[go: up one dir, main page]

CN108989354A - A kind of auth method and device - Google Patents

A kind of auth method and device Download PDF

Info

Publication number
CN108989354A
CN108989354A CN201811034387.7A CN201811034387A CN108989354A CN 108989354 A CN108989354 A CN 108989354A CN 201811034387 A CN201811034387 A CN 201811034387A CN 108989354 A CN108989354 A CN 108989354A
Authority
CN
China
Prior art keywords
block
field
user
new
time interval
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811034387.7A
Other languages
Chinese (zh)
Other versions
CN108989354B (en
Inventor
文松
程虹
王敏
徐德刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hubei University of Arts and Science
Original Assignee
Hubei University of Arts and Science
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hubei University of Arts and Science filed Critical Hubei University of Arts and Science
Priority to CN201811034387.7A priority Critical patent/CN108989354B/en
Publication of CN108989354A publication Critical patent/CN108989354A/en
Application granted granted Critical
Publication of CN108989354B publication Critical patent/CN108989354B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

本公开提供一种身份验证方法及装置,涉及身份认证技术领域。本公开提供的身份验证方法及装置,服务端与用户端存储有与用户登录信息相关的区块链,用户在登录时,通过查找上次服务端发送至用户端的区块,并对区块信息进行解密,得到时间间隔,根据时间间隔产生新的区块,并将该区块发送至服务端,服务端在接收用户端发送的登录请求及区块后,采用与用户端对应的方式产生一个新的区块,并将新的区块与用户发送的区块进行比较,从而对用户身份进行验证,保证用户身份验证的安全性。

The disclosure provides an identity verification method and device, which relate to the technical field of identity verification. In the identity verification method and device provided by this disclosure, the server and the user end store a block chain related to the user's login information. Perform decryption to obtain the time interval, generate a new block according to the time interval, and send the block to the server. After receiving the login request and the block sent by the client, the server generates a block corresponding to the client. The new block is compared with the block sent by the user to verify the user's identity and ensure the security of the user's identity verification.

Description

一种身份验证方法及装置A method and device for identity verification

技术领域technical field

本公开涉及身份认证技术领域,具体而言,涉及一种身份验证方法及装置。The present disclosure relates to the technical field of identity authentication, and in particular, to an identity authentication method and device.

背景技术Background technique

随着科技技术的发展,人们在使用网络资源,访问网络应用系统时,为了保证信息的安全性,往往会对用户的身份进行验证,目前,身份验证的方式有很多,但大多在进行身份验证时,需要用户频繁更换登录口令,无法保证身份验证的安全性。With the development of science and technology, when people use network resources and access network application systems, in order to ensure the security of information, they often verify the user's identity. At present, there are many ways of identity verification, but most of them are , the user needs to change the login password frequently, and the security of identity verification cannot be guaranteed.

发明内容Contents of the invention

有鉴于此,本公开提供一种身份验证方法及装置。In view of this, the present disclosure provides an identity verification method and device.

本公开提供的一种身份验证方法,应用于与用户端交互的服务端;所述服务端存有与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第二字段及第三字段,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间;所述方法包括:An identity verification method provided by the present disclosure is applied to a server interacting with a client; the server stores a block chain related to user login information, the block chain includes a plurality of blocks, and the block The block includes a second field and a third field, the second field is the data of the block, including the user's identity information, the user's current login information and the time interval, and the third field is the generation time of the block; The methods described include:

接收所述用户端发送的用户的登录请求及第一区块。Receive the user's login request and the first block sent by the client.

根据所述登录请求及第一区块查找所述用户上次登录产生的第二区块。Searching for a second block generated by the user's last login according to the login request and the first block.

对所述第二区块的第二字段及第三字段进行解密,得到第一时间间隔。Decrypt the second field and the third field of the second block to obtain the first time interval.

根据所述第一时间间隔产生第三区块。A third block is generated according to the first time interval.

将所述第三区块与所述第一区块进行比较,如果所述第三区块与所述第一区块一致,判定所述用户身份验证通过。The third block is compared with the first block, and if the third block is consistent with the first block, it is determined that the user identity verification is passed.

进一步的,所述方法还包括:在所述用户身份验证通过之后,设置新的时间间隔。Further, the method further includes: setting a new time interval after the user identity verification is passed.

根据所述新的时间间隔与当前登录信息再次产生新的区块,并对所述新的区块的第二字段及第三字段进行加密。A new block is generated again according to the new time interval and current login information, and the second field and the third field of the new block are encrypted.

将所述新的区块保存在本地。Save the new block locally.

进一步的,所述区块还包括第一字段和第四字段;其中,Further, the block also includes a first field and a fourth field; wherein,

所述第一字段为上一个区块的哈希值。The first field is the hash value of the previous block.

所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得。The fourth field is a hash value of the block itself, and the hash value is calculated from the first field, the second field and the third field through a hash function.

进一步的,根据所述第一时间间隔产生第三区块的步骤包括:Further, the step of generating a third block according to the first time interval includes:

获取所述用户上次登录产生的区块的字段。Get the fields of the block generated by the user's last login.

将所述字段中的字段值加上所述第一时间间隔以产生新的字段。Adding the field value in the field to the first time interval to generate a new field.

通过使用哈希函数对所述新的字段计算哈希值,以产生第三区块。A hash value is calculated on the new field by using a hash function to generate a third block.

本公开提供一种身份验证方法,应用于与服务端交互的用户端;所述用户端存有与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第二字段及第三字段,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间;所述方法包括:The disclosure provides an identity verification method, which is applied to a client interacting with a server; the client stores a block chain related to user login information, and the block chain includes a plurality of blocks, and the block Including a second field and a third field, the second field is the data of the block, including the user's identity information, the user's current login information and the time interval, the third field is the generation time of the block; the Methods include:

向所述服务端发送登录请求,接收所述服务端发送的第四区块,所述第四区块为上一次登录时产生并保存在所述服务端。Sending a login request to the server, receiving a fourth block sent by the server, the fourth block was generated during the last login and stored in the server.

对所述第四区块的第二字段及第三字段进行解密,得到第二时间间隔。The second field and the third field of the fourth block are decrypted to obtain a second time interval.

根据所述第二时间间隔产生新的区块,并将所述新的区块发送至所述服务端进行身份验证。Generate a new block according to the second time interval, and send the new block to the server for identity verification.

进一步的,所述方法还包括:Further, the method also includes:

用户身份验证通过,设置新的时间间隔,以使所述服务端根据新的时间间隔产生新的区块并保存在所述服务端的本地,用于下一次登录时发送至所述用户端。After the user authentication is passed, a new time interval is set, so that the server generates a new block according to the new time interval and saves it locally at the server, and sends it to the client for the next login.

进一步的,所述区块还包括第一字段和第四字段;其中。Further, the block further includes a first field and a fourth field; wherein.

所述第一字段为上一个区块的哈希值。The first field is the hash value of the previous block.

所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对第一字段、第二字段和第三字段计算所得。The fourth field is a hash value of the block itself, and the hash value is calculated from the first field, the second field and the third field through a hash function.

进一步的,根据所述第二时间间隔产生新的区块,并将所述新的区块发送至所述服务端进行身份验证的步骤包括:Further, the step of generating a new block according to the second time interval, and sending the new block to the server for identity verification includes:

获取所述服务端发送的第四区块中的第三字段。Obtain the third field in the fourth block sent by the server.

将所述第三字段中的字段值加上所述第二时间间隔以产生新的第三字段。Adding the field value in the third field to the second time interval to generate a new third field.

根据哈希函数对新的第三字段计算哈希值,以产生所述新的区块。Calculate a hash value for the new third field according to a hash function to generate the new block.

将所述新的区块中的第三字段值与当前时间进行比较,若在设定范围内,则将所述新的区块发送至所述服务端;若不在设定范围内,则重复产生所述新的第三字段的过程,以继续产生新区块,直至产生的新区块中的第三字段值与当前时间的比较值在设定范围内。Comparing the third field value in the new block with the current time, if within the set range, sending the new block to the server; if not within the set range, repeating The process of generating the new third field is to continue to generate new blocks until the comparison value between the value of the third field in the generated new block and the current time is within a set range.

本公开提供一种身份验证装置,应用于与用户端交互的服务端;所述身份验证装置包括接收模块、查找模块、第一存储模块、第一执行模块、验证模块和第一生成模块。The disclosure provides an identity verification device, which is applied to a server interacting with a client; the identity verification device includes a receiving module, a search module, a first storage module, a first execution module, a verification module and a first generation module.

所述第一存储模块用于存储与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第一字段、第二字段、第三字段及第四字段,所述第一字段为上一个区块的哈希值,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间,所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得。The first storage module is used to store a block chain related to user login information, the block chain includes a plurality of blocks, and the block includes a first field, a second field, a third field and a fourth field , the first field is the hash value of the previous block, the second field is the data of the block, including the user’s identity information, the user’s current login information and time interval, and the third field is Block generation time, the fourth field is the hash value of the block itself, and the hash value is calculated by hashing the first field, the second field and the third field.

所述接收模块用于接收所述用户端发送的用户的登录请求及第一区块。The receiving module is configured to receive the user's login request and the first block sent by the client.

所述查找模块用于根据所述登录请求及所述第一区块,查找用户上次登录产生的第二区块。The searching module is used for searching the second block generated by the user's last login according to the login request and the first block.

所述第一执行模块用于对所述第二区块的第二字段及第三字段进行解密,得到第一时间间隔。The first execution module is used to decrypt the second field and the third field of the second block to obtain a first time interval.

所述第一生成模块用于根据所述第一时间间隔产生第三区块。The first generation module is used for generating a third block according to the first time interval.

所述验证模块用于对所述第一区块与所述第三区块进行比较,进行身份验证。The verification module is used for comparing the first block with the third block to perform identity verification.

本公开提供的一种身份验证装置,应用于服务端交互的用户端,所述身份验证装置包括第二存储模块、第二执行模块、第二生成模块。An identity verification device provided by the present disclosure is applied to a user end interacting with a server, and the identity verification device includes a second storage module, a second execution module, and a second generation module.

所述第二存储模块用于存储与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第一字段、第二字段、第三字段及第四字段,所述第一字段为上一个区块的哈希值,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间,所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得。The second storage module is used to store a block chain related to user login information, the block chain includes a plurality of blocks, and the block includes a first field, a second field, a third field and a fourth field , the first field is the hash value of the previous block, the second field is the data of the block, including the user’s identity information, the user’s current login information and time interval, and the third field is Block generation time, the fourth field is the hash value of the block itself, and the hash value is calculated by hashing the first field, the second field and the third field.

所述第二执行模块用于向所述服务端发送登录请求,并对第四区块的第二字段及第三字段进行解密,得到第二时间间隔,所述第四区块通过所述服务端在本次登录时发送给所述用户端获得;所述第四区块为上一次登录时产生并保存在所述服务端。The second execution module is used to send a login request to the server, and decrypt the second field and the third field of the fourth block to obtain a second time interval, and the fourth block passes the service The terminal sends it to the user terminal to obtain it during this login; the fourth block is generated and saved in the server terminal during the previous login.

所述第二生成模块用于根据所述第二时间间隔产生新的区块,将所述新的区块发送至所述服务端进行身份验证。The second generation module is used to generate a new block according to the second time interval, and send the new block to the server for identity verification.

本公开提供的身份验证方法及装置,服务端存储有与用户登录信息相关的区块链,服务端在接收用户端发送的登录请求及第一区块后,根据登录请求及第一区块查找用户上次登录产生的第二区块,并对第二区块的第二字段及第三字段进行解密,得到第一时间间隔;通过第一时间间隔产生第三区块,将第三区块与第一区块进行比较,从而对用户身份进行验证,不需要用户频繁更换登录口令就能保证身份验证的安全性,且能根据区块链对恶意登录进行追踪。In the identity verification method and device provided in this disclosure, the server stores a block chain related to user login information, and after receiving the login request and the first block sent by the user, the server searches for The second block generated by the user's last login, and decrypt the second field and the third field of the second block to obtain the first time interval; generate the third block through the first time interval, and convert the third block Compared with the first block to verify the user's identity, the security of identity verification can be guaranteed without the user frequently changing the login password, and the malicious login can be tracked according to the blockchain.

为使本公开的上述目的、特征和优点能更明显易懂,下文特举较佳实施例,并配合所附附图,作详细说明如下。In order to make the above-mentioned objects, features and advantages of the present disclosure more comprehensible, preferred embodiments will be described in detail below together with the accompanying drawings.

附图说明Description of drawings

为了更清楚地说明本公开的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,应当理解,以下附图仅示出了本公开的某些实施例,因此不应被看作是对范围的限定,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他相关的附图。In order to illustrate the technical solutions of the present disclosure more clearly, the accompanying drawings used in the embodiments will be briefly introduced below. It should be understood that the following drawings only show some embodiments of the present disclosure, and therefore should not As a limitation of the scope, those skilled in the art can also obtain other related drawings based on these drawings without creative work.

图1为本公开所提供的身份验证方法的一种流程示意图。FIG. 1 is a schematic flowchart of an identity verification method provided by the present disclosure.

图2为本公开所提供的身份验证方法的区块示意图。FIG. 2 is a schematic block diagram of the identity verification method provided by the present disclosure.

图3为本公开所提供的身份验证方法的区块链示意图。Fig. 3 is a block chain schematic diagram of the identity verification method provided by the present disclosure.

图4为本公开所提供的身份验证方法的另一种流程示意图。Fig. 4 is another schematic flowchart of the identity verification method provided by the present disclosure.

图5为本公开所提供的身份验证方法的又一种流程示意图。Fig. 5 is another schematic flowchart of the identity verification method provided by the present disclosure.

图6为本公开所提供的身份验证方法的又一种流程示意图。Fig. 6 is another schematic flowchart of the identity verification method provided by the present disclosure.

图7为本公开所提供的身份验证装置的又一种流程示意图。Fig. 7 is another schematic flowchart of the identity verification device provided by the present disclosure.

图8为本公开所提供的身份验证装置的一种方框示意图。FIG. 8 is a schematic block diagram of an identity verification device provided by the present disclosure.

图9为本公开所提供的身份验证装置的另一种方框示意图。FIG. 9 is another schematic block diagram of an identity verification device provided by the present disclosure.

图标:10-第一身份验证装置;11-第一存储模块;12-接收模块;13-查找模块;14-第一执行模块;15-第一生成模块;16-验证模块;20-第二身份验证装置;21-第二存储模块;22-第二执行模块;23-第二生成模块。Icons: 10 - first identity verification device; 11 - first storage module; 12 - receiving module; 13 - search module; 14 - first execution module; 15 - first generation module; 16 - verification module; 20 - second Identity verification device; 21-second storage module; 22-second execution module; 23-second generation module.

具体实施方式Detailed ways

下面将结合本公开中附图,对本公开中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本公开一部分实施例,而不是全部的实施例。通常在此处附图中描述和示出的本公开的组件可以以各种不同的配置来布置和设计。因此,以下对在附图中提供的本公开的实施例的详细描述并非旨在限制要求保护的本公开的范围,而是仅仅表示本公开的选定实施例。基于本公开的实施例,本领域技术人员在没有做出创造性劳动的前提下所获得的所有其他实施例,都属于本公开保护的范围。The technical solutions in the present disclosure will be clearly and completely described below in conjunction with the drawings in the present disclosure. Obviously, the described embodiments are only some of the embodiments of the present disclosure, not all of them. The components of the present disclosure generally described and illustrated in the figures herein may be arranged and designed in a variety of different configurations. Accordingly, the following detailed description of the embodiments of the present disclosure provided in the accompanying drawings is not intended to limit the scope of the claimed disclosure, but merely represents selected embodiments of the present disclosure. Based on the embodiments of the present disclosure, all other embodiments obtained by those skilled in the art without creative effort shall fall within the protection scope of the present disclosure.

应注意到:相似的标号和字母在下面的附图中表示类似项,因此,一旦某一项在一个附图中被定义,则在随后的附图中不需要对其进行进一步定义和解释。It should be noted that like numerals and letters denote similar items in the following figures, therefore, once an item is defined in one figure, it does not require further definition and explanation in subsequent figures.

身份认证技术是在计算机网络中确认操作者身份的过程而产生的有效解决方法。计算机网络世界中一切信息包括用户的身份信息都是用一组特定的数据来表示的,计算机只能识别用户的数字身份,所有对用户的授权也是针对用户数字身份的授权。如何保证以数字身份进行操作的操作者就是这个数字身份合法拥有者,也就是说保证操作者的物理身份与数字身份相对应,身份认证技术就是为了解决这个问题,作为防护网络资产的第一道关口,身份认证有着举足轻重的作用。Identity authentication technology is an effective solution to the process of confirming the identity of the operator in the computer network. All information in the computer network world, including the user's identity information, is represented by a specific set of data. Computers can only identify the user's digital identity, and all authorizations to users are also authorizations for the user's digital identity. How to ensure that the operator who operates with a digital identity is the legal owner of this digital identity, that is to say, to ensure that the physical identity of the operator corresponds to the digital identity. Identity authentication technology is to solve this problem, as the first way to protect network assets At the gateway, identity authentication plays a pivotal role.

目前,身份验证的方式有很多,但大多在进行身份验证时,需要用户频繁更换登录口令,保证身份验证的安全性,更甚至若系统存在漏洞,发生恶意登录时,无法及时发现恶意登录或对恶意登录进行追踪。At present, there are many authentication methods, but most of them require the user to frequently change the login password to ensure the security of the authentication, and even if there are loopholes in the system, when malicious login occurs, it is impossible to detect malicious login or malicious login in time. Malicious logins are tracked.

基于上述研究,本公开提供一种身份验证方法及装置。Based on the above research, the present disclosure provides an identity verification method and device.

请结合参阅图1,是本公开提供的一种身份验证方法的流程示意图,所述方法应用于与用户端交互的服务端;所述服务端存有与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第二字段及第三字段,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间。下面将对图1所示的具体流程进行详细阐述。Please refer to Figure 1, which is a schematic flow diagram of an identity verification method provided by the present disclosure. The method is applied to a server interacting with a client; the server stores a block chain related to user login information, so The block chain includes a plurality of blocks, the block includes a second field and a third field, the second field is the data of the block, including the user's identity information, the user's current login information and the time interval , the third field is block generation time. The specific process shown in FIG. 1 will be described in detail below.

步骤S10:接收所述用户端发送的用户的登录请求及第一区块。Step S10: Receive the user's login request and the first block sent by the client.

步骤S11:根据所述登录请求及第一区块查找所述用户上次登录产生的第二区块。Step S11: Find the second block generated by the user's last login according to the login request and the first block.

步骤S12:对所述第二区块的第二字段及第三字段进行解密,得到第一时间间隔。Step S12: Decrypt the second field and the third field of the second block to obtain a first time interval.

其中,用户在首次登录时设置登录口令,所述服务端按照设定的计算方法计算出密钥,计算出来的密钥由所述服务端与所述用户端共享,所述计算出来的密钥保存在所述服务端及所述用户端。用户在下一次登录时,所述服务端接收到登录请求后及所述第一区块后,通过密钥对所述第二区块的第二字段及第三字段进行解密,得到所述第一时间间隔。Wherein, the user sets a login password when logging in for the first time, and the server calculates a key according to a set calculation method, and the calculated key is shared by the server and the user, and the calculated key Save in the server and the user. When the user logs in next time, after the server receives the login request and the first block, it decrypts the second field and the third field of the second block with a key to obtain the first block. time interval.

步骤S13:根据所述第一时间间隔产生第三区块。Step S13: Generate a third block according to the first time interval.

步骤S14:将所述第三区块与所述第一区块进行比较,判断所述第三区块与所述第一区块是否一致。Step S14: comparing the third block with the first block, and judging whether the third block is consistent with the first block.

其中,如果所述第三区块与所述第一区块一致,即所述第三区块所包括的信息与所述第一区块所包括的信息一致,判定所述用户身份验证通过,执行步骤S15,如果所述第三区块与所述第一区块不一致,即所述第三区块所包括的信息与所述第一区块所包括的信息不一致,则执行步骤S141。Wherein, if the third block is consistent with the first block, that is, the information included in the third block is consistent with the information included in the first block, it is determined that the user identity verification is passed, Execute step S15, if the third block is inconsistent with the first block, that is, the information included in the third block is inconsistent with the information included in the first block, then execute step S141.

步骤S141:身份验证不通过。Step S141: Identity verification fails.

步骤S15:在所述用户身份验证通过之后,设置新的时间间隔。Step S15: Set a new time interval after the user identity verification is passed.

其中若没有设置新的时间间隔,则所述服务端默认新的时间间隔与第一时间间隔相同。If no new time interval is set, the server defaults that the new time interval is the same as the first time interval.

步骤S16:根据所述新的时间间隔与当前登录信息再次产生新的区块。Step S16: Generate a new block again according to the new time interval and the current login information.

其中,在产生新的区块时,所述新的区块除了所述新的时间间隔和当前登录信息,还包括用户信息等,所述新的时间间隔作为新的登录条件用于下次用户登录产生新区块的条件,当前登录信息包括本次登录时间,本次登录时间以当地时间为准。Wherein, when a new block is generated, in addition to the new time interval and current login information, the new block also includes user information, etc., and the new time interval is used as a new login condition for the next user Register the conditions for generating a new block. The current login information includes the login time, which is based on the local time.

步骤S17:将所述新的区块保存在本地。Step S17: Save the new block locally.

其中,所述新的区块保存在本地,用户在下一次登录时,所述服务端将所述新的区块发送至所述用户端,所述服务端也根据所述新的区块再次对用户身份进行验证。Wherein, the new block is saved locally, and when the user logs in next time, the server sends the new block to the client, and the server also performs the new block again according to the new block. User identity is verified.

进一步的,请结合参阅图2,所述区块还包括第一字段和第四字段;其中,所述第一字段为上一个区块的哈希值;所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔;所述第三字段为区块产生时间;所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对第一字段、第二字段和第三字段计算所得。Further, please refer to FIG. 2, the block also includes a first field and a fourth field; wherein, the first field is the hash value of the previous block; the second field is the hash value of the block The data, including the user's identity information, user's current login information and time interval; the third field is the block generation time; the fourth field is the hash value of the block itself, and the hash value Calculated from the first field, the second field, and the third field through a hash function.

所述第二字段为所述区块的数据,其中用户的身份信息为用户首次登录所记录的信息,例如用户名;用户本次登录信息,包括本次登录的时间;时间间隔则是作为下一次登录的条件。其中当所述区块在进行保存时,会对所述第二字段用密钥进行加密,保证数据的安全性。The second field is the data of the block, wherein the user's identity information is the information recorded by the user's first login, such as the user name; the user's current login information includes the time of this login; the time interval is used as the next A login condition. Wherein, when the block is being saved, the second field will be encrypted with a key to ensure data security.

所述第三字段为区块产生的时间,时间精度可设置为小时、分钟、秒、毫秒等,由所述服务端自身情况而决定,当所述区块在进行保存时,会对所述第三字段用密钥进行加密,保证数据的安全性。The third field is the time when the block is generated, and the time precision can be set to hours, minutes, seconds, milliseconds, etc., which is determined by the server itself. When the block is being saved, the The third field is encrypted with a key to ensure data security.

所述区块的哈希值是通过哈希函数对区块的字段进行计算所得,所述哈希函数可以为MD4、MD5、SHA-1、SHA-256等。由于所述第一字段为上一个区块的哈希值,而所述第四字段为本区块的哈希值,为了避免区块被恶意篡改,可以将区块组成链,如图3所示,进而可以验证每个区块的合法性。The hash value of the block is obtained by calculating the fields of the block through a hash function, and the hash function may be MD4, MD5, SHA-1, SHA-256 and the like. Since the first field is the hash value of the previous block, and the fourth field is the hash value of this block, in order to prevent the block from being maliciously tampered with, the block can be formed into a chain, as shown in Figure 3 In turn, the legitimacy of each block can be verified.

进一步的,请结合参阅图3,图3为本公开所提供的身份验证方法的区块链示意图,对区块进行验证时,可以对所述第一字段、第二字段及第三字段计算哈希值,将计算出来的哈希值与所述第四字段进行对比,如果计算出来的哈希值与所述第四字段相等,则认为该区块没有被恶意篡改,是合法用户端正常计算结果,如果计算出来的哈希值与所述第四字段不相等,则认为该区块被恶意篡改,不是合法用户端正常计算结果。进而,可以对整个区块链进行验证,通过比较所述第一字段与上一个区块的第四字段是否相等,如果所述第一字段与上一个区块的第四字段是相等的,则认为该区块是合法的,当这个区块是合法的之后,则可以通过通样的方法对上一个区块验证其合法性,进而可以一直验证到初始模块,对整个区块链进行追踪。Further, please refer to Fig. 3. Fig. 3 is a schematic diagram of the block chain of the identity verification method provided by the present disclosure. When verifying the block, the first field, the second field and the third field can be calculated. Hash value, compare the calculated hash value with the fourth field, if the calculated hash value is equal to the fourth field, it is considered that the block has not been maliciously tampered with, and it is a normal calculation by a legitimate client As a result, if the calculated hash value is not equal to the fourth field, it is considered that the block has been maliciously tampered with, and it is not a normal calculation result of the legal client. Furthermore, the entire blockchain can be verified by comparing whether the first field is equal to the fourth field of the previous block, and if the first field is equal to the fourth field of the previous block, then It is considered that the block is legal, and when the block is legal, the validity of the previous block can be verified by the same method, and then it can be verified all the way to the initial module to track the entire blockchain.

