阅读说明：本技术 区块链的地址改造和身份认证方法、设备及储存介质 (Block chain address reconstruction and identity authentication method, equipment and storage medium ) 是由 王志文 吴思进 于 2021-10-04 设计创作，主要内容包括：本发明属于计算机技术领域,尤其涉及区块链的地址改造和身份认证方法、设备及储存介质,本发明的好处是保证用户注册地址时不会透露自身信息,并且只有在需要身份验证时(例如资产找回等情况),才提供身份证信息,保证用户的隐私安全,另一方面,身份哈希第一随机字符串、身份信息和私密信息进行N次哈希运算得到,而不是常规的直接采用身份证号码进行哈希运算,避免了黑客利用身份证的编码规则或收集大量身份证信息进行暴力破解并与账户地址对应,以获取用户身份信息,采用hashN运算来增加地址信息破解的代价,增加一定的破解时长,通过N的设定来设置获取身份哈希的时长,使得黑客无法在短时间内多次尝试各种组成形成暴力破解。(The invention belongs to the technical field of computers, in particular to an address modification and identity authentication method, equipment and a storage medium of a block chain, which have the advantages that the self information cannot be revealed when a user registers an address, and only when identity verification is needed (such as asset retrieval and the like), identity card information is provided to ensure the privacy safety of the user, on the other hand, identity hash first random character strings, identity information and private information are obtained by carrying out hash operation for N times, rather than the conventional method of directly adopting identity card codes to carry out hash operation, so that a hacker is prevented from using coding rules of the identity card or collecting a large amount of identity card information to carry out brute force cracking and corresponding to an account address to obtain the identity information of the user, hashN operation is adopted to increase the cracking cost of the address information, a certain cracking duration is increased, the duration for obtaining the identity hash is set through N, so that a hacker cannot try various compositions to form brute force cracking for many times in a short time.)

1. The block chain address transformation method is characterized by being suitable for a user side of a block chain system, and comprises the following steps:

s1, acquiring address information of the address to be modified in the block chain system;

s2, locally generating identity hashes, and registering the identity hashes in corresponding addresses to be modified according to the address information;

the identity hash is obtained by carrying out hash operation on a first random character string, identity information and private information for N times, the operation times N is set by a user, the first random character string is acquired from a server of a block chain system and is stored in the block chain system corresponding to the address information, and the identity information comprises one or more of an identity card number and a mobile phone number.

2. The address modification method according to claim 1, wherein the character length of the first random string is 32 characters.

3. The address improvement method according to claim 1, wherein the private information includes answers to a plurality of first private questions arranged in a selection order, the first private questions are obtained by a user performing a plurality of checkable selections from a fixed number of private questions, the number of the first private questions corresponds to the number of selections, and the number of the private questions and the number thereof are preset by a block chain system.

4. A blockchain identity authentication method, wherein an address of the blockchain system is obtained after being modified by the method of any one of claims 1 to 3, the method comprising:

s1, the first user sends an identity authentication request and identity authentication information to a third party organization for identity authentication based on the first address; the identity authentication information comprises identity information, private information and a plaintext of the operation times N, and the identity information comprises one or more of an identity card number and a mobile phone number;

s2, the third party mechanism receives the identity authentication request and the identity authentication information, calculates the identity hash to be verified according to the identity authentication information, compares the identity hash to be verified with the identity hash of the first address, and if the identity hash is consistent with the identity hash of the first address, the verification is passed;

s3, after the verification is passed, the third party organization issues an operation challenge to the user side where the first user is located (this is to prove that the identity card number is submitted by the user, in addition, the identity information may be a mobile phone number, and such authentication may require using a mobile phone verification code to authenticate that the mobile phone number provided by the user is operated by the user);

s4, completing operation challenge by a user side where the first user is located, generating challenge information and sending the challenge information to a third-party mechanism;

and S5, the third-party organization verifies the challenge information, and if the verification is passed, identity authentication is completed.

5. The method of claim 4, wherein the operational challenge comprises one or more of a face recognition challenge and a cell phone verification code challenge.

6. A computer device, characterized by one or more processors;

a memory for storing one or more programs,

the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the address modification method of any one of claims 1-3 or the identity authentication method of claim 4 or 5.

7. A storage medium storing a computer program, characterized in that the program, when executed by a processor, implements an address modification method as claimed in any one of claims 1 to 3, or an identity authentication method as claimed in claim 4 or 5.

Technical Field

The invention belongs to the technical field of computers, and particularly relates to a block chain address reconstruction and identity authentication method, equipment and a storage medium.

Background

The wallet retrieving technology or the social wallet technology of the block chain is generally based on two private keys, one private key can transfer accounts instantly, the other private key can realize delayed account transfer, and the assets in the wallet can be retrieved through different authorities of the two private keys. Under the general condition, a private key for delayed transfer, namely, a retrieval private key, is stored in a third-party organization, then verification is performed through methods such as real-name verification and the like, asset retrieval is performed after verification is passed, in numerous verification schemes, face authentication belongs to one of the most mainstream and most reliable methods at present when identity verification name registration and verification are performed, however, information leakage risks exist in the process, particularly, accounts with more assets are involved, and once identity information is leaked, trouble of multiple parties is possibly caused, so that an identity authentication method is urgently needed, registration can be registered under the condition that identity information is not disclosed, and privacy safety of users is guaranteed.

A Verifiable Delay Function (VDF) is a type of mathematical Function that can be made to require at least a known period of time for its computation, even when several CPUs are used simultaneously for parallel computation. That is, parallel acceleration cannot be simply performed, the most conventional VDF performs hash operation on a character string for N times, because the next operation must wait for the previous operation to end, and the current single-core operation capability of the CPU is mainly related to the main frequency, for the main frequency parameter of the CPU, the difference between the current worst main frequency performance of the CPU and the best main frequency performance of the CPU is not more than 5 times, while for the main frequency of the general household CPU, 2 ghz also exists, and the fastest CPU can be approximately 3 times faster.

Disclosure of Invention

In order to solve the technical problems, the invention provides a block chain address transformation and identity authentication method, equipment and a storage medium, which can realize identity authentication of asset retrieval and simultaneously prevent privacy of a user from being revealed, and simultaneously avoid brute force to crack and acquire identity card information.

In order to achieve the purpose, the invention adopts the following technical scheme.

In a first aspect, a method for modifying a blockchain address is provided, where the method is applied to a user side of a blockchain system, and the method includes:

s1, acquiring address information of the address to be modified in the block chain system;

s2, locally generating identity hashes, and registering the identity hashes in corresponding addresses to be modified according to the address information;

the identity hash is obtained by carrying out hash operation on a first random character string, identity information and private information for N times, the operation times N is set by a user, the first random character string is acquired from a server of a block chain system and is stored in the block chain system corresponding to the address information, and the identity information comprises one or more of an identity card number and a mobile phone number.

Preferably, the character length of the first random character string is 32 characters.

Preferably, the private information includes answers to a plurality of first private questions arranged according to a selection sequence, the first private questions are obtained by a user performing checkable selection for a plurality of times from a fixed number of private questions, the number of the first private questions corresponds to the selection times, and the private questions and the number thereof are preset by the block chain system.

In a second aspect, there is provided a method for authenticating a blockchain identity, where an address of the blockchain system is obtained after being modified by the method according to any one of the schemes provided in the first aspect and preferences of the first aspect, and the method includes:

s1, the first user sends an identity authentication request and identity authentication information to a third party organization for identity authentication based on the first address; the identity authentication information comprises identity information, private information and a plaintext of the operation times N, and the identity information comprises one or more of an identity card number and a mobile phone number;

s2, the third party mechanism receives the identity authentication request and the identity authentication information, calculates the identity hash to be verified according to the identity authentication information, compares the identity hash to be verified with the identity hash of the first address, and if the identity hash is consistent with the identity hash of the first address, the verification is passed;

s3, after the verification is passed, the third party organization initiates an operation challenge to the user side where the first user is located;

s4, completing operation challenge by a user side where the first user is located, generating challenge information and sending the challenge information to a third-party mechanism;

and S5, the third-party organization verifies the challenge information, and if the verification is passed, identity authentication is completed.

Preferably, the operational challenge includes one or more of a face recognition challenge and a cell phone verification code challenge.

In a third aspect, a computer device is provided that includes one or more processors;

a memory for storing one or more programs,

the one or more programs, when executed by the one or more processors, cause the one or more processors to perform the method of the first or second aspects as described above.

In a fourth aspect, there is provided a storage medium storing a computer program which, when executed by a processor, implements the method of the first or second aspect as described above.

The invention has the advantages that the self information can not be revealed when the user registers the address, and the identity card information can be provided only when the identity authentication is needed (such as asset retrieval and the like), so as to ensure the privacy safety of the user, on the other hand, the identity hash first random character string, the identity information and the private information are obtained by carrying out hash operation for N times, instead of the conventional method of directly adopting the identity card number to carry out hash operation, the method avoids the problem that hackers use the coding rule of the identity card or collect a large amount of identity card information to carry out brute force cracking and correspond to the account address so as to obtain the identity information of the user, adopts hash N operation, namely, the multiple Hash operations are used for increasing the cost of address information cracking, increasing certain cracking time, the time length for acquiring the identity hash is set through the setting of N, so that a hacker cannot try various components to form brute force cracking in a short time for many times.

Drawings

Fig. 1 is a schematic structural diagram of a computer device according to embodiment 2 of the present invention.

Detailed Description

The invention is described in further detail below with reference to specific embodiments and the attached drawing figures. Those skilled in the art will be able to implement the invention based on these teachings. Moreover, the embodiments of the present invention described in the following description are generally only some embodiments of the present invention, and not all embodiments. Therefore, all other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without any creative effort shall fall within the protection scope of the present invention. Unless otherwise specified, the methods described in the examples of the present invention are all those known to those skilled in the art.

Example 1

This embodiment provides a method for reconstructing a block chain address, which is applicable to a user side of a block chain system, and the method includes:

s1, acquiring address information of the address to be modified in the block chain system;

s2, locally generating identity hashes, and registering the identity hashes in corresponding addresses to be modified according to the address information;

the identity hash is obtained by carrying out hash operation on a first random character string, identity information and private information for N times, the operation times N is set by a user, the first random character string is acquired from a server of a block chain system and is stored in the block chain system corresponding to the address information, and the identity information comprises one or more of an identity card number and a mobile phone number.

In the scheme, firstly, the address of the block chain system is reformed, for example, the address after identity hash registration can be used for carrying out restriction of transaction and the like, and the address reformation is promoted, wherein the reforming method is that a user generates identity hash to register the identity hash into the address, the identity hash is obtained by carrying out N times of hash operation on a first random character string, identity information and private information, the first random character string is generated by a block chain server and corresponds to the address information, the identity information can be a combination of an identity card number and a mobile phone number, the private information is selected and set by the user, wherein the identity information is used for indicating the identity of the user, the first random character string and the private information are used for increasing the difficulty of cracking the identity information, then N times of hash operation are carried out, the number of the hash operation is set by the user, and the finally generated result is the identity hash, the N times of hash operations have double effects, the first pair of the first random character string, the identity information and the private information is encrypted, the identity information is mainly encrypted, the hash operations cannot be reversely pushed to obtain a plaintext before the operations, the encryption can be carried out, the privacy is protected, multiple times of hash are carried out, the single hash can be cracked exhaustively, the multiple times of hash theoretically need a large amount of time to be cracked, the privacy is guaranteed, the second effect is that approximate time consumption is set for brute force cracking, the time for carrying out one time of hash operation can be estimated approximately, the minimum time needed for correctly calculating the identity hash is determined by setting N, the time cost for once brute force cracking is determined, and malicious users such as hackers and the like are prevented from trying to realize brute force cracking in a short time for multiple times.

Specifically, the character length of the first random character string is 32 characters. 32 characters are appropriate in length.

Further, the private information comprises answers of a plurality of first private questions arranged according to a selection sequence, the first private questions are obtained by performing check-available selection for a plurality of times from a fixed number of private questions by a user, the number of the first private questions corresponds to the selection times, and the private questions and the number thereof are preset by the block chain system. A scheme for solving the privacy problem is provided, and if the fixed number of the privacy problem is X and the selection times are Y, the X ^ Y total combination exists, so that the difficulty of cracking is increased.

Correspondingly, a method for authenticating a blockchain identity is provided, where an address of the blockchain system is obtained after being modified by the method according to any one of the schemes provided by the first aspect and the preferences of the first aspect, and the method includes:

s1, the first user sends an identity authentication request and identity authentication information to a third party organization for identity authentication based on the first address; the identity authentication information comprises identity information, private information and a plaintext of the operation times N, and the identity information comprises one or more of an identity card number and a mobile phone number;

s2, the third party mechanism receives the identity authentication request and the identity authentication information, calculates the identity hash to be verified according to the identity authentication information, compares the identity hash to be verified with the identity hash of the first address, and if the identity hash is consistent with the identity hash of the first address, the verification is passed;

s3, after the verification is passed, the third party organization issues an operation challenge to the user side where the first user is located (this is to prove that the identity card number is submitted by the user, in addition, the identity information may be a mobile phone number, and such authentication may require using a mobile phone verification code to authenticate that the mobile phone number provided by the user is operated by the user);

s4, completing operation challenge by a user side where the first user is located, generating challenge information and sending the challenge information to a third-party mechanism;

and S5, the third-party organization verifies the challenge information, and if the verification is passed, identity authentication is completed.

Further, the operational challenge includes one or more of a face recognition challenge and a cell phone verification code challenge.

The method has the advantages that the information of a user cannot be disclosed when the user registers the address, the identity card information is provided only when identity verification is needed (for example, under the conditions of asset recovery and the like), the privacy safety of the user is ensured, the user provides corresponding parameters for calculating identity hash, calculation is carried out according to the same method, the same result is obtained, the fact that the user is the owner of the address really and is authorized to recover the asset is shown, generally, the recovery private key is used for asset delayed recovery by means of identity authentication and the like under the condition that a main private key is lost, and therefore the account recovered from the asset cannot be reused under the general condition.

Example 2

A computer device, the device comprising: one or more processors; memory for storing one or more programs that, when executed by the one or more processors, cause the one or more processors to perform the method of embodiment 1.

A storage medium storing a computer program which, when executed by a processor, implements the method as described in embodiment 1 above.

Fig. 1 is a schematic structural diagram of an apparatus provided in this embodiment.

As shown in fig. 1, as another aspect, the present application also provides a computer apparatus 500 including one or more Central Processing Units (CPUs) 501 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM)502 or a program loaded from a storage section 508 into a Random Access Memory (RAM) 503. In the RAM503, various programs and data necessary for the operation of the apparatus 500 are also stored. The CPU501, ROM502, and RAM503 are connected to each other via a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.

The following components are connected to the I/O interface 505: an input portion 506 including a keyboard, a mouse, and the like; an output portion 507 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage portion 508 including a hard disk and the like; and a communication section 509 including a network interface card such as a LAN card, a modem, or the like. The communication section 509 performs communication via a network such as the internet, and the processing driver 510 is also connected to the I/O interface 505 as necessary. A removable medium 511 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 510 as necessary, so that a computer program read out therefrom is mounted into the storage section 508 as necessary.

In particular, according to the embodiments disclosed in the present application, the method described in the above embodiment 1 may be implemented as a computer software program. For example, embodiments disclosed herein include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the method described in any of the embodiments above. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 509, and/or installed from the removable medium 511.

As yet another aspect, the present application also provides a computer-readable storage medium, which may be the computer-readable storage medium included in the apparatus of the above-described embodiment; or it may be a separate computer readable storage medium not incorporated into the device. The computer readable storage medium stores one or more programs for use by one or more processors in performing the methods described herein.

The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.

The units or modules described in the embodiments of the present application may be implemented by software or hardware. The described units or modules may also be provided in a processor, for example, each of the described units may be a software program provided in a computer or a mobile intelligent device, or may be a separately configured hardware device. Wherein the designation of a unit or module does not in some way constitute a limitation of the unit or module itself.

The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the present application. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.