CN112381540A - Method and device for verifying signed document based on zero-knowledge proof and electronic equipment - Google Patents
Method and device for verifying signed document based on zero-knowledge proof and electronic equipment Download PDFInfo
- Publication number
- CN112381540A CN112381540A CN202011269401.9A CN202011269401A CN112381540A CN 112381540 A CN112381540 A CN 112381540A CN 202011269401 A CN202011269401 A CN 202011269401A CN 112381540 A CN112381540 A CN 112381540A
- Authority
- CN
- China
- Prior art keywords
- result information
- signature
- key
- authentication result
- center
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Economics (AREA)
- Marketing (AREA)
- Technology Law (AREA)
- Development Economics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The embodiment of the specification provides a method for verifying and signing a document based on zero knowledge certification, a first secret key pair is used for encrypting and signing application materials, privacy is hidden to achieve the effect of zero knowledge chaining, the signing result information chaining is associated with transaction, a second secret key pair is used for authenticating a digital certificate, the authenticating result information chaining is associated with the transaction, a third party document retrieves the corresponding transaction, the authenticating result information and the signing result information are extracted, a public key of a CA center is used for verifying whether the authenticating result information is the authenticating result of the CA center, if yes, the authenticated public key is obtained to perform de-signing on the application materials of the signature, the comparison with the encrypted application materials is performed, and the document is signed if the comparison is passed. Because the chain of the authentication result information is associated with the transaction identification in advance, the document can be quickly retrieved and actively verified by self when being signed, the interaction time with a CA center is shortened, and the efficiency is improved by reducing the dependence on the CA on the premise of ensuring that the digital certificate used for the encrypted signature originates from the certificate of the user in the CA center.
Description
Technical Field
The application relates to the field of internet, in particular to a method, a device and electronic equipment for verifying a signed document based on a zero knowledge certificate.
Background
State authorities often sign documents (e.g., notary applications) when they are administered, which requires review of the materials of the participants.
The offline treatment mode is complicated, but the online treatment controllability is poor, mainly because the non-field submission of material objects cannot be realized.
In order to provide an auxiliary service for a document signing process on line, a set of auxiliary service system is developed, an applicant is allowed to sign application materials by means of a digital certificate, raw materials and a signature result are sent to a checking authority, the fact that the raw materials are provided by the applicant is guaranteed by the digital certificate, in order to improve the credibility, the CA center is used for granting the digital certificate to a user, therefore, in order to verify that the applicant is really signed by the digital certificate granted by the CA center, the checking authority needs to send the signed checking materials to the CA center after obtaining the signed application materials, the CA center returns the result to the checking authority after verifying the validity of the signature, and if the result passes, the checking authority signs the document.
However, it was found that the system has a high efficiency in the dependence on the CA center system, and it is necessary to provide a new method for signing documents.
The above information disclosed in this background section is only for enhancement of understanding of the background of the disclosure and therefore it may contain information that does not constitute prior art that is already known to a person of ordinary skill in the art.
Disclosure of Invention
The embodiment of the specification provides a method, a device and electronic equipment for verifying a signed document based on zero-knowledge proof, so that the dependence on a CA center system is reduced, and the document processing efficiency is improved.
An embodiment of the present specification provides a method for verifying a signed document based on zero knowledge proof, including:
the user encrypts and signs the application material in the transaction by using the first key, and the method specifically comprises the following steps: encrypting by using a first public key to obtain encrypted application materials, and signing the encrypted application materials by using a first private key to obtain signed application materials;
chaining signature result information and associating the chaining signature result information with the created transaction identifier, wherein the signature result information comprises the encrypted application material and the signed application material;
authenticating the digital certificate of the user by using a second key to generate authentication result information, and associating the chain of the authentication result information with the transaction identifier, wherein the second key pair is an asymmetric key;
the third party retrieves the corresponding transaction identification according to the document to be signed and extracts the corresponding authentication result information and the signature result information;
and verifying whether the authentication result information is the authentication result of the CA center by using the public key of the CA center, if so, acquiring the public key authenticated by the authentication result information, performing signature release on the application material of the signature by using the authenticated public key, comparing the signature with the encrypted application material, and signing the document if the comparison is passed.
Optionally, the method further comprises:
and the user generates a digital certificate for the digital certificate of the user in a zero knowledge certification mode and adds the digital certificate into the signature result information.
Optionally, the method further comprises:
the user applies for and obtains a digital certificate from a CA center, wherein the digital certificate is provided with an asymmetric key pair generated by binding the user with the CA center.
Optionally, the user encrypts and signs application material in the transaction by using the first key, including:
and when the service demand party requests to acquire resources based on the application material, the service provider user encrypts and signs the application material in the transaction by using the first key.
Optionally, the uplink of the signature result information includes:
performing a task to uplink the signature result information;
the uplink transmitting the authentication result information includes:
and executing a second task asynchronous with the first task to uplink the authentication result information.
Optionally, the executing a second task asynchronous to the first task includes:
the CA center performs a second task in response to an event that creates a transaction.
Optionally, the method further comprises:
and if the comparison fails, prompting that the corresponding basis of the document is wrong.
An embodiment of the present specification also provides an apparatus for verifying a signed document based on a zero-knowledge proof, including:
the trade cochain module, the user utilizes first key to encrypt and sign for the application material in the trade, specifically includes: encrypting by using a first public key to obtain encrypted application materials, and signing the encrypted application materials by using a first private key to obtain signed application materials;
chaining signature result information and associating the chaining signature result information with the created transaction identifier, wherein the signature result information comprises the encrypted application material and the signed application material;
the authentication module authenticates the digital certificate of the user by using a second key to generate authentication result information, associates the chain of the authentication result information with the transaction identifier, and uses the second key pair as an asymmetric key;
the document signing module is used for retrieving a corresponding transaction identifier according to a document to be signed by a third party and extracting corresponding authentication result information and signature result information;
and verifying whether the authentication result information is the authentication result of the CA center by using the public key of the CA center, if so, acquiring the public key authenticated by the authentication result information, performing signature release on the application material of the signature by using the authenticated public key, comparing the signature with the encrypted application material, and signing the document if the comparison is passed.
An embodiment of the present specification further provides an electronic device, where the electronic device includes:
a processor; and the number of the first and second groups,
a memory storing computer-executable instructions that, when executed, cause the processor to perform any of the methods described above.
The present specification also provides a computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement any of the above methods.
In various technical schemes provided by the embodiment of the specification, a user encrypts and signs an application material by using a first key pair, privacy is hidden to achieve the effect of zero knowledge chaining, the signing result information is linked with transactions, a second key pair is used for authenticating a digital certificate, the authentication result information is linked with the transactions, a third-party document retrieves corresponding transactions, the authentication result information and the signing result information are extracted, a public key of a CA center is used for verifying whether the authentication result information is the authentication result of the CA center, if yes, the authenticated public key is obtained to perform de-signing on the application material of the signature, and the application material of the signature is compared with the encrypted application material and signed if the comparison is passed. Because the chain of the authentication result information is associated with the transaction identification in advance, the document can be quickly retrieved and actively verified by self when being signed, the interaction time with a CA center is shortened, and the efficiency is improved by reducing the dependence on the CA on the premise of ensuring that the digital certificate used for the encrypted signature originates from the certificate of the user in the CA center.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
FIG. 1 is a schematic diagram illustrating a method for verifying a signed document based on a zero-knowledge proof according to an embodiment of the present disclosure;
FIG. 2 is a schematic structural diagram of an apparatus for verifying a signed document based on zero knowledge proof provided by an embodiment of the present specification;
fig. 3 is a schematic structural diagram of an electronic device provided in an embodiment of the present disclosure;
fig. 4 is a schematic diagram of a computer-readable medium provided in an embodiment of the present specification.
Detailed Description
The existing business logic is that the notarization application is a written document which is provided by citizens, legal people and illegal people groups to the national notarization organ to request the notarization organ to prove the authenticity and validity of legal behaviors and documents or facts with legal significance according to the legal procedure.
The certification material provided by the application should be detailed and comprehensive, so as to facilitate the examination by the public certificate authority. In contrast, the amount of proof material is excessive, the review process is also cumbersome and takes a lot of time to align and examine. The applicant signs the application material in a digital certificate mode, and sends the raw material and the signature result to a checking authority; the examining organization also needs to request a verification report of the signature from the issuing organization so as to judge the validity of the signature. This approach is highly dependent on the issuing authority (CA center), and is often inefficient due to the delay required by the issuing authority to issue the signed verification report.
Exemplary embodiments of the present invention will now be described more fully with reference to the accompanying drawings. The exemplary embodiments, however, may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these exemplary embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the invention to those skilled in the art. The same reference numerals denote the same or similar elements, components, or parts in the drawings, and thus their repetitive description will be omitted.
Features, structures, characteristics or other details described in a particular embodiment do not preclude the fact that the features, structures, characteristics or other details may be combined in a suitable manner in one or more other embodiments in accordance with the technical idea of the invention.
In describing particular embodiments, the present invention has been described with reference to features, structures, characteristics or other details that are within the purview of one skilled in the art to provide a thorough understanding of the embodiments. One skilled in the relevant art will recognize, however, that the invention may be practiced without one or more of the specific features, structures, characteristics, or other details.
The flow charts shown in the drawings are merely illustrative and do not necessarily include all of the contents and operations/steps, nor do they necessarily have to be performed in the order described. For example, some operations/steps may be decomposed, and some operations/steps may be combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
The block diagrams shown in the figures are functional entities only and do not necessarily correspond to physically separate entities. I.e. these functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor means and/or microcontroller means.
The term "and/or" and/or "includes all combinations of any one or more of the associated listed items.
Fig. 1 is a schematic diagram of a method for verifying a signed document based on zero-knowledge proof according to an embodiment of the present disclosure, where the method may include:
s101: the user encrypts and signs the application material in the transaction by using the first key, and the method specifically comprises the following steps: and encrypting by using the first public key to obtain encrypted application materials, and signing the encrypted application materials by using the first private key to obtain signed application materials.
In the embodiment of the present specification, we can construct a blockchain system in advance to implement the method shown in fig. 1, and the detailed construction process of the blockchain system is not described in detail here.
Privacy hiding is achieved by encrypting application material in the transaction.
In an embodiment of the present specification, the method may further include:
the user applies for and obtains a digital certificate from a CA center, wherein the digital certificate is provided with an asymmetric key pair generated by binding the user with the CA center.
Therefore, a user can encrypt and sign application materials in a transaction by using a digital certificate generated by a CA center, if the user really generates the application materials by using the CA center, a public key is acquired according to a public key address of the user, the signed application materials are signed, the obtained materials are the same as the encrypted application materials, and therefore, if the obtained materials are consistent after comparison, the materials corresponding to the subsequent documents really originate from the user, and if the obtained materials originate from the user, or the user signs the encrypted application materials by using a key generated by the user, the comparison is failed, so that the user is prompted to use a key pair granted by the CA center for the user, and the security and reliability are improved.
For ease of distinction, we will refer to the key pair that encrypts and signs the application material in the transaction as the first key pair.
The application material may have credit information and demand content information of the service demander.
In this embodiment, the encrypting and signing, by the user, the application material in the transaction by using the first key may include:
and when the service demand party requests to acquire resources based on the application material, the service provider user encrypts and signs the application material in the transaction by using the first key.
Where the resource may be a paid fund, upon a subsequent breach of the agreement by one party, the other party may request a state authority (such as a judicial authority or a notary authority) to sign a legally effective document.
S102: and linking the signature result information and the created transaction identifier, wherein the signature result information comprises the encrypted application material and the signed application material.
In an embodiment of the present specification, the method may further include:
and creating a transaction information storage space on the blockchain for storing the transaction identification.
In the embodiment of the present specification, the method may further include:
and the user generates a digital certificate for the digital certificate of the user in a zero knowledge certification mode and adds the digital certificate into the signature result information.
S103: and authenticating the digital certificate of the user by using a second key pair to generate authentication result information, and associating the chain of the authentication result information with the transaction identifier, wherein the second key pair is an asymmetric key.
For the sake of distinction, we will refer to the key pair authenticating the user's digital certificate as the second key pair, and need to have the CA center authenticate the user's digital certificate if the subsequent verification is to be passed.
Specifically, authenticating the digital certificate of the user by using the second key may include:
and the CA center signs the digital certificate of the user by using the private key of the CA center.
Specifically, the signing is performed on the digital certificate of the user, and the signing may be: and signing the public key of the user.
And judging whether the public key is really sent by the CA center for the user through signature adding of the CA center, and if so, acquiring the public key or a public key address from the authentication result information so as to continue verification.
In an embodiment of the present disclosure, the uplink of the signature result information may include:
performing a task to uplink the signature result information;
the uplink transmitting the authentication result information may include:
and executing a second task asynchronous with the first task to uplink the authentication result information.
In an embodiment of the present specification, the executing the second task asynchronous to the first task may include:
the CA center performs a second task in response to an event that creates a transaction.
In one scenario, the CA center chains the authentication result information of the digital certificate through an asynchronous task.
S104: and the third party retrieves the corresponding transaction identification according to the document to be signed and extracts the corresponding authentication result information and the signature result information.
In the embodiment of the specification, the third party can be a document signing demand party and can also be an intermediate party of document signing.
Specifically, the third party may be one of a notary institution and a judicial institution.
S105: and verifying whether the authentication result information is the authentication result of the CA center by using the public key of the CA center, if so, acquiring the public key authenticated by the authentication result information, performing signature release on the application material of the signature by using the authenticated public key, comparing the signature with the encrypted application material, and signing the document if the comparison is passed.
The method comprises the steps that a user encrypts and signs application materials by using a first secret key pair, privacy is hidden to achieve the effect of zero knowledge chaining, the chaining of signature result information is associated with transactions, the authentication of a digital certificate is performed by using a second secret key pair, the chaining of the authentication result information is associated with the transactions, third-party documents retrieve corresponding transactions, the authentication result information and signature result information are extracted, whether the authentication result information is the authentication result of a CA center is verified by using a public key of the CA center, if yes, the authenticated public key is obtained to perform de-signing on the application materials of the signatures, and if the authentication result information is passed, the documents are signed. Because the chain of the authentication result information is associated with the transaction identification in advance, the document can be quickly retrieved and actively verified by self when being signed, the interaction time with a CA center is shortened, and the efficiency is improved by reducing the dependence on the CA on the premise of ensuring that the digital certificate used for the encrypted signature originates from the certificate of the user in the CA center.
Wherein the document may be a notary application document.
In the embodiment of the present specification, the method may further include:
and if the comparison fails, prompting that the corresponding basis of the document is wrong.
The basis corresponding to the document can be the application material according to which the signing of the document is requested.
One application scenario may be where the borrower submits a loan application at the notary stage, where the notary organization verifies online the source of the material it provides, and if from the borrower himself, the material content is further reviewed.
One application scenario may be where a bank requests a court to sign a document, which is not specifically set forth herein.
Fig. 2 is a schematic structural diagram of an apparatus for verifying a signed document based on zero-knowledge proof according to an embodiment of the present specification, where the apparatus may include:
the uplink transaction module 201, where a user encrypts and signs application materials in a transaction by using a first key, specifically includes: encrypting by using a first public key to obtain encrypted application materials, and signing the encrypted application materials by using a first private key to obtain signed application materials;
chaining signature result information and associating the chaining signature result information with the created transaction identifier, wherein the signature result information comprises the encrypted application material and the signed application material;
the authentication module 202 authenticates the digital certificate of the user by using a second key pair, generates authentication result information, and associates the uplink of the authentication result information with the transaction identifier, where the second key pair is an asymmetric key;
the document signing module 203 is used for retrieving a corresponding transaction identifier according to a document to be signed and extracting corresponding authentication result information and signature result information by a third party;
and verifying whether the authentication result information is the authentication result of the CA center by using the public key of the CA center, if so, acquiring the public key authenticated by the authentication result information, performing signature release on the application material of the signature by using the authenticated public key, comparing the signature with the encrypted application material, and signing the document if the comparison is passed.
In the embodiment of the present disclosure, the uplink transaction module 201 is further configured to:
and the user generates a digital certificate for the digital certificate of the user in a zero knowledge certification mode and adds the digital certificate into the signature result information.
In this embodiment, the authentication module 202 is further configured to:
the user applies for and obtains a digital certificate from a CA center, wherein the digital certificate is provided with an asymmetric key pair generated by binding the user with the CA center.
In an embodiment of the present specification, the encrypting and signing, by the user, the application material in the transaction by using the first key includes:
and when the service demand party requests to acquire resources based on the application material, the service provider user encrypts and signs the application material in the transaction by using the first key.
In an embodiment of the present specification, the uplink of the signature result information includes:
performing a task to uplink the signature result information;
the uplink transmitting the authentication result information includes:
and executing a second task asynchronous with the first task to uplink the authentication result information.
In an embodiment of the present specification, the executing the second task asynchronous to the first task includes:
the CA center performs a second task in response to an event that creates a transaction.
In this embodiment, the document signing module 203 is further configured to:
and if the comparison fails, prompting that the corresponding basis of the document is wrong.
The device encrypts and signs the application material by a user through a first key pair, hides privacy to achieve the effect of zero knowledge chaining, associates the signing result information chaining with transaction, authenticates a digital certificate through a second key pair, associates the authenticating result information chaining with the transaction, retrieves the corresponding transaction by a third party document, extracts the authenticating result information and the signing result information, verifies whether the authenticating result information is the authenticating result of a CA center by using a public key of the CA center, acquires the authenticated public key if the authenticating result information is the authenticating result of the CA center, de-signs the application material of the signature, compares the obtained public key with the encrypted application material, and signs the document if the comparison is passed. Because the chain of the authentication result information is associated with the transaction identification in advance, the document can be quickly retrieved and actively verified by self when being signed, the interaction time with a CA center is shortened, and the efficiency is improved by reducing the dependence on the CA on the premise of ensuring that the digital certificate used for the encrypted signature originates from the certificate of the user in the CA center.
Based on the same inventive concept, the embodiment of the specification further provides the electronic equipment.
In the following, embodiments of the electronic device of the present invention are described, which may be regarded as specific physical implementations for the above-described embodiments of the method and apparatus of the present invention. Details described in the embodiments of the electronic device of the invention should be considered supplementary to the embodiments of the method or apparatus described above; for details which are not disclosed in embodiments of the electronic device of the invention, reference may be made to the above-described embodiments of the method or the apparatus.
Fig. 3 is a schematic structural diagram of an electronic device provided in an embodiment of the present disclosure. An electronic device 300 according to this embodiment of the invention is described below with reference to fig. 3. The electronic device 300 shown in fig. 3 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.
As shown in fig. 3, electronic device 300 is embodied in the form of a general purpose computing device. The components of electronic device 300 may include, but are not limited to: at least one processing unit 310, at least one memory unit 320, a bus 330 connecting the various system components (including the memory unit 320 and the processing unit 310), a display unit 340, and the like.
Wherein the storage unit stores program code executable by the processing unit 310 to cause the processing unit 310 to perform the steps according to various exemplary embodiments of the present invention described in the above-mentioned processing method section of the present specification. For example, the processing unit 310 may perform the steps as shown in fig. 1.
The storage unit 320 may include readable media in the form of volatile storage units, such as a random access memory unit (RAM)3201 and/or a cache storage unit 3202, and may further include a read only memory unit (ROM) 3203.
The storage unit 320 may also include a program/utility 3204 having a set (at least one) of program modules 3205, such program modules 3205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.
The electronic device 300 may also communicate with one or more external devices 400 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 300, and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 300 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 350. Also, the electronic device 300 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) via the network adapter 360. Network adapter 360 may communicate with other modules of electronic device 300 via bus 330. It should be appreciated that although not shown in FIG. 3, other hardware and/or software modules may be used in conjunction with electronic device 300, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments of the present invention described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiment of the present invention can be embodied in the form of a software product, which can be stored in a computer-readable storage medium (which can be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to make a computing device (which can be a personal computer, a server, or a network device, etc.) execute the above-mentioned method according to the present invention. The computer program, when executed by a data processing apparatus, enables the computer readable medium to implement the above-described method of the invention, namely: such as the method shown in fig. 1.
Fig. 4 is a schematic diagram of a computer-readable medium provided in an embodiment of the present specification.
A computer program implementing the method shown in fig. 1 may be stored on one or more computer readable media. The computer readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
The computer readable storage medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable storage medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).
In summary, the invention may be implemented in hardware, or in software modules running on one or more processors, or in a combination thereof. Those skilled in the art will appreciate that some or all of the functionality of some or all of the components in embodiments in accordance with the invention may be implemented in practice using a general purpose data processing device such as a microprocessor or a Digital Signal Processor (DSP). The present invention may also be embodied as apparatus or device programs (e.g., computer programs and computer program products) for performing a portion or all of the methods described herein. Such programs implementing the present invention may be stored on computer-readable media or may be in the form of one or more signals. Such a signal may be downloaded from an internet website or provided on a carrier signal or in any other form.
While the foregoing embodiments have described the objects, aspects and advantages of the present invention in further detail, it should be understood that the present invention is not inherently related to any particular computer, virtual machine or electronic device, and various general-purpose machines may be used to implement the present invention. The invention is not to be considered as limited to the specific embodiments thereof, but is to be understood as being modified in all respects, all changes and equivalents that come within the spirit and scope of the invention.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A method for verifying a signed document based on a zero-knowledge proof, comprising:
the user encrypts and signs the application material in the transaction by using the first key, and the method specifically comprises the following steps: encrypting by using a first public key to obtain encrypted application materials, and signing the encrypted application materials by using a first private key to obtain signed application materials;
chaining signature result information and associating the chaining signature result information with the created transaction identifier, wherein the signature result information comprises the encrypted application material and the signed application material;
authenticating the digital certificate of the user by using a second key to generate authentication result information, and associating the chain of the authentication result information with the transaction identifier, wherein the second key pair is an asymmetric key;
the third party retrieves the corresponding transaction identification according to the document to be signed and extracts the corresponding authentication result information and the signature result information;
and verifying whether the authentication result information is the authentication result of the CA center by using the public key of the CA center, if so, acquiring the public key authenticated by the authentication result information, performing signature release on the application material of the signature by using the authenticated public key, comparing the signature with the encrypted application material, and signing the document if the comparison is passed.
2. The method of claim 1, further comprising:
and the user generates a digital certificate for the digital certificate of the user in a zero knowledge certification mode and adds the digital certificate into the signature result information.
3. The method of claim 1, further comprising:
the user applies for and obtains a digital certificate from a CA center, wherein the digital certificate is provided with an asymmetric key pair generated by binding the user with the CA center.
4. The method of claim 1, wherein the user encrypts and signs application material for the transaction with a first key, comprising:
and when the service demand party requests to acquire resources based on the application material, the service provider user encrypts and signs the application material in the transaction by using the first key.
5. The method of claim 1, wherein the uplinking the signature result information comprises:
performing a task to uplink the signature result information;
the uplink transmitting the authentication result information includes:
and executing a second task asynchronous with the first task to uplink the authentication result information.
6. The method of claim 5, wherein the executing the second task asynchronous to the first task comprises:
the CA center performs a second task in response to an event that creates a transaction.
7. The method of claim 1, further comprising:
and if the comparison fails, prompting that the corresponding basis of the document is wrong.
8. An apparatus for verifying a signed document based on a zero-knowledge proof, comprising:
the trade cochain module, the user utilizes first key to encrypt and sign for the application material in the trade, specifically includes: encrypting by using a first public key to obtain encrypted application materials, and signing the encrypted application materials by using a first private key to obtain signed application materials;
chaining signature result information and associating the chaining signature result information with the created transaction identifier, wherein the signature result information comprises the encrypted application material and the signed application material;
the authentication module authenticates the digital certificate of the user by using a second key to generate authentication result information, associates the chain of the authentication result information with the transaction identifier, and uses the second key pair as an asymmetric key;
the document signing module is used for retrieving a corresponding transaction identifier according to a document to be signed by a third party and extracting corresponding authentication result information and signature result information;
and verifying whether the authentication result information is the authentication result of the CA center by using the public key of the CA center, if so, acquiring the public key authenticated by the authentication result information, performing signature release on the application material of the signature by using the authenticated public key, comparing the signature with the encrypted application material, and signing the document if the comparison is passed.
9. An electronic device, wherein the electronic device comprises:
a processor; and the number of the first and second groups,
a memory storing computer-executable instructions that, when executed, cause the processor to perform the method of any of claims 1-7.
10. A computer readable storage medium, wherein the computer readable storage medium stores one or more programs which, when executed by a processor, implement the method of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011269401.9A CN112381540A (en) | 2020-11-13 | 2020-11-13 | Method and device for verifying signed document based on zero-knowledge proof and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011269401.9A CN112381540A (en) | 2020-11-13 | 2020-11-13 | Method and device for verifying signed document based on zero-knowledge proof and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112381540A true CN112381540A (en) | 2021-02-19 |
Family
ID=74582203
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011269401.9A Pending CN112381540A (en) | 2020-11-13 | 2020-11-13 | Method and device for verifying signed document based on zero-knowledge proof and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112381540A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113221133A (en) * | 2021-04-09 | 2021-08-06 | 联想(北京)有限公司 | Data transmission method and device |
| US20210344504A1 (en) * | 2018-12-31 | 2021-11-04 | Lleidanetworks Serveis Telemàtics, S.A. | Universal certified and qualified contracting method |
| CN114338164A (en) * | 2021-12-29 | 2022-04-12 | 支付宝(杭州)信息技术有限公司 | Anonymous security comparison method and system |
| CN115150126A (en) * | 2022-05-24 | 2022-10-04 | 从法信息科技有限公司 | Legal service remote processing method and device and electronic equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090077383A1 (en) * | 2007-08-06 | 2009-03-19 | De Monseignat Bernard | System and method for authentication, data transfer, and protection against phishing |
| CN107086920A (en) * | 2017-06-20 | 2017-08-22 | 无锡井通网络科技有限公司 | Copyright based on block chain really weighs method |
| CN109003083A (en) * | 2018-07-27 | 2018-12-14 | 山东渔翁信息技术股份有限公司 | A kind of ca authentication method, apparatus and electronic equipment based on block chain |
| CN109003081A (en) * | 2018-07-13 | 2018-12-14 | 北京创世智链信息技术研究院 | A kind of method of commerce and system based on block chain |
| CN110457942A (en) * | 2018-12-07 | 2019-11-15 | 深圳市智税链科技有限公司 | To the signature verification method, service node and medium of uplink data block |
-
2020
- 2020-11-13 CN CN202011269401.9A patent/CN112381540A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20090077383A1 (en) * | 2007-08-06 | 2009-03-19 | De Monseignat Bernard | System and method for authentication, data transfer, and protection against phishing |
| CN107086920A (en) * | 2017-06-20 | 2017-08-22 | 无锡井通网络科技有限公司 | Copyright based on block chain really weighs method |
| CN109003081A (en) * | 2018-07-13 | 2018-12-14 | 北京创世智链信息技术研究院 | A kind of method of commerce and system based on block chain |
| CN109003083A (en) * | 2018-07-27 | 2018-12-14 | 山东渔翁信息技术股份有限公司 | A kind of ca authentication method, apparatus and electronic equipment based on block chain |
| CN110457942A (en) * | 2018-12-07 | 2019-11-15 | 深圳市智税链科技有限公司 | To the signature verification method, service node and medium of uplink data block |
Non-Patent Citations (2)
| Title |
|---|
| 宋世昕: "基于区块链和IPFS的去中心化电子存证系统的研究与实", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》 * |
| 李响: "省级电力企业电子化招投标加解密流程优化研究", 《企业改革与管理》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20210344504A1 (en) * | 2018-12-31 | 2021-11-04 | Lleidanetworks Serveis Telemàtics, S.A. | Universal certified and qualified contracting method |
| CN113221133A (en) * | 2021-04-09 | 2021-08-06 | 联想(北京)有限公司 | Data transmission method and device |
| CN114338164A (en) * | 2021-12-29 | 2022-04-12 | 支付宝(杭州)信息技术有限公司 | Anonymous security comparison method and system |
| CN114338164B (en) * | 2021-12-29 | 2024-04-30 | 支付宝(杭州)信息技术有限公司 | Anonymous security comparison method and system |
| CN115150126A (en) * | 2022-05-24 | 2022-10-04 | 从法信息科技有限公司 | Legal service remote processing method and device and electronic equipment |
| CN115150126B (en) * | 2022-05-24 | 2024-04-19 | 从法信息科技有限公司 | Legal service remote processing method and device and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112292682B (en) | Decentralized document and entity verification engine | |
| CN108765240B (en) | Block chain-based inter-institution customer verification method, transaction supervision method and device | |
| CN112381540A (en) | Method and device for verifying signed document based on zero-knowledge proof and electronic equipment | |
| US11917074B2 (en) | Electronic signature authentication system based on biometric information and electronic signature authentication method | |
| CN109067539B (en) | Alliance chain transaction method, alliance chain transaction equipment and computer readable storage medium | |
| CN109598663B (en) | Method and device for providing and acquiring safety identity information | |
| CN110677376B (en) | Authentication method, related device and system and computer readable storage medium | |
| CN111460525B (en) | Block chain-based data processing method, device and storage medium | |
| TW201002012A (en) | Techniques for ensuring authentication and integrity of communications | |
| US20110289318A1 (en) | System and Method for Online Digital Signature and Verification | |
| CN111931158A (en) | Bidirectional authentication method, terminal and server | |
| CN105635070B (en) | Anti-counterfeiting method and system for digital file | |
| CN111160909B (en) | Hidden static supervision system and method for blockchain supply chain transaction | |
| CN105162607A (en) | Authentication method and system of payment bill voucher | |
| CN109858911A (en) | Qualification verification method, device, system, equipment and readable storage medium storing program for executing | |
| CN111832005B (en) | Application authorization method, application authorization device and electronic equipment | |
| CN114172663B (en) | Business right determining method and device based on block chain, storage medium and electronic equipment | |
| CN111881483A (en) | Resource account binding method, device, equipment and medium based on block chain | |
| CN113610526A (en) | Data trust method and device, electronic equipment and storage medium | |
| CN111476652A (en) | Data processing method and device based on block chain, terminal and storage medium | |
| WO2021114495A1 (en) | Supply chain transaction privacy protection system and method based on blockchain, and related device | |
| CN113783690B (en) | Authentication-based bidding method and device | |
| CN117035890B (en) | Transaction security method, device, system, medium and equipment of electronic invoice | |
| CN108650214B (en) | Dynamic page encryption anti-unauthorized method and device | |
| US11451403B2 (en) | Verification method, information processing device, and non-transitory computer-readable storage medium for storing verification program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |