Password-free authentication method and system based on blockchain, terminal and storage medium

An authentication system and authentication method technology, applied in transmission systems, digital transmission systems, user identity/authority verification, etc., can solve problems such as encryption method leakage, appkey and public key leakage, data leakage, etc., to improve security and avoid Easy to leak and logically coupled to reduce the effect of unavailability

Active Publication Date: 2021-03-30
GUANGDONG GUANGYU SCI & TECH DEV
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] (1) The secret-free authentication system based on public and private keys needs to inform the third-party system of the content of the appkey and public key. The third-party system stores the appkey and public key in the code or database. If the third-party system is attacked by hackers, the If the appkey and public key are leaked, there will be a risk of data leakage
[0005] (2) Due to the need to implement the agreed encryption method, if the encryption method is leaked due to third-party business personnel leaking secrets, it is easy to cause other unauthorized personnel to call the authentication interface by imitating the data encryption method, which will affect the business system and Losses caused by third-party systems
[0006] (3) During the authentication process, if the appkey and public key are leaked, the encryption method is exposed, etc., it will cause the attacker to call the interface by disguising the implementation method and data. When this problem occurs, the password-free authentication system cannot Verify the legitimacy of the identity of the attacker
[0007] (4) The password-free authentication system is generally deployed on the same server as the business system that provides data in the rear. If the server is unavailable, the password-free authentication cannot provide external services, which may easily lead to business failures between the service provider and the third-party system. loss

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Password-free authentication method and system based on blockchain, terminal and storage medium
  • Password-free authentication method and system based on blockchain, terminal and storage medium
  • Password-free authentication method and system based on blockchain, terminal and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0059] The secret-free authentication method based on block chain of the present invention comprises:

[0060] Establish a password-free authentication system, divide the password-free authentication system into functional modules and deploy them on DApps on the public chain platform. Since the security of Ethereum is higher than the fault tolerance and easy recovery of privatized deployment, the present invention uses Ethereum as a public chain platform.

[0061] like figure 2 As shown, when the third-party system sends transmission data one to the back-end business:

[0062] (1) The third-party system uses the blockchain hash SHA-256 algorithm to encrypt the transmitted data; the third-party system performs a complete legality check on the encrypted transmitted data, and uses the hash algorithm to generate a 256-bit hash value, and send the hash value and encrypted transmission data to the password-free authentication system.

[0063] (2) The password-free authentication...

Embodiment 2

[0073] In order to implement the blockchain-based password-free authentication method described in Embodiment 1, this embodiment provides a blockchain-based password-free authentication system, which includes:

[0074] The data receiving module DApp is used to receive the encrypted transmission data of the third-party system, and identify the third-party system through the white list to determine whether the third-party system is a legitimate user; The system encrypts and transmits data for legality verification.

[0075] The core logic module DApp is used to decrypt the legally encrypted transmitted data 1, and obtain the decrypted transmitted data 1; the password-free authentication system verifies the legality of the decrypted transmitted data 1.

[0076] The data output module DApp is used to transmit the legally decrypted transmission data 1 to the back-end business system; and is used to receive and encrypt the transmission data 2 of the back-end business system, and sen...

Embodiment 3

[0079] In this embodiment, a password-free authentication terminal includes a processor and a memory for storing executable programs of the processor, and is characterized in that it implements the blockchain-based password-free authentication method described in Embodiment 1.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a password-free authentication method and system based on a block chain, a terminal and a storage medium. Theauthentication method comprises the steps: building a password-freeauthentication system, dividing the password-free authentication system into function modules, and respectively deploying the function modules to a DApp of a public chain platform; when the third-party system sends the first transmission data to the back-end service, receiving the encrypted first transmission data of the third-party system, and judging whether the third-party system is a legal user or not; performing validity verification on the encrypted transmission data I; decrypting the legal encrypted transmission data I; performing validity verification on the decrypted transmission dataI; transmitting the legal decrypted transmission data I to a back-end service system; and when the back-end service system returns the second transmission data to the third-party system, sending theencrypted second transmission data and callback data to the third-party system. According to the invention, the problems of easy leakage and logic coupling of an encryption mode in a password-free authentication technology can be avoided, so that the security, availability and flexibility of the password-free authentication technology are improved.

Description

technical field [0001] The present invention relates to the technical field of block chain, and more specifically, relates to a block chain-based password-free authentication method, system, terminal and storage medium. Background technique [0002] Existing third-party password-free authentication systems are generally used for business systems where the system platform opens some data interfaces or pages to third-party access parties and needs to authenticate the identity of the access party. Usually, password-free authentication requires the first The third party provides reliable authentication information to verify its identity. [0003] In the current secret-free authentication system based on public-private key technology, it is necessary to inform the third-party system of parameters such as appkey and private key in advance, and to implement the agreed encryption process and encryption method, and to transmit the encrypted content to the salesman system In , the bu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/32
CPCH04L9/3236H04L9/3239H04L9/50
Inventor 植挺生陈建生庄广壬庾浩谦刘勇冼永乐文青
Owner GUANGDONG GUANGYU SCI & TECH DEV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products