KR20240054068A - Apparatus for Blockchain-based Password Distributed Processing and Driving Method Thereof - Google Patents

Abstract

The present invention relates to a blockchain-type distributed encryption processing device and an operating method thereof. The blockchain-type distributed encryption processing device according to an embodiment of the present invention may include: a communication interface unit that communicates with an external device to distributely process a password designated by a user in the form of a group or blockchain; and a control unit that divides a password into multiple pieces, encrypts the divided passwords, stores them in a distributed manner in an external device, and when a password is needed, receives the encrypted and distributedly stored divided passwords from an external device, decrypts them, and then restores and uses the password by combining the decrypted divided passwords.

Description

Blockchain type password distributed processing device and driving method of the device {Apparatus for Blockchain-based Password Distributed Processing and Driving Method Thereof}

The present invention relates to a blockchain-type cryptographic distribution processing device and a method of operating the device. More specifically, the present invention relates to a cryptographic distribution processing device in the form of a blockchain and a method of operating the device. More specifically, the present invention relates to, for example, a user dividing passwords such as passwords, encrypting them in a blockchain format, distributing them, and then distributing them when necessary. This relates to a blockchain-type cryptographic distribution processing device that processes and uses distributed passwords in a blockchain format and a method of operating the device.

Service providers on the Internet provide World Wide Web (WWW) sites that are physically divided between multiple servers. Many servers charge users a fee for access to these sites or allow free access, and users provide a user name (e.g. ID) and password (PW) to use the service.

However, conventionally, users have the inconvenience of having to memorize many passwords because they use different IDs and passwords for multiple sites, and when using the same password for multiple sites, there is a risk of hacking. There are risks, so there is an urgent need to develop technology that can satisfy all of them.

Korean Patent Publication No. 10-0289522 (2001.02.20) Korean Patent Publication No. 10-2391952 (2022.04.25)

An embodiment of the present invention is a blockchain-type cryptographic distribution processing device that allows a user to divide passwords such as passwords, encrypt and distribute them in blockchain form, and then process the distributed passwords in blockchain form when necessary, and the same. The purpose is to provide a method of operating the device.

The blockchain-type password distribution processing device according to an embodiment of the present invention includes a communication interface unit that communicates with an external device to distribute and process user-specified passwords in the form of a group or blockchain (block chain), and a plurality of passwords. The divided password is encrypted and stored in the external device, and when the password is needed, the encrypted and distributed password is provided from the external device, decrypted, and then the decrypted passwords are combined with each other. It includes a control unit that restores and uses the password.

The control unit divides the password (PW) to generate a first split password (PW1) and a second split password (PW2), encrypts the first split password, transmits it to a first external device, and stores it, The second split password can be encrypted, transmitted to a second external device, and stored.

When the control unit distributes and stores each partition password to the first external device and the second external device, the third external device and the second external device encrypt and store the first partition password to prevent non-use of the password. A fourth external device that encrypts and stores the two-part password can be set as an auxiliary device to store the first split password and the second split password in redundancy and distributed distribution.

The control unit requests transmission of the split password distributed and stored to the first external device and the second external device when the password is needed, and if there is no transmission of the split password from the first external device or the second external device. At this time, transmission of the distributedly stored split password to the third external device and the fourth external device can be requested.

The control unit designates a new set of external devices to replace the first external device and the second external device when the split password is not transmitted from the first external device or the second external device. The first split password and the second split password can be encrypted and stored in a distributed manner.

The control unit may distribute and process the split password to the user's external device designated on the screen provided when the application is executed.

In addition, the method of driving a blockchain-type password distribution processing device according to an embodiment of the present invention includes the steps of a communication interface unit communicating with an external device to distribute and process user-specified passwords in a group or blockchain format, and a control unit The split password obtained by dividing the password into a plurality of pieces is encrypted and distributed and stored in the external device. When the password is needed, the encrypted and distributed split password is provided from the external device, decrypted, and the decrypted split password is stored in the external device. It includes the step of restoring and using the password by combining it with each other.

In the step of using, the password (PW) is divided to generate a first split password (PW1) and a second split password (PW2), and the first split password is encrypted and transmitted to a first external device to be stored. , the second split password can be encrypted and transmitted to a second external device for storage.

The using step includes: a third external device encrypting and storing the first split password to prevent non-use of the password when distributing and storing each split password in the first external device and the second external device; By setting a fourth external device that encrypts and stores the second split password as an auxiliary device, the first split password and the second split password can be redundantly and distributedly stored.

In the using step, when the password is needed, transmission of the split password distributed and stored to the first external device and the second external device is requested, and transmission of the split password from the first external device or the second external device is performed. When there is none, transmission of the split password distributed and stored to the third external device and the fourth external device can be requested.

The using step is to designate a new set of external devices to replace the first external device and the second external device when the division password is not transmitted from the first external device or the second external device to perform the first division. The password and the second split password can be encrypted and stored in a distributed manner.

In the step of using, the split password can be distributed and processed to the user's external device designated on the screen provided when running the application.

According to an embodiment of the present invention, it may be possible for a user to use one universal password without the risk of hacking without having to memorize different passwords in order to access multiple online sites.

In addition, the embodiment of the present invention is not limited to online sites, but offline devices such as automatic teller machines (ATMs) can also be used after confirming the password through an app such as a smartphone, thereby increasing convenience. .

1 is a diagram showing a blockchain-type cryptographic distributed processing system according to an embodiment of the present invention;
2 and 3 are diagrams for explaining the encryption distributed processing method according to an embodiment of the present invention;
Figure 4 is a block diagram illustrating the detailed structure of a blockchain-type cryptographic distributed processing device according to an embodiment of the present invention, and
Figure 5 is a flowchart showing a blockchain-type encryption distribution processing method according to an embodiment of the present invention.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

Figure 1 is a diagram showing a blockchain-type cryptographic distribution processing system according to an embodiment of the present invention, and Figures 2 and 3 are diagrams for explaining a cryptographic distribution processing method according to an embodiment of the present invention.

As shown in Figure 1, the blockchain-type cryptographic distribution processing system 90 according to an embodiment of the present invention is a user terminal device 100, a communication network 110, and an online service device (or a cryptographic distribution processing device). Includes some or all of it.

Here, "including part or all" means that some components, such as the online service device 120, are omitted to perform direct communication (e.g., P2P communication, etc.) between the user terminal devices 100, or the online service device ( This means that some or all of the components constituting 120) can be integrated and configured into a network device (e.g. wireless exchange device, etc.) constituting the communication network 110, in order to facilitate a sufficient understanding of the invention. It is explained as including everything.

The user terminal device 100 may include mobile-based terminal devices such as smartphones carried by users, wearable devices worn on the wrist, and tablet PCs, and may also include PC-based terminal devices such as desktop computers and laptop computers. You can. The user terminal device 100 loads and executes an application (hereinafter referred to as an app) in the form of phone contact information or messenger-based KakaoTalk in order to distribute and store the password, that is, the password, according to an embodiment of the present invention, based on blockchain. You can use the service by ordering.

The user terminal device 100 may operate as a blockchain-type cryptographic distribution processing device according to an embodiment of the present invention. In other words, in the embodiment of the present invention, detailed operations may be somewhat different depending on whether the actual operation of the service is performed in the user terminal device 100 or the online service device 120. In other words, this is because the user terminal device 100 executes the app to enable communication on a P2P basis, and the online service device 120 can only operate in the form of managing the user terminal devices 100.

More specifically, the user terminal device 100 can run an application (hereinafter referred to as an app) to use a service according to an embodiment of the present invention. Additionally, the user terminal device 100 can set a general-purpose password through an interface with the user and request distributed encrypted storage of the password. Of course, as shown in FIG. 2, distributed encryption divides one password, that is, the password (PW), into multiple pieces, and each of the split passwords (PW1, PW2, ...., PW(N-1), PWN ) means encrypting and storing it. At this time, the split password is distributed and stored in a plurality of external devices, and the external devices can form a group or a type of block chain. This distributed storage can be done randomly, and of course, it is clear that the identification information of the device being distributed is stored. Of course, when dividing the password, the user can specify it, but the division can also be done randomly. At this time, it is clear that the division information about the divided password is recorded. For example, an order may be specified. In addition, distributed storage can be transmitted to friends and other acquaintances, and distributed storage on SNS (e.g. KakaoTalk, Line, WeChat, etc.) may also be possible. Figure 3 shows this. At this time, the user of the user terminal device 100 may select a target for distributed encrypted storage from the list of friends displayed when running the app.

For example, the person on whom a random user distributes and stores the password he sets may be a friend's user terminal device 100, or it may be one of his family members. For example, if you split the password into three, one can be encrypted and stored in your user terminal device 100, and the other one can be sent to your friend's user terminal device (or first external device) 100 to request distributed storage. The remaining one can request distributed storage to the younger brother's user terminal device (or second external device) 100. Of course, distributed storage can be done automatically, but it is preferable that distributed storage is done with the permission of the other party. Therefore, it can be seen that the user terminal device 100 of the younger brother, friend, and oneself forms a group or blockchain that stores one password in a distributed manner. Here, blockchain actually means operating in a similar way rather than implementing the same technology as blockchain technology. In other words, if the blockchain allows updating of the ledger due to agreement among all nodes participating in the blockchain, in the embodiment of the present invention, the use of the split password can only be done with approval, that is, permission, from all devices that distributedly store the split password. will be. Therefore, when a password is needed and the user requests a password after running the app on his or her user terminal device 100, the request can be transmitted to the user terminal device 100 of the younger sibling and friend, respectively. In this case, the split password is transmitted with the permission of the younger brother and the friend. Data processing details related to the storage and output of such split passwords may be recorded in an internal ledger or memory, and it may also be possible to integrate and manage transaction details in the online service device 120.

The user's user terminal device 100, which has distributedly stored the password, uses the first and second split passwords provided by the younger brother's user terminal device 100 and the friend's user terminal device 100, respectively, in response to the password request. Combine this with the stored split password (e.g. PW = PW1 + PW2 + .... + PWN). Of course, if the split password is not stored in one's own user terminal device 100, only the split password provided from an external user terminal device 100 can be combined or combined. Since the split passwords are provided encrypted, they can be decrypted and then combined to create the password set by the user. In other words, the original password is restored. Since encryption and decryption are protocols between two devices, they can be implemented in various ways depending on the intention of the service designer or program designer, and therefore will not be specifically limited to any one form in the embodiments of the present invention. Of course, the user terminal device 100 of the user requesting split storage of the password can record which split password is stored in which user terminal device 100 when splitting the password, and can also record the order of the split password. Since information is available, combinations can be made based on this. Of course, when encrypted and transmitted, if the actual data of the split cipher and additional order information are transmitted together, the order information is decrypted together when decrypted, so it may be possible to combine them using this. Also, even if the order is not specified, it may be possible to show the combined password to the user for confirmation. Since various methods are possible, embodiments of the present invention will not be particularly limited to any one method of combination.

Above all, users who request distributed storage of passwords can freely or automatically designate a new partner and store the same split password in a new user terminal device 100 in order to quickly use the password when they need it. do. In this process, one set (or pair) of user terminal devices 100 can be designated. Here, when the password is divided into two, one set can be two user terminal devices 100, and when the password is divided into three, three user terminal devices 100 can be one set. . For example, if the first split password and the second split password were stored in the user terminal device 100 of the younger brother and the friend, the same first split password and the second split password will of course be divided differently for the same password. It may be possible, but it is distributed and stored in the mother and father's user terminal devices (or third and fourth external devices) 100. This may be required for continued use of the password.

In other words, if the younger brother and friend's user terminal devices 100 operate as the main set, the mother and father's user terminal devices 100 operate as a auxiliary set (or sub set). . Therefore, when a user requests transmission of a split password through his or her user terminal device 100, the request signal is first transmitted to the user terminal device 100 of the main set, and then any of the user terminal devices 100 constituting the main set is sent. Since it is impossible to configure a password when there is no transmission from one terminal device, the password can be used by requesting transmission of a split password to the user terminal device 100 of the auxiliary set. For example, this can be seen as a way to prepare for problems such as the death of the partner storing the split password. Additionally, the user terminal device 100 can automatically or manually designate a new set of user terminal devices 100 when the other party storing the split password fails to transmit the split password. Of course, the user can freely set the objects that operate as the main set and the auxiliary set, and this can be automatically set in the user terminal device 100 or the online service device 120 based on the frequency of contact with the other party. Since anything is possible, there will be no particular limitation on how to set it in the embodiment of the present invention.

To summarize, when the user terminal device 100 sets a password that can be used for general purposes, for example, the password can be split and stored in the user terminal device 100 of an acquaintance or family member, and at this time, the divided Encryption can be performed on the split cipher. If the password is split into two, the storage destination of the split password can be two user terminal devices 100, and if it is split into three, the storage destination of the split password can be three. Of course, in the above example, the user terminal device 100 such as a smartphone was exemplified, but the online service device 120 of FIG. 1 such as a server may also be a storage object for the split password, so in the embodiment of the present invention, the split password is stored. There will be no particular limitation on the target.

The two or three storage objects above are designated as groups, and can be seen as operating like a kind of blockchain. In other words, when a user who requests split password storage requests the transmission of split passwords when the password is needed, the other party's permission must be obtained. Of course, even without permission, it is possible to process split encryption in a new way. For example, the user terminal device 100 requesting a split password transmits the split password it stores to each user terminal device 100, and in other words, splits and stores it among the user terminal devices 100 forming a blockchain. It is also possible to share passwords with each other, combine split passwords, share the combined passwords with each other, and process them in the form of true or false when the passwords unanimously match each other. This is an embodiment of the present invention. will not be specifically limited to any one form. In other words, the password can be used when the combined passwords on all devices match each other.

Furthermore, in an embodiment of the present invention, when a user terminal device 100 requests distributed storage of a password, two sets of user terminal devices 100 can be designated for the same split password. The first set of user terminal devices 100 operates as the main set, and the second set of user terminal devices 100 provides service according to an embodiment of the present invention when a problem occurs in the first set of user terminal devices 100. It operates as an auxiliary set for processing. Of course, when there is no transmission of the split password from the first set of user terminal devices 100, the user terminal device 100 that has requested split storage of the password is notified in the form of a pop-up window on the screen that the split password has not been transmitted from so-and-so. I can give it. These actions are performed on the app screen through the app. If the split password is not transmitted from the other party even after a certain period of time has elapsed after requesting transmission of the split password, a pre-stored pop-up window is automatically displayed on the screen of the user terminal device 100 of the user who requested the split password.

The communication network 110 includes both wired and wireless communication networks. For example, a wired or wireless Internet network may be used or linked as the communication network 110. Here, the wired network includes Internet networks such as cable networks and public switched telephone networks (PSTN), and the wireless communication network includes CDMA, WCDMA, GSM, EPC (Evolved Packet Core), LTE (Long Term Evolution), and Wibro networks. It means including. Of course, the communication network 110 according to an embodiment of the present invention is not limited to this, and can be used as an access network for a next-generation mobile communication system to be implemented in the future, for example, a cloud computing network in a cloud computing environment, a 5G network, etc. For example, if the communication network 110 is a wired communication network, the access point within the communication network can connect to the telephone company's exchange office, etc., but in the case of a wireless communication network, data is processed by connecting to the SGSN or GGSN (Gateway GPRS Support Node) operated by the communication company, or Data can be processed by connecting to various repeaters such as BTS (Base Transceiver Station), NodeB, and e-NodeB.

Communication network 110 may also include access points. Access points include small base stations such as femto or pico base stations that are often installed in buildings. Here, femto or pico base stations are classified according to the maximum number of user terminal devices 100, etc., that can be connected in the classification of small base stations. Of course, the access point may include a short-range communication module for performing short-range communication such as ZigBee and Wi-Fi with the user terminal 100. Access points can use TCP/IP or RTSP (Real-Time Streaming Protocol) for wireless communication. Here, in addition to Wi-Fi, short-range communication can be performed using various standards such as Bluetooth, Zigbee, infrared (IrDA), RF (Radio Frequency) such as UHF (Ultra High Frequency) and VHF (Very High Frequency), and ultra-wideband communication (UWB). You can. Accordingly, the access point can extract the location of the data packet, designate the best communication path for the extracted location, and forward the data packet to the next device, for example, the online service device 120, along the designated communication path. Access points can share multiple lines in a typical network environment and include, for example, routers, repeaters, and repeaters.

The online service device 120 may operate as a blockchain-type cryptographic distribution processing device according to an embodiment of the present invention, but may also be a device such as a server of a portal site. In other words, the online service device 120 may be the target of a password distributed processing operation performed in the user terminal device 100, or may be a server that provides a password distributed processing service, and may be a server that provides a password distributed processing service, and You can also monitor the actions taking place. In other words, when the app is executed on the user terminal device 100, the online service device 120 stores the password distributedly and records the corresponding operation process when the distributed password is provided and combined into the DB 120a of FIG. 1. By systematically classifying and storing passwords, you can quickly respond to problems that arise during distributed processing of passwords.

In addition, the online service device 120 may be an operating server of a portal operator that provides a portal site. When the user terminal device 100 accesses an online site and wishes to use a universal password according to an embodiment of the present invention, When a button displayed on the screen of an online site is selected, a screen for performing a service according to an embodiment of the present invention may be displayed so that the password can be confirmed. Of course, for this purpose, linkage may be made in advance between the online service device 120 and the device providing the service according to the embodiment of the present invention. In addition, the user using the user terminal device 100 can run the app on the smartphone separately from the currently accessed online site, check the password, and then enter the password in the password field of the currently accessed site. In the embodiments of the invention, there will be no particular limitation to any one form.

Above all, the online service device 120 provides a service screen related to this when running an app on the user terminal device 100 that requests distributed storage of passwords in order to operate as a blockchain-type password distribution processing device, e.g. For example, when a partner is designated in the user terminal device 100 of the user requesting distributed storage of the password, the corresponding information is stored, and when a request for distributed storage is made, the password is split into the user terminal device 100 of the corresponding partner. It can be seen as performing an intermediary role, such as requesting distributed storage of . Of course, data generated during this process can be recorded in DB 120a of FIG. 1. In addition, when there is a request to transmit a split password from the user terminal device 100 that has requested distributed storage of the password, the online service device 120 searches the DB 120a of FIG. 1 according to the request of the user terminal device 100. By doing this, you can find the partner who stores the split password and request transmission of the split password to the other party's user terminal device 100. The online service device 120 according to an embodiment of the present invention may participate in these operations.

Of course, in addition to the above operations, the online service device 120 includes the user terminal device 100 to operate as a main set and the user terminal device 100 to operate as an auxiliary set, as previously explained through the user terminal device 100. Designation, and when it is determined that the user terminal device 100 of the main set cannot perform the operation for transmitting the split password, requesting distributed storage of the password to designate or configure a new set of user terminal devices 100. Various operations can be performed with the user terminal device 100. The details have been sufficiently explained previously, so I will replace them with those details.

Figure 4 is a block diagram illustrating the detailed structure of a blockchain-type cryptographic distributed processing device according to an embodiment of the present invention.

As shown in FIG. 4, the blockchain-type cryptographic distribution processing device according to an embodiment of the present invention is at least one device among the user terminal device 100 and the online service device 120 of FIG. 1, and includes a communication interface unit. It includes part or all of 400, control unit 410, cryptographic distribution processing unit 420, and storage unit 430.

Here, “including part or all” means that the cryptographic distribution processing device is configured by omitting some components, such as the storage unit 430, or that some components, such as the cryptographic distribution processing unit 420, are combined with the control unit 410. It means something that can be configured by being integrated with other components of the same type, and is explained as being all-inclusive to facilitate a sufficient understanding of the invention.

Prior to the detailed description, the service according to the embodiment of the present invention was mainly explained by illustrating that the service is performed in the user terminal device 100, but hereinafter, the description will focus on the online service device 120. That is, the online service device 120 of FIG. 1 operates as a cryptographic distribution processing device.

The communication interface unit 400 performs communication when executing an app on the user terminal device 100, that is, requesting distributed storage of a password. Of course, the communication interface unit 400 can perform operations such as modulation/demodulation, muxing/demuxing, and encryption/decryption during communication, and can also perform operations such as scaling to convert resolution. Since this is obvious to those skilled in the art, further explanation is omitted.

The communication interface unit 400 performs an operation for distributed storage under the control of the control unit 410 when the user terminal device 100 requests splitting of the password designated by the user or requests splitting and distributed storage. do. In other words, when the target for distributed storage of the split password is designated by the user terminal device 100, the service is processed by communicating with the user terminal device 100 of the designated user. On the other hand, if there is no separate designation, communication can be performed with a distributed storage target, that is, the other party's user terminal device 100, which is randomly assigned based on the phone number library of the user terminal device 100 that has requested distributed storage of the password. .

In addition, the communication interface unit 400 may operate to process a request for (transmission) of a split password to be distributedly stored from the user terminal device 100 that has requested distributed storage of the password, and may also operate to process a request for distributed storage of the password. If there is a designation of a counterpart operating as a secondary set in addition to the designation of a counterpart operating as a main set in the user terminal device 100, communication is also performed with the counterpart's user terminal device 100 operating as an auxiliary set to distribute the password. Processing operations can be performed.

The control unit 410 is responsible for the overall control operation of the communication interface unit 400, the cryptographic distribution processing unit 420, and the storage unit 430 of FIG. 4. Typically, the control unit 410 can perform a distributed processing operation of the user terminal device 100 requesting distributed storage of a password in conjunction with the password distribution processing unit 420, and also encrypts and distributes the split password into which the password is divided. It can be saved, and operations for main set operations and auxiliary set operations can also be processed. For example, the main set operation and the auxiliary set operation can be specified in the user terminal device 100 of the user requesting divided storage of the password, but if there is no separate designation, the user's contact frequency, etc. It is also possible to automatically specify the basis. Of course, in the case of automatic designation, the relevant fact may be notified to the user terminal device 100. Control unit 410 may be involved in these operations.

In addition, when the control unit 410 determines that the user terminal device 100 of the main set cannot perform an operation for processing the split password, for example, when a problem occurs such as the other party's death, the control unit 410 returns to the main set. The settings of the operating user terminal device 100 can be canceled. And, when a new set of user terminal devices 100 capable of processing the same split password is designated, separately from the predetermined auxiliary set of user terminal devices 100, the corresponding user terminal devices 100 and passwords are distributedly stored and managed. You can perform actions to: Of course, during this process, the control unit 410 may perform an operation to designate a new set of user terminal devices 100.

The cryptographic distribution processing unit 420 performs a blockchain-type cryptographic distribution operation according to an embodiment of the present invention. To this end, the cryptographic distribution processing unit 420 may load a program according to an embodiment of the present invention therein and execute the program under the control of the control unit 410. For example, when executing an app on the user terminal device 100 that requests distributed processing of a password, the control unit 410 may control the password distribution processing unit 420 to provide an app screen to the user terminal device 100. . An input window for specifying a password may be created on the app screen, and a request button requesting distributed storage may be displayed on one side. Furthermore, on the other side, a list of partners where you can designate a partner for distributed storage of the password may be displayed. Of course, a plurality of passwords can be used rather than one universal password, and it is also possible to request distributed storage for each password, so the embodiment of the present invention will not be particularly limited to any one form. In addition, since the user interface (UI) screen provided from the cryptographic distribution processing unit 420 to the user terminal device 100 can be configured in various ways, embodiments of the present invention will not be particularly limited to any one form.

The password distribution processing unit 420 provides a password from the user terminal device 100 requesting distributed processing of the password, and specifies a partner for split storage. When providing the password, the order in which the passwords are combined, and what kind of split password is used. It can be created in a designated format using data related to whether it is transmitted to the other party's user terminal device 100 and then stored in the DB 120a of FIG. 1. Therefore, even if there is a request to transmit a split password from the user terminal device 100 that has requested distributed storage of the password, the DB 120a is searched, the user terminal device 100 of the other party who transmitted the split password is searched, and the split password is sent. You can request transmission of . Of course, the password distribution processing unit 420 can provide information related to the password combination order when transmitting the split password to the user terminal device 100 that has requested transmission of the split password, and of course, this information can be used for distributed storage of the password. Since it is possible to store the requested information on the app of the user terminal device 100, the embodiment of the present invention will not be particularly limited to any one form.

As mentioned above, the password distribution processing unit 420 determines that the user terminal device 100 of the main set, the user terminal device 100 of the auxiliary set, and even the main set do not operate smoothly when processing distributed storage of passwords. When this happens, an operation for specifying or configuring a new set of user terminal devices 100 can be performed, and since this has been sufficiently explained above, the contents will be replaced. However, when the password distribution processing unit 420 designates a person to perform an operation in the user terminal device 100 requesting distributed storage of a password, it generates data in a specified format based on the information and stores it in the DB (of FIG. 1). It is stored and managed in 120a). Therefore, when the user terminal device 100 of the main set is automatically or manually released, the cryptographic distribution processing unit 420 deletes or deactivates the data related to the main set stored in the DB 120a of FIG. An update operation of the DB 120a can be performed by adding data.

The storage unit 430 temporarily stores various types of data under the control of the control unit 410. For example, when the user terminal device 100 requesting distributed storage of a password provides a password or provides a split password, the storage unit 430 temporarily stores data related to the password or split password and then stores the data in the password distribution processing unit 420. It can be provided to . In addition, when a partner for distributed storage of a password is designated, the storage unit 430 receives the other party's user information, such as device identification information of the user terminal device 100, stores it temporarily, and then sends it to the password distribution processing unit 420. can be provided.

In addition to the above, the communication interface unit 400, control unit 410, cryptographic distribution processing unit 420, and storage unit 430 of FIG. 4 can perform various operations, and other details have been sufficiently explained previously. I want to replace it with fields.

The communication interface unit 400, control unit 410, cryptographic distribution processing unit 420, and storage unit 430 of FIG. 4 according to an embodiment of the present invention are composed of hardware modules that are physically separated from each other, but each module has an internal It will be possible to store software to perform the above operations and execute it. However, the software is a set of software modules, and each module can be formed as hardware, so there will be no particular limitation on the configuration of software or hardware. For example, the storage unit 430 may be hardware, such as storage or memory. However, since it is possible to store information through software (repository), the above content will not be specifically limited.

Meanwhile, as another embodiment of the present invention, the control unit 410 may include a CPU and memory, and may be formed as a single chip. The CPU includes a control circuit, an arithmetic unit (ALU), an instruction interpretation unit, and a registry, and the memory may include RAM. The control circuit performs control operations, the operation unit performs operations on binary bit information, and the command interpretation unit includes an interpreter or compiler, which can convert high-level language into machine language and machine language into high-level language. , the registry may be involved in software data storage. According to the above configuration, for example, at the beginning of the operation of the online service device 120, the program stored in the cryptographic distribution processing unit 420 is copied, loaded into memory, that is, RAM, and then executed, thereby speeding up the data operation processing speed. can be increased. In the case of deep learning models, they can be loaded into GPU memory rather than RAM and executed by accelerating the execution speed using GPU.

Figure 5 is a flowchart showing a blockchain-type encryption distribution processing method according to an embodiment of the present invention.

For convenience of explanation, referring to FIG. 5 together with FIG. 1, the password distribution processing device 100/120 according to an embodiment of the present invention communicates with an external device to distribute and process user-specified passwords in the form of a group or blockchain. (S500). Here, the external device may be any device other than the user terminal device 100 that requests distributed storage of the password. For example, as seen in FIG. 1, the online service device 120 may also be a target. Of course, the user terminal device 100, which requests distributed processing of the password separately from the external device, may be the object of encrypting, storing and managing the split password of the password for which it requests distributed storage, that is, the split part of the password. .

In addition, the password distribution processing device (100/120) encrypts the split password divided into a plurality of passwords and stores them in a distributed manner in an external device. When the password is needed, the encrypted and distributedly stored split password is provided from an external device and decrypted. The decrypted split passwords are combined together to restore the password (S510). For example, if a specific password is divided into PW1 ~ PWN as shown in Figure 2, the original password is restored by distributing and storing the divided passwords and then requesting them again and combining them (PW = PW1 + PW2 + ... + PWN). I can pay it. The restored password is used. As described above, the passwords can be restored based on order information, but the passwords can also be combined and used in a way that is randomly combined and displayed on the user's user terminal device 100, and then recombined and displayed when the user does not allow it. . Therefore, in the embodiments of the present invention, there will be no particular limitation on the combining method.

In addition to the above, the cryptographic distribution processing device (100/120) can perform various operations, and other details have been sufficiently explained previously, so these will be used instead.

Meanwhile, even though all the components constituting the embodiment of the present invention are described as being combined or operating in combination, the present invention is not necessarily limited to this embodiment. That is, as long as it is within the scope of the purpose of the present invention, all of the components may be operated by selectively combining one or more of them. In addition, although all of the components may be implemented as a single independent hardware, a program module in which some or all of the components are selectively combined to perform some or all of the combined functions in one or more pieces of hardware. It may also be implemented as a computer program having. The codes and code segments that make up the computer program can be easily deduced by a person skilled in the art of the present invention. Such computer programs can be stored in non-transitory computer readable media and read and executed by a computer, thereby implementing embodiments of the present invention.

Here, a non-transitory readable recording medium refers to a medium that stores data semi-permanently and can be read by a device, rather than a medium that stores data for a short period of time, such as a register, cache, or memory. . Specifically, the above-described programs may be stored and provided on non-transitory readable recording media such as CD, DVD, hard disk, Blu-ray disk, USB, memory card, ROM, etc.

In the above, preferred embodiments of the present invention have been shown and described, but the present invention is not limited to the specific embodiments described above, and may be used in the technical field to which the invention pertains without departing from the gist of the invention as claimed in the claims. Of course, various modifications can be made by those skilled in the art, and these modifications should not be understood individually from the technical idea or perspective of the present invention.

100: User terminal device 110: Communication network
120: Online service device 400: Communication interface unit
410: Control unit 420: Cryptography distribution processing unit
430: storage unit

Claims (12)

A communication interface unit that communicates with an external device to distribute user-specified passwords in a group or block chain form; and
The split password obtained by dividing the password into a plurality of pieces is encrypted and distributed and stored in the external device. When the password is needed, the encrypted and distributed split password is provided from the external device, decrypted, and the decrypted split password is stored in the external device. A control unit that combines with each other to restore the password and use it;
A blockchain-based cryptographic distributed processing device that includes According to paragraph 1,
The control unit divides the password (PW) to generate a first split password (PW1) and a second split password (PW2), encrypts the first split password, transmits it to a first external device, and stores it, A blockchain-based cryptographic distribution processing device that encrypts the second split password and transmits it to a second external device to store it. According to paragraph 2,
When the control unit distributes and stores each partition password to the first external device and the second external device, the third external device and the second external device encrypt and store the first partition password to prevent non-use of the password. A blockchain-based cryptographic distribution processing device that sets a fourth external device that encrypts and stores the split password as an auxiliary device and stores the first split password and the second split password in redundant and distributed manner. According to paragraph 3,
The control unit requests transmission of the split password distributed and stored to the first external device and the second external device when the password is needed, and if there is no transmission of the split password from the first external device or the second external device. A blockchain-based cryptographic distribution processing device that requests transmission of the distributed and stored split password to the third external device and the fourth external device. According to paragraph 4,
The control unit designates a new set of external devices to replace the first external device and the second external device when the split password is not transmitted from the first external device or the second external device. A blockchain-based cryptographic distribution processing device that encrypts and stores the first split password and the second split password. According to paragraph 1,
The control unit is a blockchain-based password distribution processing device that distributes and processes the split password to the user's external device specified on the screen provided when running the application. A communication interface unit communicating with an external device to distribute and process user-specified passwords in a group or blockchain format; and
The control unit encrypts the split password that divides the password into a plurality of pieces and stores them distributedly in the external device. When the password is needed, the control unit receives the encrypted and distributedly stored split password from the external device, decrypts it, and then decrypts the split password. combining split ciphers to restore and use the cipher;
A method of operating a blockchain-based cryptographic distributed processing device, including: In clause 7,
The steps used above are,
The password (PW) is divided to generate a first split password (PW1) and a second split password (PW2), the first split password is encrypted, transmitted to a first external device, and stored, and the second split password is encrypted. A method of operating a blockchain-based password distribution processing device that encrypts passwords and transmits them to a second external device for storage. According to clause 8,
The steps used above are,
When distributing and storing each split password in the first external device and the second external device, a third external device that encrypts and stores the first split password and the second split password are used to prevent unuse of the password. A method of driving a blockchain-based cryptographic distribution processing device that sets a fourth external device that encrypts and stores the data as an auxiliary device and stores the first split password and the second split password in duplicate. According to clause 9,
The steps used above are,
When the password is needed, transmission of the split password distributed and stored to the first external device and the second external device is requested, and when there is no transmission of the split password from the first external device or the second external device, the second external device 3. A method of operating a blockchain-based cryptographic distribution processing device that requests transmission of a split password distributed and stored to an external device and the fourth external device. According to clause 10,
The steps used above are,
When the partition password is not transmitted from the first external device or the second external device, a new set of external devices replacing the first external device and the second external device is designated, and the first partition password and the second external device are designated. A method of operating a blockchain-based cryptographic distribution processing device that encrypts and stores split passwords in a distributed manner. In clause 7,
The steps used above are,
A method of operating a blockchain-based password distribution processing device that distributes and processes the split password to the user's external device specified on the screen provided when running the application.