CN113051623B - Data processing method and device and electronic equipment - Google Patents
Data processing method and device and electronic equipment Download PDFInfo
- Publication number
- CN113051623B CN113051623B CN202110268093.6A CN202110268093A CN113051623B CN 113051623 B CN113051623 B CN 113051623B CN 202110268093 A CN202110268093 A CN 202110268093A CN 113051623 B CN113051623 B CN 113051623B
- Authority
- CN
- China
- Prior art keywords
- private key
- data
- data association
- signature
- computing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000003672 processing method Methods 0.000 title claims abstract description 23
- 239000012634 fragment Substances 0.000 claims abstract description 95
- 238000000034 method Methods 0.000 claims abstract description 43
- 238000012545 processing Methods 0.000 claims abstract description 19
- 238000012795 verification Methods 0.000 claims description 104
- 238000004364 calculation method Methods 0.000 claims description 87
- 230000008569 process Effects 0.000 claims description 11
- 230000003993 interaction Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 16
- 238000004590 computer program Methods 0.000 description 11
- 230000006870 function Effects 0.000 description 7
- 230000009471 action Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000001815 facial effect Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000012549 training Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention provides a data processing method, a data processing device and electronic equipment, wherein the method comprises the following steps: the ciphertext computing platform determines computing data and generates corresponding private key fragments for a plurality of data association parties associated with the computing data respectively; signing is carried out based on the private key fragments of all the data association parties, and signature information is determined; because the private key fragment is temporarily generated by the ciphertext computing platform and only exists in the ciphertext computing platform, the data association party cannot acquire the private key and does not need to store the private key fragment; and further, the leakage of the secret key can be avoided, so that the data is ensured not to be tampered.
Description
Technical Field
The present invention relates to the field of data processing, and in particular, to a data processing method, apparatus, and electronic device.
Background
The multiparty secure computation is to realize the computation and fusion of data between a plurality of non-mutually trusted databases under the premise of mutual confidentiality of the data aiming at the situation of no trusted third party. In the multiparty secure computing process, the multiparty participating in the computing needs to be verified to prevent any party from tampering with the data.
Currently, in the conventional multiparty security calculation process, multiparty signature and signature verification are usually performed; the calculation is performed after the signature verification is successful. In the process of multiparty signature, each party needs to use a local medium or a cloud medium to store the private key held by each party, so that the risk of private key leakage may exist.
Disclosure of Invention
The embodiment of the invention provides a data processing method for preventing key leakage.
Correspondingly, the embodiment of the invention also provides a data processing device and electronic equipment, which are used for ensuring the realization and application of the method.
In order to solve the above problems, an embodiment of the present invention discloses a data processing method, which specifically includes: the ciphertext computing platform determines computing data and generates corresponding private key fragments for a plurality of data association parties associated with the computing data respectively; and signing based on the private key fragments of the data association parties, and determining signature information.
Optionally, the signing based on the private key segment of each data association party determines signature information, including: acquiring a calculation mode, wherein the calculation mode comprises a private key generation mode and a signature operation mode; and carrying out signature based on the signature operation mode, the private key generation mode and the private key fragments of all the data association parties, and determining signature information.
Optionally, the determining signature information based on the signature operation mode, the private key generation mode and the private key fragments of each data association party includes: acquiring information to be signed, and encrypting the information to be signed based on the private key generation mode and the private key fragments of each data association party; and carrying out signature operation on the encrypted information to be signed based on the signature operation mode to obtain signature information.
Optionally, the private key generation mode includes a serial generation mode, and encrypting the information to be signed based on the private key generation mode and the private key fragments of each data association party includes: the private key fragments of all the data association parties are connected in series to obtain a private key for signing; and encrypting the information to be signed by adopting the private key for signing.
Optionally, the method further comprises: acquiring identity information corresponding to a plurality of data association parties associated with the calculated data; based on the identity information corresponding to each data association party, respectively carrying out user identity verification on each data association party; and if the identity of each data association party is successfully verified, executing the step of respectively generating corresponding private key fragments for a plurality of data association parties associated with the calculated data.
Optionally, the method further comprises: acquiring equipment information corresponding to a plurality of data association parties associated with the calculated data; respectively carrying out equipment verification on each data association party based on the equipment information corresponding to each data association party; and if the equipment of each data association party is successfully verified, executing the step of respectively generating corresponding private key fragments for a plurality of data association parties associated with the calculated data.
Optionally, the ciphertext computing platform determines the computing data, including: before the ciphertext computing platform executes each computing task, the ciphertext computing platform determines computing data corresponding to the computing task.
Optionally, the method further comprises: determining a private key based on private key fragments corresponding to all data association parties, generating a public key corresponding to the private key and distributing the public key to all data association parties; distributing the signature information to each data association party, and carrying out signature verification on the signature information by each data association party based on the public key; receiving signature verification results uploaded by each data association party; and if the signature verification results of all the data association parties are the successful signature verification results, executing the calculation task.
The embodiment of the invention also discloses a data processing device which is deployed in the ciphertext computing platform and specifically comprises: the private key segment generation module is used for determining calculation data and respectively generating corresponding private key segments for a plurality of data association parties associated with the calculation data; and the signature module is used for signing based on the private key fragments of the data association parties and determining signature information.
Optionally, the signature module includes: the computing mode acquisition sub-module is used for acquiring a computing mode, wherein the computing mode comprises a private key generation mode and a signature operation mode; and the signature information determining sub-module is used for carrying out signature based on the signature operation mode, the private key generation mode and the private key fragments of each data association party to determine signature information.
Optionally, the signature information determining submodule is configured to obtain information to be signed, and encrypt the information to be signed based on the private key generating mode and private key segments of each data association party; and carrying out signature operation on the encrypted information to be signed based on the signature operation mode to obtain signature information.
Optionally, the private key generating mode includes a serial generating mode, and the signature information determining submodule is configured to connect the private key segments of each data-related party in series to obtain a private key for signature; and encrypting the information to be signed by adopting the private key for signing.
Optionally, the apparatus further comprises: the identity verification module is used for acquiring identity information corresponding to a plurality of data association parties associated with the calculated data; based on the identity information corresponding to each data association party, respectively carrying out user identity verification on each data association party; and the private key segment generating module is used for executing the step of respectively generating corresponding private key segments for a plurality of data association parties associated with the calculated data if the identity of each data association party is successfully verified.
Optionally, the apparatus further comprises: the device verification module is used for acquiring device information corresponding to a plurality of data association parties associated with the calculation data; respectively carrying out equipment verification on each data association party based on the equipment information corresponding to each data association party; and the private key segment generating module is used for executing the step of respectively generating corresponding private key segments for a plurality of data association parties associated with the calculated data if the equipment of each data association party is successfully verified.
Optionally, the private key fragment generation module is configured to determine, by the ciphertext computing platform, computing data corresponding to each computing task before the ciphertext computing platform executes the computing task.
Optionally, the apparatus further comprises: the signature verification module is used for determining a private key based on the private key fragments corresponding to each data association party, generating a public key corresponding to the private key and distributing the public key to each data association party; distributing the signature information to each data association party, and carrying out signature verification on the signature information by each data association party based on the public key; receiving signature verification results uploaded by each data association party; and if the signature verification results of all the data association parties are the successful signature verification results, executing the calculation task.
The embodiment of the invention also discloses a readable storage medium, which enables the electronic device to execute the data processing method according to one or more of the embodiments of the invention when the instructions in the readable storage medium are executed by the processor of the electronic device.
The embodiment of the invention also discloses an electronic device, which comprises: one or more processors; and one or more readable storage media having instructions stored thereon that, when executed by the one or more processors, cause the electronic device to perform the data processing method as described in one or more of the embodiments of the invention described above.
Compared with the prior art, the embodiment of the invention has the following advantages:
In the embodiment of the invention, the ciphertext computing platform can determine the computing data and respectively generate corresponding private key fragments for a plurality of data association parties associated with the computing data; then, signature is carried out based on the private key fragments of all the data association parties, and signature information is determined; because the private key fragment is temporarily generated by the ciphertext computing platform and only exists in the ciphertext computing platform, the data association party cannot acquire the private key and does not need to store the private key fragment; and further, the leakage of the secret key can be avoided, so that the data is ensured not to be tampered.
Drawings
FIG. 1 is a flow chart of steps of an embodiment of a data processing method of the present invention;
FIG. 2 is a flow chart of steps of an alternative embodiment of a data processing method of the present invention;
FIG. 3 is a flow chart of steps of an alternative embodiment of a data processing method of the present invention;
FIG. 4 is a flow chart of steps of yet another alternative embodiment of a data processing method of the present invention;
FIG. 5A is a schematic diagram of a logic module corresponding to a computing task according to an embodiment of the present invention;
FIG. 5B is a schematic diagram of another computing task correspondence logic module according to an embodiment of the present invention;
FIG. 5C is a schematic diagram of a logic module corresponding to a computing task according to an embodiment of the present invention;
FIG. 5D is a schematic diagram of a logic module corresponding to a computing task according to an embodiment of the present invention;
FIG. 5E is a schematic diagram of a logic module corresponding to a computing task according to an embodiment of the present invention;
FIG. 6 is a block diagram of an embodiment of a data processing apparatus of the present invention;
FIG. 7 is a block diagram of an alternative embodiment of a data processing apparatus of the present invention;
fig. 8 schematically shows a block diagram of an electronic device for performing the method according to the invention.
Detailed Description
In order that the above-recited objects, features and advantages of the present invention will become more readily apparent, a more particular description of the invention will be rendered by reference to the appended drawings and appended detailed description.
The data processing method provided by the embodiment of the invention can be executed by a ciphertext computing platform; the ciphertext computing platform may provide multiparty secure computing services. Multiparty secure computing can be understood in an abstract way as: the two parties respectively have respective private data, and under the condition of not leaking the respective private data, the result about the public function can be calculated; when the whole calculation is completed, only the calculation result is known to both sides, and both sides cannot know the corresponding data and the intermediate data in the calculation process. Wherein the common function may implement a variety of computing functions such as addition, subtraction, multiplication, division, and the like; and at least one of the private data of the two parties is ciphertext, so that the calculation between the ciphertext and the ciphertext can be performed, and the calculation between the ciphertext and the plaintext can be performed.
In the embodiment of the invention, when the result demand party needs to use the local data of a plurality of data providers to calculate and acquire the data result required by the result demand party, a request can be sent to the ciphertext computing platform; the ciphertext computing platform may then obtain data from the plurality of data providers based on the request. If the multiple data providers allow the result demander to use the data, the local data can be encrypted, and then the encrypted data is uploaded to the ciphertext computing platform; and the ciphertext computing platform can perform ciphertext computation based on the data uploaded by the plurality of data providers.
The ciphertext computing platform can sign the data provider and the result demand party and verify the signed result of the data provider and the result demand party before ciphertext computation is carried out in order to ensure the authenticity of the data; after the signature verification is successful, ciphertext calculation is performed. Because the private keys of the data provider and the result demander for signature are stored in the local medium or the server-side medium in the prior art, the risk of private key leakage exists; therefore, the embodiment of the invention can generate the corresponding private key fragments for the data provider and the result demander by the ciphertext computing platform and sign based on the private key fragments. Because the private key fragment is temporarily generated by the ciphertext computing platform, the data provider and the result demander cannot acquire the private key and do not need to store the private key fragment; and further, the leakage of the secret key can be avoided, and the data of each party is ensured not to be tampered.
Referring to fig. 1, a flowchart illustrating steps of an embodiment of a data processing method according to the present invention may specifically include the following steps:
step 102, determining calculation data by the ciphertext calculation platform, and generating corresponding private key fragments for a plurality of data association parties associated with the calculation data respectively.
And 104, signing based on the private key fragments of the data association parties, and determining signature information.
In the embodiment of the invention, the ciphertext computing platform can determine computing data required by ciphertext computing before ciphertext computing; a plurality of data correspondents associated with the calculated data are then determined. Wherein the data associator may include a data provider and a result demander.
In order to avoid the problem of key leakage caused by the fact that the data association party stores the private key in a local medium or a server medium, in the embodiment of the invention, a ciphertext computing platform can respectively generate corresponding private key fragments for each data association party; that is, the private key of each data-associated party is temporarily generated by the ciphertext computing platform and exists only in the ciphertext computing platform. Then the ciphertext computing platform can adopt the private key fragments of all the data association parties to generate a private key; then signing is carried out by adopting the private key, so as to obtain corresponding signature information; and then carrying out signature verification based on the signature information, and carrying out ciphertext calculation after the signature verification is successful.
Wherein the private key fragment may be a character string, which is not limited in the embodiment of the present invention. The manner in which the ciphertext computing platform generates the corresponding private key fragments for each data-associated party is not limited in this regard, either.
In summary, in the embodiment of the present invention, the ciphertext computing platform may determine computing data, and generate corresponding private key fragments for a plurality of data correspondents associated with the computing data, respectively; then, signature is carried out based on the private key fragments of all the data association parties, and signature information is determined; because the private key fragment is temporarily generated by the ciphertext computing platform and only exists in the ciphertext computing platform, the data association party cannot acquire the private key and does not need to store the private key fragment; and further, the leakage of the secret key can be avoided, so that the data is ensured not to be tampered.
The following describes how the signature and signature verification are performed.
Referring to fig. 2, a flowchart of the steps of an alternative embodiment of a data processing method of the present invention is shown.
Step 202, before the ciphertext computing platform executes each computing task, the ciphertext computing platform determines computing data corresponding to the computing task.
In the embodiment of the invention, when the ciphertext computing platform performs computation once, a corresponding computing task can be generated; then signature and signature verification is performed before the computing task is performed.
The computing data corresponding to the computing task can be determined, and then a data association party associated with the computing data is determined. Wherein the data correspondents may comprise at least two parties, namely at least one data provider and at least one result demander.
Step 204, generating corresponding private key fragments for a plurality of data associating parties associated with the calculation data respectively.
In the embodiment of the present invention, after step 204 is performed, step 206 to step 208 may be performed; step 210 may alternatively be performed.
The step 104 may include the following steps 206 to 208:
step 206, obtaining a calculation mode, wherein the calculation mode comprises a private key generation mode and a signature operation mode.
In the embodiment of the invention, each data association party can negotiate in advance, and the ciphertext computing platform calculates the corresponding private key generation mode every time; the ciphertext computing platform can generate different private keys based on the private key fragments of all the data association parties each time, and the effect of one-time encryption is achieved. Furthermore, after the private key fragments and the private key are leaked for a plurality of times, the private key fragments and the private key side which are leaked cannot infer the generation mode of the private key according to the private key fragments and the private key which are obtained for a plurality of times, so that the next private key cannot be forged. Each data association party can negotiate a signature operation mode corresponding to each calculation of the ciphertext calculation platform in advance, so that the signature operation modes corresponding to each calculation of the ciphertext calculation platform are different; and when the signature information is leaked for a plurality of times, the method that the leaked signature information is obtained according to the signature information obtained for a plurality of times cannot infer the mode that the ciphertext computing platform generates the signature, so that the corresponding signature information cannot be forged next time.
And the ciphertext computing platform can acquire a computing mode after determining a data association party associated with the computing data, wherein the computing mode comprises a key generation mode and a signature operation mode.
And step 208, signing based on the signature operation mode, the private key generation mode and the private key fragments of each data association party to determine signature information.
Wherein step 208 may include sub-steps S2082 to S2084:
And S2082, obtaining the information to be signed, and encrypting the information to be signed based on the private key generation mode and the private key fragments of each data association party.
And step S2084, performing signature operation on the encrypted information to be signed based on the signature operation mode to obtain signature information.
In the embodiment of the invention, aiming at each calculation of a ciphertext calculation platform, each data association party can negotiate information to be signed; that is, each computing task may correspond to information to be signed. Different computing tasks may correspond to different information to be signed, or may correspond to the same information to be signed, which is not limited in the embodiment of the present invention. The information to be signed may include a plurality of kinds, for example, a user name, a date, a task number, a character string, etc., which is not limited in the embodiment of the present invention.
The ciphertext computing platform can acquire the information to be signed after negotiation of each data provider, then determines a private key for signing according to the private key generation mode and the private key fragments corresponding to each data association party, and signs the information to be signed based on the private key signed by the user to obtain corresponding signature information. The ciphertext computing platform can realize signature without depending on any data association party, so that the signature efficiency is improved, the dependence of the ciphertext computing platform on other platforms is reduced, and the application scene of the ciphertext computing platform is expanded.
The method comprises the steps that firstly, encryption can be carried out on information to be signed based on private keys of all data association parties; and then carrying out signature operation on the encrypted information to be signed based on the signature operation mode to obtain signature information.
The above-mentioned substep S2082 may include the following substeps S22 to S24:
Substep S22: and connecting the private key fragments of each data association party in series to obtain the private key for signing.
Substep S24: and encrypting the information to be signed by adopting the private key for signing.
In the embodiment of the invention, based on the private key generation mode, the private key fragments corresponding to each data association party are calculated, and the private key for signature is determined.
In one example, the private key generation scheme may include a tandem generation scheme. Furthermore, based on a preset serial sequence in a private key generation mode, private key fragments of all data association parties can be connected in series, and a private key for signature can be obtained; and then encrypting the information to be signed by adopting the private key.
The preset serial sequence may refer to a serial sequence of private key fragments of each data association party, and may be set according to requirements, which is not limited in the embodiment of the present invention.
Step 210, determining a private key based on the private key fragments corresponding to each data association party, generating a public key corresponding to the private key, and distributing the public key to each data association party.
In the embodiment of the present invention, after step 204 is performed, private key fragments corresponding to each data association party may be connected in series to generate a private key; then generating a public key matched with the private key, and distributing the public key to each data association party; for subsequent signature verification by the respective data correspondents. The private key can be determined according to the private key generation mode and the private key fragments corresponding to the data association parties; this is similar to the above and will not be described again here.
And 212, distributing the signature information to each data association party, and carrying out signature verification on the signature information by each data association party based on the public key.
Step 214, receiving the signature verification result uploaded by each data association party.
And step 216, if the signature verification results of all the data association parties are successful signature verification results, executing the calculation task.
In the embodiment of the invention, after the ciphertext computing platform calculates the signature information, the signature information can be distributed to all data providers; the signature information is then signature verified by each data-associated party based on the public key. Each data provider can decrypt the signature information by adopting a public key distributed by the ciphertext computing platform to obtain decrypted signature information; and then generating a signature verification result by judging whether the decrypted signature information is consistent with the information to be signed negotiated by each data provider, and uploading the signature verification result to the ciphertext computing platform. The signature verification result includes: signature verification success results or signature verification failure results. If the data provider determines that the decrypted signature information is consistent with the information to be signed negotiated by each data provider, the successful signature verification result can be uploaded to the ciphertext computing platform. If the data provider determines that the decrypted signature information is inconsistent with the information to be signed negotiated by each data provider, the signature verification failure result can be uploaded to the ciphertext computing platform. After receiving the signature verification results uploaded by all the data association parties, the ciphertext computing platform executes the computing task if the signature verification results of all the data association parties are successful signature verification results. The ciphertext computing platform comprises a ciphertext computing engine, and the ciphertext computing engine comprises a plurality of computing nodes. In the process of executing a computing task, the ciphertext computing platform can generate a multiparty computing instruction corresponding to the computing task based on a multiparty secure computing protocol, and send the multiparty computing instruction and computing data to a computing engine in the ciphertext computing platform; then the computing engine acquires multiparty computing instructions and computing data; according to the multiparty calculation instruction, at least part of calculation nodes in the ciphertext calculation engine respectively perform local calculation on the calculation data acquired by the calculation nodes, and/or perform interaction on intermediate data generated by the local calculation to obtain calculation results respectively held by the calculation nodes. And the ciphertext computing platform determines a processing result corresponding to the computing task according to the computing results respectively held by the computing nodes.
In summary, in the embodiment of the present invention, before the ciphertext computing platform executes each computing task, the ciphertext computing platform determines computing data corresponding to the computing task; generating corresponding private key fragments for a plurality of data association parties associated with the calculated data respectively, determining a private key based on the private key fragments corresponding to each data association party, generating a public key corresponding to the private key and distributing the public key to each data association party; then, signing is carried out based on the private key fragments of all the data association parties, signature information is determined, the signature information is distributed to all the data association parties, and signature verification is carried out on the signature information by all the data association parties based on the public keys; after each data provider performs signature verification on the signature information based on the received public key, the signature verification result can be uploaded to the ciphertext computing platform; the ciphertext computing platform can receive the signature verification result uploaded by each data association party; if the signature verification results of all the data association parties are the successful signature verification results, executing the calculation task; and then signature and signature verification are carried out before each calculation, so that the authenticity of the data calculated each time is ensured.
In an alternative embodiment of the invention, for further verification of the authenticity of the calculated data; the ciphertext computing platform may also perform authentication on each data-associated party. The following may be possible:
Referring to fig. 3, a flowchart of the steps of another alternative embodiment of a data processing method of the present invention is shown.
Step 302, the ciphertext computing platform determines computing data.
Step 304, obtaining identity information corresponding to a plurality of data association parties associated with the calculated data.
In the embodiment of the invention, after the ciphertext computing platform determines the computing data and a plurality of data association parties associated with the computing data, the identity information of each data association party can be obtained. Wherein the identity information may include information capable of uniquely characterizing the identity of the party associated with the data, such as may include biometric information such as fingerprint information, voiceprint information, facial feature information, iris feature information, etc. of the party associated with the data; authentication information such as an authentication code may also be included; an account number password and the like can be also included; the embodiments of the present invention are not limited in this regard.
Step 306, based on the identity information corresponding to each data association party, user identity verification is performed on each data association party.
In the embodiment of the invention, when the data association party accesses the password computing platform, the corresponding preset identity information such as biological characteristic information, account passwords, mobile phone numbers and the like can be uploaded. And then after obtaining the identity information corresponding to each data association party, the ciphertext computing platform aims at each data association party: if the obtained identity information of the data association party is the biological characteristic information or the account number password, the identity information can be compared with the preset identity information corresponding to the data association party. If the identity information of the data association party is matched with the preset identity information corresponding to the data association party, determining that the identity verification of the data association party is successful; otherwise, determining that the authentication of the data association party fails. If the acquired identity information of the data association party is the verification code of the data association party, the verification code can be compared with the verification code issued by the ciphertext computing platform through the mobile phone number of the data association party. If the identity information of the data association party is matched with the preset identity information of the data association party, determining that the identity verification of the data association party is successful; otherwise, determining that the authentication of the data association party fails.
Step 308 may be performed when the authentication of all data correspondents is successful. When the identity verification of at least one data association party is unsuccessful, the identity verification can be performed again, the calculation can be stopped, and error information and the like are returned to each data association party; the embodiments of the present invention are not limited in this regard.
Step 308, if the identity of each data association party is successfully verified, generating corresponding private key fragments for the plurality of data association parties associated with the calculated data.
And 310, signing based on the private key fragments of the data association parties to determine signature information.
In summary, in the embodiment of the present invention, after the ciphertext computing platform determines the computing data, identity information corresponding to a plurality of data association parties associated with the computing data may be obtained, and then user identity verification is performed on each data association party based on the identity information corresponding to each data association party; if the identity of each data association party is successfully verified, respectively generating corresponding private key fragments for a plurality of data association parties associated with the calculated data, signing based on the private key fragments of each data association party, and determining signature information; and then, the identity of each data association party is verified before signing, so that the authenticity of the calculated data can be further verified.
In an alternative embodiment of the invention, for further verification of the authenticity of the calculated data; the ciphertext computing platform may also perform device authentication on each data-associated party. The following may be possible:
Referring to fig. 4, a flowchart of the steps of yet another alternative embodiment of a data processing method of the present invention is shown.
Step 402, the ciphertext computing platform determines the computing data.
Step 404, obtaining device information corresponding to a plurality of data association parties associated with the calculation data.
In the embodiment of the invention, after the ciphertext computing platform determines the computing data and a plurality of data association parties associated with the computing data, the equipment information of each data association party can be acquired. The device information may include information capable of uniquely characterizing the device of the data association party, such as a device identification code of the device, which is not limited in this embodiment of the present invention.
Step 406, based on the device information corresponding to each data association party, user device verification is performed on each data association party.
In the embodiment of the invention, when the data association party accesses the password computing platform, the corresponding preset equipment information can be uploaded. And then after the ciphertext computing platform acquires the device information corresponding to each data association party, the device information can be compared with the preset device information of the data association party for each data association party. If the equipment information of the data association party is matched with the preset equipment information of the data association party, the equipment verification of the data association party is determined to be successful; otherwise, determining that the device authentication of the data association party fails.
Step 408 may be performed when device authentication of all data correspondents is successful. When the equipment verification of at least one data association party is unsuccessful, the equipment verification can be performed again, the calculation can be stopped, and error information and the like can be returned to each data association party; the embodiments of the present invention are not limited in this regard.
Step 408, if the verification of the devices of the data associating parties is successful, generating corresponding private key fragments for the plurality of data associating parties associated with the calculated data.
Step 410, signature is performed based on the private key fragments of the data correspondents, and signature information is determined.
In summary, in the embodiment of the present invention, after determining calculation data by a ciphertext calculation platform, device information corresponding to a plurality of data association parties associated with the calculation data may be obtained, and then user device verification is performed on each data association party based on the device information corresponding to each data association party; if the equipment of each data association party is successfully verified, respectively generating corresponding private key fragments for a plurality of data association parties associated with the calculated data, signing based on the private key fragments of each data association party, and determining signature information; and further, the device verification is carried out on each data association party before signing, so that the verification of the authenticity of the calculated data can be further carried out.
Of course, the embodiment of the invention can combine the steps 302 to 310 with the steps 402 to 410 to perform identity verification and equipment verification; and after the identity verification and the equipment verification are successful, signature and signature verification are performed. The embodiment of the invention does not limit the sequence of identity authentication and equipment authentication.
In an alternative embodiment of the present invention, referring to fig. 5A, each computing task may be divided into two logic modules: the verification module can be used for verification, including signature and signature verification, namely, step 204 to step 214, or step 302 to step 310, or step 402 to step 410 can be executed; the calculation module may perform the calculation task, i.e., execute step 216, when the verification module outputs a result of successful verification.
In one embodiment of the present invention, a logic module corresponding to one computing task may be nested in a logic module corresponding to another computing task; multiple levels of nesting may be supported. Referring to fig. 5B, logic modules corresponding to one computing task may be nested within verification modules corresponding to another computing task.
In one embodiment of the present invention, the verification module may include a signature verification module and a calculation module, and the signature verification module may include: an identity verification module and a calculation module; a device verification module and a calculation module may also be included. Reference may be made to fig. 5C, 5D and 5E.
The data processing method provided by the embodiment of the invention can be used for any scene needing signature verification, such as a scene in which data relied on model training is distributed on a plurality of data providers by using a ciphertext computing platform, and a scene in which data relied on data prediction is distributed on a plurality of data providers by using a ciphertext computing platform; for another example, a scene of transferring accounts by using a ciphertext computing platform; for another example, a scenario in which a ciphertext computing platform is used to conduct a digital currency transaction; etc., and embodiments of the invention are not limited in this regard.
It should be noted that, for simplicity of description, the method embodiments are shown as a series of acts, but it should be understood by those skilled in the art that the embodiments are not limited by the order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred embodiments, and that the acts are not necessarily required by the embodiments of the invention.
The embodiment of the invention also discloses a data processing device which is deployed in the ciphertext computing platform, wherein the device comprises:
Referring to FIG. 6, a block diagram illustrating an embodiment of a data processing apparatus according to the present invention may include the following modules:
The private key fragment generation module 602 is configured to determine calculation data, and generate corresponding private key fragments for a plurality of data correspondents associated with the calculation data, respectively;
and the signature module 604 is used for signing based on the private key fragments of the data association parties and determining signature information.
Referring to FIG. 7, a block diagram of an alternative embodiment of a data processing apparatus of the present invention is shown.
In an alternative embodiment of the present invention, the signature module 604 includes:
A calculation mode obtaining submodule 6042, configured to obtain a calculation mode, where the calculation mode includes a private key generation mode and a signature operation mode;
The signature information determining submodule 6044 is configured to determine signature information based on the signature operation mode, the private key generation mode, and the private key fragments of each data association party.
In an optional embodiment of the present invention, the signature information determining submodule 6044 is configured to obtain information to be signed, and encrypt the information to be signed based on the private key generating manner and private key fragments of each data associating party; and carrying out signature operation on the encrypted information to be signed based on the signature operation mode to obtain signature information.
In an alternative embodiment of the present invention, the private key generation means includes a serial generation means,
The signature information determining submodule 6044 is used for concatenating the private key fragments of each data association party to obtain a private key for signature; and encrypting the information to be signed by adopting the private key for signing.
In an alternative embodiment of the present invention, the apparatus further includes:
an identity information verification module 606, configured to obtain identity information corresponding to a plurality of data correspondents associated with the calculated data; based on the identity information corresponding to each data association party, respectively carrying out user identity verification on each data association party;
the private key fragment generation module 602 is configured to execute the step of generating corresponding private key fragments for the plurality of data correspondents associated with the calculated data, if the identities of the data correspondents are verified successfully.
In an alternative embodiment of the present invention, the apparatus further includes:
A device verification module 608, configured to obtain device information corresponding to a plurality of data correspondents associated with the calculation data; respectively carrying out equipment verification on each data association party based on the equipment information corresponding to each data association party;
The private key fragment generation module 602 is configured to execute the step of generating corresponding private key fragments for the plurality of data correspondents associated with the calculated data, if the devices of the data correspondents are verified successfully.
In an alternative embodiment of the present invention, the private key fragment generation module 602 is configured to determine, by the ciphertext computing platform, computing data corresponding to each computing task before the ciphertext computing platform performs the computing task.
In an alternative embodiment of the present invention, the apparatus further includes:
The signature verification module 610 is configured to determine a private key based on a private key segment corresponding to each data association party, generate a public key corresponding to the private key, and distribute the public key to each data association party; distributing the signature information to each data association party, and carrying out signature verification on the signature information by each data association party based on the public key; receiving signature verification results uploaded by each data association party; and if the signature verification results of all the data association parties are the successful signature verification results, executing the calculation task.
In summary, in the embodiment of the present invention, the ciphertext computing platform may determine computing data, and generate corresponding private key fragments for a plurality of data correspondents associated with the computing data, respectively; then, signature is carried out based on the private key fragments of all the data association parties, and signature information is determined; because the private key fragment is temporarily generated by the ciphertext computing platform and only exists in the ciphertext computing platform, the data association party cannot acquire the private key and does not need to store the private key fragment; and further, the leakage of the secret key can be avoided, so that the data is ensured not to be tampered.
For the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments for relevant points.
Embodiments of the present invention also provide a readable storage medium, which when executed by a processor of an electronic device, enables the electronic device to perform a data processing method according to one or more of the embodiments of the present invention.
The embodiment of the invention also provides electronic equipment, which comprises: one or more processors; and one or more readable storage media having instructions stored thereon that, when executed by the one or more processors, cause the electronic device to perform the data processing method as described in one or more of the embodiments of the invention described above.
In an example of an embodiment of the present invention, an electronic device, such as a server, fig. 8 shows that a server according to the present invention may be implemented, such as a management server, a storage server, an application server, a cloud control service, a server cluster, etc. The server conventionally includes a processor 810 and a computer program product or computer readable storage medium in the form of a memory 820. The memory 820 may be an electronic memory such as a flash memory, an EEPROM (electrically erasable programmable read only memory), an EPROM, a hard disk, or a ROM. The memory 820 has a memory space 830 for program code 831 for performing any of the method steps in the method described above. For example, the memory space 830 for the program code may include individual program code 831 for implementing various steps in the above method, respectively. The program code can be read from or written to one or more computer program products. These computer program products comprise a program code carrier such as a hard disk, a Compact Disc (CD), a memory card or a floppy disk. Such computer program products are typically portable or fixed storage units. The storage unit may have a memory segment, a memory space, or the like arranged similarly to the memory 820 in the server of fig. 8. The program code may be compressed, for example, in a suitable form. Typically, the storage unit comprises computer readable code, i.e. code that can be read by a processor, such as 810, for example, which when executed by a server causes the server to perform the steps in the method described above.
In this specification, each embodiment is described in a progressive manner, and each embodiment is mainly described by differences from other embodiments, and identical and similar parts between the embodiments are all enough to be referred to each other.
It will be apparent to those skilled in the art that embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, embodiments of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, embodiments of the invention may take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
Embodiments of the present invention are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing terminal device to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing terminal device, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiment and all such alterations and modifications as fall within the scope of the embodiments of the invention.
Finally, it is further noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or terminal device that comprises the element.
The foregoing has described in detail a data processing method, a data processing apparatus and an electronic device according to the present invention, and specific examples have been provided herein to illustrate the principles and embodiments of the present invention, the above examples being provided only to assist in understanding the method and core idea of the present invention; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in accordance with the ideas of the present invention, the present description should not be construed as limiting the present invention in view of the above.
Claims (14)
1. A method of data processing, comprising:
Before the ciphertext computing platform executes each computing task, determining computing data corresponding to the computing task by the ciphertext computing platform, and respectively generating corresponding private key fragments for a plurality of data association parties associated with the computing data;
Signing is carried out based on the private key fragments of all the data association parties, and signature information is determined;
Determining a private key based on private key fragments corresponding to all data association parties, generating a public key corresponding to the private key and distributing the public key to all data association parties;
Distributing the signature information to each data association party, and carrying out signature verification on the signature information by each data association party based on the public key;
Receiving signature verification results uploaded by each data association party;
If the signature verification results of all the data association parties are the successful signature verification results, executing the calculation task;
the ciphertext computing platform comprises a ciphertext computing engine, wherein the ciphertext computing engine comprises a plurality of computing nodes;
In the process of executing the computing task, the ciphertext computing platform generates a multiparty computing instruction corresponding to the computing task based on a multiparty secure computing protocol, and sends the multiparty computing instruction and computing data to a computing engine in the ciphertext computing platform; according to the multiparty calculation instruction, the calculation engine performs local calculation on the calculation data acquired by each calculation node in the ciphertext calculation engine, and/or performs interaction on intermediate data generated by the local calculation to obtain calculation results held by each calculation node; and the ciphertext computing platform determines a processing result corresponding to the computing task according to the computing results respectively held by the computing nodes.
2. The method of claim 1, wherein the determining signature information based on the signature of the private key fragments of the respective data correspondents comprises:
Acquiring a calculation mode, wherein the calculation mode comprises a private key generation mode and a signature operation mode;
And carrying out signature based on the signature operation mode, the private key generation mode and the private key fragments of all the data association parties, and determining signature information.
3. The method according to claim 2, wherein the determining signature information based on the signature operation method, the private key generation method, and the private key fragments of each data-associated party includes:
Acquiring information to be signed, and encrypting the information to be signed based on the private key generation mode and the private key fragments of each data association party;
And carrying out signature operation on the encrypted information to be signed based on the signature operation mode to obtain signature information.
4. The method according to claim 3, wherein the private key generation mode includes a serial generation mode, and the encrypting the information to be signed based on the private key generation mode and the private key fragments of each data association party includes:
the private key fragments of all the data association parties are connected in series to obtain a private key for signing;
and encrypting the information to be signed by adopting the private key for signing.
5. The method of claim 1, wherein the method further comprises:
acquiring identity information corresponding to a plurality of data association parties associated with the calculated data;
Based on the identity information corresponding to each data association party, respectively carrying out user identity verification on each data association party;
And if the identity of each data association party is successfully verified, executing the step of respectively generating corresponding private key fragments for a plurality of data association parties associated with the calculated data.
6. The method of claim 1, wherein the method further comprises:
acquiring equipment information corresponding to a plurality of data association parties associated with the calculated data;
Respectively carrying out equipment verification on each data association party based on the equipment information corresponding to each data association party;
And if the equipment of each data association party is successfully verified, executing the step of respectively generating corresponding private key fragments for a plurality of data association parties associated with the calculated data.
7. A data processing apparatus disposed in a ciphertext computing platform, the apparatus comprising:
The private key fragment generation module is used for determining calculation data corresponding to each calculation task by the ciphertext calculation platform before the ciphertext calculation platform executes each calculation task, and respectively generating corresponding private key fragments for a plurality of data association parties associated with the calculation data;
the signature module is used for signing based on the private key fragments of the data association parties and determining signature information;
The signature verification module is used for determining a private key based on the private key fragments corresponding to each data association party, generating a public key corresponding to the private key and distributing the public key to each data association party; distributing the signature information to each data association party, and carrying out signature verification on the signature information by each data association party based on the public key; receiving signature verification results uploaded by each data association party; if the signature verification results of all the data association parties are the successful signature verification results, executing the calculation task;
the ciphertext computing platform comprises a ciphertext computing engine, wherein the ciphertext computing engine comprises a plurality of computing nodes;
In the process of executing the computing task, the ciphertext computing platform generates a multiparty computing instruction corresponding to the computing task based on a multiparty secure computing protocol, and sends the multiparty computing instruction and computing data to a computing engine in the ciphertext computing platform; according to the multiparty calculation instruction, the calculation engine performs local calculation on the calculation data acquired by each calculation node in the ciphertext calculation engine, and/or performs interaction on intermediate data generated by the local calculation to obtain calculation results held by each calculation node; and the ciphertext computing platform determines a processing result corresponding to the computing task according to the computing results respectively held by the computing nodes.
8. The apparatus of claim 7, wherein the signature module comprises:
The computing mode acquisition sub-module is used for acquiring a computing mode, wherein the computing mode comprises a private key generation mode and a signature operation mode;
And the signature information determining sub-module is used for carrying out signature based on the signature operation mode, the private key generation mode and the private key fragments of each data association party to determine signature information.
9. The apparatus of claim 8, wherein the device comprises a plurality of sensors,
The signature information determining submodule is used for acquiring information to be signed and encrypting the information to be signed based on the private key generation mode and the private key fragments of all data association parties; and carrying out signature operation on the encrypted information to be signed based on the signature operation mode to obtain signature information.
10. The apparatus of claim 9, wherein the private key generation means comprises a serial generation means,
The signature information determining submodule is used for connecting the private key fragments of all the data association parties in series to obtain a private key for signing; and encrypting the information to be signed by adopting the private key for signing.
11. The apparatus of claim 7, wherein said apparatus further comprises:
The identity verification module is used for acquiring identity information corresponding to a plurality of data association parties associated with the calculated data; based on the identity information corresponding to each data association party, respectively carrying out user identity verification on each data association party;
And the private key segment generating module is used for executing the step of respectively generating corresponding private key segments for a plurality of data association parties associated with the calculated data if the identity of each data association party is successfully verified.
12. The apparatus of claim 7, wherein said apparatus further comprises:
the device verification module is used for acquiring device information corresponding to a plurality of data association parties associated with the calculation data; respectively carrying out equipment verification on each data association party based on the equipment information corresponding to each data association party;
And the private key segment generating module is used for executing the step of respectively generating corresponding private key segments for a plurality of data association parties associated with the calculated data if the equipment of each data association party is successfully verified.
13. A readable storage medium, characterized in that instructions in the readable storage medium, when executed by a processor of an electronic device, enable the electronic device to perform the data processing method according to any one of the method claims 1-6.
14. An electronic device, comprising:
One or more processors; and
One or more readable storage media having instructions stored thereon that, when executed by the one or more processors, cause the electronic device to perform the data processing method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110268093.6A CN113051623B (en) | 2021-03-11 | 2021-03-11 | Data processing method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110268093.6A CN113051623B (en) | 2021-03-11 | 2021-03-11 | Data processing method and device and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113051623A CN113051623A (en) | 2021-06-29 |
| CN113051623B true CN113051623B (en) | 2024-07-09 |
Family
ID=76511727
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110268093.6A Active CN113051623B (en) | 2021-03-11 | 2021-03-11 | Data processing method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113051623B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114791834B (en) * | 2022-02-25 | 2024-04-26 | 数字广东网络建设有限公司 | Application program starting method and device, electronic equipment and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106656952A (en) * | 2016-09-21 | 2017-05-10 | 北京神州绿盟信息安全科技股份有限公司 | Authentication method, device and system for registration equipment |
| CN110505185A (en) * | 2018-05-18 | 2019-11-26 | 神州付(北京)软件技术有限公司 | Auth method, equipment and system |
| CN110650010A (en) * | 2019-09-24 | 2020-01-03 | 支付宝(杭州)信息技术有限公司 | Method, device and equipment for generating and using private key in asymmetric key |
| WO2020223918A1 (en) * | 2019-05-08 | 2020-11-12 | 云图有限公司 | Temporary identity authentication method, apparatus and system |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070101131A1 (en) * | 2005-11-01 | 2007-05-03 | Microsoft Corporation | Trusted store tamper detection |
| EP3251284B1 (en) * | 2015-01-27 | 2020-08-19 | Visa International Service Association | Methods for secure credential provisioning |
| CN106487659B (en) * | 2016-10-20 | 2022-12-20 | 宇龙计算机通信科技(深圳)有限公司 | Information encryption method, information encryption device and terminal |
| CN108737403A (en) * | 2018-05-10 | 2018-11-02 | 阿里巴巴集团控股有限公司 | A kind of block chain data processing method, device, processing equipment and system |
| CN111321947A (en) * | 2018-12-14 | 2020-06-23 | 云丁网络技术(北京)有限公司 | Control method and device based on one-time password |
| WO2020172887A1 (en) * | 2019-02-28 | 2020-09-03 | 云图有限公司 | Data processing method, apparatus, smart card, terminal device, and server |
| WO2021022246A1 (en) * | 2019-08-01 | 2021-02-04 | Coinbase, Inc. | Systems and methods for generating signatures |
| CN112398648B (en) * | 2020-11-05 | 2023-12-29 | 华控清交信息科技(北京)有限公司 | Key management method and device for key management |
-
2021
- 2021-03-11 CN CN202110268093.6A patent/CN113051623B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106656952A (en) * | 2016-09-21 | 2017-05-10 | 北京神州绿盟信息安全科技股份有限公司 | Authentication method, device and system for registration equipment |
| CN110505185A (en) * | 2018-05-18 | 2019-11-26 | 神州付(北京)软件技术有限公司 | Auth method, equipment and system |
| WO2020223918A1 (en) * | 2019-05-08 | 2020-11-12 | 云图有限公司 | Temporary identity authentication method, apparatus and system |
| CN110650010A (en) * | 2019-09-24 | 2020-01-03 | 支付宝(杭州)信息技术有限公司 | Method, device and equipment for generating and using private key in asymmetric key |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113051623A (en) | 2021-06-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20220058655A1 (en) | Authentication system | |
| CN108564353B (en) | Payment system and method based on block chain | |
| JP2018532301A (en) | User authentication method and apparatus | |
| CN111131416B (en) | Service providing method and device, storage medium and electronic device | |
| CN113743939A (en) | Identity authentication method, device and system based on block chain | |
| CN104660412A (en) | Password-less security authentication method and system for mobile equipment | |
| CN112291062B (en) | A blockchain-based voting method and device | |
| CN109861829B (en) | Cloud data justice auditing system supporting dynamic updating and auditing method thereof | |
| CN111669404B (en) | Verification method and device for digital certificate installation | |
| CN111815321A (en) | Transaction proposal processing method, device, system, storage medium and electronic device | |
| CN112910660B (en) | Certificate issuing method, adding method and transaction processing method of blockchain system | |
| CN108833431B (en) | Password resetting method, device, equipment and storage medium | |
| CN110910978A (en) | Information processing method applied to block chain network and related device | |
| US20210241270A1 (en) | System and method of blockchain transaction verification | |
| Yu et al. | VeriDedup: A verifiable cloud data deduplication scheme with integrity and duplication proof | |
| CN113051623B (en) | Data processing method and device and electronic equipment | |
| CN109302286B (en) | Fido equipment key index generation method | |
| CN111245594B (en) | Homomorphic operation-based collaborative signature method and system | |
| CN112184245B (en) | Transaction identity confirmation method and device for cross-region block chain | |
| CN111311172A (en) | Electronic signing method, system and storage medium | |
| CN116647371A (en) | Identity authorization method and device based on blockchain | |
| CN112039921B (en) | Verification method for parking access, parking user terminal and node server | |
| CN115860741A (en) | Block chain data encryption verification method, device and system | |
| KR101664471B1 (en) | Method for Processing Mobile OTP Based On Network | |
| CN115941186B (en) | Quantum cracking resistant multi-credential verification method and device and nonvolatile storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |