[go: up one dir, main page]

CN120030522B - Power system hierarchical authentication method and system based on blockchain and zero-knowledge proof - Google Patents

Power system hierarchical authentication method and system based on blockchain and zero-knowledge proof

Info

Publication number
CN120030522B
CN120030522B CN202510496263.4A CN202510496263A CN120030522B CN 120030522 B CN120030522 B CN 120030522B CN 202510496263 A CN202510496263 A CN 202510496263A CN 120030522 B CN120030522 B CN 120030522B
Authority
CN
China
Prior art keywords
identity
pseudo
authentication
equipment
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202510496263.4A
Other languages
Chinese (zh)
Other versions
CN120030522A (en
Inventor
潘曙辉
肖勇才
赵春晖
杨浩
姜楠
刘恒
江娜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Electric Power Research Institute of State Grid Jiangxi Electric Power Co Ltd
East China Jiaotong University
Original Assignee
Electric Power Research Institute of State Grid Jiangxi Electric Power Co Ltd
East China Jiaotong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Electric Power Research Institute of State Grid Jiangxi Electric Power Co Ltd, East China Jiaotong University filed Critical Electric Power Research Institute of State Grid Jiangxi Electric Power Co Ltd
Priority to CN202510496263.4A priority Critical patent/CN120030522B/en
Publication of CN120030522A publication Critical patent/CN120030522A/en
Application granted granted Critical
Publication of CN120030522B publication Critical patent/CN120030522B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/25Integrating or interfacing systems involving database management systems
    • G06F16/252Integrating or interfacing systems involving database management systems between a Database Management System and a front-end application
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
    • G06Q50/06Energy or water supply

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Economics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Data Mining & Analysis (AREA)
  • Strategic Management (AREA)
  • Public Health (AREA)
  • General Business, Economics & Management (AREA)
  • Water Supply & Treatment (AREA)
  • Tourism & Hospitality (AREA)
  • Computing Systems (AREA)
  • Primary Health Care (AREA)
  • Bioethics (AREA)
  • Marketing (AREA)
  • Human Resources & Organizations (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明公开了一种基于区块链和零知识证明的电力系统分级认证方法及系统,方法包括:电力设备注册阶段、同一信任域内的电力设备相互认证过程以及跨信任域的电力设备认证过程。根据设备和用户的重要性和权限级别,设计了一个多级别权限的认证方法,引入了区块链技术和零知识证明技术,实现了一种分级认证机制,不仅解决了传统认证方法在多级别权限管理中的复杂性和低效率问题,还大幅提升了跨信任域认证的安全性和效率。

This invention discloses a hierarchical authentication method and system for power systems based on blockchain and zero-knowledge proof. The method includes a power equipment registration phase, a mutual authentication process for power equipment within the same trust domain, and a cross-trust domain power equipment authentication process. Based on the importance and permission levels of devices and users, a multi-level permission authentication method is designed. By introducing blockchain and zero-knowledge proof technologies, a hierarchical authentication mechanism is implemented. This not only addresses the complexity and inefficiency of traditional authentication methods in multi-level permission management, but also significantly improves the security and efficiency of cross-trust domain authentication.

Description

Hierarchical authentication method and system for power system based on blockchain and zero knowledge proof
Technical Field
The invention belongs to the technical field of power system analysis, and particularly relates to a hierarchical authentication method and system for a power system based on blockchain and zero knowledge proof.
Background
The electric power system is an important support for ensuring stable operation of the society, and is used as a key infrastructure of the modern society and is used for carrying electric power supply for industrial production, commercial activities and daily living. Along with the continuous acceleration of the intelligent process of the power system, a large number of intelligent devices and the Internet of things technology are introduced into the power system, so that the efficiency of power production, transmission and distribution is greatly improved. However, interconnection of these devices also presents significant security challenges, especially in rights management, where authentication between devices in different rights domains is a key strategic step, as it ensures the security of information and operations to ensure safe and stable operation of the system.
Conventional power system authentication methods typically rely on a centralized authentication server. The centralized architecture often becomes a performance bottleneck when a large number of devices initiate authentication requests at the same time, which causes delay of the authentication process and further affects the real-time performance of the system. In addition, the database storage mode of the centralized server is difficult to effectively prevent the data from being tampered when processing large data volume and frequent data exchange, thereby influencing the integrity and the reliability of the data. The traditional authentication method also has the problems of complexity and low efficiency in the aspects of multi-level authority management and cross-trust-domain authentication, and is difficult to adapt to the requirements of equipment diversification and dynamic change in a modern power system.
Disclosure of Invention
The invention provides a hierarchical authentication method and system for a power system based on blockchain and zero knowledge proof, which are used for solving the technical problems of complexity and low efficiency in the aspects of multi-level authority management and cross-trust domain authentication.
In a first aspect, the present invention provides a hierarchical authentication method for a power system based on blockchain and zero knowledge proof, including:
When the device When a communication across trust domains is required, the deviceApparatus for installingIs the first pseudo-identity of (2)Initiated request informationComposing a request across trust domainsThen the deviceWill request across trust domainsSending to a CPS (central processing system) which is according to the equipmentRequest information of (a)Selecting one and requesting informationDevices in corresponding domainsIs the second pseudo-identity of (2)Reuse of the second pseudo-identityForm a replyAnd send a replyFeeding device;
Apparatus and method for controlling the operation of a deviceAccording to the received replySecond pseudo-identity in (a)Apparatus for connectingIs the first pseudo-identity of (2)And request information to be communicatedComposing an authentication requestAnd request authenticationBy a second pseudo-identityTransmitting to a deviceApparatus and methodAccording to receiving the authentication requestFirst pseudo-identity in (a)Extracting registration tuples from corresponding nodes on a blockchainThen the deviceFor the first pseudo-identityZero knowledge proof authentication and deviceIs a first authentication key of (a)Apparatus and method for controlling the operation of a machineIs disclosed in (1)Apparatus and deviceFirst zero knowledge proof of (2)Inputting the first verification result into verification algorithm Verify, and obtaining the first verification result through the verification algorithm VerifyWhen the obtained first verification resultTime display deviceVerification is successful, in contrast, when the obtained first verification resultTime display deviceVerification fails;
Apparatus and method for controlling the operation of a device Authentication success deviceAfter that, the deviceSending a reply authentication replyFeeding deviceApparatus and methodReceipt of an authentication replyThen according to the second pseudo identityExtracting registration tuples from corresponding nodes on a blockchainThen the deviceWill be against a second pseudo-identityZero knowledge proof authentication and deviceIs a second authentication key of (2)Apparatus and method for controlling the operation of a machineSecond publication of (2)Apparatus and deviceSecond zero knowledge proof of (2)Inputting the second verification result into verification algorithm Verify, and obtaining a second verification result through the verification algorithm VerifyWhen the second verification result is obtainedTime display deviceVerification is successful, in contrast, when the second verification result is obtainedTime display deviceThe verification fails.
In a second aspect, the present invention provides a hierarchical authentication system for a power system based on blockchain and zero knowledge proof, comprising:
A processing module configured to, when the device When a communication across trust domains is required, the deviceApparatus for installingIs the first pseudo-identity of (2)Initiated request informationComposing a request across trust domainsThen the deviceWill request across trust domainsSending to a CPS (central processing system) which is according to the equipmentRequest information of (a)Selecting one and requesting informationDevices in corresponding domainsIs the second pseudo-identity of (2)Reuse of the second pseudo-identityForm a replyAnd send a replyFeeding device;
A first verification module configured as a deviceAccording to the received replySecond pseudo-identity in (a)Apparatus for connectingIs the first pseudo-identity of (2)And request information to be communicatedComposing an authentication requestAnd request authenticationBy a second pseudo-identityTransmitting to a deviceApparatus and methodAccording to receiving the authentication requestFirst pseudo-identity in (a)Extracting registration tuples from corresponding nodes on a blockchainThen the deviceFor the first pseudo-identityZero knowledge proof authentication and deviceIs a first authentication key of (a)Apparatus and method for controlling the operation of a machineIs disclosed in (1)Apparatus and deviceFirst zero knowledge proof of (2)Inputting the first verification result into verification algorithm Verify, and obtaining the first verification result through the verification algorithm VerifyWhen the obtained first verification resultTime display deviceVerification is successful, in contrast, when the obtained first verification resultTime display deviceVerification fails;
a second authentication module configured as a device Authentication success deviceAfter that, the deviceSending a reply authentication replyFeeding deviceApparatus and methodReceipt of an authentication replyThen according to the second pseudo identityExtracting registration tuples from corresponding nodes on a blockchainThen the deviceWill be against a second pseudo-identityZero knowledge proof authentication and deviceIs a second authentication key of (2)Apparatus and method for controlling the operation of a machineSecond publication of (2)Apparatus and deviceSecond zero knowledge proof of (2)Inputting the second verification result into verification algorithm Verify, and obtaining a second verification result through the verification algorithm VerifyWhen the second verification result is obtainedTime display deviceVerification is successful, in contrast, when the second verification result is obtainedTime display deviceThe verification fails.
In a third aspect, an electronic device is provided that includes at least one processor and a memory communicatively coupled to the at least one processor, wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the steps of the blockchain and zero knowledge proof based power system hierarchical authentication method of any embodiment of the invention.
In a fourth aspect, the present invention also provides a computer readable storage medium having stored thereon a computer program, which when executed by a processor, causes the processor to perform the steps of the blockchain and zero knowledge proof based power system hierarchical authentication method of any embodiment of the present invention.
According to the hierarchical authentication method and system for the electric power system based on the blockchain and the zero knowledge proof, a multi-level authority authentication method is designed according to the importance and authority levels of equipment and users, and the blockchain technology and the zero knowledge proof technology are introduced, so that a hierarchical authentication mechanism is realized, the problems of complexity and low efficiency of the traditional authentication method in multi-level authority management are solved, and the security and efficiency of cross-trust-domain authentication are greatly improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of a hierarchical authentication method for a power system based on blockchain and zero knowledge proof according to an embodiment of the present invention;
FIG. 2 is a block diagram of a hierarchical authentication system for a power system based on blockchain and zero knowledge proof according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Referring to fig. 1, a flowchart of a hierarchical authentication method for a power system based on blockchain and zero knowledge proof of the present application is shown.
As shown in fig. 1, the hierarchical authentication method of the power system based on blockchain and zero knowledge proof specifically comprises the following steps:
Step S101, when the device When a communication across trust domains is required, the deviceApparatus for installingIs the first pseudo-identity of (2)Initiated request informationComposing a request across trust domainsThen the deviceWill request across trust domainsSending to a CPS (central processing system) which is according to the equipmentRequest information of (a)Selecting one and requesting informationDevices in corresponding domainsIs the second pseudo-identity of (2)Reuse of the second pseudo-identityForm a replyAnd send a replyFeeding device
Step S102, deviceAccording to the received replySecond pseudo-identity in (a)Apparatus for connectingIs the first pseudo-identity of (2)And request information to be communicatedComposing an authentication requestAnd request authenticationBy a second pseudo-identityTransmitting to a deviceApparatus and methodAccording to receiving the authentication requestFirst pseudo-identity in (a)Extracting registration tuples from corresponding nodes on a blockchainThen the deviceFor the first pseudo-identityZero knowledge proof authentication and deviceIs a first authentication key of (a)Apparatus and method for controlling the operation of a machineIs disclosed in (1)Apparatus and deviceFirst zero knowledge proof of (2)Inputting the first verification result into verification algorithm Verify, and obtaining the first verification result through the verification algorithm VerifyWhen the obtained first verification resultTime display deviceVerification is successful, in contrast, when the obtained first verification resultTime display deviceThe verification fails.
Step S103, apparatusAuthentication success deviceAfter that, the deviceSending a reply authentication replyFeeding deviceApparatus and methodReceipt of an authentication replyThen according to the second pseudo identityExtracting registration tuples from corresponding nodes on a blockchainThen the deviceWill be against a second pseudo-identityZero knowledge proof authentication and deviceIs a second authentication key of (2)Apparatus and method for controlling the operation of a machineSecond publication of (2)Apparatus and deviceSecond zero knowledge proof of (2)Inputting the second verification result into verification algorithm Verify, and obtaining a second verification result through the verification algorithm VerifyWhen the second verification result is obtainedTime display deviceVerification is successful, in contrast, when the second verification result is obtainedTime display deviceThe verification fails.
In the apparatusApparatus and deviceAfter mutual authentication is successful, the equipment is startedIs the first pseudo-identity of (2)Apparatus and deviceIs the second pseudo-identity of (2)Composing a session key generation requestAnd requests the session key generationThe session key is sent to the CPS, and the CPS receives the session key generation requestThen generating a random number n, and then according to the random number n and the first pseudo identitySecond pseudo identityGenerating deviceApparatus and deviceSession key betweenCPS device for central processing systemPublic key of (a)Session key by encryption algorithm EEncryption is carried out to obtain an encrypted session keyThe CPS will then encrypt the session keyTransmitting to a deviceApparatus and methodBy means of devicesPrivate key of (a)Obtaining the second session key after the decryption algorithm D is solvedSimultaneous apparatusSecond session keyCorresponding second pseudo-identityRecord to local storage and then deviceBy means of devicesPublic key of (a)Session key by encryption algorithm EEncrypting to obtain a second encrypted session keyAfter which the deviceEncrypting the second encrypted session keyTransmitting to a deviceApparatus and methodReceiving a second encrypted session keyBack-use devicePrivate key of (a)Obtaining the second session key after the decryption algorithm D is solvedLast deviceSecond session keyCorresponding first pseudo-identityRecorded into a local store.
By establishing the hierarchical trust domain, the method of the embodiment can distribute the device to different security levels according to the authority and the sensitivity of the device, and effectively isolate potential security risks. And a cross-trust domain authentication method is designed to further ensure safe data exchange between devices, and high security and privacy can be maintained even among different trust levels. The non-tamper-proof and zero-knowledge proof privacy protection characteristic of the blockchain technology ensures the transparency and the non-tamper-proof property of all transactions and operations, and provides a safe, reliable and privacy protection mechanism for the power system. The zero knowledge proof method enables the device to prove its identity and authority without revealing any sensitive information. In conclusion, the hierarchical authentication method based on the blockchain and the zero knowledge proof provides a new solution for the power system, and can effectively improve the safety and efficiency of the equipment authentication of the modern power system.
In a specific embodiment, the power device registration is specifically:
Apparatus and method for controlling the operation of a device Note that the device is provided before sending registration request to the CPSIs converted into an arithmetic circuit C, and then the arithmetic circuit C and the security parameters are used for the authenticationInput into Setup operation Setup to generate certification keyAuthentication keyThen the identification key of the identity to be authenticated is verifiedStatement of disclosureAnd witnessing personInput into a proof operation to generate a zero knowledge proof, wherein,Is a unitary representation, is used to convey information about the security parameters,It means that the certification key and the verification key for the zero knowledge certification process are generated based on the security parameters and the arithmetic circuit by the Setup operation.
Apparatus and method for controlling the operation of a deviceApparatus for installingIs the first pseudo-identity of (2)Public keyAnd zero knowledge proofForming a registration tupleApparatus and methodSending registration tuples to CPSTo generate a registration request, the CPS receives the registration tupleAfter that, the received first pseudo identity is verifiedWhether or not to repeat if the first pseudo identityRejecting the registration request if repeated;
CPS verification is successful and then the CPS verification is used as equipment on the blockchain Establish a target node and register the tupleStored in the target node while the device is being movedIs the first pseudo-identity of (2)Associated with the account address of the target node, and finally, the CPS returns a replyFeeding deviceTo inform the device ofRegistration is completed.
In another specific embodiment, the power devices in the same trust domain mutually authenticate, specifically:
When the device When in-domain authentication is needed, equipmentApparatus for installingIs the first pseudo-identity of (2)Form authentication request to CPS;
CPS receives the authentication requestThereafter, according to the first pseudo-identityExtracting registration tuples from corresponding nodes on a blockchainThe CPS then processes the first pseudo-identityPerforming zero knowledge proof authentication and authenticating the first verification keyStatement of first publicationAnd a first zero knowledge proofInputting the first verification result into verification algorithm Verify, and obtaining the first verification result through the verification algorithm VerifyWhen the obtained first verification resultTime display deviceVerification is successful, in contrast, when the obtained first verification resultTime display deviceVerification fails;
Apparatus and method for controlling the operation of a device After authentication is successful, CPS follows the first pseudo identityIs of importance to the deviceAssigning permission levelsAfter the allocation is completed, the first pseudo identityAnd authority levelRecord in local store, and finally CPS sends reply authentication replyFeeding device
Specifically, the CPS is classified by authority levelDefining trust domains as 3 levels, i.e., high-level trust domainsMiddle level trust domainLow-level trust domain
The method of the application can realize the following technical effects:
(1) The method is suitable for a multi-level cross-trust domain scene, wherein devices are distributed into different trust domains (high-level trust domain, medium-level trust domain and low-level trust domain) according to the authority level of the devices, and each trust domain has unique security requirements and access authority settings. In this way, devices of different levels can operate securely within respective trust domains. When the device needs to request across the trust domain, the validity and the security of the request across the trust domain are ensured by exchanging zero knowledge proof and a bidirectional authentication process.
(2) The device can rapidly perform identity authentication through the pre-generated certification key and verification key in the registration and authentication process, thereby reducing manual intervention and improving authentication efficiency. After the cross-trust domain authentication is successful, the central processing system generates a session key, and the session key is transmitted through the public key encryption of the equipment, so that the safe transmission and storage of the session key are ensured. The use of session keys ensures the efficiency and security of inter-device communication.
(3) The invention stores the registration information of the equipment on the blockchain by utilizing the blockchain technology, so that any blockchain node can quickly access and verify the registration information of the equipment. The decentralised storage mode eliminates the risk of single-point faults and improves the reliability and efficiency of authentication. Through the zero knowledge proof technology, the equipment can quickly generate and verify the identity proof without transmitting sensitive information, and communication overhead and delay in the authentication process are reduced.
(4) And after the equipment is successfully authenticated, different authority levels are allocated, and the resource access control is performed according to the authority levels. Higher level trust domain devices may access more sensitive and important resources while access rights of lower level trust domain devices are severely restricted. When in cross-trust domain communication, the enhanced cross-trust domain authentication process ensures that each communication is carried out under the premise of being controllable and conforming to policies, thereby further ensuring the security of the resources.
(5) The security of the system is ensured, namely, the identity verification is carried out under the condition of not revealing sensitive information of the equipment by a zero knowledge proof technology, so that the privacy protection level of the equipment is greatly improved, and information disclosure and identity forging are prevented.
Referring to fig. 2, a block diagram of a hierarchical authentication system for a power system based on blockchain and zero knowledge proof of the present application is shown.
As shown in fig. 2, the power system hierarchical authentication system 200 includes a processing module 210, a first verification module 220, and a second verification module 230.
Wherein the processing module 210 is configured to, when the deviceWhen a communication across trust domains is required, the deviceApparatus for installingIs the first pseudo-identity of (2)Initiated request informationComposing a request across trust domainsThen the deviceWill request across trust domainsSending to a CPS (central processing system) which is according to the equipmentRequest information of (a)Selecting one and requesting informationDevices in corresponding domainsIs the second pseudo-identity of (2)Reuse of the second pseudo-identityForm a replyAnd send a replyFeeding device;
A first authentication module 220 configured as a deviceAccording to the received replySecond pseudo-identity in (a)Apparatus for connectingIs the first pseudo-identity of (2)And request information to be communicatedComposing an authentication requestAnd request authenticationBy a second pseudo-identityTransmitting to a deviceApparatus and methodAccording to receiving the authentication requestFirst pseudo-identity in (a)Extracting registration tuples from corresponding nodes on a blockchainThen the deviceFor the first pseudo-identityZero knowledge proof authentication and deviceIs a first authentication key of (a)Apparatus and method for controlling the operation of a machineIs disclosed in (1)Apparatus and deviceFirst zero knowledge proof of (2)Inputting the first verification result into verification algorithm Verify, and obtaining the first verification result through the verification algorithm VerifyWhen the obtained first verification resultTime display deviceVerification is successful, in contrast, when the obtained first verification resultTime display deviceVerification fails;
a second authentication module 230 configured as a device Authentication success deviceAfter that, the deviceSending a reply authentication replyFeeding deviceApparatus and methodReceipt of an authentication replyThen according to the second pseudo identityExtracting registration tuples from corresponding nodes on a blockchainThen the deviceWill be against a second pseudo-identityZero knowledge proof authentication and deviceIs a second authentication key of (2)Apparatus and method for controlling the operation of a machineSecond publication of (2)Apparatus and deviceSecond zero knowledge proof of (2)Inputting the second verification result into verification algorithm Verify, and obtaining a second verification result through the verification algorithm VerifyWhen the second verification result is obtainedTime display deviceVerification is successful, in contrast, when the second verification result is obtainedTime display deviceThe verification fails.
It should be understood that the modules depicted in fig. 2 correspond to the various steps in the method described with reference to fig. 1. Thus, the operations and features described above for the method and the corresponding technical effects are equally applicable to the modules in fig. 2, and are not described here again.
In other embodiments, embodiments of the present invention further provide a computer readable storage medium having stored thereon a computer program, the program instructions, when executed by a processor, cause the processor to perform the blockchain and zero knowledge proof based power system hierarchical authentication method of any of the method embodiments described above;
As one embodiment, the computer-readable storage medium of the present invention stores computer-executable instructions configured to:
When the device When a communication across trust domains is required, the deviceApparatus for installingIs the first pseudo-identity of (2)Initiated request informationComposing a request across trust domainsThen the deviceWill request across trust domainsSending to a CPS (central processing system) which is according to the equipmentRequest information of (a)Selecting one and requesting informationDevices in corresponding domainsIs the second pseudo-identity of (2)Reuse of the second pseudo-identityForm a replyAnd send a replyFeeding device;
