CN116112178B - Verification identifier generation method, system, electronic device and storage medium - Google Patents
Verification identifier generation method, system, electronic device and storage mediumInfo
- Publication number
- CN116112178B CN116112178B CN202310020327.4A CN202310020327A CN116112178B CN 116112178 B CN116112178 B CN 116112178B CN 202310020327 A CN202310020327 A CN 202310020327A CN 116112178 B CN116112178 B CN 116112178B
- Authority
- CN
- China
- Prior art keywords
- digital signature
- client
- signature
- server
- electronic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
本申请涉及数据安全技术领域,公开了一种验证标识生成方法、装置、电子设备及存储介质,所述方法包括:服务器在对客户端身份验证通过的情况下,生成第一数字签名,指示所述客户端根据所述第一数字签名生成第二数字签名并获取所述第二数字签名;根据所述第二数字签名生成第三数字签名,以及根据所述第三数字签名以及所述客户端的客户端信息生成电子签名;根据所述第三数字签名、所述电子签名以及所述客户端信息生成所述客户端的验证标识。在验证客户端身份的情况下,服务器和客户端协同签名生成验证标识,该验证标识可以有效提高电子证件的真实性、完整性和不可否认性,降低电子证件被篡改、非法冒用的几率。
The present application relates to the field of data security technology, and discloses a verification mark generation method, device, electronic device and storage medium, the method comprising: when the server passes the identity authentication of the client, generating a first digital signature, instructing the client to generate a second digital signature based on the first digital signature and obtain the second digital signature; generating a third digital signature based on the second digital signature, and generating an electronic signature based on the third digital signature and the client information of the client; generating the verification mark of the client based on the third digital signature, the electronic signature and the client information. In the case of verifying the identity of the client, the server and the client jointly sign to generate a verification mark, which can effectively improve the authenticity, integrity and non-repudiation of the electronic certificate, and reduce the probability of the electronic certificate being tampered with or illegally used.
Description
Technical Field
The application relates to the technical field of data security, in particular to a verification identifier generation method, a verification identifier generation system, electronic equipment and a storage medium.
Background
With the continuous development of internet technology, in order to solve the problems of inconvenient carrying, easy loss and the like, the physical paper certificates are gradually converted into electronic forms, and as an example, the common electronic certificate implementation modes mainly include the following three types:
firstly, the unsigned electronic certificate converts electronic certificate information into electronic image information, and the electronic image information is displayed on a mobile intelligent terminal, such as pictures and format files, but risks of malicious modification, photographing use and copying are existed.
The second kind of authoritative signed electronic certificate, namely authoritative signed electronic certificate, the authoritative digital signature is carried out on the electronic certificate information by the electronic certificate server, the authenticity, the integrity and the undeniability of the electronic certificate can be protected by the electronic document format with the fixed page presentation effect, but the risk of impersonation of the user identity exists, and the user identity cannot be effectively identified.
Third, the electronic certificate based on the password hardware uses the password technology to secure the electronic certificate information at the client, and the current implementation mode is mainly SIMKey. SIMKey is used as a special SIM card, when in use, the cryptographic operation is carried out through the key in the card, the SIMKey mode needs to use a special hardware medium, and the cost is high.
In summary, the existing electronic certificates have the problems that the user identity is fraudulent, the user identity cannot be effectively identified, the cost is high, and the like.
Disclosure of Invention
The embodiment of the application provides a verification identifier generation method, which aims to solve the problems that in the prior art, an electronic certificate has the fraudulent use of a user identity, the user identity cannot be effectively identified, the cost is high and the like.
Correspondingly, the embodiment of the application also provides a verification identifier generation system, electronic equipment and a storage medium, which are used for ensuring the realization and application of the method.
In order to solve the above problems, an embodiment of the present application discloses a method for generating a verification identifier, which is applied to a server, and the method includes:
generating a first digital signature under the condition that the identity of the client passes the authentication, indicating the client to generate a second digital signature according to the first digital signature and acquiring the second digital signature;
Generating a third digital signature according to the second digital signature, and generating an electronic signature according to the third digital signature and client information of the client;
And generating a verification identifier of the client according to the third digital signature, the electronic signature and the client information.
The embodiment of the application also discloses a verification identifier generation method which is applied to the client, and the method comprises the following steps:
sending a verification identification generation request to a server, wherein the verification identification generation request indicates the server to generate a first digital signature;
generating a second digital signature and sending the second digital signature to the server;
receiving a verification identifier generated by the server according to the second digital signature;
The verification mark is generated by the server according to a third digital signature, an electronic signature and the client information, wherein the third digital signature is generated by the server according to the second digital signature, and the electronic signature is generated by the server according to the third digital signature and the client information.
The embodiment of the application also discloses a verification identifier generation system, which comprises a server and a client;
the client sends a verification identifier generation request to the server to acquire a verification identifier;
The server generates a first digital signature under the condition that the identity verification of the client passes, instructs the client to generate a second digital signature according to the first digital signature and acquires the second digital signature;
Generating a third digital signature according to the second digital signature, and generating an electronic signature according to the third digital signature and client information of the client;
And generating a verification identifier of the client according to the third digital signature, the electronic signature and the client information.
The embodiment of the application also discloses an electronic device which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the method of the first aspect of the application when executing the program.
Embodiments of the present application also disclose a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs a method as described in one or more of the embodiments of the present application.