请结合参阅图4,所述服务端根据所述第一时间间隔产生第三区块的步骤包括:Please refer to FIG. 4, the step of the server generating the third block according to the first time interval includes:

步骤S131:获取所述用户上次登录产生的区块的字段。Step S131: Obtain the fields of the block generated by the user's last login.

其中,用户上次登录过程中会产生多个区块,并且产生的多个区块一并保存在所述服务端,当所述服务端接收到所述用户端发送的登录请求及第一区块后,查找用户上次登录中最后产生的区块,即所述第二区块,并对该区块的第二字段及第三字段进行解密,得到存储在第二字段的第一时间间隔以及第三字段中的产生时间。Wherein, a plurality of blocks will be generated during the last login process of the user, and the generated blocks will be stored in the server together. When the server receives the login request sent by the user and the first area After the block, find the last block generated in the user's last login, that is, the second block, and decrypt the second field and the third field of the block to obtain the first time interval stored in the second field and the generation time in the third field.

步骤S132:将所述字段中的字段值加上所述第一时间间隔以产生新的字段。Step S132: adding the field value in the field to the first time interval to generate a new field.

其中,所述服务端使用用户上次登录产生区块中的最后一个区块的第三字段,即区块产生的时间,在此时间上加上所述第一时间间隔,形成一个新的第三字段,所述新的第三字段作为第三区块的第三字段,比如,用户上次登录,该区块产生的时间为9:00,时间间隔为5分钟,则在9:00的基础上加上五分钟,即9:05,则新的第三字段则为9:05。再例如,如果用户上次登录,产生该区块的时间为前一天的10:00,时间间隔为5分钟,则在前一天的10:00的基础上加上五分钟,即前一天的10:05,则新的第三字段则为前一天的10:05,然后又在前一天的10:05的基础上再加上分钟,即前一天的10:10,再次产生新的第三字段,重复在上一次的基础上加上时间间隔,不断产生新的第三字段,一直持续到当前时间为止。Wherein, the server uses the third field of the last block generated by the user's last login, that is, the time when the block was generated, and adds the first time interval to this time to form a new first time interval. Three fields, the new third field is used as the third field of the third block, for example, the last time the user logged in, the block was generated at 9:00, and the time interval is 5 minutes, then at 9:00 Add five minutes to the basis, which is 9:05, and the new third field will be 9:05. For another example, if the user logged in last time, the block was generated at 10:00 of the previous day, and the time interval is 5 minutes, then add five minutes to the 10:00 of the previous day, that is, 10:00 of the previous day :05, the new third field is 10:05 of the previous day, and then the minute is added on the basis of 10:05 of the previous day, that is, 10:10 of the previous day, and a new third field is generated again , repeat adding the time interval on the basis of the previous time, and continuously generate a new third field until the current time.

步骤S133:通过使用哈希函数对所述新的字段计算哈希值,以产生第三区块。Step S133: Calculate a hash value for the new field by using a hash function to generate a third block.

对新的第三字段、第二区块的第二字段和第二区块的第四字段计算哈希值,将计算出来的哈希值作为新的第四字段,将第二区块的第四字段作为新区块的第一字段,将第二区块的第二字段作为新区块的第二字段,新的第三字段作为新区块的第三字段,新的第四字段作为新区块的第四字段,这样则构成了新区块。Calculate the hash value for the new third field, the second field of the second block, and the fourth field of the second block, use the calculated hash value as the new fourth field, and use the hash value of the second block The fourth field is used as the first field of the new block, the second field of the second block is used as the second field of the new block, the new third field is used as the third field of the new block, and the new fourth field is used as the first field of the new block Four fields, thus forming a new block.

其中,每产生一个新的第三字段,则会通过哈希函数计算哈希值,以产生一个新的区块,重复产生新的区块,一直持续到该区块的产生时间接近于当前时间,并将该区块作为第三区块,将第三区块与所述用户端发送的第一区块进行比较,进而对用户的身份进行验证。Among them, every time a new third field is generated, the hash value will be calculated by the hash function to generate a new block, and the new block will be generated repeatedly until the generation time of the block is close to the current time , and use this block as the third block, and compare the third block with the first block sent by the client, and then verify the identity of the user.

本公开提供的一种身份验证方法,应用于与用户端交互的服务端,服务端存储有与用户登录信息相关的区块链,服务端在接收用户端发送的登录请求及第一区块后,根据登录请求及第一区块查找用户上次登录产生的第二区块,并对第二区块的第二字段及第三字段进行解密,得到第一时间间隔;通过第一时间间隔产生第三区块,将第三区块与第一区块进行比较,从而对用户身份进行验证,不需要用户频繁更换登录口令就能保证身份验证的安全性,并且能根据区块链验证区块的合法性,对恶意登录进行追踪,The identity verification method provided by this disclosure is applied to the server interacting with the client. The server stores the block chain related to the user’s login information. After receiving the login request and the first block sent by the client, the server , according to the login request and the first block to find the second block generated by the user's last login, and decrypt the second field and the third field of the second block to obtain the first time interval; generate through the first time interval The third block compares the third block with the first block to verify the identity of the user. It does not require the user to frequently change the login password to ensure the security of the identity verification, and can verify the block according to the blockchain. legitimacy, tracking malicious logins,

请结合参阅图5,是本公开提供的一种身份验证方法的流程示意图,所述方法应用于与服务端交互的用户端;所述用户端存有与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第二字段及第三字段,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间。下面将对图5所示的具体流程进行详细阐述。Please refer to FIG. 5 , which is a schematic flow diagram of an identity verification method provided by the present disclosure. The method is applied to a client interacting with a server; the client has a block chain related to user login information, so The block chain includes a plurality of blocks, the block includes a second field and a third field, the second field is the data of the block, including the user's identity information, the user's current login information and the time interval , the third field is block generation time. The specific process shown in FIG. 5 will be described in detail below.

步骤S20:向所述服务端发送登录请求,接收所述服务端发送的第四区块。Step S20: Send a login request to the server, and receive the fourth block sent by the server.

其中,所述第四区块通过上一次登录时产生并保存在所述服务端,所述服务端在将所述第四区块发送至所述用户端时,所述服务端同时也保存有与第四区块相同的区块,所述第四区块为用户上次登录过程中最后产生的区块。用户在进行登录时,所述服务端在接收到用户的登录请求后,才将所述第四区块发送至所述用户端,进而,用户更换不同的用户端,也可通过区块进行身份验证,以使用户正常登录,提供身份验证的安全性。Wherein, the fourth block is generated and saved in the server during the last login, and when the server sends the fourth block to the client, the server also saves the The same block as the fourth block, the fourth block is the last block generated during the user's last login process. When the user logs in, the server sends the fourth block to the client after receiving the user's log-in request. Furthermore, when the user changes to a different client, the identity can also be identified through the block. Authenticate to allow users to log in normally, providing authentication security.

步骤S21:对所述第四区块的第二字段及第三字段进行解密,得到第二时间间隔。Step S21: Decrypt the second field and the third field of the fourth block to obtain a second time interval.

其中,用户在首次登录时设置登录口令,所述服务端根据所述口令按照设定的计算方法计算出密钥,计算出来的密钥由所述服务端与所述用户端共享,所述计算出来的密钥保存在所述服务端及所述用户端,用户无法得知所述密钥,其中,设定的计算方法可以为哈希函数,设登录口令为a,Hash(a)=b,然后将b作为密钥,用户在登录时,需要输入自己设置的登录口令,所述用户端在检测到登录口令为正确的登录口令,根据哈希函数,将登录口令恢复成密钥,进而对区块进行解密。Wherein, the user sets a login password when logging in for the first time, and the server calculates a key according to a set calculation method according to the password, and the calculated key is shared by the server and the user. The outgoing key is stored in the server and the client, and the user cannot know the key. Wherein, the calculation method set can be a hash function, and the login password is a, and Hash(a)=b , and then use b as the key, when the user logs in, he needs to input the login password set by himself, and the user end detects that the login password is the correct login password, and restores the login password to the key according to the hash function, and then Decrypt the block.

例如,用户在首次登录时设置登录口令为123456,按照哈希函数计算出的密钥为654321,用户在下一次登录时,只需要输入123456,所述用户端则根据哈希函数,将所述登录口令123456恢复成密钥654321,进而对区块的第二字段及第三字段进行解密。For example, the user sets the login password as 123456 when logging in for the first time, and the key calculated according to the hash function is 654321. The password 123456 is restored to the key 654321, and then the second field and the third field of the block are decrypted.

可以理解地,所述第二时间间隔与所述第一时间间隔相同。Understandably, the second time interval is the same as the first time interval.

步骤S22:根据所述第二时间间隔产生新的区块,并将所述新的区块发送至所述服务端进行身份验证。Step S22: Generate a new block according to the second time interval, and send the new block to the server for identity verification.

其中,可以理解地,所述新的区块即为上述过程中提到第一区块,所述服务端接收到所述用户端发送的所述新的区块及登录请求后,查找上一次登录时所述服务端产生的区块,执行上述步骤S10至步骤S17相应的过程。Wherein, it can be understood that the new block is the first block mentioned in the above process, and after receiving the new block and the login request sent by the client, the server searches for the last For the blocks generated by the server during login, the corresponding processes from the above steps S10 to S17 are executed.

步骤S23:用户身份验证通过,设置新的时间间隔,以使所述服务端根据新的时间间隔产生新的区块并保存所述服务端的本地,用于下一次登录时发送至所述用户端。Step S23: User identity verification is passed, and a new time interval is set, so that the server generates a new block according to the new time interval and saves the local of the server, which is sent to the client for the next login .

其中,新的时间间隔可以由用户自己设置,如果用户不自行设置,则可由所述服务端设定。Wherein, the new time interval can be set by the user himself, if the user does not set it by himself, it can be set by the server.

进一步的,保存在所述用户端的区块包括第一字段、第二字段、第三字段和第四字段;所述第一字段为上一个区块的哈希值;所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔;所述第三字段为区块产生时间;所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对第一字段、第二字段和第三字段计算所得。Further, the block stored at the client includes a first field, a second field, a third field and a fourth field; the first field is the hash value of the previous block; the second field is the hash value of the previous block; The data of the block, including the user's identity information, the user's current login information and the time interval; the third field is the block generation time; the fourth field is the hash value of the block itself, and the The hash value is calculated on the first field, the second field and the third field through a hash function.

由于所述用户端保存的区块与所述服务端保存的区块一致,且同样可组成区块链,可参照上述对服务端区块及区块链的描述。Since the blocks stored on the client end are consistent with the blocks stored on the server end, and can also form a block chain, reference can be made to the above description of the block on the server end and the block chain.

请结合参阅图6,所述用户端根据所述第二时间间隔产生的新的区块,并将所述新的区块发送至所述服务端进行身份验证的步骤包括:Please refer to FIG. 6, the steps of the client generating a new block according to the second time interval and sending the new block to the server for identity verification include:

步骤S221:获取所述服务端发送的第四区块中的第三字段。Step S221: Obtain the third field in the fourth block sent by the server.

其中,所述用户端接收到所述服务端发送的第四区块,输入登录口令,所述用户端根据设定的计算方法将所述登录口令恢复成密钥,进而对第四区块的第二字段及第三字段进行解密,得到第二时间间隔和第三字段产生的时间。Wherein, the client receives the fourth block sent by the server, and inputs a login password, and the client recovers the login password into a key according to a set calculation method, and then performs an encryption of the fourth block. The second field and the third field are decrypted to obtain the second time interval and the time generated by the third field.

步骤S222:将所述第三字段中的字段值加上所述第二时间间隔以产生新的第三字段。Step S222: Add the field value in the third field to the second time interval to generate a new third field.

其中,所述用户端使用第四区块的第三字段,即区块产生的时间,在此时间上加上所述第二时间间隔,形成一个新的第三字段,所述新的第三字段作为新的区块的第三字段,比如,区块产生的时间为9:00,时间间隔为5分钟,则在9:00的基础上加上五分钟,即9:05,则新的第三字段则为9:05,再例如,如果用户上次登录,产生该区块的时间为前一天的10:00,时间间隔为5分钟,则在前一天的10:00的基础上加上五分钟,即前一天的10:05,则新的第三字段则为前一天的10:05,然后又在前一天的10:05的基础上再加上分钟,即前一天的10:10,再次产生新的第三字段,重复在上一次的基础上加上时间间隔,不断产生新的第三字段,一直持续到当前时间为止。Wherein, the client uses the third field of the fourth block, that is, the block generation time, and adds the second time interval to this time to form a new third field, and the new third field is used as the third field of the new block, for example, the block generation time is 9:00, and the time interval is 5 minutes, then add five minutes on the basis of 9:00, that is, 9:05, then the new The third field is 9:05. For another example, if the user logged in last time, the block was generated at 10:00 of the previous day, and the time interval is 5 minutes, then add Last five minutes, that is, 10:05 of the previous day, the new third field is 10:05 of the previous day, and then add minutes on the basis of 10:05 of the previous day, that is, 10 of the previous day: 10. Generate a new third field again, repeat adding a time interval on the basis of the last time, and continuously generate a new third field until the current time.

步骤S223:通过使用哈希函数对新的第三字段计算哈希值,以产生所述新的区块。Step S223: Calculate a hash value on the new third field by using a hash function to generate the new block.

对新的第三字段、第四区块的第二字段和第四区块的第四字段计算哈希值,将计算出来的哈希值作为新的第四字段,将第四区块的第四字段作为新的区块的第一字段,第四区块的第二字段作为新的区块的第二字段,新的第三字段作为新的区块的第三字段,新的第四字段作为新的区块的第四字段,这样则构成了新的区块。Calculate the hash value for the new third field, the second field of the fourth block, and the fourth field of the fourth block, use the calculated hash value as the new fourth field, and use the hash value of the fourth block The fourth field is used as the first field of the new block, the second field of the fourth block is used as the second field of the new block, the new third field is used as the third field of the new block, and the new fourth field As the fourth field of the new block, this constitutes a new block.

步骤S224:将所述新的区块中的第三字段值与当前时间进行比较,判断是否在设定范围内。Step S224: Compare the value of the third field in the new block with the current time, and determine whether it is within the set range.

其中,每产生一个新的第三字段,则会通过哈希函数计算哈希值,以产生一个新的区块,重复产生新的区块,一直持续到该区块的产生时间接近于当前时间,再将该区块的第三字段与当前时间进行比较。Among them, every time a new third field is generated, the hash value will be calculated by the hash function to generate a new block, and the new block will be generated repeatedly until the generation time of the block is close to the current time , and compare the third field of the block with the current time.

所述设定范围可自行设定,若在设定范围内,则执行步骤S225,将所述新的区块发送至所述服务端。若不在设定范围内,则返回执行步骤S221,继续产生新区块,直至产生的新区块中的第三字段值与当前时间的比较值在设定范围内。The setting range can be set by yourself. If it is within the setting range, step S225 is executed to send the new block to the server. If not within the set range, return to step S221 and continue to generate new blocks until the comparison value of the third field value in the generated new block and the current time is within the set range.

步骤S225:将所述新的区块发送至所述服务端。Step S225: Send the new block to the server.

其中,可以理解地,所述新的区块即为上述过程中提到第一区块,当所述新的区块发送至所述服务端时,所述服务端执行上述步骤S10至步骤S14相应的过程,进而对身份进行验证。在此过程中,所述用户端也会保存重新产生的多个区块,进而所述用户端存储的区块包括所述服务端发送给所述用户端的区块以及自身产生的多个区块。Wherein, it can be understood that the new block is the first block mentioned in the above process, and when the new block is sent to the server, the server executes the above steps S10 to S14 The corresponding process, and then to verify the identity. During this process, the client will also save multiple regenerated blocks, and the blocks stored by the client include the blocks sent by the server to the client and multiple blocks generated by itself .

上述过程为用户普通登录进行身份验证的过程,当用户首次登录的时候,请结合参阅图7,是用户首次登录流程示意图,下面将对图7所示的具体流程进行详细阐述。The above process is the process of identity verification for the user's normal login. When the user logs in for the first time, please refer to Figure 7, which is a schematic diagram of the user's first login process. The specific process shown in Figure 7 will be described in detail below.

步骤S30:用户注册。Step S30: user registration.

新用户注册时,用户需要设置自己的登录口令,服务端及用户端根据该登录口令,按照设定的计算方法计算出密钥。该密钥基于对称密码(系统实现时可以自选密码算法),用于对以后信息的加密,及上述过程中对区块字段的加密,用户与验证方共享。When a new user registers, the user needs to set his own login password, and the server and the user end calculate the key according to the calculation method set according to the login password. The key is based on a symmetric cipher (you can choose a cipher algorithm when the system is implemented), which is used to encrypt future information and block fields in the above process, and is shared between the user and the verifier.

再例如,用户使用公用电脑端进行登录时,服务端会存储多个人的身份信息区块链,进而用户在进行登录时,服务端还需要从多个人的身份信息区块链中寻找用户对应的身份信息区块链,为了提供身份验证的安全性,用户在首次登录时,除设置登录口令外,还可设定特定的用户名。例如,用户在登录时,向服务端发送登录请求,该登录请求包括用户的用户名,服务端在接收到用户端发送的登录请求后,根据用户的用户名,从多个人的身份信息区块链中查找与用户名对应的身份信息区块链,查找到与用户名对应的身份信息区块链后,将上次登录最后产生的区块发送至用户端。For another example, when a user uses a public computer to log in, the server will store the identity information blockchain of multiple people, and then when the user logs in, the server needs to find the user's corresponding ID information from the blockchain of multiple people's identity information. The identity information blockchain, in order to provide the security of identity verification, users can set a specific user name in addition to setting a login password when logging in for the first time. For example, when a user logs in, he sends a login request to the server. The login request includes the user's username. Search the identity information block chain corresponding to the user name in the chain, and after finding the identity information block chain corresponding to the user name, send the last block generated by the last login to the client.

步骤S31:初始化。Step S31: initialization.

所述服务端初始化,产生初始区块,用于以后的验证过程,其中区块的第一字段由所述服务端指定,例如固定为0或其他值。The server is initialized to generate an initial block for the subsequent verification process, wherein the first field of the block is specified by the server, for example fixed to 0 or other values.

步骤S32:用户首次自动登录。Step S32: The user logs in automatically for the first time.

用户注册成功后自动登录系统。After successful registration, the user will automatically log in to the system.

步骤S33:下次登录条件的设置。Step S33: setting of the next login condition.

用户登录成功后,需要设定时间间隔,服务端根据时间间隔及当前登录信息产生初始区块,服务端将初始区块保存在本地,并发送至用户端进行保存。下一次登录时,通过时间间隔产生新的区块,该区块的产生将被用于用户登录的验证。After the user logs in successfully, the time interval needs to be set. The server generates the initial block according to the time interval and the current login information. The server saves the initial block locally and sends it to the client for storage. When logging in next time, a new block will be generated through the time interval, and the generation of this block will be used for the verification of user login.

初始区块块的产生是在内存中,只有当用户成功登录之后,并且设置了下次区块产生的条件,即时间间隔之后,才会产生并被写入硬盘保存,初始区块的产生时间为用户首次的登录时间。The generation of the initial block is in the memory. Only after the user successfully logs in and sets the conditions for the generation of the next block, that is, after the time interval, will it be generated and written to the hard disk for storage. The generation time of the initial block The user's first login time.

步骤S35:下次用户登录。Step S35: the user logs in next time.

步骤S36:判断验证是否通过。Step S36: Judging whether the verification is passed.

该步骤可参照上述对身份验证的过程。如果验证通过,则设置下次登录的条件。如果验证不通过,则身份验证失败。For this step, refer to the above-mentioned identity verification process. If the verification is passed, set the conditions for the next login. If verification fails, authentication fails.

本公开提供的一种身份验证方法,应用于与服务端交互的用户端,用户端存储有与用户登录信息相关的区块链,用户端发送登录请求,取出用户上次登录产生的第四区块,并对第四区块的第二字段及第三字段进行解密,得到第二时间间隔;通过第二时间间隔产生新的区块,将新的区块发送至服务端,服务端根据时间间隔产生区块,将新的区块与服务端产生的区块进行对比,从而对用户身份进行验证,不需要用户频繁更换登录口令就能保证身份验证的安全性,并且能根据区块链验证区块的合法性,对恶意登录进行追踪。An identity verification method provided by this disclosure is applied to the client interacting with the server. The client stores a blockchain related to the user’s login information. The client sends a login request and retrieves the fourth area generated by the user’s last login. block, and decrypt the second field and the third field of the fourth block to obtain the second time interval; a new block is generated through the second time interval, and the new block is sent to the server. Blocks are generated at intervals, and the new block is compared with the block generated by the server to verify the user's identity. It does not require the user to frequently change the login password to ensure the security of the identity verification, and can be verified according to the blockchain. The legitimacy of the block to track malicious logins.

请结合参阅图8,为本公开提供的第一身份验证装置10,应用于与用户端交互的服务端,所述第一身份验证装置10用于执行图1所述的流程图中的步骤S10至步骤S17。所述第一身份验证装置10包括接收模块12、查找模块13、第一存储模块11、第一执行模块14、验证模块16和第一生成模块15。Please refer to FIG. 8 , the first identity verification device 10 provided for the present disclosure is applied to the server interacting with the client, and the first identity verification device 10 is used to execute step S10 in the flowchart shown in FIG. 1 Go to step S17. The first identity verification device 10 includes a receiving module 12 , a search module 13 , a first storage module 11 , a first execution module 14 , a verification module 16 and a first generation module 15 .

所述第一存储模块11用于存储与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第一字段、第二字段、第三字段及第四字段,所述第一字段为上一个区块的哈希值,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间,所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得。The first storage module 11 is used to store a block chain related to user login information, the block chain includes a plurality of blocks, and the block includes a first field, a second field, a third field and a fourth field. field, the first field is the hash value of the previous block, the second field is the data of the block, including the user's identity information, the user's current login information and time interval, the third field is the generation time of the block, and the fourth field is the hash value of the block itself, and the hash value is calculated from the first field, the second field and the third field through a hash function.

所述接收模块12用于接收所述用户端发送的用户的登录请求及第一区块。The receiving module 12 is configured to receive the user's login request and the first block sent by the client.

所述查找模块13用于根据所述登录请求及所述第一区块,查找用户上次登录产生的第二区块。The searching module 13 is configured to search the second block generated by the user's last login according to the login request and the first block.

所述第一执行模块14用于对所述第二区块的第二字段及第三字段进行解密,得到第一时间间隔。The first executing module 14 is configured to decrypt the second field and the third field of the second block to obtain a first time interval.

所述第一生成模块15用于根据所述第一时间间隔产生第三区块。The first generating module 15 is configured to generate a third block according to the first time interval.

所述验证模块16用于对所述第一区块与所述第三区块进行比较,进行身份验证。The verification module 16 is used for comparing the first block with the third block to perform identity verification.

所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的第一身份验证装置10的具体工作过程,可以参考前述方法步骤S10至步骤S17中的对应过程,在此不再过多赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the first identity verification device 10 described above can refer to the corresponding process in the aforementioned method step S10 to step S17, which will not be repeated here. Too much to repeat.

请结合参阅图9,为本公开提供的第二身份验证装置20,应用于服务端交互的用户端,所述第二身份验证装置20用于执行图5所述的流程图中的步骤S20至步骤S25。所述第二身份验证装置20包括第二存储模块21、第二执行模块22、第二生成模块23。Please refer to FIG. 9 in conjunction with the second identity verification device 20 provided by the present disclosure, which is applied to the client side of the server interaction, and the second identity verification device 20 is used to execute steps S20 to Step S25. The second identity verification device 20 includes a second storage module 21 , a second execution module 22 and a second generation module 23 .

所述第二存储模块21用于存储与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第一字段、第二字段、第三字段及第四字段,所述第一字段为上一个区块的哈希值,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间,所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得。The second storage module 21 is used to store a block chain related to user login information, the block chain includes a plurality of blocks, and the block includes a first field, a second field, a third field and a fourth field. field, the first field is the hash value of the previous block, the second field is the data of the block, including the user's identity information, the user's current login information and time interval, the third field is the generation time of the block, and the fourth field is the hash value of the block itself, and the hash value is calculated from the first field, the second field and the third field through a hash function.

所述第二执行模块22用于向所述服务端发送登录请求,并对第四区块的第二字段及第三字段进行解密,得到第二时间间隔,所述第四区块通过所述服务端本次登录时发送给所述用户端获得,所述第四区块为上一次登录时产生并保存在所述服务端。The second execution module 22 is used to send a login request to the server, and decrypt the second field and the third field of the fourth block to obtain a second time interval, and the fourth block passes the The server sends it to the client to obtain it during this login, and the fourth block is generated and saved in the server during the previous login.

所述第二生成模块23用于根据所述第二时间间隔产生新的区块,将所述新的区块发送至所述服务端进行身份验证,可以理解地,所述新的区块即为上述过程中提到的第一区块。The second generation module 23 is used to generate a new block according to the second time interval, and send the new block to the server for identity verification. It can be understood that the new block is It is the first block mentioned in the above process.

所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的第二身份验证装置20的具体工作过程,可以参考前述方法步骤S20至步骤S25中的对应过程,在此不再过多赘述。Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the second identity verification device 20 described above can refer to the corresponding process in the aforementioned method step S20 to step S25, which will not be repeated here. Too much to repeat.

综上,本公开所提供的身份验证方法及装置,服务端与用户端同时存储有与用户登录信息相关的区块链,用户在登录时,通过查找上次服务端发送至用户端的区块,并对区块的第二字段及第三字段进行解密,得到时间间隔,根据时间间隔产生新的区块,并将该区块发送至服务端,服务端在接收用户端发送的登录请求及区块后,采用与用户端同样的过程也产生一个新的区块,并将新的区块与用户发送的区块进行比较,进而对用户身份进行验证,不需要用户频繁更换登录口令就能保证身份验证的安全性,且能根据区块链对恶意登录进行追踪。To sum up, in the identity verification method and device provided by the present disclosure, the server and the user end simultaneously store the block chain related to the user's login information. And decrypt the second field and the third field of the block to obtain the time interval, generate a new block according to the time interval, and send the block to the server, and the server receives the login request and the area sent by the client. After the block, a new block is generated by the same process as that of the client, and the new block is compared with the block sent by the user to verify the user's identity, which can ensure that the user does not need to frequently change the login password. The security of identity verification, and the ability to track malicious logins based on the blockchain.

在本公开所提供的几个实施例中,应该理解到,所揭露的装置和方法,也可以通过其它的方式实现。以上所描述的装置和方法实施例仅仅是示意性的,例如,附图中的流程图和框图显示了根据本公开的多个实施例的装置、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段或代码的一部分,所述模块、程序段或代码的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。也应当注意,在有些作为替换的实现方式中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两个连续的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图和/或流程图中的每个方框、以及框图和/或流程图中的方框的组合,可以用执行规定的功能或动作的专用的基于硬件的系统来实现,或者可以用专用硬件与计算机指令的组合来实现。In the several embodiments provided in the present disclosure, it should be understood that the disclosed devices and methods may also be implemented in other ways. The device and method embodiments described above are only illustrative, for example, the flowcharts and block diagrams in the accompanying drawings show possible implementation architectures of devices, methods and computer program products according to multiple embodiments of the present disclosure, function and operation. In this regard, each block in a flowchart or block diagram may represent a module, program segment, or part of code that includes one or more Executable instructions. It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks in succession may, in fact, be executed substantially concurrently, or they may sometimes be executed in the reverse order, depending upon the functionality involved. It should also be noted that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by a dedicated hardware-based system that performs the specified function or action , or may be implemented by a combination of dedicated hardware and computer instructions.

另外,在本公开各个实施例中的各功能模块可以集成在一起形成一个独立的部分,也可以是各个模块单独存在,也可以两个或两个以上模块集成形成一个独立的部分。所述功能如果以软件功能模块的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本公开的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,电子设备10,或者网络设备等)执行本公开各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。In addition, each functional module in each embodiment of the present disclosure may be integrated together to form an independent part, each module may exist independently, or two or more modules may be integrated to form an independent part. If the functions are implemented in the form of software function modules and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present disclosure is essentially or the part that contributes to the prior art or the part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including Several instructions are used to make a computer device (which may be a personal computer, an electronic device 10, or a network device, etc.) execute all or part of the steps of the methods described in various embodiments of the present disclosure. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other media that can store program codes. .

需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。此外,术语“第一”、“第二”等仅用于区分描述,而不能理解为指示或暗示相对重要性。It should be noted that, in this document, the terms "comprising", "comprising" or any other variation thereof are intended to cover a non-exclusive inclusion such that a process, method, article or apparatus comprising a set of elements includes not only those elements, It also includes other elements not expressly listed, or elements inherent in the process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising a ..." does not exclude the presence of additional identical elements in the process, method, article or apparatus comprising said element. In addition, the terms "first", "second", etc. are only used for distinguishing descriptions, and should not be construed as indicating or implying relative importance.

以上所述仅为本公开的可选实施例而已,并不用于限制本公开,对于本领域的技术人员来说,本公开可以有各种更改和变化。凡在本公开的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本公开的保护范围之内。The above descriptions are only optional embodiments of the present disclosure, and are not intended to limit the present disclosure. For those skilled in the art, the present disclosure may have various modifications and changes. Any modifications, equivalent replacements, improvements, etc. made within the spirit and principles of the present disclosure shall be included within the protection scope of the present disclosure.

Claims (10)

1.一种身份验证方法,其特征在于,应用于与用户端交互的服务端;所述服务端存有与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第二字段及第三字段,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间;所述方法包括:1. An identity verification method, characterized in that it is applied to a server interacting with a client; the server has a block chain related to user login information, and the block chain includes a plurality of blocks, so The block includes a second field and a third field, the second field is the data of the block, including the user's identity information, the user's current login information and the time interval, and the third field is the block generation time ; the method comprising: 接收所述用户端发送的用户的登录请求及第一区块;receiving the user's login request and the first block sent by the client; 根据所述登录请求及第一区块查找所述用户上次登录产生的第二区块;Searching for the second block generated by the user's last login according to the login request and the first block; 对所述第二区块的第二字段及第三字段进行解密,得到第一时间间隔;Decrypting the second field and the third field of the second block to obtain a first time interval; 根据所述第一时间间隔产生第三区块;generating a third block according to the first time interval; 将所述第三区块与所述第一区块进行比较,如果所述第三区块与所述第一区块一致,判定所述用户身份验证通过。The third block is compared with the first block, and if the third block is consistent with the first block, it is determined that the user identity verification is passed. 2.根据权利要求1所述的身份验证方法,其特征在于,所述方法还包括:2. The identity verification method according to claim 1, wherein the method further comprises: 在所述用户身份验证通过之后,设置新的时间间隔;After the user authentication is passed, a new time interval is set; 根据所述新的时间间隔与当前登录信息再次产生新的区块,并对所述新的区块的第二字段及第三字段进行加密;Generate a new block again according to the new time interval and current login information, and encrypt the second field and the third field of the new block; 将所述新的区块保存在本地。Save the new block locally. 3.根据权利要求1所述的身份验证方法,其特征在于,所述区块还包括第一字段和第四字段;其中,3. The identity verification method according to claim 1, wherein the block further includes a first field and a fourth field; wherein, 所述第一字段为上一个区块的哈希值;The first field is the hash value of the previous block; 所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得。The fourth field is a hash value of the block itself, and the hash value is calculated from the first field, the second field and the third field through a hash function. 4.根据权利要求3所述身份验证方法,其特征在于,根据所述第一时间间隔产生第三区块的步骤包括:4. The identity verification method according to claim 3, wherein the step of generating a third block according to the first time interval comprises: 获取所述用户上次登录产生的区块的字段;Obtain the fields of the block generated by the user's last login; 将所述字段中的字段值加上所述第一时间间隔以产生新的字段;adding field values in said field to said first time interval to generate a new field; 通过使用哈希函数对所述新的字段计算哈希值,以产生第三区块。A hash value is calculated on the new field by using a hash function to generate a third block. 5.一种身份验证方法,其特征在于,应用于与服务端交互的用户端;所述用户端存有与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第二字段及第三字段,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间;所述方法包括:5. An identity verification method, characterized in that it is applied to a user end interacting with a server; the user end has a block chain related to user login information, and the block chain includes a plurality of blocks, so The block includes a second field and a third field, the second field is the data of the block, including the user's identity information, the user's current login information and the time interval, and the third field is the block generation time ; the method comprising: 向所述服务端发送登录请求,接收所述服务端发送的第四区块,所述第四区块为上一次登录时产生并保存在所述服务端;Sending a login request to the server, receiving the fourth block sent by the server, the fourth block was generated and saved in the server during the last login; 对所述第四区块的第二字段及第三字段进行解密,得到第二时间间隔;Decrypting the second field and the third field of the fourth block to obtain a second time interval; 根据所述第二时间间隔产生新的区块,并将所述新的区块发送至所述服务端进行身份验证。Generate a new block according to the second time interval, and send the new block to the server for identity verification. 6.根据权利要求5所述的身份验证方法,其特征在于,所述方法还包括:6. The identity verification method according to claim 5, wherein the method further comprises: 在用户身份验证通过之后,设置新的时间间隔,以使所述服务端根据新的时间间隔产生新的区块并保存在所述服务端的本地,用于下一次登录时发送至所述用户端。After the user authentication is passed, set a new time interval, so that the server generates a new block according to the new time interval and saves it locally on the server, and sends it to the user for the next login . 7.根据权利要求5所述的身份验证方法,其特征在于,所述区块还包括第一字段和第四字段;其中,7. The identity verification method according to claim 5, wherein the block further includes a first field and a fourth field; wherein, 所述第一字段为上一个区块的哈希值;The first field is the hash value of the previous block; 所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得。The fourth field is a hash value of the block itself, and the hash value is calculated from the first field, the second field and the third field through a hash function. 8.根据权利要求7所述的身份验证方法,其特征在于,根据所述第二时间间隔产生新的区块,并将所述新的区块发送至所述服务端进行身份验证的步骤包括:8. The identity verification method according to claim 7, wherein the step of generating a new block according to the second time interval, and sending the new block to the server for identity verification includes : 获取所述服务端发送的第四区块中的第三字段;Obtain the third field in the fourth block sent by the server; 将所述第三字段中的字段值加上所述第二时间间隔以产生新的第三字段;adding a field value in the third field to the second time interval to generate a new third field; 根据哈希函数对新的第三字段计算哈希值,以产生所述新的区块;calculating a hash value for the new third field according to a hash function to generate the new block; 将所述新的区块中的第三字段值与当前时间进行比较,若在设定范围内,则将所述新的区块发送至所述服务端;若不在设定范围内,则重复产生所述新的第三字段的过程,以继续产生新区块,直至产生的新区块中的第三字段值与当前时间的比较值在设定范围内。Comparing the third field value in the new block with the current time, if within the set range, sending the new block to the server; if not within the set range, repeating The process of generating the new third field is to continue to generate new blocks until the comparison value between the value of the third field in the generated new block and the current time is within a set range. 9.一种身份验证装置,其特征在于,应用于与用户端交互的服务端;所述身份验证装置包括接收模块、查找模块、第一存储模块、第一执行模块、验证模块和第一生成模块;9. An identity verification device, characterized in that it is applied to a server interacting with a client; the identity verification device includes a receiving module, a search module, a first storage module, a first execution module, a verification module and a first generation module; 所述第一存储模块用于存储与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第一字段、第二字段、第三字段及第四字段,所述第一字段为上一个区块的哈希值,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间,所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得;The first storage module is used to store a block chain related to user login information, the block chain includes a plurality of blocks, and the block includes a first field, a second field, a third field and a fourth field , the first field is the hash value of the previous block, the second field is the data of the block, including the user’s identity information, the user’s current login information and time interval, and the third field is block generation time, the fourth field is the hash value of the block itself, and the hash value is calculated from the first field, the second field and the third field through a hash function; 所述接收模块用于接收所述用户端发送的用户的登录请求及第一区块;The receiving module is used to receive the user's login request and the first block sent by the client; 所述查找模块用于根据所述登录请求及所述第一区块,查找用户上次登录产生的第二区块;The search module is used to search for the second block generated by the user's last login according to the login request and the first block; 所述第一执行模块用于对所述第二区块的第二字段及第三字段进行解密,得到第一时间间隔;The first execution module is used to decrypt the second field and the third field of the second block to obtain a first time interval; 所述第一生成模块用于根据所述第一时间间隔产生第三区块;The first generating module is configured to generate a third block according to the first time interval; 所述验证模块用于对所述第一区块与所述第三区块进行比较,进行身份验证。The verification module is used for comparing the first block with the third block to perform identity verification. 10.一种身份验证装置,其特征在于,应用于服务端交互的用户端,所述身份验证装置包括第二存储模块、第二执行模块、第二生成模块;10. An identity verification device, characterized in that it is applied to a user end interacting with a server, and the identity verification device includes a second storage module, a second execution module, and a second generation module; 所述第二存储模块用于存储与用户登录信息相关的区块链,所述区块链包括多个区块,所述区块包括第一字段、第二字段、第三字段及第四字段,所述第一字段为上一个区块的哈希值,所述第二字段为所述区块的数据,包括用户的身份信息、用户本次登录信息和时间间隔,所述第三字段为区块产生时间,所述第四字段为所述区块自身的哈希值,所述哈希值通过哈希函数对所述第一字段、第二字段和第三字段计算所得;The second storage module is used to store a block chain related to user login information, the block chain includes a plurality of blocks, and the block includes a first field, a second field, a third field and a fourth field , the first field is the hash value of the previous block, the second field is the data of the block, including the user’s identity information, the user’s current login information and time interval, and the third field is block generation time, the fourth field is the hash value of the block itself, and the hash value is calculated from the first field, the second field and the third field through a hash function; 所述第二执行模块用于向所述服务端发送登录请求,并对第四区块的第二字段及第三字段进行解密,得到第二时间间隔,所述第四区块通过所述服务端在本次登录时发送给所述用户端获得;所述第四区块为上一次登录时产生并保存在所述服务端;The second execution module is used to send a login request to the server, and decrypt the second field and the third field of the fourth block to obtain a second time interval, and the fourth block passes the service The terminal sends it to the user terminal to obtain it during this login; the fourth block is generated and saved in the server terminal during the previous login; 所述第二生成模块用于根据所述第二时间间隔产生新的区块,将所述新的区块发送至所述服务端进行身份验证。The second generation module is used to generate a new block according to the second time interval, and send the new block to the server for identity verification.
CN201811034387.7A 2018-09-03 2018-09-03 An identity verification method and device Active CN108989354B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811034387.7A CN108989354B (en) 2018-09-03 2018-09-03 An identity verification method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811034387.7A CN108989354B (en) 2018-09-03 2018-09-03 An identity verification method and device

Publications (2)

Publication Number Publication Date
CN108989354A true CN108989354A (en) 2018-12-11
CN108989354B CN108989354B (en) 2021-06-15

Family

ID=64544912

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811034387.7A Active CN108989354B (en) 2018-09-03 2018-09-03 An identity verification method and device

Country Status (1)

Country Link
CN (1) CN108989354B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115022017A (en) * 2022-05-31 2022-09-06 中国银行股份有限公司 Mobile phone bank login verification method and device based on block chain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106533696A (en) * 2016-11-18 2017-03-22 江苏通付盾科技有限公司 Block chain-based identity authentication methods, authentication server and user terminal
EP3236403A2 (en) * 2016-04-22 2017-10-25 Sony Corporation Client, server, method and identity verification system
CN108259438A (en) * 2016-12-29 2018-07-06 中移(苏州)软件技术有限公司 A kind of method and apparatus of the certification based on block chain technology
WO2018143983A1 (en) * 2017-02-01 2018-08-09 Equifax, Inc. Verifying an identity based on multiple distributed data sources using a blockchain to safeguard the identity

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3236403A2 (en) * 2016-04-22 2017-10-25 Sony Corporation Client, server, method and identity verification system
CN106533696A (en) * 2016-11-18 2017-03-22 江苏通付盾科技有限公司 Block chain-based identity authentication methods, authentication server and user terminal
CN108259438A (en) * 2016-12-29 2018-07-06 中移(苏州)软件技术有限公司 A kind of method and apparatus of the certification based on block chain technology
WO2018143983A1 (en) * 2017-02-01 2018-08-09 Equifax, Inc. Verifying an identity based on multiple distributed data sources using a blockchain to safeguard the identity

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ZHIMIN GAO: ""Blockchain-based Identity Management with Mobile Device"", 《PROCEEDINGS OF THE 1ST WORKSHOP ON CRYPTOCURRENCIES AND BLOCKCHAINS FOR DISTRIBUTED SYSTEMS》 *
文松: ""基于可信计算的车载网认证方案"", 《湖北文理学院学报》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115022017A (en) * 2022-05-31 2022-09-06 中国银行股份有限公司 Mobile phone bank login verification method and device based on block chain

Also Published As

Publication number Publication date
CN108989354B (en) 2021-06-15

Similar Documents

Publication Publication Date Title
US10009178B2 (en) Methods and systems for managing network activity using biometrics
US10721080B2 (en) Key-attestation-contingent certificate issuance
US8959346B2 (en) System and method for a single request—single response protocol with mutual replay attack protection
CN106230784B (en) Equipment verification method and device
US8051297B2 (en) Method for binding a security element to a mobile device
CN108965222B (en) Identity authentication method, system and computer readable storage medium
KR20080105872A (en) Authentication method using session key and apparatus therefor
US9787674B2 (en) Trusted and confidential remote TPM initialization
US8181028B1 (en) Method for secure system shutdown
CN1694032A (en) Method and system for bootstrapping a trusted server having redundant trusted platform modules
Rahmawati et al. Digital signature on file using biometric fingerprint with fingerprint sensor on smartphone
EP3206329A1 (en) Security check method, device, terminal and server
CN108121904B (en) Unlocking method, device, electronic equipment and server
Seta et al. Implement time based one time password and secure hash algorithm 1 for security of website login authentication
Al Kabir et al. An overview of the present and future of user authentication
Park et al. Combined authentication-based multilevel access control in mobile application for DailyLifeService
CN114070571B (en) Method, device, terminal and storage medium for establishing connection
CN108989354B (en) An identity verification method and device
CN111934862B (en) Server access method and device, readable medium and electronic equipment
CN109145543B (en) an identity authentication method
US11621848B1 (en) Stateless system to protect data
CN112887098B (en) Data security method based on block chain
Naveen Kumar et al. Chip-based key distribution technique
Yassin et al. Security and integrity of data in cloud computing based on feature extraction of handwriting signature
Narayanankutty et al. Novel authentication system for personal and domestic network systems using image feature comparison and digital signatures

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant