Invention content
Active demand for the protection of block chain private key for user and the deficiencies in the prior art, in order to solve the institute of private key for userIt has the right to belong to proof problem and security protection problem, the present invention provides a kind of safety protecting methods of block chain private key for user.One-way and randomness diffusion property of the method for the present invention based on Hash functions, utilize the hash value and use of the biological characteristic of userThe hash value for the hash value XOR operation value that the registered permanent residence enables is as private key.For not knowing that the hacker of biological characteristic and user password comesIt says, even if which give private key, a biological characteristic and password can not be found and obtain same private key, thus can be lifeThe proof that object feature and password belong to as private key, that is, in the case where private key is stolen, the biology for generating private key can be utilized specialThe proof that password of seeking peace belongs to as private key can utilize biological characteristic and password to restore again in the case where private key is lostPrivate key, it is to realize the safeguard protection of private key for user, i.e., anti-lost also to prevent being stolen.
A kind of safety protecting method of block chain private key for user of the present invention, including private key production method and security protection sideMethod, wherein private key production method includes but not limited to:Using the hash value of a security parameter as private key for user;Safety is anti-Maintaining method includes but not limited to:(1)When user account logs in and initiates transaction, communication terminal that system is registered to user in real timeReminder message is sent, when user has found account by illegal operation, it is out of control that user broadcasts its private key in block chain network in timeAlert message(Broadcast private key and public key out of control)And initiate all transaction unconfirmed for freezing to be signed by the private key, instituteIt is all illegal transaction corresponding trading processing unconfirmed to have node;(2)When there is dispute in the right of attribution of some private key, ifOne user can show a parameter within the time of restriction and be striven by the hash value of other node verification parameters and presenceThe private key of view is completely the same, then the user is considered as the lawful owner of the private key;(3)Lawful owner's weight of the private keyNew private key is newly generated, submission is transferred to whole digital assets in account corresponding to dispute private key in new private key accountTransaction, and show the hash value of the hash value and user password for generating the biological characteristic that there is dispute private key, ifThe hash value of the XOR operation value of the hash value of the biological characteristic and the hash value of user password and the private key that there is dispute are completeComplete consistent, then account private key change is recognized.
Further, hash value used by the method for the present invention includes using standard hash algorithm and anti-quantum calculationThe output result that hash algorithm obtains.
Further, security parameter used by the method for the present invention include but not limited to user biological feature hash value withThe XOR operation value of the hash value of user password.
Further, user biological feature used by the method for the present invention includes but not limited to fingerprint characteristic, facial characteristicsAnd iris feature.
Further, the private key in the method for the present invention includes but not limited to the ECC of 256 bits, 384 bits and 512 bitsAlgorithm(Including signature algorithm and Encryption Algorithm)Private key.
Compared with prior art, a kind of safety protecting method of block chain private key for user of the invention has following notable woundNew property:The present invention is using the randomness diffusion of hash algorithm and irreversible feature, the security parameter that can be controlled using userHash value as private key, rationally introduce customer parameter under the premise of meeting private key randomness and requiring, can effectively solve privateThe ownership proof problem of key and private key give problem for change, to realize the safeguard protection of private key for user, i.e., it is anti-lost also prevent it is stolenIt takes.The present invention can be widely applied to use application system of the random number as private key, especially have in block chain networkGood application prospect.
Specific implementation mode
To keep technical scheme of the present invention and advantage clearer, as the part of the present invention, below in conjunction with attached drawing andSpecific embodiment, the present invention is described in further detail.
The present invention is suitable for the situation of all private keys using random number as asymmetric cryptographic algorithm, and the present invention is not specificLimit the method that corresponding public key generates(For example, the public key production method spec256k1 of bit coin may be used).
Hash value used in the present invention includes using standard hash algorithm(Such as MD5, SHA_1, SHA_256 etc.)WithThe hash algorithm of anti-quantum calculation(Such as anti-quantum standard algorithm)Obtained output result.It is multiple used in the present inventionHash value may be used the same hash algorithm and generate, and multiple hash algorithms can also be used to generate.
Under normal conditions, block chain user node randomly generates a random number as private key, and still, which does not haveUser characteristics.After private key is stolen, user does not have effective means to control risk;After private key is lost, user also has no idea to give for change.The present invention utilizes the Hash for the security parameter that user can control using the randomness diffusion of hash algorithm and irreversible featureBe worth the ownership proof and private key that private key can be effectively solved the problems, such as private key gives problem for change, to realize private key for userSafeguard protection, i.e., it is anti-lost also to prevent being stolen.
As a preferred embodiment, private key production method of the invention is as shown in Figure 1, the embodiment is used to generateThe private key of the ECC algorithm of 256 bits, wherein using fingerprint characteristic and password as customer parameter, using user fingerprints featureThe hash value of the XOR operation value of the hash value of hash value and user password is as private key, that is, note user fingerprints are characterized as C, mouthEnable is P, then, private key SK=SHA_256 (SHA_256 (C) ⊕ SHA_256 (P)), wherein ⊕ indicates XOR operation.User adoptsBlock chain account is logged in private key SK to be stolen by hacker to reduce fingerprint characteristic and password without the use of fingerprint characteristic and passwordRisk.
It when practical application, needs to increase corresponding security mechanism in block catenary system, that is, user account is logged in and initiatedWhen transaction, communication equipment that system is registered to user in real time(Such as mobile phone)Reminder message is sent, when user has found account quiltWhen illegal operation, user may be used account out of control or other accounts and broadcast the police out of control of its private key in block chain network in timeReport message(Wherein, alert message includes the public key and private key of user)And it is all unconfirmed to initiate to freeze to be signed by the private keyTransaction, all nodes are all illegal transaction corresponding trading processing unconfirmed(That is, not handling the illegal transaction, accounting nodesAll illegal transactions are rejected from trading pit);It is possible thereby to be lost caused by reducing the stolen possibility of private key for user;Then, areaBlock catenary system starts the arbitration of the private key right of attribution, that is, if a user can show a parameter and quilt within the time of restrictionThe hash value of other node verification parameters is completely the same with the private key that there is dispute, then the user is considered as the conjunction of the private keyMethod owner;Obviously, the user for stealing SK can not show the security parameter for generating SK, and the lawful owner of the private key can be suitableProfit shows SHA_256 (C) ⊕ SHA_256 (P) and SK, to solve the problems, such as that the right of attribution of private key proves;Finally, the private keyLawful owner regenerate new private key, submission is transferred to whole digital assets in account corresponding to dispute private key newlyPrivate key account in transaction, and show for generate it is described exist dispute private key fingerprint characteristic hash value SHA_256(C) with the hash value SHA_256 of user password (P), if the hash value SHA_256 (C) of the fingerprint characteristic and using the registered permanent residenceThe hash value of the XOR operation value of the hash value SHA_256 (P) of order and the private key that there is dispute are completely the same, then account private keyChange and corresponding money transfer transactions are recognized.To realize the security protection to private key for user account.
When private key for user is lost, user can utilize the hash value SHA_256 (C) and user password of fingerprint characteristicHash value SHA_256 (P) restores private key.Certainly, in order to realize that better safeguard protection, user password and private key should be isolatedStorage protection.
In order to realize higher algorithm security, the private key of the ECC algorithm of 384 bits and 512 bits can also be used.
It should be noted that the method for the present invention can be widely applied to the generation of private key, it is not limited solely to use for block chainThe generation of family private key.
Embodiments described above is only a part of the embodiment of the present invention, instead of all the embodiments.This fieldOther direct embodiments for using the method for the present invention that those of ordinary skill is obtained under the premise of not making creative work, allBelong to the scope of protection of the invention.