The technical scheme provided by the embodiment of the application has the beneficial effects that:
In the embodiment of the application, a server generates a first digital signature under the condition that the identity of a client passes authentication, instructs the client to generate a second digital signature according to the first digital signature and acquire the second digital signature, generates a third digital signature according to the second digital signature, generates an electronic signature according to the third digital signature of the client and the client information, and generates an authentication identifier of the client according to the third digital signature, the electronic signature and the client information. Under the condition of verifying the identity of the client, the server and the client cooperate with the signature to generate a verification identifier, and the verification identifier can effectively improve the authenticity, the integrity and the non-repudiation of the electronic certificate and reduce the probability of tampering and illegal use of the electronic certificate.
Additional aspects and advantages of embodiments of the application will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the application.
Drawings
The foregoing and/or additional aspects and advantages of the application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings, in which:
FIG. 1 is a flowchart of a server-side verification identifier generation method provided by an embodiment of the present application;
FIG. 2 is a schematic diagram of an electronic certificate according to an embodiment of the present application;
FIG. 3 is a schematic diagram of electronic certificate generation according to an embodiment of the present application;
FIG. 4 is a flowchart of a method for generating a client verification identifier according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a verification identifier generating system according to an embodiment of the present application;
Fig. 6 is a schematic diagram of a server-side verification identifier generating device according to an embodiment of the present application;
Fig. 7 is a schematic diagram of a client verification identifier generating device according to an embodiment of the present application;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Embodiments of the present application are described in detail below, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to like or similar elements or elements having like or similar functions throughout. The embodiments described below by referring to the drawings are illustrative only and are not to be construed as limiting the application.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless expressly stated otherwise, as understood by those skilled in the art. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. The term "and/or" as used herein includes all or any element and all combination of one or more of the associated listed items.
It will be understood by those skilled in the art that all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs unless defined otherwise. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
The scheme provided by the embodiment of the application can be executed by any electronic equipment, such as terminal equipment, and can also be a server, wherein the server can be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, and a cloud server for providing cloud computing service. The terminal may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the present application is not limited herein. For the technical problems in the prior art, the verification identifier generation method, the verification identifier generation system, the electronic equipment and the storage medium provided by the application aim to solve at least one of the technical problems in the prior art.
The following describes the technical scheme of the present application and how the technical scheme of the present application solves the above technical problems in detail with specific embodiments. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
The embodiment of the application provides a possible implementation manner, as shown in fig. 1, a flowchart of a method for generating a verification identifier is provided, and the method can be executed by any electronic device, optionally, can be executed at a server end or a terminal device, and for convenience of description, the method provided by the embodiment of the application is described below by taking the server as an execution body.
In the prior art, the scheme for realizing the electronic certificate mainly comprises the following three types:
The first is an unsigned electronic document, which may also be referred to as a static electronic document. And the static electronic certificate fills the electronic certificate information into the static picture and the format file style according to the fixed format, generates the static electronic certificate and displays the static electronic certificate on the mobile intelligent terminal.
The second is an authoritative signed electronic certificate. The authoritative electronic certificate carries out digital signature operation on the electronic certificate information through the server, and the authoritative digital signature is covered on the electronic certificate, so that the electronic certificate has legal effect.
The third is an electronic certificate based on cryptographic hardware. The implementation mode of the electronic certificate based on the password hardware is mainly SIMKey, the SIMKey is used as a key information carrier, no additional software is required to be installed by a user, a safe area is specially opened up in the SIM card in a SIMKey mode depending on a special SIM card hardware medium, and the key in the SIM card is used for carrying out digital signature on the electronic certificate data when the electronic certificate is generated, so that the electronic certificate is generated and displayed.
All three schemes can realize electronic certificates, but all have some problems, in particular:
The static electronic certificate is not encrypted and protected by a password technology and is easy to modify, and is not integrity and non-repudiation protected by a digital signature technology, so that risks of malicious modification, photographing use and copy impersonation exist, and the static electronic certificate is applicable to manual verification and does not have machine-readable anti-counterfeiting capability.
The electronic certificate with the signature, namely the electronic certificate with the authoritative signature, has limited capability of confirming the identity of the user, can be protected only by means of passwords and the like, can be suitable for the electronic certificate only by acquiring the passwords, and has lower safety protection degree.
Electronic certificates based on password hardware depend on special hardware media, special SIM cards and mobile intelligent terminals are required to be used for supporting, users are required to pay for purchasing additionally, and the use cost is high.
In order to solve the above technical problem, the present application provides a method for generating a verification identifier, as shown in fig. 1, the method may include the following steps:
Step 101, under the condition that the identity of the client passes, a first digital signature is generated, the client is instructed to generate a second digital signature according to the first digital signature, and the second digital signature is acquired.
The embodiment can be applied to the generation of electronic certificates, including but not limited to electronic identity cards, electronic medical insurance cards and the like. The client information may include basic information and image information of the certificate, among others. The basic information may include, but is not limited to, name, gender, phone number, identification card number, document status, document identification, document type, issuing authority, expiration date, etc. The image information may be, for example, an avatar.
Wherein the server may generate a first digital signature and then send the first digital signature to the client. The client can calculate the first digital signature according to a preset client collaborative signature key, and then generate a second digital signature.
Wherein the server generates a first digital signature comprising:
and generating a random number, and generating a first digital signature according to the random number and a preset signature algorithm.
In addition, the server may perform hash computation on the client information, generate a hash value, and send the hash value to the client. After receiving the first digital signature and the hash value, the client may calculate the first digital signature and the hash value to generate a second digital signature.
Step 102, generating a third digital signature according to the second digital signature, and generating an electronic signature according to the third digital signature and the client information of the client.
Specifically, the server is preset with a server-side collaborative signature private key, and the server-side collaborative signature private key can be used for calculating the second digital signature so as to generate a third digital signature.
The first digital signature is calculated by the server, the second digital signature is calculated by the client according to the first digital signature, and the server and the client both participate in the 5-process of the digital signature, so that the identity of the client can be authenticated according to the third digital signature generated by the second digital signature, the client binds the behavior of the client, and the reliability of the third digital signature is ensured.
The server may calculate the third digital signature and the client information based on the preset signing key to generate an electronic signature, the electronic signature being issued on behalf of the electronic certificate by an authority to verify the authenticity of the electronic certificate.
Step 0, 103, according to the third digital signature, the electronic signature and the client side information
And generating a verification identification of the client.
The client information can be certificate identification, such as an identity card number, a social security card account number and the like.
The server-generated authentication identifier includes a third digital signature, an electronic signature and client information,
The authenticity of the client identity, the authenticity of the electronic certificate, and the authenticity of the 5 pieces of information can be determined by the verification identity. And meanwhile, the client information can be searched according to the verification identification.
After the server generates the verification identifier of the client, the verification identifier can be sent to the client, and meanwhile, the client information can also be sent to the client. After receiving the client information and the verification identifier, the client information and the verification identifier can be displayed to generate an electronic certificate.
As a first example, as shown in fig. 2, the generated electronic certificate may include an electronic certificate basic 0 information field 201, an electronic certificate image information field 202, and an electronic certificate two-dimensional code field 203. In particular, the method comprises the steps of,
And generating the electronic certificate by using a display function, such as D=display (B|M||Q), wherein D is the electronic certificate, B is the information of the basic information domain of the electronic certificate, M is the information of the image information domain of the electronic certificate, and Q is the information of the two-dimensional code domain of the electronic certificate.
The process of generating the electronic identifier is shown in fig. 3, and includes step 5, step 301, the client initiates an electronic certificate generation request, and verifies the user identity based on the identity authentication operation of the collaborative signature.
In step 302, the server and the client perform digital signature operation on the information B of the basic information domain of the electronic certificate and the information M of the image information domain of the electronic certificate, and the server calculates a complete digital signature S (i.e. a third digital signature) according to the digital signatures (i.e. the first digital signature and the second digital signature) of the client and the server.
In step 303, the server uses the preset signing key of the server to perform digital signature operation on the information B of the basic information domain of the electronic certificate, the information M of the image information domain of the electronic certificate and the complete digital signature S, so as to generate a server authority digital signature Sa (i.e. electronic signature).
The server returns the relevant data to the client, step 304, the electronic certificate client assembles the data and presents it, generating an electronic certificate d= display (b||m||q). The related data returned by the server comprises information B of the basic information domain of the electronic certificate, information M of the image information domain of the electronic certificate and information Q of the two-dimensional code domain of the electronic certificate, and the information Q of the two-dimensional code domain of the electronic certificate is generated according to the complete digital signature S, the information B of the basic information domain of the electronic certificate and the authoritative digital signature Sa.
As shown in fig. 2, the client may display the basic information in the client information in the electronic certificate basic information field B, for example, name: li x remote; sex is 156 to 0001 for men, identity card number 11 to 01 for identification, certificate status is normal, certificate number XXXX00000001 for certificates, type of certificate XXX certificate, issuing agency XXX agency for valid period 2022 to 12 months 31 days.
Optionally, the basic information in the client information may be processed by a sequence function to obtain information B of the electronic certificate basic information domain, for example, b=sequence (b1|b2|b3|b4|b5|b6|b7|b8|b9), where B1 is a name, B2 is a gender, B3 is a mobile phone number, B4 is an identity card number, B5 is a certificate status, B6 is a certificate number, B7 is a certificate type, B8 is an issuing authority, and B9 is a validity period.
The client may present the image information in the client information in an electronic certificate image information field.
Optionally, the image information in the client information may be processed by a sequence function to obtain information M of an image information domain of the electronic certificate, for example, m=sequence (M1), where M1 is an electronic certificate picture, such as a head portrait or the like.
The client can display the verification identification in the two-dimensional code domain Q of the electronic certificate. The authenticity of the electronic certificate can be verified by the verification mark, and the certificate information of the user, such as basic information, image information, and the like, can be read by the verification mark.
Optionally, the verification identifier may be processed by a base64 function to obtain information Q of the two-dimensional code domain of the electronic certificate, for example, q=base 64 (s|b6||sa), where S is a third digital signature, b6 is a certificate number, that is, client information, and Sa is an electronic signature. The electronic verification identifier can be coded and converted into a two-dimensional code form shown in fig. 2 through a base64 function.
In the embodiment of the application, a server generates a first digital signature under the condition that the identity of a client passes authentication, instructs the client to generate a second digital signature according to the first digital signature and acquire the second digital signature, generates a third digital signature according to the second digital signature, generates an electronic signature according to the third digital signature of the client and the client information, and generates an authentication identifier of the client according to the third digital signature, the electronic signature and the client information. Under the condition of verifying the identity of the client, the server and the client cooperate with the signature to generate a verification identifier, and the verification identifier can effectively improve the authenticity, the integrity and the non-repudiation of the electronic certificate and reduce the probability of tampering and illegal use of the electronic certificate.
In an alternative embodiment, the method further comprises, before generating the first digital signature in case the client authentication passes:
And receiving a verification identification generation request of the client, and verifying the identity of the client.
Taking the generation of the electronic certificate as an example, when a user applies for the electronic certificate, the user can send a verification identifier generation request to the server through the client, and the server can verify the identity of the client after receiving the verification identifier generation request. The server may determine the identity of the user based on the co-signed authentication operation and if the verification passes, determine that the authentication of the client passes.
In an alternative embodiment, the instructing the client to generate a second digital signature from the first digital signature and obtain the second digital signature includes:
And the second digital signature request instructs the client to generate a second digital signature according to the first digital signature and acquire the second digital signature.
The server may perform hash computation on the client information while generating the first digital signature according to the client information, generate a hash value, and then send a second digital signature request to the client, where the second digital signature request may include the first digital signature and the hash value. The client may use the client collaborative signing key to calculate the first digital signature and the hash value upon receipt of the second digital signature request to generate the second digital signature.
Generally, when the client information is directly calculated, the calculation efficiency is lower, and the client information is subjected to hash calculation, so that the client information can be compressed into a hash value with a shorter length. The first digital signature and the hash value are calculated by using the client-side collaborative signature key, so that the calculation efficiency can be improved.
In this embodiment, the second digital signature is calculated by the client using the client signing key, and when the client signing key is called, the client may require the client to input a PIN code bound to the client, so as to determine the identity of the client, which is equivalent to binding the client behavior, and may prove the authenticity of the client sending the verification identifier request to the server.
In an alternative embodiment, the generating an electronic signature according to the third digital signature and the client information includes:
and calculating the third digital signature and the client information according to a preset signing key to obtain the electronic signature.
The server stores a preset signing key in advance, after the third digital signature is obtained through calculation, the server can calculate the third digital signature and the client through the preset signing key, and then an electronic signature is obtained, wherein the electronic signature is obtained through calculation according to the third digital signature, and the third digital signature is obtained through collaborative signature of the server and the client, so that the authenticity of the identity of the client can be ensured through the finally obtained electronic signature. The electronic signature is issued by a representative authority, and in the use process of the electronic certificate, the authenticity of the electronic certificate can be verified according to the verification mark generated by the electronic signature.
In the embodiment of the application, a server generates a first digital signature under the condition that the identity of a client passes authentication, instructs the client to generate a second digital signature according to the first digital signature and acquire the second digital signature, generates a third digital signature according to the second digital signature, generates an electronic signature according to the third digital signature and client information of the client, and generates an authentication identifier of the client according to the third digital signature, the electronic signature and the client information. Under the condition of verifying the identity of the client, the server and the client cooperate with the signature to generate a verification identifier, and the verification identifier can effectively improve the authenticity, the integrity and the non-repudiation of the electronic certificate and reduce the probability of tampering and illegal use of the electronic certificate.
The embodiment of the application also provides a verification identifier generation method, which is applied to the client, as shown in fig. 4, and comprises the following steps:
And step 401, sending a verification identification generation request to a server, wherein the verification identification generation request indicates the server to generate a first digital signature.
After receiving the verification identifier generation request, the server firstly verifies the identity of the client, and generates a first digital signature under the condition that the identity of the client passes the verification.
The embodiment can be applied to the generation of electronic certificates, including but not limited to electronic identity cards, electronic medical insurance cards and the like. The client information may include basic information and image information of the certificate, among others. The basic information may include, but is not limited to, name, gender, phone number, identification card number, document status, document identification, document type, issuing authority, expiration date, etc. The image information may be, for example, an avatar.
Wherein the server generates a first digital signature comprising:
and generating a random number, and generating a first digital signature according to the random number and a preset signature algorithm.
Step 402, generating a second digital signature and sending the second digital signature to the server.
After the server generates the first digital signature, a second digital signature request can be sent to the client, the second digital signature request comprises the first digital signature, and after the client receives the second digital signature request, the second digital signature can be generated according to the first digital signature.
The server may also perform hash computation on the client information, generate a hash value, and send the hash value to the client. After receiving the first digital signature and the hash value, the client may calculate the first digital signature and the hash value to generate a second digital signature.
And step 403, receiving a verification identifier generated by the server according to the second digital signature.
The verification mark is generated by the server according to a third digital signature, an electronic signature and the client information, wherein the third digital signature is generated by the server according to the second digital signature, and the electronic signature is generated by the server according to the third digital signature and the client information.
The first digital signature is calculated by the server, the second digital signature is calculated by the client according to the first digital signature, and the server and the client both participate in the digital signature process, so that the identity of the client can be authenticated according to the third digital signature generated by the second digital signature, the client binds the behavior of the client, and the reliability of the third digital signature is ensured.
The server may calculate the third digital signature and the client information based on the preset signing key to generate an electronic signature, the electronic signature being issued on behalf of the electronic certificate by an authority to verify the authenticity of the electronic certificate.
The client information can be certificate identification, such as an identity card number, a social security card account number and the like. 5 the verification identifier generated by the server comprises a third digital signature, an electronic signature and client information,
The authenticity of the client identity, the authenticity of the electronic certificate, and the authenticity of the certificate information may be determined by the verification identity. And meanwhile, the client information can be searched according to the verification identification.
After receiving the client information and the verification identifier, the client information and the verification identifier can be displayed to generate an electronic certificate.
0 As a first example, as shown in fig. 2, the generated electronic certificate may include an electronic certificate basic information field, an electronic certificate image information field, and an electronic certificate two-dimensional code field. Specifically, a display function is used for generating an electronic certificate, such as D=display (B|M||Q), wherein D is the electronic certificate, B is the information of the basic information domain of the electronic certificate, M is the information of the image information domain of the electronic certificate, and Q is the information of the two-dimensional code domain of the electronic certificate.
5 The process of generating the electronic identifier is shown in fig. 3, and includes:
in step 301, a client initiates an electronic certificate generation request, and verifies a user identity based on a co-signed identity authentication operation.
Step 302, the server and the client perform digital signature operation on the information B of the basic information domain of the electronic certificate and the information M of the image information domain of the electronic certificate, and the server calculates the complete digital signature S (i.e. according to the client and the server 0 part digital signatures (i.e. the first digital signature and the second digital signature)
Third digital signature).
In step 303, the server uses the preset signing key of the server to perform digital signature operation on the information B of the basic information domain of the electronic certificate, the information M of the image information domain of the electronic certificate and the complete digital signature S, so as to generate a server authority digital signature Sa (i.e. electronic signature).
Step 5, step 304, the server returns the related data to the client, and the electronic certificate client assembles the data
And it is shown that the display device, generating an electronic certificate d= display (B|) M Q. The related data returned by the server comprises information B of the basic information domain of the electronic certificate, information M of the image information domain of the electronic certificate and information Q of the two-dimensional code domain of the electronic certificate, and the information Q of the two-dimensional code domain of the electronic certificate is generated according to the complete digital signature S, the information B of the basic information domain of the electronic certificate and the authoritative digital signature Sa.
As shown in fig. 2, the client may display the basic information in the client information in the electronic certificate basic information field B, for example, name: li x remote; sex is 156 to 0001 for men, identity card number 11 to 01 for identification, certificate status is normal, certificate number XXXX00000001 for certificates, type of certificate XXX certificate, issuing agency XXX agency for valid period 2022 to 12 months 31 days.
Optionally, the basic information in the client information may be processed by a sequence function to obtain information B of the electronic certificate basic information domain, for example, b=sequence (b1|b2|b3|b4|b5|b6|b7|b8|b9), where B1 is a name, B2 is a gender, B3 is a mobile phone number, B4 is an identity card number, B5 is a certificate status, B6 is a certificate number, B7 is a certificate type, B8 is an issuing authority, and B9 is a validity period.
The client may present the image information in the client information in an electronic certificate image information field.
Optionally, the image information in the client information may be processed by a sequence function to obtain information M of an image information domain of the electronic certificate, for example, m=sequence (M1), where M1 is an electronic certificate picture, such as a head portrait or the like.
The client can display the verification identification in the two-dimensional code domain Q of the electronic certificate. The authenticity of the electronic certificate can be verified by the verification mark, and the certificate information of the user, such as basic information, image information, and the like, can be read by the verification mark.
Optionally, the verification identifier may be processed by a base64 function to obtain information Q of the two-dimensional code domain of the electronic certificate, for example, q=base 64 (s|b6||sa), where S is a third digital signature, b6 is a certificate number, that is, client information, and Sa is an electronic signature. The electronic verification identifier can be coded and converted into a two-dimensional code form shown in fig. 2 through a base64 function.
In the embodiment of the application, a server generates a first digital signature under the condition that the identity of a client passes authentication, instructs the client to generate a second digital signature according to the first digital signature and acquire the second digital signature, generates a third digital signature according to the second digital signature, generates an electronic signature according to the third digital signature and client information of the client, and generates an authentication identifier of the client according to the third digital signature, the electronic signature and the client information. Under the condition of verifying the identity of the client, the server and the client cooperate with the signature to generate a verification identifier, and the verification identifier can effectively improve the authenticity, the integrity and the non-repudiation of the electronic certificate and reduce the probability of tampering and illegal use of the electronic certificate.
In an alternative embodiment, the generating the second digital signature includes:
The first digital signature and the hash value are obtained, wherein the hash value is generated by the server through hash calculation on the client information;
the second digital signature is generated from the first digital signature and the hash value.
Generally, when the client information is directly calculated, the calculation efficiency is lower, and the client information is subjected to hash calculation, so that the client information can be compressed into a hash value with a shorter length. The first digital signature and the hash value are calculated by using the client-side collaborative signature key, so that the calculation efficiency can be improved.
In an alternative embodiment, before the authentication identifier generation request is sent to the server, the client may verify the identity of the user by inputting a PIN password or using fingerprint identification and face identification data bound to the PIN password, that is, the client establishes a binding relationship with the user. And under the condition that the client verifies that the identity of the user passes, the user can send a verification identification generation request to the server through the client. When receiving the verification identification generation request, the server firstly verifies the identity of the client, and if the identity verification of the client passes, the identity verification of the user bound with the client is proved to pass. Thus greatly avoiding the risk of electronic certificates being stolen and faked.
Based on the same principle as the method provided by the embodiment of the present application, the embodiment of the present application also provides a verification identifier generating system, as shown in fig. 5, where the system includes a server 501 and a client 502;
the client sends a verification identifier generation request to the server to acquire a verification identifier;
The server generates a first digital signature under the condition that the identity verification of the client passes, instructs the client to generate a second digital signature according to the first digital signature and acquires the second digital signature;
The embodiment can be applied to the generation of electronic certificates, including but not limited to electronic identity cards, electronic medical insurance cards and the like. The client information may include basic information and image information of the certificate, among others. The basic information may include, but is not limited to, name, gender, phone number, identification card number, document status, document identification, document type, issuing authority, expiration date, etc. The image information may be, for example, an avatar.
The server may generate a random number, and generate a first digital signature according to the random number and a preset signature algorithm. The server may also instruct the client to calculate the client information according to the preset client collaborative signing key, thereby generating a second digital signature.
And generating a third digital signature according to the second digital signature, and generating an electronic signature according to the third digital signature and client information of the client.
The first digital signature is calculated by the server, the second digital signature is calculated by the client according to the first digital signature, and the server and the client both participate in the digital signature process, so that the identity of the client can be authenticated according to the third digital signature generated by the second digital signature, the client binds the behavior of the client, and the reliability of the third digital signature is ensured.
The server may calculate the third digital signature and the client information based on the preset signing key to generate an electronic signature, the electronic signature being issued on behalf of the electronic certificate by an authority to verify the authenticity of the electronic certificate.
And generating a verification identifier of the client according to the third digital signature, the electronic signature and the client information.
The client information can be certificate identification, such as an identity card number, a social security card account number and the like. The verification identifier generated by the server comprises a third digital signature, an electronic signature and client information, and the authenticity of the client identity, the authenticity of the electronic certificate and the authenticity of the certificate information can be determined through the verification identifier. And meanwhile, the client information can be searched according to the verification identification.
After the server generates the verification identifier of the client, the verification identifier can be sent to the client, and meanwhile, the client information can also be sent to the client. After receiving the client information and the verification identifier, the client information and the verification identifier can be displayed to generate an electronic certificate.
As a first example, as shown in fig. 2, the generated electronic certificate may include an electronic certificate basic information field, an electronic certificate image information field, and an electronic certificate two-dimensional code field. Specifically, a display function is used for generating an electronic certificate, such as D=display (B|M||Q), wherein D is the electronic certificate, B is the information of the basic information domain of the electronic certificate, M is the information of the image information domain of the electronic certificate, and Q is the information of the two-dimensional code domain of the electronic certificate.
The process of generating the electronic identifier is shown in fig. 3, and includes:
in step 301, a client initiates an electronic certificate generation request, and verifies a user identity based on a co-signed identity authentication operation.
In step 302, the server and the client perform digital signature operation on the information B of the basic information domain of the electronic certificate and the information M of the image information domain of the electronic certificate, and the server calculates a complete digital signature S (i.e. a third digital signature) according to the digital signatures (i.e. the first digital signature and the second digital signature) of the client and the server.
In step 303, the server uses the preset signing key of the server to perform digital signature operation on the information B of the basic information domain of the electronic certificate, the information M of the image information domain of the electronic certificate and the complete digital signature S, so as to generate a server authority digital signature Sa (i.e. electronic signature).
The server returns the relevant data to the client, step 304, the electronic certificate client assembles the data and presents it, generating an electronic certificate d= display (b||m||q). The related data returned by the server comprises information B of the basic information domain of the electronic certificate, information M of the image information domain of the electronic certificate and information Q of the two-dimensional code domain of the electronic certificate, and the information Q of the two-dimensional code domain of the electronic certificate is generated according to the complete digital signature S, the information B of the basic information domain of the electronic certificate and the authoritative digital signature Sa.
As shown in fig. 2, the client may display the basic information in the client information in the electronic certificate basic information field B, for example, name: li x remote; sex is 156 to 0001 for men, identity card number 11 to 01 for identification, certificate status is normal, certificate number XXXX00000001 for certificates, type of certificate XXX certificate, issuing agency XXX agency for valid period 2022 to 12 months 31 days.
Optionally, the basic information in the client information may be processed by a sequence function to obtain information B of the electronic certificate basic information domain, for example, b=sequence (b1|b2|b3|b4|b5|b6|b7|b8|b9), where B1 is a name, B2 is a gender, B3 is a mobile phone number, B4 is an identity card number, B5 is a certificate status, B6 is a certificate number, B7 is a certificate type, B8 is an issuing authority, and B9 is a validity period.
The client may present the image information in the client information in an electronic certificate image information field.
Optionally, the image information in the client information may be processed by a sequence function to obtain information M of an image information domain of the electronic certificate, for example, m=sequence (M1), where M1 is an electronic certificate picture, such as a head portrait or the like.
The client can display the verification identification in the two-dimensional code domain Q of the electronic certificate. The authenticity of the electronic certificate can be verified by the verification mark, and the certificate information of the user, such as basic information, image information, and the like, can be read by the verification mark.
Optionally, the verification identifier may be processed by a base64 function to obtain information Q of the two-dimensional code domain of the electronic certificate, for example, q=base 64 (s|b6||sa), where S is a third digital signature, b6 is a certificate number, that is, client information, and Sa is an electronic signature. The electronic verification identifier can be coded and converted into a two-dimensional code form shown in fig. 2 through a base64 function.
The verification identifier generating system provided by the embodiment of the present application can implement each process implemented in the method embodiments of fig. 1 to fig. 4, and in order to avoid repetition, a detailed description is omitted here.
In the embodiment of the application, a server generates a first digital signature under the condition that the identity of a client passes authentication, instructs the client to generate a second digital signature according to the first digital signature and acquire the second digital signature, generates a third digital signature according to the second digital signature, generates an electronic signature according to the third digital signature and client information of the client, and generates an authentication identifier of the client according to the third digital signature, the electronic signature and the client information. Under the condition of verifying the identity of the client, the server and the client cooperate with the signature to generate a verification identifier, and the verification identifier can effectively improve the authenticity, the integrity and the non-repudiation of the electronic certificate and reduce the probability of tampering and illegal use of the electronic certificate.
The verification identifier generating system according to the embodiment of the present application may execute the verification identifier generating method provided by the embodiment of the present application, and its implementation principle is similar, and actions executed by each module and unit in the verification identifier generating system according to each embodiment of the present application correspond to steps in the verification identifier generating method according to each embodiment of the present application, and detailed functional descriptions of each module of the verification identifier generating system may be referred to the descriptions in the corresponding verification identifier generating method shown in the foregoing, which are not repeated herein.
Based on the same principle as the method provided by the embodiment of the present application, the embodiment of the present application further provides an apparatus for generating a verification identifier, which is applied to a server, as shown in fig. 6, where the apparatus includes:
the first signature module 601 generates a first digital signature when the identity of the client passes, instructs the client to generate a second digital signature according to the first digital signature, and acquires the second digital signature;
A second signature module 602, configured to generate a third digital signature according to the second digital signature, and generate an electronic signature according to the third digital signature and client information of the client;
And the verification identifier generating module 603 generates a verification identifier of the client according to the third digital signature, the electronic signature and the client information.
In the embodiment of the application, a server generates a first digital signature under the condition that the identity of a client passes authentication, instructs the client to generate a second digital signature according to the first digital signature and acquire the second digital signature, generates a third digital signature according to the second digital signature, generates an electronic signature according to the third digital signature and client information of the client, and generates an authentication identifier of the client according to the third digital signature, the electronic signature and the client information. Under the condition of verifying the identity of the client, the server and the client cooperate with the signature to generate a verification identifier, and the verification identifier can effectively improve the authenticity, the integrity and the non-repudiation of the electronic certificate and reduce the probability of tampering and illegal use of the electronic certificate.
Based on the same principle as the method provided by the embodiment of the present application, the embodiment of the present application also provides an apparatus for generating a verification identifier, which is applied to a client, as shown in fig. 7, and the apparatus includes:
The authentication identification request module 701 sends an authentication identification generation request to a server, wherein the authentication identification generation request instructs the server to generate a first digital signature;
a digital signature module 702 that generates a second digital signature and sends the second digital signature to the server;
A verification identifier receiving module 703, configured to receive a verification identifier generated by the server according to the second digital signature;
The verification mark is generated by the server according to a third digital signature, an electronic signature and the client information, wherein the third digital signature is generated by the server according to the second digital signature, and the electronic signature is generated by the server according to the third digital signature and the client information.
In the embodiment of the application, when the authentication of the client passes, the server instructs the client to generate a second digital signature according to the first digital signature and acquire the second digital signature according to the generation of a first digital signature, generates a third digital signature according to the second digital signature, generates an electronic signature according to the third digital signature and client information of the client, and generates an authentication identifier of the client according to the third digital signature, the electronic signature and the client information. Under the condition of verifying the identity of the client, the server and the client cooperate with the signature to generate a verification identifier, and the verification identifier can effectively improve the authenticity, the integrity and the non-repudiation of the electronic certificate and reduce the probability of tampering and illegal use of the electronic certificate.
Based on the same principles as those shown in the embodiments of the present application, the embodiments of the present application also provide an electronic device that may include, but is not limited to, a processor and a memory, the memory storing a computer program, the processor being configured to execute the authentication identifier generation method shown in any of the alternative embodiments of the present application by calling the computer program. Compared with the prior art, the authentication identifier generation method provided by the application has the advantages that the server generates the first digital signature under the condition that the authentication of the client passes, instructs the client to generate the second digital signature according to the first digital signature and acquire the second digital signature, generates the third digital signature according to the second digital signature, generates the electronic signature according to the third digital signature and the client information of the client, and generates the authentication identifier of the client according to the third digital signature, the electronic signature and the client information. Under the condition of verifying the identity of the client, the server and the client cooperate with the signature to generate a verification identifier, and the verification identifier can effectively improve the authenticity, the integrity and the non-repudiation of the electronic certificate and reduce the probability of tampering and illegal use of the electronic certificate.
In an alternative embodiment, an electronic device is also provided, as shown in fig. 8, and the electronic device 800 shown in fig. 8 may be a server, including a processor 801 and a memory 803. The processor 801 is coupled to a memory 803, such as via a bus 802. Optionally, the electronic device 800 may also include a transceiver 804. It should be noted that, in practical applications, the transceiver 804 is not limited to one, and the structure of the electronic device 800 is not limited to the embodiment of the present application.
The processor 801 may be a CPU (central processing unit), general purpose processor, DSP (digital signal processor), ASIC (ApplicationSpecificIntegratedCircuit ), FPGA (Field ProgrammableGateArray, field programmable gate array) or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various exemplary logic blocks, modules and circuits described in connection with this disclosure. The processor 801 may also be a combination of computing functions, e.g., including one or more microprocessor combinations, a combination of a DSP and a microprocessor, etc.
Bus 802 may include a path to transfer information between the aforementioned components. Bus 802 may be a PCI (PeripheralComponentInterconnect, peripheral component interconnect standard) bus or an EISA (ExtendedIndustryStandardArchitecture ) bus, or the like. Bus 802 may be classified as an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown in fig. 8, but not only one bus or one type of bus.
The memory 803 may be, but is not limited to, ROM (read only memory) or other type of static storage device that can store static information and instructions, RAM (RandomAccess Memory ) or other type of dynamic storage device that can store information and instructions, EEPROM (ElectricallyErasableProgrammableReadOnly Memory ), CD-ROM (CompactDiscReadOnly Memory, compact disc read only memory) or other optical disk storage, optical disk storage (including compact discs, laser discs, optical discs, digital versatile discs, blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
The memory 803 is used to store application code for performing the aspects of the present application and is controlled by the processor 801 for execution. The processor 801 is configured to execute application code stored in the memory 803 to implement what is shown in the foregoing method embodiment.
Among them, the electronic devices include, but are not limited to, mobile terminals such as mobile phones, notebook computers, digital broadcast receivers, PDAs (personal digital assistants), PADs (tablet computers), PMPs (portable multimedia players), car terminals (e.g., car navigation terminals), and the like, and stationary terminals such as digital TVs, desktop computers, and the like. The electronic device shown in fig. 8 is only an example and should not be construed as limiting the functionality and scope of use of the embodiments of the application.
The server provided by the application can be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, and a cloud server for providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDNs, basic cloud computing services such as big data and artificial intelligent platforms and the like. The terminal may be, but is not limited to, a smart phone, a tablet computer, a notebook computer, a desktop computer, a smart speaker, a smart watch, etc. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the present application is not limited herein.
Embodiments of the present application provide a computer-readable storage medium having a computer program stored thereon, which when run on a computer, causes the computer to perform the corresponding method embodiments described above.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the flowcharts of the figures may include a plurality of sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily being sequential, but may be performed in turn or alternately with other steps or at least a portion of the other steps or stages.
It should be noted that the computer readable storage medium according to the present application may also be a computer readable signal medium or a combination of a computer readable storage medium and a computer readable storage medium. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of a computer-readable storage medium may include, but are not limited to, an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present application, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to electrical wiring, fiber optic cable, RF (radio frequency), and the like, or any suitable combination of the foregoing.
The computer readable medium may be included in the electronic device or may exist alone without being incorporated into the electronic device.
The computer-readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to perform the methods shown in the above-described embodiments.
According to one aspect of the present application, there is provided a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the verification identification generation method provided in the above-described various alternative implementations.
Computer program code for carrying out operations of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, smalltalk, C ++ and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computer (for example, through the Internet using an Internet service provider).
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules involved in the embodiments of the present application may be implemented in software or in hardware. The name of the module is not limited to the module itself in some cases, and for example, the search intention category determination module may also be described as "a search intention category determination module that determines a search request".
The above description is only illustrative of the preferred embodiments of the present application and of the principles of the technology employed. It will be appreciated by persons skilled in the art that the scope of the disclosure referred to in the present application is not limited to the specific combinations of technical features described above, but also covers other technical features formed by any combination of the technical features described above or their equivalents without departing from the spirit of the disclosure. Such as the above-mentioned features and the technical features disclosed in the present application (but not limited to) having similar functions are replaced with each other.
Claims (10)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310020327.4A CN116112178B (en) | 2023-01-05 | 2023-01-05 | Verification identifier generation method, system, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310020327.4A CN116112178B (en) | 2023-01-05 | 2023-01-05 | Verification identifier generation method, system, electronic device and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116112178A CN116112178A (en) | 2023-05-12 |
| CN116112178B true CN116112178B (en) | 2025-07-25 |
Family
ID=86266873
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310020327.4A Active CN116112178B (en) | 2023-01-05 | 2023-01-05 | Verification identifier generation method, system, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116112178B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108270575A (en) * | 2018-04-20 | 2018-07-10 | 北京数字认证股份有限公司 | A kind of digital signature method and device |
| CN111177801A (en) * | 2019-12-31 | 2020-05-19 | 航天信息股份有限公司 | Signature method and device of electronic document, storage medium and electronic equipment |
| CN115378609A (en) * | 2022-08-19 | 2022-11-22 | 博雅中科(北京)信息技术有限公司 | Electronic certificate display method, verification method, terminal and server |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104618116B (en) * | 2015-01-30 | 2019-03-08 | 北京数字认证股份有限公司 | A kind of cooperative digital signature system and its method |
| CN106899570B (en) * | 2016-12-14 | 2019-11-05 | 阿里巴巴集团控股有限公司 | The processing method of two dimensional code, apparatus and system |
-
2023
- 2023-01-05 CN CN202310020327.4A patent/CN116112178B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108270575A (en) * | 2018-04-20 | 2018-07-10 | 北京数字认证股份有限公司 | A kind of digital signature method and device |
| CN111177801A (en) * | 2019-12-31 | 2020-05-19 | 航天信息股份有限公司 | Signature method and device of electronic document, storage medium and electronic equipment |
| CN115378609A (en) * | 2022-08-19 | 2022-11-22 | 博雅中科(北京)信息技术有限公司 | Electronic certificate display method, verification method, terminal and server |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116112178A (en) | 2023-05-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11799668B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| US11777726B2 (en) | Methods and systems for recovering data using dynamic passwords | |
| US11818265B2 (en) | Methods and systems for creating and recovering accounts using dynamic passwords | |
| CN112333198B (en) | Secure cross-domain login method, system and server | |
| WO2018145127A1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| CN110391913B (en) | Vehicle binding method and device | |
| CN114037435A (en) | Method and apparatus for providing information attestation using a centralized or distributed ledger | |
| US8681642B2 (en) | Equipment-information transmitting apparatus, service control apparatus, equipment-information transmitting method, and computer products | |
| JP2024535330A (en) | Secure signature method, device and system | |
| CN107146120A (en) | Method and device for generating electronic invoice | |
| WO2020042508A1 (en) | Method, system and electronic device for processing claim incident based on blockchain | |
| USRE49968E1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| CN111311259B (en) | Bill processing method, device, terminal and computer-readable storage medium | |
| WO2024021785A9 (en) | Digital entity processing method and apparatus, device, medium, and program product | |
| CN112507370A (en) | Electronic license verification method based on block chain network | |
| KR101979337B1 (en) | Apparatus and method for certification | |
| CN116112178B (en) | Verification identifier generation method, system, electronic device and storage medium | |
| CN119167407B (en) | Data security information processing method and device based on mobile collaborative signature | |
| CN119995853A (en) | A method, device, system and equipment for generating electronic voucher verification data | |
| CN119808163A (en) | Method, device, electronic device and storage medium for obtaining data asset usage rights | |
| CN118260805A (en) | Method, device, equipment, storage medium and program product for preserving legacy based on notarization department | |
| CN116305077A (en) | Data processing method, device, electronic equipment and storage medium | |
| CN119071007A (en) | Login verification method, device, electronic device and computer-readable storage medium | |
| CN115603917A (en) | Blockchain-based data sharing method, system, device and storage medium | |
| JP2023179334A (en) | Authentication method, authentication system, portable information device, and authentication device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |