Disclosure of Invention
The embodiment of the application provides a tamper-proof processing method, terminal equipment and storage medium for electronic documents after decryption, and aims to solve the technical problem that the existing electronic contract documents have the hidden danger of being tampered after decryption.
In a first aspect, an embodiment of the present application provides a tamper-proof processing method after decryption of an electronic document, which is applied to a server, where the method includes:
Creating key information of the electronic contract;
acquiring an original rendering layer of the electronic contract;
Determining a payload from the original rendered layer;
Determining hidden plaques of the original rendered layer from the payload based on the key information;
generating target abstract information of the electronic contract according to the key information;
Writing the target abstract information into the hidden image spots so as to convert the original rendering image layer into a target contract image;
and encrypting the target contract picture through the secret key information to generate a target electronic contract.
In a first possible implementation manner of the first aspect, the key information includes public and private key information and key data;
the determining hidden plaques of the original rendered layer from the payload based on the key information includes:
Determining hidden patches of the original rendered layer from the payload based on the key data;
The generating the target abstract information of the electronic contract according to the secret key information comprises the following steps:
generating target abstract information of the electronic contract according to the key data;
Encrypting the target contract picture through the secret key information to generate a target electronic contract, wherein the method comprises the following steps:
And encrypting the target contract picture through the public and private key information to generate a target electronic contract.
In a first possible implementation manner of the first aspect, the determining a payload from the original rendering layer includes:
Inputting the original rendering layer into an artificial intelligent model, and determining a contract type corresponding to the original rendering layer;
Determining a payload from the original rendered layer according to the contract type;
and acquiring a payload space unit corresponding to the payload.
In a first possible implementation manner of the first aspect, the determining, based on the key data, the hidden image spot of the original rendered image layer from the payload includes:
Importing the key data into the artificial intelligent model, determining a hidden spot address space from the payload space unit according to the byte size of the key data by the artificial intelligent model, and determining hidden spots corresponding to the hidden spot address space from the payload;
the writing the target abstract information into the hidden image spots comprises the following steps:
And writing the target abstract information into the hidden spot address space.
In a first possible implementation manner of the first aspect, the determining a payload from the original rendering layer according to the contract type includes:
Determining pixel data in a low-recognition area in the original rendering layer according to the contract type;
And acquiring pixel data with gray gradation from the pixel data in the low identification area, and taking target pixel data with gray gradation error meeting a preset error threshold in the low identification area as a payload.
In a first possible implementation manner of the first aspect, before the creating the key information of the electronic contract, the method further includes:
Acquiring first identity information and second identity information, wherein the first identity information is the identity information of a first signing party of the electronic contract, and the second identity information is the identity information of a second signing party of the electronic contract;
And respectively carrying out identity authentication on the first identity information and the second identity information, and executing the step of creating the key information of the electronic contract if the first identity information and the second identity information pass verification.
In a first possible implementation manner of the first aspect, the encrypting the target contract picture through the public-private key information to generate a target electronic contract includes:
Encrypting the target contract picture through the public and private key information to obtain an encryption result;
generating a digital timestamp;
and generating a target electronic contract based on the encryption result and the digital timestamp.
The first aspect of the application has the beneficial effects that: determining a payload in an original rendered layer of the electronic contract; and determining hidden image spots from the effective load based on key information of the electronic contract, generating target abstract information according to the key information of the electronic contract, and writing the target abstract information into the hidden image spots so as to convert the original rendering image layer into a target contract image, thereby generating an electronic document which is safer and not easy to tamper after decryption, and providing more powerful guarantee for electronic contract security of users.
In a second aspect, an embodiment of the present application provides a tamper-proof processing method after decryption of an electronic document, which is applied to a user terminal, where the method includes:
acquiring a target electronic contract;
Obtaining a target contract picture of the target electronic contract according to a preset decryption mode;
Performing reverse analysis on the target contract picture to obtain an original rendering layer and summary information to be detected;
And comparing the summary information to be detected with the target summary information of the target electronic contract, and checking whether the target electronic contract is tampered or not according to a comparison result.
The second aspect of the application has the advantages that: performing reverse analysis on the target contract picture after the electronic contract is decrypted to obtain an original rendering layer and summary information to be detected of the electronic contract; and comparing the summary information to be detected with the target summary information of the target electronic contract, and checking whether the target electronic contract is tampered according to a comparison result, so that a user can successfully check the authenticity and the validity of the electronic contract after decryption.
In a third aspect, the invention also proposes a terminal device comprising a memory, a processor and a computer program stored in the memory and executable on the processor;
When the terminal equipment is a server, the processor executes the computer program to realize the tamper-proof processing method after the electronic document in the first aspect is decrypted;
When the terminal equipment is a user, the processor executes the computer program to realize the tamper-proof processing method after the electronic document is decrypted.
In a fourth aspect, the present invention further proposes a storage medium, which is a computer-readable storage medium storing a computer program that, when executed by a processor, implements the tamper-proof processing method after decryption of an electronic document according to any one of the above.
It will be appreciated that the advantages of the third or fourth aspect may be found in the relevant description of the first or second aspect, and are not described here again.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as the particular system architecture, techniques, etc., in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It should be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in the present description and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
Furthermore, the terms "first," "second," "third," and the like in the description of the present specification and in the appended claims, are used for distinguishing between descriptions and not necessarily for indicating or implying a relative importance.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
An embodiment of the present application provides a terminal device, as shown in fig. 1, and fig. 1 is a schematic structural diagram of the terminal device according to an embodiment of the present application. The terminal device 1 of this embodiment includes: at least one processor 10 (only one is shown in fig. 1), a processor 10, a memory 11 and a computer program 12 stored in the memory 11 and executable on the at least one processor 10, the processor 10 implementing the steps in an embodiment of a tamper-resistant processing method after decryption of an electronic document when the computer program 12 is executed.
The terminal device 1 may be a server of an electronic subscription cloud platform of a compliance method, or may be a user terminal corresponding to the electronic subscription cloud platform of the compliance method.
It will be appreciated by those skilled in the art that fig. 1 is merely an example of a terminal device 1 and does not constitute a limitation of the terminal device 1, and may include more or fewer components than shown, or may combine certain components, or different components.
The Processor 10 may be a central processing unit (Central Processing Unit, CPU), the Processor 10 may also be other general purpose processors, digital signal processors (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), off-the-shelf Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 11 may in some embodiments be an internal storage unit of the terminal device 1, such as a hard disk or a memory of the terminal device 1. The memory 11 may in other embodiments also be an external storage device of the terminal device 1, such as a plug-in hard disk provided on the terminal device 1, a smart memory card (SMART MEDIA CARD, SMC), a Secure Digital (SD) card, a flash memory card (FLASH CARD) or the like. Further, the memory 11 may also include both an internal storage unit and an external storage device of the terminal device 1. The memory 11 is used for storing an operating system, application programs, boot loader (BootLoader), data, other programs etc., such as program codes of the computer program etc. The memory 11 may also be used for temporarily storing data that has been output or is to be output.
It can be understood that at present, the electronic contract cannot be verified in real effectiveness on the premise of decryption, namely, after the user captures a picture of the electronic contract or converts the electronic contract file into a picture file, the electronic contract cannot be verified in real effectiveness, so that verification of the electronic contract after decryption is a difficult problem.
In order to solve the above technical problems, in a first aspect, the present application proposes an embodiment of a tamper-proof processing method applied to a server side after an electronic document is decrypted, and fig. 2 is a schematic flow chart illustrating a first embodiment of the tamper-proof processing method provided by the present application, which is used as an example, but not a limitation, in the present embodiment, that is, an execution body of the tamper-proof processing method is a server after the electronic document is decrypted; the server can be a server of an electronic subscription cloud platform of a compliance method, and the tamper-proof processing method after the electronic document is decrypted mainly comprises the following steps:
Step S01, creating key information of the electronic contract;
It can be understood that when the identification card is confirmed in the process of creating the electronic contract, random data is generated to generate corresponding public and private key information; namely, the secret key information comprises public and private key information and key data;
The public and private key information is used for encrypting and decrypting the electronic contract file, for example, a sender (of the electronic contract) encrypts the electronic contract by using a public key, a receiver (of the electronic contract) decrypts the electronic contract by using a private key, or the sender (of the electronic contract) encrypts the electronic contract by using a private key, and the receiver (of the electronic contract) decrypts the electronic contract by using a public key;
The embodiment introduces an artificial intelligent model to process the electronic contract; accordingly, the key data characterizes tags of entries of the artificial intelligence classifier corresponding algorithm, which may include convolutional neural network models, with image classification functions (image feature representations and relationships that may be used to classify electronic contract document images by learning electronic contract document images), image recognition functions (semantic representations that may be used to identify literal pixel data in electronic contract document images by learning electronic contract document images), and image generation functions (that may be used to generate images, such as generating countermeasure networks, etc.).
In a specific implementation, the embodiment may acquire first identity information and second identity information, where the first identity information is identity information of a first signing party of the electronic contract (may be a sender of the electronic contract), and the second identity information is identity information of a second signing party of the electronic contract (may be a receiver of the electronic contract); and respectively carrying out identity authentication on the first identity information and the second identity information, if the first identity information and the second identity information pass verification, the real-name verification of both sides of the electronic contract is successful, and then the step of creating the key information of the electronic contract is executed.
Step S02, an original rendering layer of the electronic contract is obtained;
it will be appreciated that the original rendering layer, the image presentation layer in the electronic contract document, remains substantially the same although the format of the electronic contract document has a number of different categories.
Step S03, determining a payload from the original rendering layer;
It will be appreciated that three sub-pixels (red, green and blue) for each pixel in a 24-bit bitmap are each represented using 8 bits:
For example, only blue is considered, i.e. there are 2 different values to represent blue with different shades. And blue colors represented by the two values 11111111 and 11111110 are almost indistinguishable to the human eye. Thus, this least significant bit can be used to store information other than color, and is somewhat undetectable. If the same is done for red and green, one byte of information can be stored in more or less three pixels. Further, the above-described operations may characterize steganographic information as being difficult to detect, i.e. to ensure that the modulation of the "carrier" (i.e. the original signal) by the "payload" (the signal that needs to be concealed) has almost negligible visual error in the effect on the carrier.
In a specific embodiment, the server performs "input the original rendering layer to the artificial intelligence model, and determines a contract type corresponding to the original rendering layer; determining a payload from the original rendered layer according to the contract type; a step of acquiring a payload space unit corresponding to the payload:
It can be appreciated that there are differences in document typesetting for different types of electronic contracts: for example, different contract types, fonts, arrangement formats, colors, line spaces, signature areas and stamping areas can be distinguished, so that the difficulty of the effective load is influenced, and whether the camouflage space size is enough or not is influenced; the server determines the payload from the original rendered layer according to the contract type of the currently processed electronic contract:
In a specific embodiment, the server may pre-deploy an artificial intelligence model, where the artificial intelligence model learns and trains documents of various electronic contracts, so that the artificial intelligence model has a function of identifying and classifying an original rendering layer of the electronic contract to be processed currently. Specifically, an artificial intelligence model determines pixel data in a low-recognition region in the original rendered layer according to the contract type; and acquiring pixel data with gray gradation from the pixel data in the low identification area, and taking target pixel data with gray gradation error meeting a preset error threshold in the low identification area as a payload. It can be understood that the above-mentioned low recognition area may be a pixel data area except for a signature and/or a official seal in the electronic contract image, and because the signature area and the official seal area belong to a pixel data area with higher recognition in the electronic contract, when the artificial intelligence model learns and trains documents of various electronic contracts in advance, the pixel data areas with higher recognition are hidden, so that the artificial intelligence model can pay attention to some low recognition areas in the electronic contract, as shown in fig. 3, the contract header area in the drawing can be regarded as a low recognition area, and as can be seen from the contract header in fig. 3, the edge area of the pixel data corresponding to the amplified "contract" two words has a gray gradient condition, the pixel data of gray gradient is obtained from the pixel data in the low recognition area, the pixel data of gray gradient is compared with a preset error threshold, and if the obtained gray gradient error meets the preset error threshold, the target pixel data corresponding to the preset error threshold is regarded as a payload.
It will be appreciated that referring to fig. 4, the rendering layer is effectively probed to find the "payload position" and the size of the "payload space", fig. 4 is an RGB sub-pixel arrangement display (upper diagram of fig. 4) including a standard rendering layer, and each three RGB sub-pixels form a pixel unit, and the visual display effect of the actual rendering layer is shown in the lower diagram of fig. 4. The sub-pixel R in fig. 4 is adjusted to a value 254 by a value 255 for the sub-pixel R and B, so as to obtain a rendering diagram display effect as shown in fig. 5, no change is perceived from the naked eye with the visual display effect of the rendering diagram layer in fig. 4, the sub-pixel R in fig. 5 is continuously adjusted to a value 248, and the sub-pixel R in fig. 5 and B are adjusted to a value 245 by a value 254 for the sub-pixel R in fig. 5, so as to obtain a rendering diagram display effect as shown in fig. 6, the rendering diagram display effect in fig. 5 and 6 can be seen to be obviously graded by the naked eye when the limiting value is 245, if the preset error threshold is set to 245, the reserved bits are 255-245=10 bits, and for the convenience of calculation, the embodiment uses 8 bits of the reduced bits as one byte, and then the two spaces are two byte sizes.
Step S04, determining hidden image spots of the original rendering image layer from the effective load based on the secret key information;
in a specific implementation, the server determines hidden plaques of the original rendered layer from the payload based on the key data;
Specifically, the key data is imported into the artificial intelligent model, a hidden spot address space is determined from the payload space unit according to the byte size of the key data by the artificial intelligent model, and hidden spots corresponding to the hidden spot address space are determined from the payload;
In a specific implementation, the hash algorithm of the electronic contract of the present embodiment may use SHA256 algorithm or SM3 algorithm, where the digest length generated by each SHA256 algorithm or SM3 algorithm is 256 bits, and if the digest length is not compressed and stored, 256 bytes are needed, and if the hash algorithm is converted into "payload space units", 128 hash algorithms are needed, and a single-page contract shown in fig. 3 is used as an example: assuming that the single page of fig. 3 has 269 pixel units in the width direction and 484 pixel units in the height direction, wherein the "payload space" is 269 x 484 = 130196, the effective bits 72%, i.e. 93741 "payload space units", are stored as a set of hashes according to 128 units, and it is expected that 93741/128 = 732 hashes can be stored, for these 732 units we will refer to as a rendering layer structure class, based on which the hidden patches of the original rendering layer are determined.
Step S05, generating target abstract information of the electronic contract according to the key information;
In a specific implementation, the target digest information of the electronic contract is generated from the key data, in particular, the target digest information is generated from the electronic contract (file) based on the key data and by a hash function (agreed upon by the first signer and the second signer).
Step S06, writing the target abstract information into the hidden image spots to convert the original rendering image layer into a target contract image;
Specifically, writing the target abstract information into the hidden spot address space;
It will be appreciated that, for the original rendering layer of the electronic contract, setting the pixel value corresponding to the target digest information, determining the binary message of the target digest information (to be hidden), the artificial intelligence model will pay most attention to finding the pixel address (i.e. the hidden patch address space) where the digest data can be inserted from (the payload space unit), and this pixel where the target digest information can be inserted is called a hidden patch, for use in steganographically writing the target digest information into the original rendering layer.
Step S07, encrypting the target contract picture through the key information to generate a target electronic contract.
Specifically, encrypting the target contract picture through the public and private key information to generate a target electronic contract; to further ensure security, a digital timestamp may also be generated for the target contract picture, and a target electronic contract may be generated based on the encryption result and the digital timestamp.
The present embodiment determines the payload in the original rendered layer of the electronic contract; and determining hidden image spots from the effective load based on key information, and writing target abstract information of the electronic contract into the hidden image spots so as to convert the original rendering image layer into a target contract image, thereby generating an electronic document which is safer and not easy to tamper after decryption, and providing more powerful guarantee for the electronic contract safety of a user.
In the second aspect, if a user adopts a screenshot on an electronic contract document or converts a document into a picture document, the authenticity of the electronic contract document (i.e. decryption verification of an electronic contract) cannot be verified, so that the decryption contract verification is a difficult problem, and in order to solve the above technical problems, an embodiment of the present application provides a tamper-proof processing method applied to a user terminal side after decryption of an electronic document, where the method mainly includes the following steps:
Step S10, acquiring a target electronic contract;
it should be noted that, the execution body of the embodiment is a user terminal, where the user terminal may be a user terminal used by the first signing party or the second signing party of the target electronic contract, and a user of the first signing party or the second signing party may log in an account number of the electronic signing cloud platform to download the target electronic contract and store the target electronic contract to the user terminal;
Step S20, obtaining a target contract picture of the target electronic contract according to a preset decryption mode;
The preset decryption mode may be that a user performs screenshot on the target electronic contract, or converts the target electronic contract into a picture file to implement decryption, so as to obtain a target contract picture of the target electronic contract.
S30, carrying out reverse analysis on the target contract picture to obtain an original rendering layer and summary information to be detected;
in the embodiment, an artificial intelligent model with the same function as the artificial intelligent model deployed on the server side in the embodiment is introduced to perform reverse analysis on the target contract picture, so as to obtain an original rendering layer; stripping the abstract information to be detected in the obtained original rendering layer;
And S40, comparing the summary information to be detected with the target summary information of the target electronic contract, and checking whether the target electronic contract is tampered or not according to a comparison result.
The embodiment of the second aspect of the application has the beneficial effects that: a user signing the electronic contract can reversely analyze the target contract picture after the target electronic contract is decrypted to obtain an original rendering layer and summary information to be detected of the electronic contract; and comparing the summary information to be detected with the target summary information of the target electronic contract, and checking whether the target electronic contract is tampered according to a comparison result, so that a user can successfully check the authenticity and the validity of the electronic document contract after decryption. The technical problem that the authenticity and the validity of the electronic document contract cannot be checked on the premise of decryption of the existing electronic contract is solved, and effective guarantee is further provided for the electronic contract safety of users.
Furthermore, embodiments of the present application provide a computer readable storage medium storing a computer program which, when executed by a processor, implements steps for implementing the various method embodiments described above.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the present application may implement all or part of the flow of the method of the above embodiments, and may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing device/terminal apparatus, recording medium, computer Memory, read-Only Memory (ROM), random access Memory (RAM, random Access Memory), electrical carrier signals, telecommunications signals, and software distribution media. Such as a U-disk, removable hard disk, magnetic or optical disk, etc. In some jurisdictions, computer readable media may not be electrical carrier signals and telecommunications signals in accordance with legislation and patent practice.
In the foregoing embodiments, the descriptions of the embodiments are emphasized, and in part, not described or illustrated in any particular embodiment, reference is made to the related descriptions of other embodiments.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/network device and method may be implemented in other manners. For example, the apparatus/network device embodiments described above are merely illustrative, e.g., the division of the modules or units is merely a logical functional division, and there may be additional divisions in actual implementation, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted, or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection via interfaces, devices or units, which may be in electrical, mechanical or other forms.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
The above embodiments are only for illustrating the technical solution of the present application, and not for limiting the same; although the application has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present application, and are intended to be included in the scope of the present application.