Apparatus and method for controlling the operation of a deviceAccording to the received replySecond pseudo-identity in (a)Apparatus for connectingIs the first pseudo-identity of (2)And request information to be communicatedComposing an authentication requestAnd request authenticationBy a second pseudo-identityTransmitting to a deviceApparatus and methodAccording to receiving the authentication requestFirst pseudo-identity in (a)Extracting registration tuples from corresponding nodes on a blockchainThen the deviceFor the first pseudo-identityZero knowledge proof authentication and deviceIs a first authentication key of (a)Apparatus and method for controlling the operation of a machineIs disclosed in (1)Apparatus and deviceFirst zero knowledge proof of (2)Inputting the first verification result into verification algorithm Verify, and obtaining the first verification result through the verification algorithm VerifyWhen the obtained first verification resultTime display deviceVerification is successful, in contrast, when the obtained first verification resultTime display deviceVerification fails;
Apparatus and method for controlling the operation of a device Authentication success deviceAfter that, the deviceSending a reply authentication replyFeeding deviceApparatus and methodReceipt of an authentication replyThen according to the second pseudo identityExtracting registration tuples from corresponding nodes on a blockchainThen the deviceWill be against a second pseudo-identityZero knowledge proof authentication and deviceIs a second authentication key of (2)Apparatus and method for controlling the operation of a machineSecond publication of (2)Apparatus and deviceSecond zero knowledge proof of (2)Inputting the second verification result into verification algorithm Verify, and obtaining a second verification result through the verification algorithm VerifyWhen the second verification result is obtainedTime display deviceVerification is successful, in contrast, when the second verification result is obtainedTime display deviceThe verification fails.
The computer readable storage medium may include a storage program area that may store an operating system, an application required for at least one function, and a storage data area that may store data created from use of a power system hierarchical authentication system based on blockchain and zero knowledge proof, etc. In addition, the computer-readable storage medium may include high-speed random access memory, and may also include memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some embodiments, the computer readable storage medium optionally includes a memory remotely located with respect to the processor, the remote memory connectable over a network to a power system hierarchical authentication system based on blockchain and zero knowledge proof. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
Fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 3, the device includes a processor 310 and a memory 320. The electronic device may further comprise input means 330 and output means 340. The processor 310, memory 320, input device 330, and output device 340 may be connected by a bus or other means, for example in fig. 3. Memory 320 is the computer-readable storage medium described above. The processor 310 executes various functional applications of the server and data processing by running non-volatile software programs, instructions and modules stored in the memory 320, i.e., implements the blockchain and zero knowledge proof-based power system hierarchical authentication method of the above-described method embodiments. The input device 330 may receive input numeric or character information and generate key signal inputs related to user settings and function control of the power system hierarchical authentication system based on blockchain and zero knowledge proof. The output device 340 may include a display device such as a display screen.
The electronic equipment can execute the method provided by the embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method. Technical details not described in detail in this embodiment may be found in the methods provided in the embodiments of the present invention.
As one embodiment, the electronic device is applied to a hierarchical authentication system of a power system based on blockchain and zero knowledge proof and used for a client, and comprises at least one processor and a memory in communication connection with the at least one processor, wherein the memory stores instructions executable by the at least one processor, and the instructions are executed by the at least one processor to enable the at least one processor to:
When the device When a communication across trust domains is required, the deviceApparatus for installingIs the first pseudo-identity of (2)Initiated request informationComposing a request across trust domainsThen the deviceWill request across trust domainsSending to a CPS (central processing system) which is according to the equipmentRequest information of (a)Selecting one and requesting informationDevices in corresponding domainsIs the second pseudo-identity of (2)Reuse of the second pseudo-identityForm a replyAnd send a replyFeeding device;
Apparatus and method for controlling the operation of a deviceAccording to the received replySecond pseudo-identity in (a)Apparatus for connectingIs the first pseudo-identity of (2)And request information to be communicatedComposing an authentication requestAnd request authenticationBy a second pseudo-identityTransmitting to a deviceApparatus and methodAccording to receiving the authentication requestFirst pseudo-identity in (a)Extracting registration tuples from corresponding nodes on a blockchainThen the deviceFor the first pseudo-identityZero knowledge proof authentication and deviceIs a first authentication key of (a)Apparatus and method for controlling the operation of a machineIs disclosed in (1)Apparatus and deviceFirst zero knowledge proof of (2)Inputting the first verification result into verification algorithm Verify, and obtaining the first verification result through the verification algorithm VerifyWhen the obtained first verification resultTime display deviceVerification is successful, in contrast, when the obtained first verification resultTime display deviceVerification fails;
Apparatus and method for controlling the operation of a device Authentication success deviceAfter that, the deviceSending a reply authentication replyFeeding deviceApparatus and methodReceipt of an authentication replyThen according to the second pseudo identityExtracting registration tuples from corresponding nodes on a blockchainThen the deviceWill be against a second pseudo-identityZero knowledge proof authentication and deviceIs a second authentication key of (2)Apparatus and method for controlling the operation of a machineSecond publication of (2)Apparatus and deviceSecond zero knowledge proof of (2)Inputting the second verification result into verification algorithm Verify, and obtaining a second verification result through the verification algorithm VerifyWhen the second verification result is obtainedTime display deviceVerification is successful, in contrast, when the second verification result is obtainedTime display deviceThe verification fails.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on such understanding, the foregoing technical solutions may be embodied essentially or in part in the form of a software product, which may be stored in a computer-readable storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to perform the various embodiments or methods of some parts of the embodiments.
It should be noted that the above-mentioned embodiments are merely for illustrating the technical solution of the present invention, and not for limiting the same, and although the present invention has been described in detail with reference to the above-mentioned embodiments, it should be understood by those skilled in the art that the technical solution described in the above-mentioned embodiments may be modified or some technical features may be equivalently replaced, and these modifications or substitutions do not make the essence of the corresponding technical solution deviate from the spirit and scope of the technical solution of the embodiments of the present invention.

Claims (5)

1.一种基于区块链和零知识证明的电力系统分级认证方法,其特征在于,包括:1. A power system hierarchical authentication method based on blockchain and zero-knowledge proof, characterized by comprising: 当设备需要进行跨信任域通信时,设备将设备的第一伪身份,发起的请求信息组成一个跨信任域请求,然后设备将跨信任域请求发送给中央处理系统CPS,中央处理系统CPS根据设备的请求信息,选择一个与请求信息对应的域中的设备的第二伪身份,再用第二伪身份组成一个答复,并发送答复给设备When the device When cross-trust domain communication is required, the device The device The first pseudo-identity , the request information initiated Composing a cross-trust domain request , then the device Cross-trust domain requests Send to the central processing system CPS, the central processing system CPS according to the device Request Information , select one and request information Devices in the corresponding domain Second pseudo-identity , and then use the second pseudo identity Compose a reply , and send a reply Give equipment ; 设备根据收到答复中的第二伪身份,将设备的第一伪身份和待通信的请求信息组成一个认证请求,并将认证请求通过第二伪身份发送给设备,设备根据收到认证请求中的第一伪身份从区块链上的对应节点中提取注册元组,然后设备对第一伪身份进行零知识证明认证,并将设备的第一验证密钥、设备的第一公开声明和设备的第一零知识证明输入至验证算法Verify中,通过验证算法Verify得到第一验证结果,当得到的第一验证结果时表示设备验证成功,相反,当得到的第一验证结果时表示设备验证失败;equipment According to the response received The second pseudo-identity in , the device The first pseudo-identity and request information to be communicated Forming an authentication request , and the authentication request Through a second pseudo-identity Send to device ,equipment Upon receipt of the certification request The first pseudo-identity Extract the registration tuple from the corresponding node on the blockchain , then the device For the first pseudo-identity Perform zero-knowledge proof authentication and set the device First verification key ,equipment First public statement and equipment The first zero-knowledge proof Input into the verification algorithm Verify, and obtain the first verification result through the verification algorithm Verify , when the first verification result is obtained Time display device Verification is successful, on the contrary, when the first verification result is obtained Time display device Verification failed; 设备认证成功设备后,设备发送回复认证答复给设备,设备收到认证答复后,再根据第二伪身份从区块链上的对应节点中提取注册元组,然后设备将对第二伪身份进行零知识证明认证,并将设备的第二验证密钥、设备的第二公开声明和设备的第二零知识证明输入至验证算法Verify中,通过验证算法Verify得到第二验证结果,当得到的第二验证结果时表示设备验证成功,相反,当得到的第二验证结果时表示设备验证失败。equipment Authentication successful device After that, the equipment Send Reply Authentication Reply Give equipment ,equipment Receive certification response Then, according to the second pseudo identity Extract the registration tuple from the corresponding node on the blockchain , then the device The second pseudo-identity Perform zero-knowledge proof authentication and set the device Second verification key ,equipment Second public statement and equipment The second zero-knowledge proof Input into the verification algorithm Verify, and obtain the second verification result through the verification algorithm Verify , when the second verification result is obtained Time display device Verification is successful, on the contrary, when the second verification result is obtained Time display device Authentication failed. 2.根据权利要求1所述的一种基于区块链和零知识证明的电力系统分级认证方法,其特征在于,所述方法还包括:2. A power system hierarchical authentication method based on blockchain and zero-knowledge proof according to claim 1, characterized in that the method further comprises: 电力设备注册,具体为:Power equipment registration, specifically: 设备注在向中央处理系统CPS发送注册请求前,将设备的待证身份问题转换为算术电路C,然后把算术电路C和安全参数输入到设定操作Setup中以生成证明密钥和验证密钥,再将待证身份的证明密钥、公开声明和见证者输入到证明操作中生成零知识证明equipment Note Before sending a registration request to the Central Processing System (CPS), The identity problem to be proved is converted into an arithmetic circuit C, and then the arithmetic circuit C and the security parameter Enter into the Setup operation to generate a certification key and verification key , and then the proof key of the identity to be proved , Public Statement and witnesses Input into the proof operation to generate a zero-knowledge proof ; 设备将设备的第一伪身份、公钥和零知识证明组成一个注册元组,设备向中央处理系统CPS发送注册元组以生成注册请求,中央处理系统CPS收到注册元组后,验证收到的第一伪身份是否重复,若第一伪身份重复则拒绝该注册请求;equipment The device The first pseudo-identity , public key and zero-knowledge proof Form a registration tuple ,equipment Send registration tuple to the central processing system CPS To generate a registration request, the central processing system CPS receives the registration tuple After that, verify the first pseudo-identity received Is it repeated? If the first pseudo identity If it is repeated, the registration request will be rejected; 中央处理系统CPS验证成功后将在区块链上为设备建立一个目标节点,并把注册元组存储在目标节点中,同时将设备的第一伪身份与目标节点的账户地址相关联,最后,中央处理系统CPS返回一个答复给设备,以告知设备注册完成。After the central processing system CPS successfully verifies, it will record the device on the blockchain. Create a target node and register the tuple Stored in the target node, the device The first pseudo-identity Associated with the target node's account address, finally, the central processing system CPS returns a reply Give equipment , to inform the device Registration is complete. 3.根据权利要求1所述的一种基于区块链和零知识证明的电力系统分级认证方法,其特征在于,所述方法还包括:3. The power system hierarchical authentication method based on blockchain and zero-knowledge proof according to claim 1, further comprising: 同一信任域内的电力设备相互认证,具体为:Mutual authentication of power equipment within the same trust domain, specifically: 当设备需要进行域内认证时,设备将设备的第一伪身份发送给中央处理系统CPS形成认证请求When the device When domain authentication is required, the device The device The first pseudo-identity Send to the central processing system CPS to form a certification request ; 中央处理系统CPS收到认证请求后,根据第一伪身份从区块链上的对应节点中提取注册元组,然后中央处理系统CPS将第一伪身份进行零知识证明认证,并将第一验证密钥、第一公开声明和第一零知识证明输入至验证算法Verify中,通过验证算法Verify得到第一验证结果,当得到的第一验证结果时表示设备验证成功,相反,当得到的第一验证结果时表示设备验证失败;The Central Processing System (CPS) receives a certification request Then, according to the first pseudo identity Extract the registration tuple from the corresponding node on the blockchain , then the central processing system CPS will first pseudo identity Perform zero-knowledge proof authentication and pass the first verification key First public statement and the first zero-knowledge proof Input into the verification algorithm Verify, and obtain the first verification result through the verification algorithm Verify , when the first verification result is obtained Time display device Verification is successful, on the contrary, when the first verification result is obtained Time display device Verification failed; 设备认证成功后,中央处理系统CPS按照第一伪身份的重要性为设备分配权限等级,分配完成后将第一伪身份和权限等级记录到本地存储中,最后中央处理系统CPS发送回复认证答复给设备equipment After the authentication is successful, the central processing system CPS Importance of equipment Assigning permission levels After the allocation is completed, the first pseudo identity and permission levels Recorded in local storage, the central processing system CPS sends a reply authentication reply Give equipment . 4.根据权利要求1所述的一种基于区块链和零知识证明的电力系统分级认证方法,其特征在于,其中,在设备与设备相互认证成功后,所述方法包括:4. A power system hierarchical authentication method based on blockchain and zero-knowledge proof according to claim 1, characterized in that, in the device With equipment After mutual authentication is successful, the method includes: 将设备的第一伪身份和设备的第二伪身份组成一个会话密钥生成请求,并将会话密钥生成请求发送给中央处理系统CPS,中央处理系统CPS收到会话密钥生成请求后生成一个随机数n,再根据随机数n、第一伪身份、第二伪身份生成设备与设备之间的会话密钥,然后中央处理系统CPS用设备的公钥通过加密算法E对会话密钥进行加密,得到加密会话密钥,之后中央处理系统CPS将加密会话密钥发送给设备,设备用设备的私钥和解密算法D解开后得到第二会话密钥,同时设备将第二会话密钥及对应的第二伪身份记录到本地存储中,然后设备用设备的公钥通过加密算法E对会话密钥进行加密,得到第二加密会话密钥,之后设备将第二加密会话密钥发送给设备,设备收到第二加密会话密钥后用设备的私钥和解密算法D解开后得到第二会话密钥,最后设备将第二会话密钥以及对应的第一伪身份记录到本地存储中。The device The first pseudo-identity and equipment Second pseudo-identity Form a session key generation request , and generate a session key request Sent to the central processing system CPS, the central processing system CPS receives the session key generation request Then generate a random number n, and then according to the random number n, the first pseudo identity , Second fake identity Generate Devices With equipment The session key between , then the central processing system CPS equipment Public key The session key is encrypted using the encryption algorithm E Encrypt and obtain the encrypted session key , then the central processing system CPS will encrypt the session key Send to device ,equipment Use equipment Private key After decryption with decryption algorithm D, the second session key is obtained , while the device The second session key and the corresponding second pseudo-identity Record to local storage, then the device Use equipment Public key The session key is encrypted using the encryption algorithm E Encrypt and obtain the second encrypted session key , then the device The second encrypted session key Send to device ,equipment Receive the second encrypted session key Post-use equipment Private key After decryption with decryption algorithm D, the second session key is obtained , the last device The second session key And the corresponding first pseudo-identity Record to local storage. 5.一种基于区块链和零知识证明的电力系统分级认证系统,其特征在于,包括:5. A power system hierarchical authentication system based on blockchain and zero-knowledge proof, characterized by including: 处理模块,配置为当设备需要进行跨信任域通信时,设备将设备的第一伪身份,发起的请求信息组成一个跨信任域请求,然后设备将跨信任域请求发送给中央处理系统CPS,中央处理系统CPS根据设备的请求信息,选择一个与请求信息对应的域中的设备的第二伪身份,再用第二伪身份组成一个答复,并发送答复给设备Processing module, configured as a device When cross-trust domain communication is required, the device The device The first pseudo-identity , the request information initiated Composing a cross-trust domain request , then the device Cross-trust domain requests Send to the central processing system CPS, the central processing system CPS according to the device Request Information , select one and request information Devices in the corresponding domain Second pseudo-identity , and then use the second pseudo identity Compose a reply , and send a reply Give equipment ; 第一验证模块,配置为设备根据收到答复中的第二伪身份,将设备的第一伪身份和待通信的请求信息组成一个认证请求,并将认证请求通过第二伪身份发送给设备,设备根据收到认证请求中的第一伪身份从区块链上的对应节点中提取注册元组,然后设备对第一伪身份进行零知识证明认证,并将设备的第一验证密钥、设备的第一公开声明和设备的第一零知识证明输入至验证算法Verify中,通过验证算法Verify得到第一验证结果,当得到的第一验证结果时表示设备验证成功,相反,当得到的第一验证结果时表示设备验证失败;The first verification module is configured as a device According to the response received The second pseudo-identity in , the device The first pseudo-identity and request information to be communicated Forming an authentication request , and the authentication request Through a second pseudo-identity Send to device ,equipment Upon receipt of the certification request The first pseudo-identity Extract the registration tuple from the corresponding node on the blockchain , then the device For the first pseudo-identity Perform zero-knowledge proof authentication and set the device First verification key ,equipment First public statement and equipment The first zero-knowledge proof Input into the verification algorithm Verify, and obtain the first verification result through the verification algorithm Verify , when the first verification result is obtained Time display device Verification is successful, on the contrary, when the first verification result is obtained Time display device Verification failed; 第二验证模块,配置为设备认证成功设备后,设备发送回复认证答复给设备,设备收到认证答复后,再根据第二伪身份从区块链上的对应节点中提取注册元组,然后设备将对第二伪身份进行零知识证明认证,并将设备的第二验证密钥、设备的第二公开声明和设备的第二零知识证明输入至验证算法Verify中,通过验证算法Verify得到第二验证结果,当得到的第二验证结果时表示设备验证成功,相反,当得到的第二验证结果时表示设备验证失败。The second verification module is configured as a device Authentication successful device After that, the equipment Send Reply Authentication Reply Give equipment ,equipment Receive certification response Then, according to the second pseudo identity Extract the registration tuple from the corresponding node on the blockchain , then the device The second pseudo-identity Perform zero-knowledge proof authentication and set the device Second verification key ,equipment Second public statement and equipment The second zero-knowledge proof Input into the verification algorithm Verify, and obtain the second verification result through the verification algorithm Verify , when the second verification result is obtained Time display device Verification is successful, on the contrary, when the second verification result is obtained Time display device Authentication failed.
CN202510496263.4A 2025-04-21 2025-04-21 Power system hierarchical authentication method and system based on blockchain and zero-knowledge proof Active CN120030522B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202510496263.4A CN120030522B (en) 2025-04-21 2025-04-21 Power system hierarchical authentication method and system based on blockchain and zero-knowledge proof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202510496263.4A CN120030522B (en) 2025-04-21 2025-04-21 Power system hierarchical authentication method and system based on blockchain and zero-knowledge proof

Publications (2)

Publication Number Publication Date
CN120030522A CN120030522A (en) 2025-05-23
CN120030522B true CN120030522B (en) 2025-08-29

Family

ID=95732764

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202510496263.4A Active CN120030522B (en) 2025-04-21 2025-04-21 Power system hierarchical authentication method and system based on blockchain and zero-knowledge proof

Country Status (1)

Country Link
CN (1) CN120030522B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120281585B (en) * 2025-06-10 2025-08-15 华东交通大学 Zero-trust-oriented internet of things equipment authentication and access control method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116800435A (en) * 2023-08-21 2023-09-22 成都信息工程大学 Access control methods, systems and storage media based on zero-knowledge proof and cross-chain
CN119449283A (en) * 2024-10-11 2025-02-14 广州芳禾数据有限公司 A cross-domain authentication method based on zero-knowledge proof

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7649678B2 (en) * 2021-04-02 2025-03-21 株式会社野村総合研究所 A system for multi-party zero-knowledge proofs
CN116744297A (en) * 2023-05-26 2023-09-12 西安电子科技大学 Block chain-based trusted cross-domain identity authentication method and device
CN118646540A (en) * 2024-07-03 2024-09-13 齐鲁工业大学(山东省科学院) Identity authentication method and system based on blockchain and zero-knowledge proof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116800435A (en) * 2023-08-21 2023-09-22 成都信息工程大学 Access control methods, systems and storage media based on zero-knowledge proof and cross-chain
CN119449283A (en) * 2024-10-11 2025-02-14 广州芳禾数据有限公司 A cross-domain authentication method based on zero-knowledge proof

Also Published As

Publication number Publication date
CN120030522A (en) 2025-05-23

Similar Documents

Publication Publication Date Title
CN108235806B (en) Method, device and system for safely accessing block chain, storage medium and electronic equipment
CN110708170B (en) Data processing method and device and computer readable storage medium
CN107231351B (en) Electronic certificate management method and related equipment
AU2019236667A1 (en) System and method for decentralized identity management, authentication and authorization of applications
CN120030522B (en) Power system hierarchical authentication method and system based on blockchain and zero-knowledge proof
CN111639327A (en) Authentication method and device for open platform
CN113901432B (en) Blockchain identity authentication method, device, storage medium and computer program product
CN112152778B (en) Node management method and device and electronic equipment
CN108965342B (en) Authentication method and system for data requester to access data source
CN114268437B (en) Data processing method, blockchain node, system and computer-readable storage medium
US7930763B2 (en) Method of authorising a computing entity
CN113742743A (en) LDAP-based data encryption access control method and system
CN113329003B (en) An access control method, user equipment and system for the Internet of Things
CN112926983A (en) Block chain-based deposit certificate transaction encryption system and method
CN114598463B (en) Data authentication system
CN115150831B (en) Method, device, server and medium for processing network access request
Liou et al. T-auth: A novel authentication mechanism for the iot based on smart contracts and pufs
US11611541B2 (en) Secure method to replicate on-premise secrets in a cloud environment
CN119743295A (en) A two-way identity authentication method and system based on delegation mechanism in Hongmeng ecosystem
CN116015906B (en) Node authorization method, node communication method and device for privacy calculation
CN119652526A (en) A blockchain-based information authentication method and related equipment
CN113132097B (en) Lightweight certificateless cross-domain authentication method, system and application suitable for Internet of things
CN113055345B (en) Block chain-based data security authentication method and device
CN119382888B (en) User authentication method, intelligent service system, device, medium, and program
CN118101334B (en) Heterogeneous internet of things authentication system and method based on edge calculation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant