[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN112215591A - Distributed encryption management method, device and system for encryption currency wallet - Google Patents

Distributed encryption management method, device and system for encryption currency wallet Download PDF

Info

Publication number
CN112215591A
CN112215591A CN202011209121.9A CN202011209121A CN112215591A CN 112215591 A CN112215591 A CN 112215591A CN 202011209121 A CN202011209121 A CN 202011209121A CN 112215591 A CN112215591 A CN 112215591A
Authority
CN
China
Prior art keywords
user
private key
wallet
kms
node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011209121.9A
Other languages
Chinese (zh)
Other versions
CN112215591B (en
Inventor
杨洋
苗辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baishanyun Technology Co ltd
Original Assignee
Beijing Baishanyun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baishanyun Technology Co ltd filed Critical Beijing Baishanyun Technology Co ltd
Priority to CN202011209121.9A priority Critical patent/CN112215591B/en
Publication of CN112215591A publication Critical patent/CN112215591A/en
Application granted granted Critical
Publication of CN112215591B publication Critical patent/CN112215591B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • G06Q20/065Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a distributed encryption management method, a device and a system for an encryption currency wallet, wherein the method comprises the following steps: any KMS node obtains a private key of a user's cryptocurrency wallet, and synchronizes the private key of the user's cryptocurrency wallet to at least one other KMS node; any KMS node receives a user's cryptocurrency wallet transaction signature request, inquires whether a private key of the user's cryptocurrency wallet is stored, and processes the cryptocurrency wallet transaction signature request by using the private key when the private key of the user's cryptocurrency wallet is stored. The method improves the use experience of the user by adopting a KMS node distribution setting mode, and solves the trust problem between the user and the service provider by adding hardware components and other measures on the basis of the traditional cloud KMS.

Description

Distributed encryption management method, device and system for encryption currency wallet
Technical Field
The invention relates to the technical field of internet, in particular to a distributed encryption management method, a distributed encryption management device and a distributed encryption management system for an encryption currency wallet.
Background
Cryptocurrency (crypto currency), a digital currency system based on cryptography, is widely used in decentralized environments. The most typical and widely used cryptocurrency is the bitcoin. In all cryptocurrencies, including bitcoins, the most critical is the use of the key. Typically, cryptocurrency creates a pair of keys for a wallet account, the public part is called a public key, namely, a transfer address of the cryptocurrency, the private part is called a private key, and only the private key can realize the declaration of ownership of the cryptocurrency, thereby realizing the control of the cryptocurrency. Therefore, the private key is the most critical part in the whole cryptocurrency system, and the loss of the private key can cause the cryptocurrency in the wallet to be illegally controlled, or the owner loses control over the cryptocurrency wallet and can never find back the cryptocurrency wallet. Such events emerge endlessly.
The current methods for keeping the private key of the account by the encrypted money wallet roughly have three types, and the three types have different problems and disadvantages.
First, software save
This is the most common and the simplest approach. The main idea is that the private key is encrypted and then stored in a disk (or other fixed storage media), and the user needs to set a password (or other similar authentication means) to unlock the private key. The security of the mode is poor, and an attacker can directly attack the software to steal the private key.
Hardware wallet
The method is to use the external HSM equipment, store the private key in the external storage equipment, and connect with a PC or other mobile equipment when the private key needs to be used, so as to use the private key. This approach is very secure, but has the problem that the external device is easily lost, and once the device is lost, the user loses control over the cryptocurrency in the wallet, resulting in economic loss.
Third, cloud KMS (Key Management System) system
The cloud KMS is a KMS system on the cloud proposed by a public cloud manufacturer, and is used for storing a key of a user, and a general KMS system provides a remote-invoked cryptography function, for example, after data to be processed is sent to the cloud KMS, the cloud KMS uses a related key for processing, and finally, the processed data is returned. The disadvantage of this method is that there is a trust problem between the user and the cloud manufacturer, and the cloud KMS system is single in distribution and cannot achieve a good user connection experience.
Disclosure of Invention
In order to solve the technical problem, the invention provides a distributed encryption management method, a device and a system for an encryption currency wallet.
The invention provides a distributed encryption management method for an encryption currency wallet, which comprises the following steps:
any KMS node obtains a private key of a user's cryptocurrency wallet, and synchronizes the private key of the user's cryptocurrency wallet to at least one other KMS node;
any KMS node receives a user's cryptocurrency wallet transaction signature request, inquires whether a private key of the user's cryptocurrency wallet is stored, and processes the cryptocurrency wallet transaction signature request by using the private key when the private key of the user's cryptocurrency wallet is stored.
The distributed encryption management method for the encryption currency wallet further has the following characteristics:
the KMS node uses hardware security techniques to disable the service provider from reading the private key of the user's cryptographic currency wallet.
The distributed encryption management method for the encryption currency wallet further has the following characteristics:
the KMS node obtaining the private key of the user's cryptographic currency wallet comprises one of:
firstly, receiving a private key of an encrypted currency wallet of a user from a terminal to which the user belongs;
second, a private key is created for the user that encrypts the money wallet.
The distributed encryption management method for the encryption currency wallet further has the following characteristics:
after the KMS node receives the user's cryptocurrency wallet transaction request, the method further comprises: after inquiring the private key of the encrypted money wallet of the user, inquiring the private key of the encrypted money wallet of the user from other KMS nodes, and processing the encrypted money wallet transaction request by using the inquired private key.
The distributed encryption management method for the encryption currency wallet further has the following characteristics:
the synchronizing the private key of the user's cryptographic currency wallet to at least one other KMS node comprises one of:
synchronizing the private key of the encrypted currency wallet of the user to all other KMS nodes in a first synchronization mode;
a second synchronization mode, namely determining the geographic area to which the KMS node receiving the private key of the encrypted money wallet of the user belongs, and synchronizing the private key of the encrypted money wallet of the user to KMS nodes in other geographic areas with a distance from the geographic area smaller than a preset distance;
and a third synchronization mode, namely determining the level of the KMS node which receives the private key of the encrypted money wallet of the user, and synchronizing the private key of the encrypted money wallet of the user to the KMS node with the same level.
The distributed encryption management method for the encryption currency wallet further has the following characteristics:
querying the user's cryptographic currency wallet private key from another KMS node in the synchronized manner when synchronizing the user's cryptographic currency wallet private key to at least one other KMS node comprises: querying any other node for the private key of the user's cryptocurrency wallet;
when the synchronization mode two is adopted when the private key of the encrypted money wallet of the user is synchronized to at least one other KMS node, querying the private key of the encrypted money wallet of the user from the other KMS node comprises: querying at least one of the other nodes of the adjacent geographic area for a private key of the user's cryptographic currency wallet;
when the synchronization mode is adopted when the private key of the encrypted money wallet of the user is synchronized to at least one other KMS node, querying the private key of the encrypted money wallet of the user from the other KMS node comprises: querying at least one of the KMS nodes at the same level for a private key of the user's cryptographic currency wallet.
The invention provides a distributed encryption management device for an encryption currency wallet, which is applied to a KMS node and comprises the following components:
the acquisition module is used for acquiring a private key of an encrypted currency wallet of a user;
a synchronization module to synchronize a private key of the user's cryptocurrency wallet to at least one other KMS node;
a receiving module for receiving a cryptocurrency wallet transaction signature request of the user;
the inquiry module is used for inquiring whether a private key of the encrypted money wallet of the user is stored;
and the processing module is used for processing the transaction signature request of the encrypted money wallet by using the private key after the inquiry module inquires the private key of the encrypted money wallet stored with the user.
The distributed encryption management device for the encryption currency wallet is further characterized in that:
a security module is also included for disabling a service provider from reading the private key of the user's cryptographic currency wallet using hardware security techniques.
The distributed encryption management device for the encryption currency wallet is further characterized in that:
the obtaining module is further configured to obtain a private key of the user's cryptocurrency wallet using one of the following ways:
firstly, receiving a private key of an encrypted currency wallet of a user from a terminal to which the user belongs;
second, a private key is created for the user that encrypts the money wallet.
The distributed encryption management device for the encryption currency wallet is further characterized in that:
the processing module is further configured to, after the query module queries that the private key of the cryptocurrency wallet of the user is stored, query the private key of the cryptocurrency wallet of the user from other KMS nodes, and process the cryptocurrency wallet transaction request using the queried private key.
The distributed encryption management device for the encryption currency wallet is further characterized in that:
the synchronization module synchronizes a private key of the user's cryptocurrency wallet to at least one other KMS node using one of:
synchronizing the private key of the encrypted currency wallet of the user to all other KMS nodes in a first synchronization mode;
a second synchronization mode, namely determining the geographic area to which the KMS node receiving the private key of the encrypted money wallet of the user belongs, and synchronizing the private key of the encrypted money wallet of the user to KMS nodes in other geographic areas with a distance from the geographic area smaller than a preset distance;
a third synchronization mode, namely determining the level of the KMS node which receives the private key of the encrypted money wallet of the user, and synchronizing the private key of the encrypted money wallet of the user to the KMS node with the same level;
the processing module is further used for inquiring the private key of the encrypted money wallet of the user from any other node when the synchronization module uses the synchronization mode one; when the synchronization module uses a synchronization mode two, inquiring at least one of other nodes in adjacent geographic areas about the private key of the user's cryptocurrency wallet; querying at least one of the KMS nodes at the same level for a private key of the user's cryptographic currency wallet when the synchronization module uses synchronization mode three.
The distributed encryption management system for the encryption currency wallet comprises a plurality of KMS nodes, and each KMS node comprises the device.
The invention provides a distributed cloud KMS system, which improves the use experience of a user by using a KMS node distribution setting mode, and solves the trust problem between the user and a service provider by adding measures such as hardware components and the like on the basis of the traditional cloud KMS.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate an embodiment of the invention and, together with the description, serve to explain the invention and not to limit the invention. In the drawings:
FIG. 1 is a block diagram of a distributed KMS node system in an embodiment;
FIG. 2 is a flow diagram of a distributed encryption management method for an encryption currency wallet in an embodiment;
fig. 3 is a block diagram of a distributed encryption management apparatus for an encryption money wallet in the embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention. It should be noted that the embodiments and features of the embodiments in the present application may be arbitrarily combined with each other without conflict.
As shown in fig. 1, a plurality of KMS nodes are provided in the present invention to form a distributed KMS node system, and the KMS nodes communicate with various types of terminals.
As shown in fig. 2, the distributed encryption management method for an encryption money wallet includes:
step 201, the KMS node obtains a private key of the encrypted money wallet of the user, and synchronizes the private key of the encrypted money wallet of the user to at least one other KMS node;
in step 202, the KMS node receives the user's cryptocurrency wallet transaction signature request, inquires whether the private key of the user's cryptocurrency wallet is stored, and processes the cryptocurrency wallet transaction signature request using the private key when the private key of the user's cryptocurrency wallet is stored.
In the method, the KMS node uses a hardware security technology to enable a service provider not to read a private key of an encryption currency wallet of a user, and particularly, the KMS is constructed by adopting an SGX technology based on Intel. The terminal to which the encryption currency wallet belongs communicates with the KMS node by using a KMIP Protocol, and the KMIP Protocol can greatly reduce the universality problem of the encryption currency wallet.
In step 101, the KMS node obtaining the private key of the user's cryptocurrency wallet comprises one of the following:
receiving a private key of an encrypted money wallet of a user from a terminal to which the user belongs; for example, a user generates a public key and private key pair by using a cryptocurrency wallet at a mobile terminal (PC, mobile phone, tablet, etc.), and the user transmits the generated private key to a cloud KMS node through a KMIP protocol by using a 'remote private key uploading' function in the local cryptocurrency wallet.
Second, a private key is created for the user that encrypts the money wallet. For example, a mobile terminal connects to a KMS node for authentication related to a cryptographic money wallet, the mobile terminal initiates a request to create a private key and a public key for a user's cryptographic money wallet, and the KMS node generates (e.g., using an elliptic curve algorithm) the public key and the private key of the cryptographic money wallet for the user and sends the public key to the mobile terminal. The method can prevent the problem that the security strength of the key generated by the user locally using the encryption currency wallet is not enough in the first method, so that the key has weak points.
In step 102, after the KMS node receives the encrypted money wallet transaction request from the user, the method further includes: after inquiring the private key of the encrypted money wallet of the user, inquiring the private key of the encrypted money wallet of the user from other KMS nodes, and processing the encrypted money wallet transaction request by using the inquired private key.
Synchronizing the private key of the user's cryptographic currency wallet to at least one other KMS node in step 101 comprises one of:
the first synchronization mode is that the private key of the encrypted currency wallet of the user is synchronized to all other KMS nodes;
a second synchronization mode, namely determining the geographic area to which the KMS node receiving the private key of the encrypted money wallet of the user belongs, and synchronizing the private key of the encrypted money wallet of the user to KMS nodes in other geographic areas with a distance from the geographic area smaller than a preset distance;
and a third synchronization mode, namely determining the level of the KMS node which receives the private key of the encrypted money wallet of the user, and synchronizing the private key of the encrypted money wallet of the user to the KMS node with the same level.
And when key synchronization is carried out between the KMS nodes, a secure channel is adopted for synchronization.
In particular, the method comprises the following steps of,
querying the private key of the user's cryptocurrency wallet from the other KMS node when synchronizing the private key of the user's cryptocurrency wallet to the at least one other KMS node in a synchronized manner, comprises: querying any other node for the private key of the user's cryptocurrency wallet;
when the private key of the encrypted money wallet of the user is synchronized to at least one other KMS node in a synchronization mode II, querying the private key of the encrypted money wallet of the user from the other KMS node comprises the following steps: querying at least one of the nodes of the adjacent geographic area for a private key of the user's cryptographic currency wallet;
when the private key of the encrypted money wallet of the user is synchronized to at least one other KMS node in a synchronization mode III, querying the private key of the encrypted money wallet of the user from the other KMS node comprises: querying at least one of the other nodes at the same level for a private key of the user's cryptographic currency wallet.
As shown in fig. 2, the distributed encryption management apparatus for encrypting a money wallet, applied to a KMS node, includes:
the acquisition module is used for acquiring a private key of an encrypted currency wallet of a user;
a synchronization module to synchronize a private key of the user's cryptocurrency wallet to at least one other KMS node;
a receiving module for receiving a cryptocurrency wallet transaction signature request of the user;
the inquiry module is used for inquiring whether a private key of the encrypted money wallet of the user is stored;
and the processing module is used for processing the transaction signature request of the encrypted money wallet by using the private key after the inquiry module inquires the private key of the encrypted money wallet stored with the user.
Wherein the apparatus further comprises a security module for disabling a service provider from reading the private key of the user's cryptocurrency wallet using hardware security techniques.
An obtaining module further configured to obtain a private key of the user's cryptocurrency wallet using one of the following:
firstly, receiving a private key of an encrypted currency wallet of a user from a terminal to which the user belongs;
second, a private key is created for the user that encrypts the money wallet.
And the processing module is also used for inquiring the private key of the encrypted money wallet of the user from other KMS nodes after the inquiry module inquires and stores the private key of the encrypted money wallet of the user, and processing the encrypted money wallet transaction request by using the inquired private key.
The synchronization module synchronizes a private key of the user's cryptocurrency wallet to at least one other KMS node using one of:
synchronizing the private key of the encrypted currency wallet of the user to all other KMS nodes in a first synchronization mode;
a second synchronization mode, namely determining the geographic area to which the KMS node receiving the private key of the encrypted money wallet of the user belongs, and synchronizing the private key of the encrypted money wallet of the user to KMS nodes in other geographic areas with a distance from the geographic area smaller than a preset distance;
a third synchronization mode, namely determining the level of the KMS node which receives the private key of the encrypted money wallet of the user, and synchronizing the private key of the encrypted money wallet of the user to the KMS node with the same level;
the processing module is also used for inquiring the private key of the encrypted money wallet of the user from any other node when the synchronization module uses a synchronization mode one; when the synchronization module uses a synchronization mode two, inquiring at least one of other nodes in adjacent geographic areas about the private key of the user's cryptocurrency wallet; querying at least one of the KMS nodes at the same level for a private key of the user's cryptographic currency wallet when the synchronization module uses synchronization mode three.
The distributed encryption management system for the encryption currency wallet comprises a plurality of KMS nodes, and each KMS node comprises the device.
The following is a detailed description of specific examples.
Detailed description of the preferred embodiment
The system comprises 100 KMS nodes.
The user A generates a public key and private key pair by using the encryption currency wallet C at the mobile terminal B, and the user sends the generated private key to a first KMS node where the mobile terminal B is located at present by using a 'remote private key uploading' function in the local encryption currency wallet C. The KMS node knows the private key of user a. Or the mobile terminal B is connected with the first KMS node to perform the related authentication with the encrypted money wallet C, the mobile terminal B initiates a request for creating a private key and a public key for the encrypted money wallet C of the user A, the first KMS node generates the public key and the private key of the encrypted money wallet C for the user A by adopting an elliptic curve algorithm, sends the public key to the mobile terminal B, and stores the private key of the user A.
The first KMS node synchronizes the private key of the cryptographic currency wallet C of user a to the other 99 KMS nodes.
The mobile terminal B moves to the coverage of the second KMS node.
The user A operates the encryption currency wallet C on the mobile terminal B and needs to pay a merchant D, the encryption currency wallet C software on the mobile terminal B collects user authentication information (such as passwords, fingerprints and the like), sends a request for signing by using a private key to a second KMS node, the request carries the user authentication information, the second KMS node inquires the mobile terminal B about specific operations to be executed by the encryption currency wallet C after verifying that the user authentication information is successful, the mobile terminal B sends the encrypted currency transaction data of the encryption currency wallet C to the second KMS node and requests to sign the currency data by using the private key, the second KMS node inquires the private key of the encryption currency wallet C stored in the mobile terminal A, signs the transaction data by using the private key, and then returns a signature value to the mobile terminal B.
Detailed description of the invention
The system comprises 100 KMS nodes. The KMS nodes with the highest level have 10 nodes, including a first KMS node and a second KMS node.
The user A generates a public key and private key pair by using the encryption currency wallet C at the mobile terminal B, and the user sends the generated private key to a first KMS node where the mobile terminal B is located at present by using a 'remote private key uploading' function in the local encryption currency wallet C. The KMS node knows the private key of user a. Or the mobile terminal B is connected with the first KMS node to perform the related authentication with the encrypted money wallet C, the mobile terminal B initiates a request for creating a private key and a public key for the encrypted money wallet C of the user A, the first KMS node generates the public key and the private key of the encrypted money wallet C for the user A by adopting an elliptic curve algorithm, sends the public key to the mobile terminal B, and stores the private key of the user A.
The first KMS node synchronizes the private key of the cryptographic money wallet C of user a to the other 9 KMS nodes of the same level.
The mobile terminal B moves to the coverage of the second KMS node.
The user A operates the encryption currency wallet C on the mobile terminal B and needs to pay for a merchant D, the encryption currency wallet C software on the mobile terminal B collects user authentication information (such as passwords, fingerprints and the like), sends a request for signing by using a private key to a second KMS node, the request carries the user authentication information, the second KMS node inquires the mobile terminal B about specific operations to be executed by the encryption currency wallet C after verifying that the user authentication information is successful, the mobile terminal B sends the encrypted currency transaction data of the encryption currency wallet C to the second KMS node and requests to sign the currency data by using the private key thereof, after the second KMS node inquires the private key of the encryption currency wallet C which is not stored with the user A, one of other KMS nodes at the same level inquires the private key of the encryption currency wallet C of the user A and obtains the private key, and after the transaction data is signed by using the private key, a signature value is returned to the mobile terminal B.
The use experience of the user is improved by using a KMS node distribution setting mode, and on the basis of the traditional cloud KMS, the trust problem between the user and the service provider is solved by adding hardware components and other measures.
The above-described aspects may be implemented individually or in various combinations, and such variations are within the scope of the present invention.
It will be understood by those skilled in the art that all or part of the steps of the above methods may be implemented by instructing the relevant hardware through a program, and the program may be stored in a computer readable storage medium, such as a read-only memory, a magnetic or optical disk, and the like. Alternatively, all or part of the steps of the foregoing embodiments may also be implemented by using one or more integrated circuits, and accordingly, each module/unit in the foregoing embodiments may be implemented in the form of hardware, and may also be implemented in the form of a software functional module. The present invention is not limited to any specific form of combination of hardware and software.
It is to be noted that, in this document, the terms "comprises", "comprising" or any other variation thereof are intended to cover a non-exclusive inclusion, so that an article or apparatus including a series of elements includes not only those elements but also other elements not explicitly listed or inherent to such article or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of additional like elements in the article or device comprising the element.
The above embodiments are merely to illustrate the technical solutions of the present invention and not to limit the present invention, and the present invention has been described in detail with reference to the preferred embodiments. It will be understood by those skilled in the art that various modifications and equivalent arrangements may be made without departing from the spirit and scope of the present invention and it should be understood that the present invention is to be covered by the appended claims.

Claims (9)

1. A distributed encryption management method for an encryption currency wallet, applied to a KMS node, is characterized by comprising the following steps:
receiving a user's cryptocurrency wallet transaction signature request, inquiring whether a private key of the user's cryptocurrency wallet is stored, and processing the cryptocurrency wallet transaction signature request by using the private key of the user's cryptocurrency wallet stored in a KMS node when the private key of the user's cryptocurrency wallet is stored; when the private key of the user's cryptocurrency wallet is not locally stored, obtaining the private key of the user's cryptocurrency wallet from other KMS nodes and processing the cryptocurrency wallet transaction signature request using the private key.
2. The distributed encryption management method for an encryption currency wallet of claim 1, further comprising: and receiving a private key of the encrypted money wallet of the user uploaded by the terminal to which the user belongs, or creating the private key of the encrypted money wallet for the user, and synchronizing the private key of the encrypted money wallet of the user to at least one other KMS node.
3. The distributed encryption management method for a cryptocurrency wallet of claim 2,
the synchronizing the private key of the user's cryptographic currency wallet to at least one other KMS node comprises one of:
synchronizing the private key of the encrypted currency wallet of the user to all other KMS nodes in a first synchronization mode;
a second synchronization mode, namely determining the geographic area to which the KMS node receiving the private key of the encrypted money wallet of the user belongs, and synchronizing the private key of the encrypted money wallet of the user to KMS nodes in other geographic areas with a distance from the geographic area smaller than a preset distance;
and a third synchronization mode, namely determining the level of the KMS node which receives the private key of the encrypted money wallet of the user, and synchronizing the private key of the encrypted money wallet of the user to the KMS node with the same level.
4. The distributed encryption management method for a cryptocurrency wallet of claim 3,
when the private key of the user's cryptocurrency wallet is synchronized to at least one other KMS node in the synchronization mode, acquiring the private key of the user's cryptocurrency wallet from the other KMS node includes: obtaining a private key of the user's cryptocurrency wallet from any other node;
when the synchronization mode two is adopted when the private key of the encrypted money wallet of the user is synchronized to at least one other KMS node, acquiring the private key of the encrypted money wallet of the user from the other KMS node comprises: obtaining a private key of the user's cryptographic currency wallet from at least one of the other nodes of the adjacent geographic area;
when the synchronization mode is adopted when the private key of the encrypted money wallet of the user is synchronized to at least one other KMS node, acquiring the private key of the encrypted money wallet of the user from the other KMS node includes: obtaining a private key of the user's cryptographic currency wallet from at least one of the KMS nodes at the same level.
5. A distributed encryption management apparatus for an encryption money wallet, applied to a KMS node, comprising:
a receiving module for receiving a cryptocurrency wallet transaction signature request of the user;
the inquiry module is used for inquiring whether a private key of the encrypted money wallet of the user is stored;
the processing module is used for processing the transaction signature request of the encrypted money wallet by using a private key after the private key of the encrypted money wallet of the user is inquired and stored by the inquiry module; when the private key of the user's cryptocurrency wallet is not locally stored, obtaining the private key of the user's cryptocurrency wallet from other KMS nodes and processing the cryptocurrency wallet transaction signature request using the private key.
6. The distributed encryption management apparatus for a cryptocurrency wallet of claim 5, further comprising:
the acquisition module is used for receiving a private key of the encrypted money wallet of the user uploaded by a terminal to which the user belongs, or creating the private key of the encrypted money wallet for the user;
a synchronization module to synchronize a private key of the user's cryptocurrency wallet to at least one other KMS node.
7. The distributed encryption management apparatus for a cryptocurrency wallet of claim 5,
the synchronization module synchronizes a private key of the user's cryptocurrency wallet to at least one other KMS node using one of:
synchronizing the private key of the encrypted currency wallet of the user to all other KMS nodes in a first synchronization mode;
a second synchronization mode, namely determining the geographic area to which the KMS node receiving the private key of the encrypted money wallet of the user belongs, and synchronizing the private key of the encrypted money wallet of the user to KMS nodes in other geographic areas with a distance from the geographic area smaller than a preset distance;
and a third synchronization mode, namely determining the level of the KMS node which receives the private key of the encrypted money wallet of the user, and synchronizing the private key of the encrypted money wallet of the user to the KMS node with the same level.
8. A distributed encryption management system for cryptographic money wallets, comprising a plurality of KMS nodes, each KMS node comprising the apparatus of any one of claims 5 to 7.
9. A computer-readable storage medium whose instructions, when executed by a processor of a KMS node, enable the KMS node to perform a distributed encryption management method for cryptographic money wallets, the distributed encryption management method for cryptographic money wallets comprising:
receiving a user's cryptocurrency wallet transaction signature request, inquiring whether a private key of the user's cryptocurrency wallet is stored, and processing the cryptocurrency wallet transaction signature request by using the private key of the user's cryptocurrency wallet stored in a KMS node when the private key of the user's cryptocurrency wallet is stored; when the private key of the user's cryptocurrency wallet is not locally stored, obtaining the private key of the user's cryptocurrency wallet from other KMS nodes and processing the cryptocurrency wallet transaction signature request using the private key.
CN202011209121.9A 2018-08-06 2018-08-06 Distributed encryption management method, device and system for encrypted money bags Active CN112215591B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011209121.9A CN112215591B (en) 2018-08-06 2018-08-06 Distributed encryption management method, device and system for encrypted money bags

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201810885307.2A CN110490561B (en) 2018-08-06 2018-08-06 Distributed encryption management method, device and system for encryption currency wallet
CN202011209121.9A CN112215591B (en) 2018-08-06 2018-08-06 Distributed encryption management method, device and system for encrypted money bags

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201810885307.2A Division CN110490561B (en) 2018-08-06 2018-08-06 Distributed encryption management method, device and system for encryption currency wallet

Publications (2)

Publication Number Publication Date
CN112215591A true CN112215591A (en) 2021-01-12
CN112215591B CN112215591B (en) 2024-01-26

Family

ID=68545496

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201810885307.2A Active CN110490561B (en) 2018-08-06 2018-08-06 Distributed encryption management method, device and system for encryption currency wallet
CN202011209121.9A Active CN112215591B (en) 2018-08-06 2018-08-06 Distributed encryption management method, device and system for encrypted money bags

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201810885307.2A Active CN110490561B (en) 2018-08-06 2018-08-06 Distributed encryption management method, device and system for encryption currency wallet

Country Status (1)

Country Link
CN (2) CN110490561B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112330310A (en) * 2020-11-12 2021-02-05 武汉天喻信息产业股份有限公司 Intelligent terminal system and equipment for digital currency transaction
CN113194069B (en) * 2021-03-30 2022-08-26 深圳博瑞天下科技有限公司 Communication tracing method, communication tracing device and medium based on block chain

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160283941A1 (en) * 2015-03-27 2016-09-29 Black Gold Coin, Inc. Systems and methods for personal identification and verification
CN106533661A (en) * 2016-10-25 2017-03-22 北京大学 Online generation method for cryptographic currency address based on combined public key
CN106779636A (en) * 2016-11-29 2017-05-31 北京乐酷达网络科技有限公司 A kind of block chain digital cash wallet based on earphone interface of mobile phone
CN107104795A (en) * 2017-04-25 2017-08-29 上海汇尔通信息技术有限公司 Method for implanting, framework and the system of RSA key pair and certificate
CN108242999A (en) * 2017-10-26 2018-07-03 招商银行股份有限公司 Key escrow method, equipment and computer readable storage medium

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2975570A1 (en) * 2014-07-17 2016-01-20 draglet GmbH Method and a device for securing access to wallets containing crypto-currencies
CN104618120B (en) * 2015-03-04 2018-01-23 青岛微智慧信息有限公司 A kind of mobile terminal key escrow digital signature method
CN107566117B (en) * 2017-07-14 2019-10-29 浙商银行股份有限公司 A kind of block chain key management system and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160283941A1 (en) * 2015-03-27 2016-09-29 Black Gold Coin, Inc. Systems and methods for personal identification and verification
CN106533661A (en) * 2016-10-25 2017-03-22 北京大学 Online generation method for cryptographic currency address based on combined public key
CN106779636A (en) * 2016-11-29 2017-05-31 北京乐酷达网络科技有限公司 A kind of block chain digital cash wallet based on earphone interface of mobile phone
CN107104795A (en) * 2017-04-25 2017-08-29 上海汇尔通信息技术有限公司 Method for implanting, framework and the system of RSA key pair and certificate
CN108242999A (en) * 2017-10-26 2018-07-03 招商银行股份有限公司 Key escrow method, equipment and computer readable storage medium

Also Published As

Publication number Publication date
CN110490561A (en) 2019-11-22
CN112215591B (en) 2024-01-26
CN110490561B (en) 2020-09-15

Similar Documents

Publication Publication Date Title
CN108564353B (en) Payment system and method based on block chain
KR101974452B1 (en) Methods and system for managing personal information based on programmable blockchain and one-id
CN108235805B (en) Account unifying method and device and storage medium
CN112291245B (en) Identity authorization method, identity authorization device, storage medium and equipment
KR100807926B1 (en) Efficient management of cryptographic key generations
US9544297B2 (en) Method for secured data processing
US10567370B2 (en) Certificate authority
KR101985179B1 (en) Blockchain based id as a service
CN110537346A (en) Safe decentralization domain name system
US8397281B2 (en) Service assisted secret provisioning
US20200235921A1 (en) Method and system for recovering cryptographic keys of a blockchain network
CN105656859A (en) Secure online upgrade method and system for tax control equipment software
CN110599342B (en) Block chain-based identity information authorization method and device
CN1859097B (en) Verifying method and system based on general weight discrimination framework
US8234497B2 (en) Method and apparatus for providing secure linking to a user identity in a digital rights management system
CN112311538A (en) Identity authentication method, device, storage medium and equipment
US20240064009A1 (en) Distributed anonymized compliant encryption management system
CN109685664A (en) One kind being based on the associated digital asset real name register system of assets mandatory system
US20210306135A1 (en) Electronic device within blockchain based pki domain, electronic device within certification authority based pki domain, and cryptographic communication system including these electronic devices
CN110490561B (en) Distributed encryption management method, device and system for encryption currency wallet
KR102269753B1 (en) Method for performing backup and recovery private key in consortium blockchain network, and device using them
KR20210004842A (en) Method for providing virtual asset service based on dicentralized identity and virtual asset service providing server using them
Hölzl et al. Real-world Identification for an Extensible and Privacy-preserving Mobile eID
CN109067868A (en) A kind of method and system for being stored to cloud data
US20060129815A1 (en) Generation of identities and authentication thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40045324

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant