Summary of the invention
The problem to be solved in the present invention is to provide a kind of Quick Response Code personal identification method based on digital signature and timestamp, and the method identifying is simple, can reflect electronic signature characteristic in time.
A kind of Quick Response Code personal identification method based on digital signature and timestamp disclosed by the invention, comprises active identification method and/or passive discerning method,
Described active identification method comprises the following steps:
11) side of being identified logs in the application of identification platform and creates Quick Response Code;
12) identification platform carries out digital signature to the personal information of the side of being identified and signing messages;
13) digital signature of identification platform to the side of being identified adds a cover timestamp;
14) identification platform is the Quick Response Code of the personal information of the side of being identified, signing messages and timestamp information in the lump the generating identification side of being identified unique identities;
15) Quick Response Code that creates of identification side's scanning side of being identified, the Quick Response Code of identification platform to the side of being identified is verified, first carries out sign test to 2 D code information, sign test successfully after, then carry out timestamp checking, all pass through rear display user's information above;
16) side's of being identified 2 D code information preserved by identification platform;
Described passive discerning method comprises the following steps:
21) identification side logs in identification platform, creates Quick Response Code;
22) Quick Response Code of scanning recognition side of the side of being identified generation, and upgrade personal information to identification platform;
23) identification platform carries out digital signature to the identity information of the side of being identified, signing messages;
24) identification platform adds a cover timestamp to the side's of being identified information;
25) carry out identity information, signing messages and the timestamp information of identification platform to the side of being identified is verified, first carries out sign test to digital signature information, after sign test success, then carries out timestamp checking, all passes through rear display user's information above;
26) side's of being identified information preserved by identification platform.
As the further improvement of technique scheme, described Quick Response Code is the matrix two-dimensional code adopting QR code system to generate.
Another kind as technique scheme improves, and described digital signature adopts digital envelope principle and symmetric cryptography to realize.
Another kind as technique scheme improves, described step 16) and step 26), after the side's of being identified information preserved by identification platform, also provide inquiry and printing function.
Quick Response Code personal identification method based on digital signature and timestamp of the present invention, the Quick Response Code wherein generated is the matrix two-dimensional code adopting QR code system, have that information capacity is large, reliability is high, can represent the advantages such as the kinds of words such as Chinese character and image information, identical content size is less than the advantages such as other code systems.
The digital signature technology that recognition methods of the present invention adopts mainly adopts digital envelope principle and symmetric cryptography to realize, the mode of online decoding is all adopt digital envelope principle to realize the Information Security Prevention of Quick Response Code, the symmetric encipherment algorithm that off line decoding process adopts completes generation and the parsing of Quick Response Code, the identity information that Quick Response Code comprises by resolving after checking, can only ensure that Quick Response Code comprises can not distorting of identity information.
Recognition methods of the present invention Quick Response Code has and only has unique identity information, greatly can improve discrimination.
Recognition methods of the present invention can in a lot of client complete operation, comprise the hardware device such as PC, notebook computer, smart mobile phone, panel computer of any support digital certificate, form environmental protection, fashion, efficient.
Recognition methods fault-tolerant ability of the present invention is strong, has error correction, two-dimensional bar code because of perforation, stained etc. cause local damage time, also can correctly be distinguished, damaged area reaches 50% still can recover information.
Recognition methods of the present invention have employed timestamp in electronic identity identification, the signature time is fixed up, and integrality and the authenticity of time mark is ensured by digital signature, effectively prevent the time behavior of falling label, strengthen the safety precaution to electronic identity information, also can provide strong evidence for associated issues.This recognition methods is applicable to the occasions such as Meeting Signature, gate inhibition, payment.
Embodiment
Below in conjunction with accompanying drawing, a kind of Quick Response Code personal identification method based on digital signature and timestamp that the present invention proposes is described in detail.
Digital signature technology contains encryption and decryption technique, identity identifying technology, its effect be protection e-file or data integrality, can not tamper and non repudiation.Digital signature technology can provide the authenticity of the side's of being identified identity to prove, but because cannot define the time of origin of user behavior, it has it not enough in the non-repudiation identified.The proof that timestamp can provide data to exist sometime, TSA time-stamping service module is mainly used in externally providing accurate believable time-stamping service, with confirm system processes data sometime the existence of (before) and the relative chronological order of associative operation, for the non-repudiation realizing system data process provide basis.The TSA time-stamping service module of identification platform adds the time mark provided by trusted time source to target data, and ensures integrality and the authenticity of time mark by digital signature.
Based on a Quick Response Code personal identification method for digital signature and timestamp, it is characterized in that, comprise active identification method and/or passive discerning method,
Described active identification method comprises the following steps:
11) side of being identified logs in the application of identification platform and creates Quick Response Code; Quick Response Code is the matrix two-dimensional code adopting QR code system to generate;
12) identification platform adopts digital envelope principle and symmetric cryptography to carry out digital signature to the personal information of the side of being identified and signing messages;
13) digital signature of identification platform to the side of being identified adds a cover timestamp;
14) identification platform is the Quick Response Code of the personal information of the side of being identified, signing messages and timestamp information in the lump the generating identification side of being identified unique identities;
15) Quick Response Code that creates of identification side's scanning side of being identified, the Quick Response Code of identification platform to the side of being identified is verified, first carries out sign test to 2 D code information, sign test successfully after, then carry out timestamp checking, all pass through rear display user's information above;
16) side's of being identified 2 D code information preserved by identification platform, and provides inquiry and printing function.
Described passive discerning method comprises the following steps:
21) identification side logs in identification platform, creates Quick Response Code; Quick Response Code is the matrix two-dimensional code adopting QR code system to generate;
22) Quick Response Code of scanning recognition side of the side of being identified generation, and upgrade personal information to identification platform;
23) identification platform adopts digital envelope principle and symmetric cryptography to carry out digital signature to the identity information of the side of being identified, signing messages;
24) identification platform adds a cover timestamp to the side's of being identified information;
25) carry out identity information, signing messages and the timestamp information of identification platform to the side of being identified is verified, first carries out sign test to digital signature information, after sign test success, then carries out timestamp checking, all passes through rear display user's information above;
26) side's of being identified information preserved by identification platform, and provide inquiry and printing function.
The mode of online decoding adopts digital envelope principle to realize the Information Security Prevention of Quick Response Code, and off line decoding process adopts symmetric encipherment algorithm to complete generation and the parsing of Quick Response Code.
Below with Meeting Signature, gate inhibition, the payment recognition methods of the present invention for instantiation illustrates, but should be clear, and these examples are exemplary illustration, do not cause restriction to recognition methods usable range of the present invention.The identification of other occasions is identical with these example ultimate principles, also applicable recognition methods of the present invention.
1, Meeting Signature
Passive discerning:
As shown in Figure 1, describe participant in passive discerning mode and complete Meeting Signature by " my Nanjing " platform: organizer generates Meeting Signature Quick Response Code by " my Nanjing " platform, participant scans Meeting Signature Quick Response Code, upgrades personal information to " my Nanjing " platform." my Nanjing " platform carries out before numeral to the personal information of participant and signing messages and adds a cover timestamp, and information is verified, be verified rear meeting organizer and can check participant's information by " my Nanjing " platform, and participant's information can be derived.
Specifically, Meeting Signature passive discerning comprises the following steps:
111) meeting organizer logs in " my Nanjing " platform by client, creates Meeting Signature service, generates Meeting Signature Quick Response Code.
121) meeting organizer prints voluntarily or downloads Meeting Signature Quick Response Code.
131) participant uses terminal landing " my Nanjing " platform, uses the Meeting Signature Quick Response Code that scan function scanning meeting organizer shows.
141) participant upgrade oneself the user profile such as name, work unit in Meeting Signature Quick Response Code.
151) " my Nanjing " platform carries out digital signature to the information of participant and adds a cover timestamp.
161) " my Nanjing " platform carries out authentication to the information of participant, is verified rear display user's information.
171) meeting organizer can check or print by " my Nanjing " platform by participant's information of checking.
As shown in Figure 2, describe participant in initiative recognition mode and complete Meeting Signature by " my Nanjing " platform: participant logs in " my Nanjing " platform also applies for Quick Response Code, the personal information of participant and signing messages are carried out before numeral and are added a cover timestamp by " my Nanjing " platform, and by the Quick Response Code of digital signature information and timestamp information in the lump generating identification participant unique identities, meeting organizer scans the Quick Response Code of participant, " my Nanjing " platform is also verified participant's information, be verified rear meeting organizer and check participant's information by " my Nanjing " platform, and participant's information can be derived.
Specifically, Meeting Signature initiative recognition comprises the following steps::
211) participant logs in " my Nanjing " platform by client, application Quick Response Code.
221) " my Nanjing " platform carries out digital signature to the information of participant and adds a cover timestamp, and by the Quick Response Code of user profile, signing messages and timestamp information in the lump generating identification participant unique identities.
231) participant prints or downloads the Quick Response Code of its application voluntarily.
241) meeting organizer logs in " my Nanjing " platform by client, uses scan function scanning participant Quick Response Code.
251) " my Nanjing " platform carries out authentication to the Quick Response Code of participant, is verified rear display user's information.
261) meeting organizer can check or print by " my Nanjing " platform by participant's information of checking.
2, entrance guard management
Passive discerning:
112) entrance guard management person is by entrance guard management platform, creates entrance guard management service, generates entrance guard management Quick Response Code.
122) owner prints voluntarily or downloads entrance guard management Quick Response Code.
132) owner uses the scan function of entrance guard management terminal to scan the entrance guard management Quick Response Code having printed or downloaded.
142) owner upgrade oneself the user profile such as name, room number in entrance guard management Quick Response Code.
152) entrance guard management platform carries out digital signature to the information of owner and adds a cover timestamp.
162) entrance guard management platform carries out authentication to the information of owner, is verified rear display user's information.
172) entrance guard management platform stored user information, door control terminal controls to open gate inhibition.
Initiative recognition comprises the following steps::
212) owner is by entrance guard management platform, application Quick Response Code.
222) entrance guard management platform carries out digital signature to the information of owner and adds a cover timestamp, and by the Quick Response Code of user profile, signing messages and timestamp information in the lump generating identification owner unique identities.
232) owner prints or downloads the Quick Response Code of its application voluntarily.
242) entrance guard management person uses the scan function scanning owner Quick Response Code of entrance guard management terminal.
252) entrance guard management platform carries out authentication to the Quick Response Code of owner, is verified rear display user's information.
262) entrance guard management platform stored user information, door control terminal controls to open gate inhibition.
3, payment function
Passive discerning:
112) businessman is by payment platform, creates payment services, generates the payment Quick Response Code containing payment information.
122) consumer prints, downloads or scans payment Quick Response Code voluntarily.
132) consumer upgrade oneself the information such as name, account, password in payment Quick Response Code.
142) payment platform carries out digital signature to the information of owner and adds a cover timestamp.
152) payment platform carries out authentication to the information of consumer, is verified rear display user's information.
162) payment platform stored user information, and complete payment.
Initiative recognition comprises the following steps::
212) consumer is by payment platform, application Quick Response Code.
222) payment platform carries out digital signature to the information of consumer and adds a cover timestamp, and by the Quick Response Code of user profile, signing messages and timestamp information in the lump generating identification consumer unique identities.
232) consumer print voluntarily, person download or scan its application Quick Response Code.
242) businessman uses the scan function scanning consumer Quick Response Code of payment platform terminal, or Quick Response Code is uploaded to payment platform by consumer.
252) payment platform carries out authentication to the Quick Response Code of consumer, is verified rear display user's information.
262) payment platform stored user information, and complete payment.
Embody rule approach of the present invention is a lot, and the above is only the preferred embodiment of the present invention, should be understood that; for those skilled in the art; under the premise without departing from the principles of the invention, can also make some improvement, these improvement also should be considered as protection scope of the present invention.