodiments, or modify equivalent embodiments to practice the disclosed embodiments, without departing from the scope of the disclosed embodiments. Therefore, equivalent variations made according to the idea of the present invention should be covered within the protection scope of the present invention without departing from the contents of the technical solution of the present invention.
Claims (4)
1. A double-key anti-theft method in a distributed account system is characterized by comprising the following steps:
s1, setting two groups of character strings, wherein each group of character string comprises at least one string of characters, and the two groups of character strings are a first character string group and a second character string group respectively;
s2, generating an operation code and an anti-theft code by using the first character string group and the second character string group, and generating a composite address code by splicing the operation code and the anti-theft code through character strings; the generation process of the compound address code is as follows:
a. setting two groups of character strings, wherein each group of character strings comprises at least one string of characters, and the two groups of character strings are a first character string group and a second character string group respectively;
b. inputting a first character string group and generating a group of private keys and public keys through an asymmetric key generation algorithm;
c. encrypting the public key by using an algorithm to generate an operation code;
d. signing the private key and the second character string group by using a signature algorithm and generating signature data;
e. encrypting the signature data by using an algorithm and taking the second character string group as a key to generate an encrypted anti-theft code;
f. generating a composite address code by the character string splicing operation code and the anti-theft code;
s3, inputting and verifying an operation code to transfer accounts to the specified account;
and S4, if the operation code in the step S3 is stolen, disclosing the first character string group and the second character string group and generating a composite address code, and performing invalid transaction by verifying the composite address code.
2. The double-key anti-theft method in the distributed account system according to claim 1, wherein: in step S4, all transactions with the transfer account as an input item and subsequent transactions may be considered invalid transactions.
3. The double-key anti-theft method in the distributed account system according to claim 1, wherein: the method of transferring money to a specific account in the step S3 includes the steps of: firstly, constructing unsigned transaction data, wherein the transaction data comprises a transfer account, a transfer amount and a composite address of the transfer account; then, signing the unsigned transaction data by using the private key; and finally, carrying out validity verification on the transaction data.
4. The method of claim 3, wherein the method comprises the following steps: the validity verification comprises:
firstly, inquiring whether a transaction exists according to a transaction ID, then inquiring all transactions which quote the transaction as an input item, and confirming that a corresponding output item account is not used as the input of any transaction;
secondly, verifying whether the public key can deduce the operation code, namely performing algorithm on the transaction data by using the public key to generate the operation code, verifying whether the obtained operation code is consistent with the operation code input by the user, if so, passing the verification, and if not, deducing that the transaction is illegal;
thirdly, verifying whether the signatures are matched by using a public key, namely calculating the HASH value of the transaction record by using a Hash algorithm, verifying whether the HASH value, the private key K and the public key P of the transaction record are matched by using the algorithm, if so, verifying the transaction, and if not, judging that the transaction record is illegal;
and fourthly, verifying whether the sum of the input amount in the transaction is greater than or equal to the output amount, and if the sum of the input amount in the transaction is greater than or equal to the output amount, the transaction is verified.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810513403.4A CN108764904B (en) | 2018-05-25 | 2018-05-25 | Double-key anti-theft method in distributed account system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810513403.4A CN108764904B (en) | 2018-05-25 | 2018-05-25 | Double-key anti-theft method in distributed account system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108764904A CN108764904A (en) | 2018-11-06 |
| CN108764904B true CN108764904B (en) | 2021-10-08 |
Family
ID=64005656
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810513403.4A Active CN108764904B (en) | 2018-05-25 | 2018-05-25 | Double-key anti-theft method in distributed account system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108764904B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN119316149A (en) | 2018-11-27 | 2025-01-14 | 区块链控股有限公司 | Computer-implemented system and method for storing, retrieving and communicating data via a peer-to-peer network |
| CN109727007A (en) * | 2018-12-10 | 2019-05-07 | 杭州复杂美科技有限公司 | Contract transfer account method, equipment and storage medium |
| CN109413228B (en) * | 2018-12-20 | 2021-06-01 | 全链通有限公司 | IPv6 generation method and system based on block chain domain name system |
| CN112581133B (en) * | 2020-12-25 | 2024-10-01 | 中国农业银行股份有限公司 | Transaction data processing method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020007320A1 (en) * | 2000-03-15 | 2002-01-17 | Mastercard International Incorporated | Method and system for secure payments over a computer network |
| CN103780379A (en) * | 2012-10-19 | 2014-05-07 | 阿里巴巴集团控股有限公司 | Password encryption method and system, and cryptographic check method and system |
| CN106534079A (en) * | 2016-10-19 | 2017-03-22 | 华迪计算机集团有限公司 | Method and system for safety processing of data files |
-
2018
- 2018-05-25 CN CN201810513403.4A patent/CN108764904B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020007320A1 (en) * | 2000-03-15 | 2002-01-17 | Mastercard International Incorporated | Method and system for secure payments over a computer network |
| CN103780379A (en) * | 2012-10-19 | 2014-05-07 | 阿里巴巴集团控股有限公司 | Password encryption method and system, and cryptographic check method and system |
| CN106534079A (en) * | 2016-10-19 | 2017-03-22 | 华迪计算机集团有限公司 | Method and system for safety processing of data files |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108764904A (en) | 2018-11-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12294661B2 (en) | Personal device security using cryptocurrency wallets | |
| US20180144114A1 (en) | Securing Blockchain Transactions Against Cyberattacks | |
| CN101651675B (en) | By the method and system that authentication code is verified client | |
| US6321333B1 (en) | Efficient digital certificate processing in a data processing system | |
| EP3073670B1 (en) | A system and a method for personal identification and verification | |
| US11245653B2 (en) | Methods and systems for creating and using massless currency | |
| WO2021008453A1 (en) | Method and system for offline blockchain transaction based on identifier authentication | |
| CN108764904B (en) | Double-key anti-theft method in distributed account system | |
| CN105933119B (en) | A kind of authentication method and equipment | |
| CN111460525B (en) | Block chain-based data processing method, device and storage medium | |
| CN106850190A (en) | It is a kind of to the destroying method based on block chain digital certificate | |
| WO2013044192A2 (en) | Securing transactions against cyberattacks | |
| CN111047305A (en) | A kind of private key storage and mnemonic method of encrypted digital currency wallet based on digital watermark technology | |
| CN114726535B (en) | Privacy protection anti-fake automobile supply chain method based on blockchain | |
| CN108650214B (en) | Dynamic page encryption anti-unauthorized method and device | |
| WO2018171519A1 (en) | Transaction verification method and system | |
| KR101686157B1 (en) | Password generator, Financial transaction system and method using that password generator | |
| JP2004515098A (en) | Authentication method and authentication device | |
| CN116418487A (en) | Method, device and node equipment for depositing certificates of key ownership | |
| CN114548986A (en) | Payment method, payment security code generation method, device, equipment and storage medium | |
| CN119741097B (en) | Intelligent efficient safe encryption card verification method and device | |
| CN116342265A (en) | Block chain-based non-homogeneous digital asset data processing method and system | |
| TWM659947U (en) | Transaction Verification System | |
| Shashikala et al. | Cryptography and Blockchain: Building Blocks of Secure Decentralisation | |
| CN105391709B (en) | ATM machine fake-identifying instrument mainboard program safety processing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 510000 self compiled Zone D, No. 17, guocaizhi street, Yuexiu District, Guangzhou City, Guangdong Province Applicant after: Guangdong Yingfeng Puhui Internet microfinance Co.,Ltd. Address before: 510000 room 1306, metropolis Plaza, No. 183, Tianhe North Road, Tianhe District, Guangzhou, Guangdong Applicant before: GUANGDONG GUANGFA INTERCONNECTED MICROFINANCE Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |