Data processing method, user terminal, service platform, trusted hardware and system
By generating random number seeds on the user end and using trusted hardware signatures, the problem of random numbers being easily predicted and manipulated is solved, thus ensuring the fairness and security of random numbers.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- SHANGHAI ENCRYPTION TECH CO LTD
- Filing Date
- 2023-04-12
- Publication Date
- 2026-06-09
AI Technical Summary
Existing random number generation methods are easily predictable and their results can be manipulated by the platform, resulting in insufficient fairness in random number generation.
The user generates a random number seed and sends it to the service platform. A digital signature is generated using a private key through trusted hardware. The service platform or trusted hardware generates a random number based on the signature and stores the relevant data in the blockchain to ensure the security and fairness of the random number.
This ensures the fairness and security of random number generation, avoids the platform's global control over the random number generation process and collusion between users and the platform, and ensures that random numbers are unpredictable.
Smart Images

Figure CN116366261B_ABST
Abstract
Description
Technical Field
[0001] The embodiments of the present invention relate to the field of data processing technology, specifically to a data processing method, a user terminal, a service platform, trusted hardware, and a system. Background Technology
[0002] With the continuous development of technology and society, the emergence of various internet services has greatly enriched people's work and life. Among them, some internet services rely on the generation of random numbers in the process of providing services. For example, some welfare lottery services need to generate random numbers to realize the lottery of user benefits, and so on.
[0003] Currently, a common method for generating random numbers is for the service platform to generate random numbers using a corresponding random number function. However, random numbers generated in this way can be predicted, and the results are easily manipulated by platform personnel, resulting in insufficient fairness. Summary of the Invention
[0004] In view of the technical problems in the prior art, such as the predictability of random numbers and the ease with which random number results can be manipulated by the platform, embodiments of the present invention are proposed to provide a data processing method, user terminal, service platform, trusted hardware and system that overcomes or at least partially solves the above problems.
[0005] According to a first aspect of the present invention, a data processing method is provided, the method comprising:
[0006] The user generates a random number seed and sends the random number seed to the service platform;
[0007] The service platform transmits the random number seed to trusted hardware;
[0008] The trusted hardware uses a private key derived from the trusted hardware to sign the random number seed to obtain a digital signature corresponding to the random number seed.
[0009] The trusted hardware or the service platform generates a random number based on the digital signature.
[0010] In one optional implementation, generating a random number seed further includes: obtaining user-inputted custom data and generating a random number seed based on the custom data.
[0011] In one optional implementation, generating a random number seed further includes: obtaining custom data input by the user and obtaining the number of times the random number seed has been generated by the user terminal.
[0012] A random number seed is generated based on the custom data and the number of attempts.
[0013] In one optional implementation, generating a random number seed further includes: obtaining custom data input by the user, obtaining the number of times the random number seed has been generated by the user terminal, and obtaining the corresponding identification information of the user terminal;
[0014] A random number seed is generated based on the custom data, the number of times, and the identification information.
[0015] In one optional implementation, after sending the random number seed to the service platform, the method further includes: the service platform verifying the generation method of the random number seed;
[0016] The service platform then transmits the random number seed to the trusted hardware, which further includes the service platform transmitting the random number seed whose generation method has been verified to be valid to the trusted hardware.
[0017] In an optional implementation, after sending the random number seed to the service platform, the method further includes: the service platform performing a uniqueness verification on the random number seed;
[0018] The service platform then transmits the random number seed to the trusted hardware, which further includes the service platform transmitting the random number seed that has passed the uniqueness verification to the trusted hardware.
[0019] In an optional implementation, generating a random number based on the digital signature further includes:
[0020] The random number is obtained by performing a hash operation on the digital signature.
[0021] In one optional implementation, after the user terminal generates a random number seed, the method further includes: the user terminal encrypts the random number seed using the public key corresponding to the private key derived from the trusted hardware to obtain an encrypted random number seed;
[0022] Sending the random number seed to the service platform further includes: sending the encrypted random number seed to the service platform;
[0023] The service platform transmitting the random number seed into the trusted hardware further includes: the service platform transmitting the encrypted random number seed into the trusted hardware;
[0024] Before the trusted hardware signs the random number seed using the private key derived from the trusted hardware to obtain the digital signature corresponding to the random number seed, the method further includes: the trusted hardware decrypts the encrypted random number seed using the private key derived from the trusted hardware to restore the random number seed.
[0025] In one alternative implementation, after generating the random number, the method further includes:
[0026] The service platform stores the random number seed, the digital signature, the random number, and / or the public key corresponding to the private key in the blockchain;
[0027] The user terminal initiates a random number verification request; wherein, the random number verification request carries a random number;
[0028] The blockchain searches for stored information that matches the random number in the random number verification request, and uses the stored information to verify the random number in the random number verification request.
[0029] In one optional implementation, the matched storage information includes a digital signature and the public key corresponding to the private key;
[0030] The step of using the stored information to verify the random number in the random number verification request further includes: using the public key to perform signature verification on the digital signature, and obtaining the random number verification result based on the signature verification result.
[0031] In one alternative implementation, the matched stored information includes a digital signature;
[0032] The step of using the stored information to verify the random number in the random number verification request further includes: performing a hash operation on the digital signature to obtain a hash operation result value, comparing the hash operation result value with the random number in the random number verification request, and obtaining a random number verification result based on the comparison result.
[0033] According to a second aspect of the present invention, a data processing method is provided, the method being executed on a user terminal side, the method comprising:
[0034] Generate a random number seed;
[0035] The random number seed is sent to the service platform, which then transmits it to trusted hardware. The trusted hardware uses a private key derived from the trusted hardware to sign the random number seed to obtain a digital signature corresponding to the random number seed. The trusted hardware or the service platform then generates a random number based on the digital signature.
[0036] In one optional implementation, generating a random number seed further includes: obtaining user-inputted custom data and generating a random number seed based on the custom data.
[0037] In one optional implementation, generating a random number seed further includes: obtaining custom data input by the user and obtaining the number of times the random number seed has been generated by the user terminal.
[0038] A random number seed is generated based on the custom data and the number of attempts.
[0039] In an optional implementation, the generation of the random number seed further includes:
[0040] Get custom data input by the user, get the number of times the random number seed has been generated on the user's end, and get the corresponding identification information on the user's end;
[0041] A random number seed is generated based on the custom data, the number of times, and the identification information.
[0042] In an optional implementation, the method further includes: encrypting the random number seed using the public key corresponding to the private key derived in the trusted hardware to obtain an encrypted random number seed;
[0043] The step of sending the random number seed to the service platform further includes: sending the encrypted random number seed to the service platform.
[0044] In an optional implementation, the method further includes: initiating a random number verification request, wherein the random number verification request carries a random number for verification of the random number in the random number verification request.
[0045] According to a third aspect of the present invention, a data processing method is provided, the method being executed on a service platform side, the method comprising:
[0046] Receive the random number seed generated by the user client;
[0047] The random number seed is passed into trusted hardware so that the trusted hardware can use the private key derived in the trusted hardware to sign the random number seed and obtain the digital signature corresponding to the random number seed.
[0048] Random numbers are generated based on the digital signature.
[0049] In one optional implementation, the method further includes: verifying the generation method of the random number seed;
[0050] The step of transmitting the random number seed into the trusted hardware further includes: transmitting the random number seed whose generation method has been verified into the trusted hardware.
[0051] In one optional implementation, the method further includes: performing a uniqueness check on the random number seed;
[0052] The step of transmitting the random number seed into the trusted hardware further includes: transmitting the random number seed that has passed the uniqueness verification into the trusted hardware.
[0053] In an optional implementation, generating a random number based on the digital signature further includes:
[0054] The random number is obtained by performing a hash operation on the digital signature.
[0055] In an optional implementation, the method further includes storing the random number seed, the digital signature, the random number, and / or the public key corresponding to the private key in a blockchain.
[0056] According to a fourth aspect of the present invention, a data processing method is provided, the method being executed on a trusted hardware side, the method comprising:
[0057] The random number seed is received from the service platform; wherein the random number seed is generated by the user terminal.
[0058] The random number seed is signed using a private key derived from the trusted hardware to obtain a digital signature corresponding to the random number seed.
[0059] Random numbers are generated based on the digital signature.
[0060] In an optional implementation, generating a random number based on the digital signature further includes:
[0061] The random number is obtained by performing a hash operation on the digital signature.
[0062] In one optional implementation, before obtaining the digital signature corresponding to the random number seed by signing the random number seed using the private key derived from the trusted hardware, the method further includes: decrypting the encrypted random number seed using the private key derived from the trusted hardware to restore the random number seed.
[0063] According to a fifth aspect of the present invention, a data processing system is provided, the system comprising:
[0064] The user terminal is used to generate a random number seed and send the random number seed to the service platform;
[0065] A service platform is used to transmit the random number seed into trusted hardware;
[0066] Trusted hardware is used to sign the random number seed using a private key derived from the trusted hardware to obtain a digital signature corresponding to the random number seed.
[0067] The service platform or trusted hardware generates a random number based on the digital signature.
[0068] In one alternative implementation, the user terminal is used to: obtain custom data input by the user, and generate a random number seed based on the custom data.
[0069] In one optional implementation, the user terminal is used to: obtain custom data input by the user and obtain the number of times the random number seed currently generated by the user terminal has been obtained;
[0070] A random number seed is generated based on the custom data and the number of attempts.
[0071] In one optional implementation, the user terminal is used to: obtain custom data input by the user, obtain the number of times the random number seed currently generated by the user terminal has been obtained, and obtain the corresponding identification information of the user terminal;
[0072] A random number seed is generated based on the custom data, the number of times, and the identification information.
[0073] In one optional implementation, the service platform is used to: verify the generation method of the random number seed, and transmit the random number seed that has passed the generation method verification to trusted hardware.
[0074] In one optional implementation, the service platform is used to: perform uniqueness verification on the random number seed, and transmit the random number seed that passes the uniqueness verification to trusted hardware.
[0075] In one alternative implementation, the service platform or trusted hardware is used to: obtain the random number by performing a hash operation on the digital signature.
[0076] In one optional implementation, the user terminal is used to: encrypt the random number seed using the public key corresponding to the private key derived in the trusted hardware to obtain an encrypted random number seed, and then send the encrypted random number seed to the service platform.
[0077] The service platform is used to: transmit the encrypted random number seed into trusted hardware;
[0078] The trusted hardware is used to: decrypt the encrypted random number seed using a private key derived from the trusted hardware and then restore the random number seed.
[0079] In one optional implementation, the service platform is used to: store the random number seed, the digital signature, the random number, and / or the public key corresponding to the private key in the blockchain;
[0080] The user terminal is used to: initiate a random number verification request; wherein the random number verification request carries a random number;
[0081] The system also includes a blockchain for finding stored information that matches the random number in the random number verification request, and using the stored information to verify the random number in the random number verification request.
[0082] In one optional implementation, the matched storage information includes a digital signature and the public key corresponding to the private key;
[0083] The blockchain is then used to: verify the digital signature using the public key, and obtain a random number verification result based on the signature verification result.
[0084] In one alternative implementation, the matched stored information includes a digital signature;
[0085] The blockchain is used to: perform a hash operation on the digital signature to obtain a hash result value, compare the hash result value with the random number in the random number verification request, and obtain a random number verification result based on the comparison result.
[0086] According to a sixth aspect of the present invention, a user terminal is provided, the user terminal comprising:
[0087] The generation module is used to generate random number seeds;
[0088] The sending module is used to send the random number seed to the service platform, so that the service platform can pass the random number seed into the trusted hardware, and the trusted hardware can sign the random number seed using the private key derived in the trusted hardware to obtain the digital signature corresponding to the random number seed, and the trusted hardware or the service platform can generate a random number based on the digital signature.
[0089] In one alternative implementation, the generation module is used to: obtain custom data input by the user, and generate a random number seed based on the custom data.
[0090] In one optional implementation, the generation module is used to: obtain custom data input by the user and obtain the number of times the random number seed has been generated by the user terminal;
[0091] A random number seed is generated based on the custom data and the number of attempts.
[0092] In one optional implementation, the generation module is used to: obtain custom data input by the user, obtain the number of times the random number seed has been generated by the user terminal, and obtain the corresponding identification information of the user terminal;
[0093] A random number seed is generated based on the custom data, the number of times, and the identification information.
[0094] In one optional implementation, the user terminal further includes: an encryption module, used to encrypt the random number seed using the public key corresponding to the private key derived in the trusted hardware to obtain an encrypted random number seed;
[0095] The sending module is used to send the encrypted random number seed to the service platform.
[0096] In one optional implementation, the sending module is configured to: initiate a random number verification request, wherein the random number verification request carries a random number for verification of the random number in the random number verification request.
[0097] According to a seventh aspect of the present invention, a service platform is provided, the service platform comprising:
[0098] The receiving module is used to receive the random number seed generated by the user terminal;
[0099] The input module is used to input the random number seed into the trusted hardware, so that the trusted hardware can use the private key derived in the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed.
[0100] A generation module is used to generate random numbers based on the digital signature.
[0101] In one optional implementation, the service platform further includes: a verification module for verifying the generation method of the random number seed;
[0102] The input module is used to input the random number seed that has passed the generation method verification into the trusted hardware.
[0103] In one optional implementation, the service platform further includes: a verification module for verifying the uniqueness of the random number seed;
[0104] The input module is used to input the random number seed that has passed the uniqueness verification into the trusted hardware.
[0105] In one optional implementation, the generation module is used to: perform a hash operation on the digital signature to obtain the random number.
[0106] In one optional implementation, the service platform further includes a storage module for storing the random number seed, the digital signature, the random number, and / or the public key corresponding to the private key in the blockchain.
[0107] According to an eighth aspect of the present invention, trusted hardware is provided, the trusted hardware comprising:
[0108] A receiving module is used to receive a random number seed transmitted from the service platform; wherein the random number seed is generated by the user terminal.
[0109] The signature module is used to sign the random number seed using a private key derived from the trusted hardware to obtain a digital signature corresponding to the random number seed.
[0110] A generation module is used to generate random numbers based on the digital signature.
[0111] In one optional implementation, the generation module is used to: perform a hash operation on the digital signature to obtain the random number.
[0112] In one optional implementation, the trusted hardware further includes a decryption module, configured to decrypt the encrypted random number seed using a private key derived from the trusted hardware and then restore the random number seed.
[0113] According to a ninth aspect of the present invention, a computing device is provided, comprising: a processor, a memory, a communication interface, and a communication bus, wherein the processor, the memory, and the communication interface communicate with each other via the communication bus;
[0114] The memory is used to store at least one executable instruction, which causes the processor to perform operations corresponding to the data processing method described above.
[0115] According to a tenth aspect of the present invention, a computer storage medium is provided, the storage medium storing at least one executable instruction, the executable instruction causing a processor to perform the operation corresponding to the above-described data processing method.
[0116] In this embodiment of the invention, the user provides a random seed. This avoids the platform's control over the entire random number generation process, ensuring the fairness of random number generation. Furthermore, it allows the user to verify the random number based on the seed. The trusted hardware uses a private key to sign the random seed, obtaining a digital signature. Random numbers are then generated based on this digital signature, ensuring the security of the random numbers. This prevents the platform from globally controlling the random number generation process and avoids collusion between the user and the platform, ensuring the fairness of random number generation. Additionally, the random numbers cannot be predicted by the user or the service platform, guaranteeing their unpredictability.
[0117] This invention obtains user-inputted custom data and generates a random number seed based on the custom data, thereby ensuring that the platform cannot predict the random number seed.
[0118] In this embodiment of the invention, a random number seed is generated based on custom data and the number of times the random number seed has been generated on the user's end. This further ensures the uniqueness of the random number seed while ensuring that the platform cannot predict the random number seed.
[0119] In this embodiment of the invention, a random number seed is generated based on custom data, the number of times the random number seed has been generated on the user terminal, and identification information, thereby further ensuring the uniqueness of the random number seed.
[0120] In this embodiment of the invention, the service platform verifies the generation method of the random number seed and transmits the random number seed that passes the verification to trusted hardware, thereby ensuring the uniqueness of the generated random numbers. The service platform in this embodiment of the invention performs a uniqueness verification on the random number seed to ensure the uniqueness of the generated random numbers.
[0121] In this embodiment of the invention, a random number is obtained by performing a hash operation on the digital signature, thereby improving the uniformity of the generated random number.
[0122] In this embodiment of the invention, the user terminal uses the public key corresponding to the private key derived in the trusted hardware to encrypt the random number seed to obtain an encrypted random number seed. The trusted hardware uses the private key derived in the trusted hardware to decrypt the encrypted random number seed and restore the random number seed, thereby preventing tampering with the random number seed.
[0123] In this embodiment of the invention, the service platform stores the random number seed, digital signature, random number, and / or the public key corresponding to the private key in the blockchain, which ensures the security of random number-related data and facilitates the improvement of the accuracy of random number verification.
[0124] This invention utilizes a public key to verify digital signatures, obtains a random number verification result based on the signature verification result, thereby determining whether the digital signature was generated by trusted hardware; and performs a hash operation on the digital signature to obtain a hash operation result value, compares the hash operation result value with the random number in the random number verification request, and obtains a random number verification result based on the comparison result, thereby detecting whether tampering has occurred during the process of converting the data signature into a random number.
[0125] The above description is merely an overview of the technical solutions of the embodiments of the present invention. In order to better understand the technical means of the embodiments of the present invention and to implement them in accordance with the contents of the specification, and to make the above and other objects, features and advantages of the embodiments of the present invention more obvious and understandable, specific implementation methods of the embodiments of the present invention are described below. Attached Figure Description
[0126] Various other advantages and benefits will become apparent to those skilled in the art upon reading the following detailed description of preferred embodiments. The accompanying drawings are for illustrative purposes only and are not intended to limit the scope of the invention. Furthermore, the same reference numerals denote the same parts throughout the drawings. In the drawings:
[0127] Figure 1 A flowchart illustrating the first data processing method provided in an embodiment of the present invention is shown;
[0128] Figure 2 A flowchart illustrating the second data processing method provided in an embodiment of the present invention is shown;
[0129] Figure 3 A flowchart illustrating the third data processing method provided in an embodiment of the present invention is shown;
[0130] Figure 4 A flowchart illustrating the fourth data processing method provided in an embodiment of the present invention is shown;
[0131] Figure 5 A flowchart illustrating the fifth data processing method provided in an embodiment of the present invention is shown;
[0132] Figure 6 A flowchart illustrating the sixth data processing method provided in an embodiment of the present invention is shown;
[0133] Figure 7 A schematic diagram of the structure of a data processing system provided in an embodiment of the present invention is shown;
[0134] Figure 8 This diagram illustrates a user terminal structure according to an embodiment of the present invention.
[0135] Figure 9 This diagram illustrates the structure of a service platform provided by an embodiment of the present invention.
[0136] Figure 10 This diagram illustrates the structure of a trusted hardware embodiment provided by the present invention.
[0137] Figure 11 A schematic diagram of the structure of a computing device provided in an embodiment of the present invention is shown. Detailed Implementation
[0138] Exemplary embodiments of the present invention will now be described in more detail with reference to the accompanying drawings. While exemplary embodiments of the present invention are shown in the drawings, it should be understood that the embodiments of the present invention may be implemented in various forms and should not be limited to the embodiments set forth herein. Rather, these embodiments are provided so that this understanding of the embodiments of the present invention will be thorough and complete, and will fully convey the scope of the embodiments of the present invention to those skilled in the art.
[0139] Figure 1 A flowchart illustrating a first data processing method provided by an embodiment of the present invention is shown. The data processing method provided in this embodiment can be executed by a preset data processing system. Specifically, this embodiment of the present invention provides a random number generation method.
[0140] like Figure 1 As shown, the method includes the following steps:
[0141] Step S110: The user terminal generates a random number seed.
[0142] The client is the terminal that receives the service corresponding to the random number-dependent service. A random number-dependent service is an internet service whose operation relies on random numbers. For example, if the random number-dependent service is a welfare lottery service, then the client is the user terminal that receives that welfare lottery service.
[0143] The user client generates a random number seed, which is the basis for subsequent random number generation. In this embodiment of the invention, the user client generates the random number seed, and the random numbers generated based on this seed are used to serve the user client. This approach facilitates random number verification by the user using the seed and avoids the service platform from controlling the entire random number generation process, thus improving the fairness of the random number generation.
[0144] In one optional implementation, to avoid the service platform predicting the random number seed and ensure the fairness of subsequently generated random numbers, this implementation obtains user-inputted custom data and generates a random number seed based on this custom data. This implementation does not limit the content of the custom data; the custom data is input by the user, thereby avoiding the service platform's prediction of the random number seed. Optionally, when the user terminal detects a random number generation request, a corresponding input field is presented on the user terminal, through which the user can input custom data.
[0145] Further, optionally, to ensure the uniqueness of the generated random number seed, the user client can generate the random number seed in the following ways: obtain the user's custom input data and the number of times the user client has currently generated random number seeds; then, generate the random number seed based on the custom data and the number of times. Specifically, the total number of times the user client has currently generated random number seeds can be used as the current number of times the user client has generated random number seeds; alternatively, the target random number dependency service to which this random number seed generation is applied can be determined, and the number of times the user client has currently generated random number seeds for that target random number dependency service can be used as the current number of times the user client has generated random number seeds. For example, if this random number seed is used for a member reward draw service, then the number of times the user client has currently generated random number seeds for the member reward draw service can be used as the current number of times the user client has generated random number seeds. The difference between this number and the number of times the user client requests to generate random numbers is 1; for example, if this number is 1, then the current number of times the user requests to generate random numbers is 2. When generating the random number seed based on the custom data and the number of times, the custom data and the number of times can be concatenated to obtain the random number seed.
[0146] Optionally, to further ensure the uniqueness of the generated random number seed, the user client can generate the random number seed in the following way: obtain custom data input by the user, obtain the number of times the user client has generated random number seeds, and obtain the corresponding identification information of the user client; generate the random number seed based on the custom data, the number of times, and the identification information. The identification information of the user client includes, but is not limited to: user identifier, service platform identifier, and / or the service identifier of the target random number dependency service to which the random number seed is applied. When generating the random number seed based on the custom data, the number of times, and the identification information, the custom data, the number of times, and the identification information can be concatenated to obtain the random number seed. For example, "custom data" + "number of times" + "service platform ID" + "service ID" + "user ID" can be used as the random number seed.
[0147] In step S120, the user sends the random number seed to the service platform.
[0148] A service platform is a platform that provides random number-dependent services to users. For example, if the random number-dependent service is a welfare extraction service, then the service platform is the platform that provides that welfare extraction service.
[0149] In step S130, the service platform transmits the random number seed to the trusted hardware.
[0150] To further reduce the service platform's manipulation of random numbers and improve the fairness of random number generation, the service platform in this embodiment of the invention, after obtaining the random number seed provided by the user, does not directly generate random numbers based on the seed. Instead, it transmits the random number seed to trusted hardware. Trusted hardware is hardware capable of providing a trusted execution environment for a computer; this embodiment of the invention does not limit the specific type or model of the trusted hardware. Data within the trusted hardware cannot be detected by external sources, thus ensuring the security of the execution environment.
[0151] In one optional implementation, to ensure the uniqueness of subsequent random number generation, the service platform of this implementation further verifies the random number seed provided by the user. If the verification passes, the random number seed is then transmitted to trusted hardware for subsequent random number generation steps; if the verification fails, corresponding prompt information can be sent to the user. One or more of the following verification methods can be used:
[0152] Verification Method 1: The service platform verifies the generation method of the random number seed and transmits the verified random number seed to the trusted hardware. Specifically, if the random number seed is generated according to a preset method, the generation method verification passes; if the random number seed is not generated according to the preset method, the generation method verification fails. This preset method can refer to the random number seed generation method in step S110, that is, verifying whether the random number seed is generated from user-input custom data, the number of times the user terminal has currently generated random number seeds, and / or the corresponding identification information of the user terminal. If the random number seed is generated from user-input custom data, the number of times the user terminal has currently generated random number seeds, and / or the corresponding identification information of the user terminal, the generation method verification passes.
[0153] Verification Method Two: The service platform performs a uniqueness check on the random number seed. The service platform then transmits the uniquely verified random number seed to the trusted hardware. Specifically, the service platform compares the newly generated random number seed with any of the received random number seeds. If the newly generated random number seed matches any of the received random number seeds, the uniqueness check of the newly generated random number seed fails; if the newly generated random number seed does not match any of the received random number seeds, the uniqueness check of the newly generated random number seed passes. Furthermore, a local uniqueness check can be performed only on the random number seed within the same platform and service. If the local uniqueness check passes, the random number seed is then transmitted to the trusted hardware. In the process of local uniqueness verification, the target random number dependency service to which the newly generated random number seed is applied is determined. The newly generated random number seed is compared with the already generated random number seeds corresponding to the target random number dependency service on the same platform. If the newly generated random number seed is the same as a certain already generated random number seed corresponding to the target random number dependency service, the local uniqueness verification fails. If the newly generated random number seed is not the same as any of the already generated random number seeds corresponding to the target random number dependency service, the local uniqueness verification passes.
[0154] In step S140, the trusted hardware uses the private key derived from the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed.
[0155] A private key and a public key are derived within the trusted hardware. The public key can be exported and sent to the service platform; the private key cannot be exported. The trusted hardware uses this private key to sign the random number seed. The data obtained after signing the random number seed with the private key is the digital signature corresponding to that random number seed. Because this digital signature is signed using the private key within the trusted hardware, it cannot be predicted by the user client or the service platform, ensuring the unpredictability of subsequent random number generation. Optionally, this private key can be reused to conserve system resources.
[0156] Step S150: The trusted hardware or service platform generates a random number based on the digital signature.
[0157] After obtaining the digital signature, as an optional implementation, trusted hardware can generate a random number based on the digital signature. For example, the digital signature can be used directly as a random number, or a suitable algorithm can be used to process the digital signature before generating a random number. Alternatively, the trusted hardware can send the digital signature to a service platform, which can then generate a random number based on the digital signature. Again, the digital signature can be used directly as a random number, or a suitable algorithm can be used to post-process the digital signature before generating a random number.
[0158] In one alternative implementation, during the process of generating random numbers based on digital signatures, the digital signatures can be hashed to obtain random numbers. Since hashing can return a fixed-length output from an input of unlimited length, this implementation can improve the uniformity of the generated random numbers.
[0159] In another alternative implementation, after generating a random number, the generated random number is fed back to the user terminal so that the user terminal can participate in the corresponding random number dependency service.
[0160] Therefore, in this embodiment of the invention, the random seed is provided by the user terminal. On the one hand, this avoids the platform's control over the entire random number generation process, ensuring the fairness of random number generation. On the other hand, it facilitates user terminal verification based on the random number seed, enabling the verification of random numbers. Moreover, the trusted hardware uses a private key to sign the random number seed to obtain a digital signature, and generates random numbers based on this digital signature. This ensures the security of the random numbers, avoids the platform's global control over the random number generation process and collusion between the user and the platform, ensures the fairness of random number generation, and ensures the unpredictability of random numbers, as the random numbers cannot be predicted by the user terminal or the service platform.
[0161] Figure 2 A flowchart illustrating a second data processing method provided by an embodiment of the present invention is shown. The data processing method provided in this embodiment can be executed by a preset data processing system. Specifically, this embodiment of the present invention provides a random number generation method.
[0162] like Figure 2 As shown, the method includes the following steps:
[0163] Step S210: The user terminal generates a random number seed, and encrypts the random number seed using the public key corresponding to the private key derived from the trusted hardware to obtain an encrypted random number seed.
[0164] After deriving a private key and its corresponding public key from the trusted hardware, the public key can be exported to the service platform and provided to the user terminal via the service platform. The user terminal then uses this public key to encrypt the random number seed after generating it; the encrypted data is the encrypted random number seed. The method for generating the random number seed can be found in other method embodiments and will not be repeated here.
[0165] In step S220, the user sends the encrypted random number seed to the service platform.
[0166] Because the random number seed generated by the user is encrypted with a public key, the service platform cannot obtain the original random number seed from the user, thus preventing tampering with the random number seed and ensuring the accuracy and security of random number generation.
[0167] In step S230, the service platform transmits the encrypted random number seed to the trusted hardware.
[0168] In step S240, the trusted hardware uses the private key derived in the trusted hardware to decrypt the encrypted random number seed and restore the random number seed. Then, it uses the private key derived in the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed.
[0169] The trusted hardware first uses the private key to decrypt the encrypted random number seed, thereby restoring the random number seed generated by the user. Then, it uses the private key to sign the random number seed to obtain the digital signature corresponding to the random number seed.
[0170] Step S250: The trusted hardware or service platform generates a random number based on the digital signature.
[0171] The specific process of generating random numbers in this step can be referred to the description in other method embodiments, and will not be repeated here.
[0172] Therefore, in this embodiment of the invention, the user terminal uses a public key to encrypt the random number seed to obtain an encrypted random number seed. The encrypted random number seed is then transmitted to trusted hardware via a service platform. The trusted hardware uses a private key to decrypt and restore the random number seed, thereby avoiding tampering with the random number seed and ensuring the accuracy and security of the generated random numbers.
[0173] Figure 3 A flowchart illustrating a third data processing method provided by an embodiment of the present invention is shown. The data processing method provided in this embodiment can be executed by a preset data processing system. Specifically, this embodiment provides a random number verification method. This implementation is performed after random number generation; the random number generation process can be referred to the descriptions in other method embodiments, and will not be repeated here.
[0174] like Figure 3 As shown, the method includes the following steps:
[0175] In step S310, the service platform stores the random number seed, digital signature, random number, and / or the public key corresponding to the private key in the blockchain.
[0176] Specifically, if the service platform generates random numbers based on digital signatures, the trusted hardware sends the digital signature and the public key corresponding to the private key to the service platform. The service platform then generates random numbers based on the digital signatures and stores the random number seed, digital signature, random number, and / or the public key corresponding to the private key in the blockchain. Alternatively, if the trusted hardware generates random numbers based on digital signatures, the trusted hardware sends the digital signature, random number, and the public key corresponding to the private key to the service platform. The service platform then generates random numbers based on the digital signatures and stores the random number seed, digital signature, random number, and / or the public key corresponding to the private key in the blockchain. Storing the random number seed, digital signature, random number, and / or the public key corresponding to the private key in the blockchain prevents data tampering during the random number generation process, improving the security of the random number generation process and the accuracy of subsequent random number verification. Specifically, during the storage process, the random number seed, digital signature, random number, and / or the public key corresponding to the private key can be stored in the blockchain based on a blockchain smart contract.
[0177] Step S320: The user initiates a random number verification request; wherein the random number verification request carries a random number.
[0178] After receiving the generated random number, the client can initiate a random number verification request to determine the authenticity of the generated random number. This verification request carries the random number to be verified.
[0179] Step S330: The blockchain searches for stored information that matches the random number in the random number verification request, and uses this stored information to verify the random number in the random number verification request.
[0180] After storing the random number seed, digital signature, random number, and / or the public key corresponding to the private key in the blockchain, these elements constitute the stored information associated with the random number in the blockchain. When the logic processing module in the blockchain (such as a smart contract) receives a random number verification request from a user, it parses the random number carried in the request and retrieves the stored information that matches the random number in the verification request by searching the data stored in the blockchain. This matching stored information includes: the random number seed corresponding to the random number in the verification request, the digital signature, and / or the public key corresponding to the private key, etc.
[0181] Furthermore, the stored information matching the random number is used to verify the random number in the random number verification request, and the verification result is obtained.
[0182] In one optional verification method, the matched stored information includes a digital signature and the public key corresponding to the private key. The public key is then used to verify the digital signature. Based on the signature verification result, a random number verification result is obtained, thereby verifying whether the digital signature in the random number was generated by trusted hardware. If the signature verification passes, it indicates that the digital signature in the random number was generated by trusted hardware, and the random number verification is successful; if the signature verification fails, it indicates that the digital signature in the random number was not generated by trusted hardware, and the random number verification is unsuccessful.
[0183] In another optional verification method, the stored matching information includes a digital signature. The digital signature is hashed to obtain a hash result value. This hash result value is compared with the random number in the random number verification request. Based on the comparison result, a random number verification result is obtained, thereby verifying whether the random number was obtained from the digital signature through a hash operation, and determining whether the random number was tampered with during the process of obtaining the random number from the digital signature. Specifically, if the hash result value matches the random number in the random number verification request, the random number verification is successful; if the hash result value does not match the random number in the random number verification request, the random number verification fails.
[0184] In step S340, the blockchain sends the verification result back to the user.
[0185] Therefore, in this embodiment of the invention, the user terminal can initiate a random number verification request and verify the generated random number; moreover, by storing the data associated with the random number generation in the blockchain, the data associated with the random number generation is ensured not to be tampered with, further ensuring the accuracy of the random number verification result.
[0186] Figure 4 A flowchart illustrating the fourth data processing method provided in this embodiment of the invention is shown. The data processing method provided in this embodiment is executed on the user side.
[0187] like Figure 4 As shown, the method includes:
[0188] Step S410: Generate a random number seed.
[0189] Step S420: Send the random number seed to the service platform so that the service platform can pass the random number seed into the trusted hardware. The trusted hardware can then use the private key derived from the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed. The trusted hardware or the service platform can then generate a random number based on the digital signature.
[0190] In one optional implementation, generating a random number seed further includes: obtaining user-inputted custom data and generating a random number seed based on the custom data.
[0191] In one optional implementation, generating a random number seed further includes: obtaining custom data input by the user and obtaining the number of times the random number seed has been generated by the user terminal.
[0192] A random number seed is generated based on the custom data and the number of attempts.
[0193] In one optional implementation, generating a random number seed further includes: obtaining custom data input by the user, obtaining the number of times the random number seed has been generated by the user terminal, and obtaining the corresponding identification information of the user terminal;
[0194] A random number seed is generated based on the custom data, the number of times, and the identification information.
[0195] In an optional implementation, the method further includes: encrypting the random number seed using the public key corresponding to the private key derived in the trusted hardware to obtain an encrypted random number seed;
[0196] The step of sending the random number seed to the service platform further includes: sending the encrypted random number seed to the service platform.
[0197] In an optional implementation, the method further includes: initiating a random number verification request, wherein the random number verification request carries a random number for verification of the random number in the random number verification request.
[0198] Therefore, this solution can prevent the platform from controlling the entire process of random number generation, ensuring the fairness of random number generation, and the random numbers cannot be predicted by the user or the service platform, thus ensuring the unpredictability of the random numbers.
[0199] Figure 5 A flowchart illustrating the fifth data processing method provided in this embodiment of the invention is shown. The data processing method provided in this embodiment is executed on the service platform side.
[0200] like Figure 5 As shown, the method includes:
[0201] Step S510: Receive the random number seed generated by the user terminal.
[0202] Step S520: The random number seed is passed into the trusted hardware so that the trusted hardware can use the private key derived in the trusted hardware to sign the random number seed and obtain the digital signature corresponding to the random number seed.
[0203] Step S530: Generate a random number based on the digital signature.
[0204] In one optional implementation, the method further includes: verifying the generation method of the random number seed;
[0205] The step of transmitting the random number seed into the trusted hardware further includes: transmitting the random number seed whose generation method has been verified into the trusted hardware.
[0206] In one optional implementation, the method further includes: performing a uniqueness check on the random number seed;
[0207] The step of transmitting the random number seed into the trusted hardware further includes: transmitting the random number seed that has passed the uniqueness verification into the trusted hardware.
[0208] In an optional implementation, generating a random number based on the digital signature further includes:
[0209] The random number is obtained by performing a hash operation on the digital signature.
[0210] In an optional implementation, the method further includes storing the random number seed, the digital signature, the random number, and / or the public key corresponding to the private key in a blockchain.
[0211] Therefore, this solution can prevent the platform from controlling the entire process of random number generation, ensuring the fairness of random number generation, and the random numbers cannot be predicted by the user or the service platform, thus ensuring the unpredictability of the random numbers.
[0212] Figure 6 A flowchart illustrating the sixth data processing method provided in this embodiment of the invention is shown. The data processing method provided in this embodiment is executed on trusted hardware.
[0213] like Figure 6 As shown, the method includes:
[0214] Step S610: Receive a random number seed from the service platform; wherein the random number seed is generated by the user terminal.
[0215] Step S620: Sign the random number seed using the private key derived from the trusted hardware to obtain the digital signature corresponding to the random number seed.
[0216] Step S630: Generate a random number based on the digital signature.
[0217] In an optional implementation, generating a random number based on the digital signature further includes:
[0218] The random number is obtained by performing a hash operation on the digital signature.
[0219] In one optional implementation, before obtaining the digital signature corresponding to the random number seed by signing the random number seed using the private key derived from the trusted hardware, the method further includes: decrypting the encrypted random number seed using the private key derived from the trusted hardware to restore the random number seed.
[0220] Therefore, this solution can prevent the platform from controlling the entire process of random number generation, ensuring the fairness of random number generation, and the random numbers cannot be predicted by the user or the service platform, thus ensuring the unpredictability of the random numbers.
[0221] Figure 7 A schematic diagram of the structure of a data processing system provided by an embodiment of the present invention is shown. Figure 7 As shown, the system 700 includes: a user terminal 710, a service platform 720, and trusted hardware 730.
[0222] The user terminal is used to generate a random number seed and send the random number seed to the service platform;
[0223] A service platform is used to transmit the random number seed into trusted hardware;
[0224] Trusted hardware is used to sign the random number seed using a private key derived from the trusted hardware to obtain a digital signature corresponding to the random number seed.
[0225] The service platform or trusted hardware generates a random number based on the digital signature.
[0226] In one alternative implementation, the user terminal is used to: obtain custom data input by the user, and generate a random number seed based on the custom data.
[0227] In one optional implementation, the user terminal is used to: obtain custom data input by the user and obtain the number of times the random number seed currently generated by the user terminal has been obtained;
[0228] A random number seed is generated based on the custom data and the number of attempts.
[0229] In one optional implementation, the user terminal is used to: obtain custom data input by the user, obtain the number of times the random number seed currently generated by the user terminal has been obtained, and obtain the corresponding identification information of the user terminal;
[0230] A random number seed is generated based on the custom data, the number of times, and the identification information.
[0231] In one optional implementation, the service platform is used to: verify the generation method of the random number seed, and transmit the random number seed that has passed the generation method verification to trusted hardware.
[0232] In one optional implementation, the service platform is used to: perform uniqueness verification on the random number seed, and transmit the random number seed that passes the uniqueness verification to trusted hardware.
[0233] In one alternative implementation, the service platform or trusted hardware is used to: obtain the random number by performing a hash operation on the digital signature.
[0234] In one optional implementation, the user terminal is used to: encrypt the random number seed using the public key corresponding to the private key derived in the trusted hardware to obtain an encrypted random number seed, and then send the encrypted random number seed to the service platform.
[0235] The service platform is used to: transmit the encrypted random number seed into trusted hardware;
[0236] The trusted hardware is used to: decrypt the encrypted random number seed using a private key derived from the trusted hardware and then restore the random number seed.
[0237] In one optional implementation, the service platform is used to: store the random number seed, the digital signature, the random number, and / or the public key corresponding to the private key in the blockchain;
[0238] The user terminal is used to: initiate a random number verification request; wherein the random number verification request carries a random number;
[0239] The system also includes a blockchain for finding stored information that matches the random number in the random number verification request, and using the stored information to verify the random number in the random number verification request.
[0240] In one optional implementation, the matched storage information includes a digital signature and the public key corresponding to the private key;
[0241] The blockchain is then used to: verify the digital signature using the public key, and obtain a random number verification result based on the signature verification result.
[0242] In one alternative implementation, the matched stored information includes a digital signature;
[0243] The blockchain is used to: perform a hash operation on the digital signature to obtain a hash result value, compare the hash result value with the random number in the random number verification request, and obtain a random number verification result based on the comparison result.
[0244] Therefore, this solution can prevent the platform from controlling the entire process of random number generation, ensuring the fairness of random number generation, and the random numbers cannot be predicted by the user or the service platform, thus ensuring the unpredictability of the random numbers.
[0245] Figure 8 A schematic diagram of a user terminal provided by an embodiment of the present invention is shown. Figure 8 As shown, the user terminal 710 includes a generation module 711 and a sending module 712.
[0246] Generation module 711 is used to generate random number seeds;
[0247] The sending module 712 is used to send the random number seed to the service platform, so that the service platform can pass the random number seed into the trusted hardware, and the trusted hardware can sign the random number seed using the private key derived in the trusted hardware to obtain the digital signature corresponding to the random number seed, and the trusted hardware or the service platform can generate a random number based on the digital signature.
[0248] In one alternative implementation, the generation module is used to: obtain custom data input by the user, and generate a random number seed based on the custom data.
[0249] In one optional implementation, the generation module is used to: obtain custom data input by the user and obtain the number of times the random number seed has been generated by the user terminal;
[0250] A random number seed is generated based on the custom data and the number of attempts.
[0251] In one optional implementation, the generation module is used to: obtain custom data input by the user, obtain the number of times the random number seed has been generated by the user terminal, and obtain the corresponding identification information of the user terminal;
[0252] A random number seed is generated based on the custom data, the number of times, and the identification information.
[0253] In one optional implementation, the user terminal further includes: an encryption module, used to encrypt the random number seed using the public key corresponding to the private key derived in the trusted hardware to obtain an encrypted random number seed;
[0254] The sending module is used to send the encrypted random number seed to the service platform.
[0255] In one optional implementation, the sending module is configured to: initiate a random number verification request, wherein the random number verification request carries a random number for verification of the random number in the random number verification request.
[0256] Therefore, this solution can prevent the platform from controlling the entire process of random number generation, ensuring the fairness of random number generation, and the random numbers cannot be predicted by the user or the service platform, thus ensuring the unpredictability of the random numbers.
[0257] Figure 9 A schematic diagram of the structure of a service platform provided by an embodiment of the present invention is shown. Figure 9 As shown, the service platform 720 includes: a receiving module 721, an input module 722, and a generating module 723.
[0258] Receiver module 721 is used to receive random number seeds generated by the user terminal;
[0259] The input module 722 is used to input the random number seed into the trusted hardware, so that the trusted hardware can use the private key derived in the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed.
[0260] The generation module 723 is used to generate random numbers based on the digital signature.
[0261] In one optional implementation, the service platform further includes: a verification module for verifying the generation method of the random number seed;
[0262] The input module is used to input the random number seed that has passed the generation method verification into the trusted hardware.
[0263] In one optional implementation, the service platform further includes: a verification module for verifying the uniqueness of the random number seed;
[0264] The input module is used to input the random number seed that has passed the uniqueness verification into the trusted hardware.
[0265] In one optional implementation, the generation module is used to: perform a hash operation on the digital signature to obtain the random number.
[0266] In one optional implementation, the service platform further includes a storage module for storing the random number seed, the digital signature, the random number, and / or the public key corresponding to the private key in the blockchain.
[0267] Therefore, this solution can prevent the platform from controlling the entire process of random number generation, ensuring the fairness of random number generation, and the random numbers cannot be predicted by the user or the service platform, thus ensuring the unpredictability of the random numbers.
[0268] Figure 10 A schematic diagram of a trusted hardware structure provided by an embodiment of the present invention is shown. Figure 10As shown, the trusted hardware 730 includes: a receiving module 731, a signature module 732, and a generation module 733.
[0269] The receiving module 731 is used to receive a random number seed transmitted from the service platform; wherein the random number seed is generated by the user terminal.
[0270] The signature module 732 is used to sign the random number seed using a private key derived from the trusted hardware to obtain a digital signature corresponding to the random number seed.
[0271] The generation module 733 is used to generate random numbers based on the digital signature.
[0272] In one optional implementation, the generation module is used to: perform a hash operation on the digital signature to obtain the random number.
[0273] In one optional implementation, the trusted hardware further includes a decryption module, configured to decrypt the encrypted random number seed using a private key derived from the trusted hardware and then restore the random number seed.
[0274] Therefore, this solution can prevent the platform from controlling the entire process of random number generation, ensuring the fairness of random number generation, and the random numbers cannot be predicted by the user or the service platform, thus ensuring the unpredictability of the random numbers.
[0275] Figure 11 This diagram illustrates the structure of a computing device according to an embodiment of the present invention. The specific embodiments of the present invention do not limit the specific implementation of the computing device.
[0276] like Figure 11 As shown, the computing device may include: a processor 1102, a communications interface 1104, a memory 1106, and a communications bus 1108.
[0277] The processor 1102, communication interface 1104, and memory 1106 communicate with each other via communication bus 1108. Communication interface 1104 is used to communicate with other network elements, such as clients or other servers. The processor 1102 executes program 1110, specifically performing the relevant steps described above in the data processing method embodiment.
[0278] Specifically, program 1110 may include program code that includes computer operation instructions.
[0279] Processor 1102 may be a central processing unit (CPU), an application-specific integrated circuit (ASIC), or one or more integrated circuits configured to implement embodiments of the present invention. The computing device may include one or more processors of the same type, such as one or more CPUs; or it may include processors of different types, such as one or more CPUs and one or more ASICs.
[0280] Memory 1106 is used to store program 1110. Memory 1106 may include high-speed RAM memory, and may also include non-volatile memory, such as at least one disk storage device. Program 1110 can specifically be used to cause processor 1102 to execute the method in any of the above method embodiments.
[0281] This invention provides a non-volatile computer storage medium storing at least one executable instruction that can execute the data processing method in any of the above method embodiments.
[0282] The algorithms or displays provided herein are not inherently related to any particular computer, virtual system, or other device. Various general-purpose systems can also be used in conjunction with the teachings herein. The required structure for constructing such systems is apparent from the above description. Furthermore, the embodiments of the present invention are not directed to any particular programming language. It should be understood that the embodiments of the present invention described herein can be implemented using various programming languages, and the above description of specific languages is for the purpose of disclosing the best mode of implementation of the embodiments of the present invention.
[0283] Numerous specific details are set forth in the specification provided herein. However, it will be understood that embodiments of the invention may be practiced without these specific details. In some instances, well-known methods, structures, and techniques have not been shown in detail so as not to obscure the understanding of this specification.
[0284] Similarly, it should be understood that, in order to streamline the embodiments of the invention and aid in understanding one or more of the various inventive aspects, in the above description of exemplary embodiments of the invention, various features of the embodiments of the invention are sometimes grouped together in a single embodiment, figure, or description thereof. However, this disclosure should not be construed as reflecting an intention that the claimed embodiments of the invention require more features than are expressly recited in each claim. Rather, as reflected in the following claims, inventive aspects lie in fewer than all features of a single foregoing disclosed embodiment. Therefore, the claims following the detailed description are hereby expressly incorporated into this detailed description, wherein each claim itself is a separate embodiment of the invention.
[0285] Those skilled in the art will understand that modules in the device of the embodiments can be adaptively changed and placed in one or more devices different from that embodiment. Modules, units, or components in the embodiments can be combined into a single module, unit, or component, and further, they can be divided into multiple sub-modules, sub-units, or sub-components. Except where at least some of such features and / or processes or units are mutually exclusive, any combination can be used to combine all features disclosed in this specification (including the accompanying claims, abstract, and drawings) and all processes or units of any method or device so disclosed. Unless expressly stated otherwise, each feature disclosed in this specification (including the accompanying claims, abstract, and drawings) may be replaced by an alternative feature that serves the same, equivalent, or similar purpose.
[0286] Furthermore, those skilled in the art will understand that although some embodiments herein include certain features included in other embodiments but not others, combinations of features from different embodiments are meant to be within the scope of the embodiments of the invention and form different embodiments. For example, in the following claims, any of the claimed embodiments can be used in any combination.
[0287] The various component embodiments of the present invention can be implemented in hardware, or as software modules running on one or more processors, or a combination thereof. Those skilled in the art will understand that microprocessors or digital signal processors (DSPs) can be used in practice to implement some or all of the functions of some or all of the components according to the embodiments of the present invention. The embodiments of the present invention can also be implemented as device or apparatus programs (e.g., computer programs and computer program products) for performing part or all of the methods described herein. Such programs implementing the embodiments of the present invention can be stored on a computer-readable medium, or can be in the form of one or more signals. Such signals can be downloaded from an Internet website, provided on a carrier signal, or provided in any other form.
[0288] It should be noted that the above embodiments are illustrative of the present invention and not restrictive of the present invention, and that those skilled in the art can devise alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses should not be construed as limiting the claims. The word "comprising" does not exclude the presence of elements or steps not listed in the claims. The word "a" or "an" preceding an element does not exclude the presence of a plurality of such elements. Embodiments of the present invention can be implemented by means of hardware comprising several different elements and by means of a suitably programmed computer. In the unit claims enumerating several means, several of these means may be embodied by the same item of hardware. The use of the words first, second, and third, etc., does not indicate any order. These words can be interpreted as names. The steps in the above embodiments, unless otherwise specified, should not be construed as limiting the order of execution.
Claims
1. A data processing method, characterized in that, The method includes: The user client generates a random number seed and sends the random number seed to the service platform; wherein, the user's custom data input and the number of times the user client has generated a random number seed are obtained; and a random number seed is generated based on the custom data and the number of times the random number seed has been generated. The service platform verifies the generation method of the random number seed and transmits the random number seed that passes the generation method verification to the trusted hardware. The trusted hardware uses a private key derived from the trusted hardware to sign the random number seed to obtain a digital signature corresponding to the random number seed. The trusted hardware or the service platform generates a random number based on the digital signature.
2. The method according to claim 1, characterized in that, The seed for generating random numbers further includes: Get custom data input by the user, get the number of times the random number seed has been generated on the user's end, and get the corresponding identification information on the user's end; A random number seed is generated based on the custom data, the number of times, and the identification information.
3. The method according to claim 1, characterized in that, The method further includes: the service platform performing a uniqueness check on the random number seed; and the service platform transmitting the random number seed that has passed the uniqueness check to trusted hardware.
4. The method according to any one of claims 1-3, characterized in that, The step of generating random numbers based on the digital signature further includes: The random number is obtained by performing a hash operation on the digital signature.
5. The method according to any one of claims 1-3, characterized in that, After the user terminal generates a random number seed, the method further includes: the user terminal encrypts the random number seed using the public key corresponding to the private key derived in the trusted hardware to obtain an encrypted random number seed; Sending the random number seed to the service platform further includes: sending the encrypted random number seed to the service platform; The step of transmitting the generated random number seed, which has passed the verification, into the trusted hardware further includes: the service platform transmitting the encrypted random number seed into the trusted hardware; Before the trusted hardware signs the random number seed using the private key derived from the trusted hardware to obtain the digital signature corresponding to the random number seed, the method further includes: the trusted hardware decrypts the encrypted random number seed using the private key derived from the trusted hardware to restore the random number seed.
6. The method according to any one of claims 1-3, characterized in that, After generating the random number, the method further includes: The service platform stores the random number seed, the digital signature, the random number, and / or the public key corresponding to the private key in the blockchain; The user terminal initiates a random number verification request; wherein, the random number verification request carries a random number; The blockchain searches for stored information that matches the random number in the random number verification request, and uses the stored information to verify the random number in the random number verification request.
7. The method according to claim 6, characterized in that, The matched storage information includes the digital signature and the public key corresponding to the private key; The step of using the stored information to verify the random number in the random number verification request further includes: using the public key to perform signature verification on the digital signature, and obtaining the random number verification result based on the signature verification result.
8. The method according to claim 6, characterized in that, The matched stored information includes a digital signature; The step of using the stored information to verify the random number in the random number verification request further includes: performing a hash operation on the digital signature to obtain a hash operation result value, comparing the hash operation result value with the random number in the random number verification request, and obtaining a random number verification result based on the comparison result.
9. A data processing method, characterized in that, The method is executed on the user side, and the method includes: Generate a random number seed; wherein, custom data input by the user and the number of times the random number seed has been generated on the user's end are obtained; and a random number seed is generated based on the custom data and the number of times the seed has been generated. The random number seed is sent to the service platform for the service platform to verify the generation method of the random number seed. The random number seed that passes the generation method verification is transmitted to the trusted hardware, and the trusted hardware uses the private key derived in the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed. The trusted hardware or the service platform generates a random number based on the digital signature.
10. A data processing method, characterized in that, The method is executed on the service platform side, and the method includes: Receive a random number seed generated by the user terminal; wherein, the user terminal obtains custom data input by the user and obtains the number of times the user terminal has generated a random number seed; generate a random number seed based on the custom data and the number of times; The generation method of the random number seed is verified, and the random number seed that passes the verification is transmitted to the trusted hardware, so that the trusted hardware can use the private key derived in the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed. Random numbers are generated based on the digital signature.
11. A data processing method, characterized in that, The method is executed on the trusted hardware side, and the method includes: The system receives a random number seed from the service platform; wherein the random number seed is generated by the user terminal, and the user terminal obtains user-inputted custom data and the number of times the user terminal has generated a random number seed; a random number seed is generated based on the custom data and the number of times; and the service platform verifies the generation method of the random number seed, and transmits the random number seed that passes the generation method verification to the trusted hardware. The random number seed is signed using a private key derived from the trusted hardware to obtain a digital signature corresponding to the random number seed. Random numbers are generated based on the digital signature.
12. A data processing system, characterized in that, The system includes: The user-side interface is used to generate a random number seed and send the random number seed to the service platform; wherein, it obtains user-inputted custom data and the number of times the user-side has generated a random number seed; and generates a random number seed based on the custom data and the number of times the random number seed has been generated. The service platform is used to verify the generation method of the random number seed and transmit the random number seed that has passed the generation method verification to the trusted hardware. Trusted hardware is used to sign the random number seed using a private key derived from the trusted hardware to obtain a digital signature corresponding to the random number seed. The service platform or trusted hardware generates a random number based on the digital signature.
13. A user terminal, characterized in that, The user terminal includes: A generation module is used to generate a random number seed; wherein, it obtains user-inputted custom data and the number of times the random number seed has been generated on the user's end; and generates a random number seed based on the custom data and the number of times the seed has been generated. The sending module is used to send the random number seed to the service platform so that the service platform can verify the generation method of the random number seed, pass the generation method verification of the random number seed, pass the random number seed into the trusted hardware, and the trusted hardware uses the private key derived in the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed, and the trusted hardware or the service platform generates a random number based on the digital signature.
14. A service platform, characterized in that, The service platform includes: A receiving module is used to receive a random number seed generated by a user terminal; wherein the user terminal obtains user-inputted custom data and the number of times the user terminal has generated a random number seed; and generates a random number seed based on the custom data and the number of times the random number seed has been generated. The input module is used to verify the generation method of the random number seed, and input the random number seed that has passed the generation method verification into the trusted hardware, so that the trusted hardware can use the private key derived in the trusted hardware to sign the random number seed to obtain the digital signature corresponding to the random number seed. A generation module is used to generate random numbers based on the digital signature.
15. A trusted hardware, characterized in that, The trusted hardware includes: The receiving module is used to receive a random number seed from the service platform; wherein the random number seed is generated by the user terminal, and the user terminal obtains user-inputted custom data and the number of times the user terminal has generated a random number seed; a random number seed is generated based on the custom data and the number of times; and the service platform verifies the generation method of the random number seed, and transmits the random number seed that passes the generation method verification to the trusted hardware. The signature module is used to sign the random number seed using a private key derived from the trusted hardware to obtain a digital signature corresponding to the random number seed. A generation module is used to generate random numbers based on the digital signature.
16. A computing device, characterized in that, include: The processor, memory, communication interface, and communication bus are provided, wherein the processor, memory, and communication interface communicate with each other via the communication bus. The memory is used to store at least one executable instruction, which causes the processor to perform an operation corresponding to the data processing method as described in any one of claims 1-11.
17. A computer storage medium, characterized in that, The storage medium stores at least one executable instruction that causes the processor to perform the operation corresponding to the data processing method as described in any one of claims 1-11.
18. A computer program product, characterized in that, The computer program product is used to perform the operations corresponding to the data processing method as described in any one of claims 1-11.