CN103873234B - Biological quantum secret key distribution method oriented to wireless body area network - Google Patents
Biological quantum secret key distribution method oriented to wireless body area network Download PDFInfo
- Publication number
- CN103873234B CN103873234B CN201410111746.XA CN201410111746A CN103873234B CN 103873234 B CN103873234 B CN 103873234B CN 201410111746 A CN201410111746 A CN 201410111746A CN 103873234 B CN103873234 B CN 103873234B
- Authority
- CN
- China
- Prior art keywords
- key
- biological
- quantum
- personal data
- sensor node
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Measurement Of The Respiration, Hearing Ability, Form, And Blood Characteristics Of Living Organisms (AREA)
- Collating Specific Patterns (AREA)
Abstract
The invention discloses a biological quantum secret key distribution method, and mainly aims to solve the problems that public key cryptography of a wireless body area network is threatened by quantum calculation, communication traffic is large, and authentication is complex. The method includes the implementation steps that biological characteristics are extracted to generate biological secrete key templates and dimensionality reduction intermediate data, and the biological secrete key templates and the dimensionality reduction intermediate data are distributed to a personal data center and sensor nodes respectively; a B92 protocol is applied to the sensor nodes and the personal data center, the sensor nodes and the personal data center share a bit string of which the theoretical length is 256, and the last 128 bits are reserved as an initial secrete key, and the rest is used as the public content; the sensor nodes generate a secrete key through the distributed data and test biological data, and the secrete key and the public content are bound and sent; the personal data center restores the public content through the biological secrete key templates, the public content is compared with the shared public content, if the bit error rate is lower than an authentication threshold value, it is determined that authentication is successfully finished, an initial secrete key is used as the distribution secrete key, or else secret key distribution at this time is stopped. The method can effectively achieve node identity authentication and eavesdrop detection and can be used for electronic government affairs and other occasions.
Description
Technical field
The invention belongs to areas of information technology, further relate to the key distribution in field of information security technology, can use
Distribute in the authentication of wireless body area network, E-Government, electronic banking etc. and key.
Background technology
Key distribution is the pith of network security, and in the case of needing to ensure data confidentiality, secure distribution is close
Key is the basis of whole network safety.Traditional cryptographic key distribution method mainly applies public-key cryptosystem, and this kind of method is based on multiple
Miscellaneous difficult math question, its safety depends on existing computing technique to be not enough to solve this difficult math question in finite time.Based on public affairs
The scheme of the key distribution of key system needs repeatedly to exchange public key and authentication information, needs therebetween to carry out substantial amounts of exponent arithmetic
And large module power multiplication, energy expenditure is larger, and authentication information is generally provided the complexity so that system by trusted third party
Increase.Existing key distribution technique mainly has following several:
Drira W, Renault E, article " the A hybrid authentication that Zeghlache D delivers at it
and key establishment scheme for wban”(Trust,Security and Privacy in
Computing and Communications,2012IEEE 11th International Conference on.IEEE,
2012:A kind of hybrid authentication being applied to wireless body area network and cryptographic key distribution method are proposed in 78-83.), the method uses and is based on
The curve public key method distribution key of discrete logarithm problem, and combine preallocated device id through computing as certification letter
Breath, exchanges through multiple information and achieves sensor, Mobility Center, the certification of storage center and key distribution and management, need not
Letter third party, but this method exchange information is many, calculates complicated.Additionally, Shor in 1994 propose solution count greatly the factors and from
The quantum calculation algorithm of scattered logarithm, once can solve in linear session greatly the factors and discrete logarithm problem are counted it is meant that quantum
Computer is born, and the public key system based on several greatly factors and discrete logarithm will be no longer safe.
The physical characteristics based on quantized system for the quantum key distribution, can achieve the secret communication being perfectly safe in theory, and
And there is eavesdropping detection function, can effectively monitor third party in quantum channel and eavesdrop, can resisting quantum computation attack, safety is very
Good.Huang X, Wijesekera S, article " the Implementation of Quantum Key that Sharma D delivers at it
Distribution in Wi-Fi Wireless Networks”(Advanced Communication Technology,
2008.ICACT 2008.10th International Conference on.IEEE,2008,2:Propose one in 865-870)
In kind of wireless network by quantum key delivering method, quantum key agreement is applied in wireless network to distribute close by the method
Key, and distribution key and message authentication code XOR process are formed the initial key of network, and then ensure netkey system
Safety, but, the verification process of the method uses based on the authentication method expanding authentication protocol EAP, in quantum key agreement
Need before enforcement to communicate by multiple, whole process is complex.
Biological data contains the intrinsic information of human body, therefrom extracts feature and generates key and can effectively provide authentication work(
Can, realize easy.Teoh A B J, article " the Random multispace that Goh A, Ngo D C L delivers at it
quantization as an analytic mechanism for biohashing of biometric and random
identity inputs”(Pattern Analysis and Machine Intelligence,IEEE Transactions
on,2006,28(12):A kind of biological hash algorithm of revocable masterplate is proposed, by by biological characteristic in 1892-1901)
Sequential value is mapped to a space being determined by orthogonal matrix, then to reach irreversible purpose by quantifying.But, the party
Method does not ensure that communicating pair produces on all four Bit String as key.
Content of the invention
Present invention aim at proposing a kind of biological quantum key delivering method towards wireless body area network, wireless to solve
The problem that body area network public key cryptography is subject to quantum calculation threat, the traffic is big, certification is complicated, overcomes existing quantum key distribution simultaneously
Method lacks the inconsistent problem of communicating pair biological secret key sequence in identity authentication function, and biological secret key distribution method.
The key problem in technology of the present invention be from test biology data extract biological characteristic, quantization encoding be biological secret key, use
This biological secret key is mutually bound with the public information during quantum key distribution, is applied in wireless body area network, by sensor
Node is sent to personal data center, and personal data center uses the biological secret key template of training stage distribution to receiving data solution
Binding, the public information that recovery nodes send, and the corresponding letter obtaining during quantum key distribution to personal data center
Breath compares, and the calculating bit error rate is compared with threshold value realizes authentication and eavesdropping detection.Implementation step is as follows:
(1) read the human face data of A people, wherein everyone human face data comprises B width image, common A × B width image,
As tranining database;
(2) choose dimensionality reduction dimension p, using principal component analytical method, dimensionality reduction is carried out to training data, obtain biological data
Mean vector Xm, transformation matrix W, the eigenmatrix after dimensionality reduction:
Q=[Q11,Q12,…,Q1B,…,Qi1,Qi2,…,Qij,…,QiB,…,QA1,QA2,…,QAB], wherein, QijFor p dimension
Column vector, the characteristic vector of the jth width image of i-th people of expression, i=1,2 ..., A, j=1,2 ..., B;
(3) the characteristic vector statistical modeling to training data:
(3a) calculate the mean vector m of all column vectors in eigenmatrix QtotalWith standard difference vector σtotal;
(3b) calculate the image character pair vector Q of i-th peoplei1,Qi2,…,QiBMean vector miWith standard difference vector
σi, i=1,2 ..., A;
(3c) each dimension data according to statistic Modelling feature vector:If the data of characteristic vector kth dimension obeys normal state dividing
ClothI-th people's kth dimension data cloth Normal DistributionK=1,2 ... p, i=1,
2,…,A;
(4) calculate and quantify threshold matrix:
(4a) for dimension k, in mtotal, σtotalMiddle average m taking out this dimensiontotal,kWith standard deviation sigmatotal,k, calculate
Quantized intervalWherein N=2,3 ... for encoding digit, n>0 is a coefficient;
(4b) with mtotal,kFor axis, dkR-th quantization threshold T for interval calculation kth dimensionkr:
Tkr=mtotal,k+dk(r-2N-1),
Wherein, k=1,2 ..., p, r=1,2 ..., 2N- 1, kth dimensional feature space is divided into 2 by quantization thresholdNIndividual interval;
(4c) calculate the quantization threshold of all dimensions, obtain quantization threshold matrix T=[Tkr];
(5) quantization encoding generate key:
(5a) use thresholding TkrQuantify the characteristic mean m of i-th people's kth dimensioni,k, and quantized result is encoded, compiled
Code value Ci,k;
(5b) for i-th people, quantify the characteristic mean of its all dimension, and quantized result is encoded, then press
Being sequentially connected with from left to right, obtains the biological secret key masterplate BioKey of this peoplei=Ci,1||Ci,2||…||Ci,p, i=1,
2,…,A;Wherein, " | | " it is concatenation operation, represent the connection to binary string;
(6) carry out the data distribution of registration phase:Will people i to be certified biological secret key template BioKeyiIt is stored in individual
Personal data center;By quantization threshold matrix T, mean vector Xm, transformation matrix W is stored in sensor node;
(7) sensor node obtains the test biology data vector X of i-th peoplei,new, to this vectorial Xi,newCarry out dimensionality reduction,
Obtain characteristic vector Qi,new, quantify and coding characteristic vector Qi,new, obtain sensor node biological secret key BioKey 'i;
(8) distribute biological quantum key:
(8a) sensor node sends first Frame, starts key distribution procedure, and personal data center receives the
After one Frame, send second Frame, to represent addition key distribution procedure;
(8b) sensor node and personal data center obtain shared bits string S, wherein, S's with quantum key B92 agreement
Theoretical length is 256;
(8c) latter 128 of shared bits string S are retained as initial key Keyinit, initial by removing in shared bits string S
Remainder outside key is as disclosure Spub;Sensor node linear block codes Error Correction of Coding disclosure Spub,
Obtain the error correction representation of disclosureError correction representation by disclosureWith biological secret key BioKey 'iMutually
Binding, obtains binding information:
WhereinRepresent XOR;
(8d) binding information msg is sent to personal data center, personal data center biological secret key by sensor node
Template BioKeyiRecover disclosure from binding information msg:
Wherein, err_corr () represents error correction functions;
(8e) personal data center is by the recovery disclosure S ' in step (8d)pubWith the disclosure in step (8c)
SpubIt is compared, calculate bit error rate η of disclosure;
(8f) eavesdropping threshold value Th is chosen according to the angle between two nonopiate quantum states in quantum key B92 agreemente, root
Choose certification threshold value Th according to training biological dataa, two threshold values of bit error rate η and this are compared, determine final distribution key:
If η>TheThen it is assumed that there is eavesdropping attacking, terminate this key distribution procedure;
If Tha<η≤TheThen it is assumed that sensor node identity is illegal, terminate this key distribution procedure;
If η≤Tha, then sensor node and personal data center are by initial key KeyinitAs final distribution key
Key.
The present invention compared with prior art has advantages below:
1. the present invention is due to being tied up with the public information in quantum key distribution using generation biological secret key from biological data
Determine to realize authentication, overcoming traditional quantum key distribution does not have the problem of identity authentication function;
2. the present invention is due to using the key obtaining final distribution in the shared information during quantum key distribution, overcoming
The key sequence inconsistence problems that only caused using biological secret key method;
3. compared to existing public key cryptography method, key distribution procedure of the present invention calculates simply, and the traffic is less, and distribution is close
Key safe.
Brief description:
Fig. 1 is the flowchart of the present invention;
Fig. 2 is the result figure with false acceptance rate/false rejection rate for the certification threshold value of the present invention;
Fig. 3 is the performance curve result figure of the present invention;
Fig. 4 is the bit error rate of the present invention and the bit error rate comparison diagram of standard B92 agreement when there is eavesdropping;
Fig. 5 is the identity authentication result figure in identity spoof attack for the present invention.
Specific embodiment:
The present invention is described in further detail below in conjunction with the accompanying drawings.
With reference to Fig. 1, the present invention includes data training and key distributes two parts
One. data trains part
Step 1, builds tranining database.
Choose A people from face database, wherein everyone comprises B width image, and common A × B width image, as training number
According to storehouse.
Step 2, using principal component analytical method to training data dimensionality reduction.
(2a) pixel value of width facial image each in tranining database is joined end to end by row, constitute column vector Xij, Xij
Represent the jth width image of i-th people, wherein i=1,2 ... A, j=1,2 ... B;
(2b) according to column vector Xij, calculate the mean vector of training data:
(2c) utilize mean vector XmBuild the training data matrix X going equalization:
X=[X11-Xm,…,X1B-Xm,…,Xi1-Xm,…,Xij-Xm,…,XiB-Xm,…,XA1-Xm,…,XAB-Xm],
(2d) choose dimensionality reduction dimension p, calculate transformation matrix W:
(2d1) calculate the covariance matrix C of training data matrix XX=XXT, by CXCarry out orthogonal diagonal factorization, and handle point
Eigenvalue in diagonal matrix Λ after solution sorts from big to small, p maximum corresponding characteristic vector w of eigenvalue before selection1′,
w2′,…,w′pComposition initial transformation matrix W '=[w1′,w2′,…,w′p];
(2d2) to column vector w in initial transformation matrix W 'k' normalized:
Wherein, wkFor the column vector after normalization, k=1,2 ..., p, | | represent modulus computing;
(2d3) according to column vector w after normalization1,w2,…,wpComposition transformation matrix W=[w1,w2,…,wp];
(2e) according to the training data matrix X and transformation matrix W going equalization, obtain the eigenmatrix after dimensionality reduction:
Q=WTX=[Q11,Q12,…,Q1B,…,Qi1,Qi2,…,Qij,…,QiB,…,QA1,QA2,…,QAB],
Wherein QijFor p dimensional vector, represent the characteristic vector of the jth width image of i-th people of training data, i=1,2 ...,
A, j=1,2 ..., B.
Step 3, to training data characteristic vector statistical modeling.
(3a) calculate in eigenmatrix Q whole column vectors average on every dimension and standard deviation, obtain eigenmatrix Q
In whole column vectors mean vector mtotalWith standard difference vector σtotal;
(3b) calculate the image character pair vector Q of i-th peoplei1,Qi2,…,QiBMean vector miWith standard difference vector
σi, i=1,2 ..., A;
(3c) each dimension data according to statistic Modelling feature vector, that is, the data setting characteristic vector kth dimension obeys normal state
DistributionI-th people's kth dimension data cloth Normal DistributionK=1,2 ... p, i=1,
2,…,A.
Step 4, calculates and quantifies threshold matrix.
(4a) for dimension k, in mean vector mtotal, standard difference vector σtotalMiddle average m taking out this dimensiontotal,kWith
Standard deviation sigmatotal,k, calculate quantized intervalWherein N=2,3 ... for encoding digit, n>0 is a coefficient;
(4b) with mtotal,kFor axis, dkR-th quantization threshold T for interval calculation kth dimensionkr:
Tkr=mtotal,k+dk(r-2N-1),
Wherein, k=1,2 ..., p, r=1,2 ..., 2N- 1, kth dimensional feature space is divided into 2 by quantization thresholdNIndividual interval;
(4c) calculate the quantization threshold of all dimensions, obtain quantization threshold matrix T=[Tkr].
Step 5, quantization encoding simultaneously generates key.
(5a) use thresholding TkrQuantify the characteristic mean m of i-th people's kth dimensioni,k, and quantized result is encoded:
Wherein, Ci,kRepresent the coding result of the kth dimensional feature of i-th people, GrayCode () represents the fortune seeking Gray code
Calculate, N is coding digit, TkrR-th quantization threshold of expression kth dimension, r=1,2 ... 2N-1;
(5b) for i-th people, quantify the characteristic mean of its all dimension, and quantized result is encoded, then press
Being sequentially connected with from left to right, obtains the biological secret key masterplate BioKey of this peoplei=Ci,1||Ci,2||…||Ci,p, i=1,
2,…,A;Wherein, " | | " it is concatenation operation, represent the connection to binary string.
Step 6, the data distribution of registration phase.
Under the environment of safety, the data generating in training process is distributed as follows:
First by biological secret key template BioKey of people i to be certifiediIt is stored in the personal data center in wireless body area network;
Again by quantization threshold matrix T, mean vector Xm, transformation matrix W is stored in the sensor node in wireless body area network.
Two. key distributing portion
Step 7, according to the data of distribution in data training process, to test biology Data Dimensionality Reduction and generate biological secret key.
(7a) sensor node obtains the test biology data vector X of i-th peoplei,newAnd carry out dimensionality reduction:
Qk,new=WT(Xk,new-Xm),
Wherein, WTFor the transposed matrix of transformation matrix W, XmFor the mean vector of training data, Qk,newFor test biology number
The characteristic vector obtaining according to dimensionality reduction,
(7b) use step 5 methods described to characteristic vector Qi,newQuantization encoding simultaneously generates key, obtains sensor node life
Thing key BioKey 'i.
Step 8:Biological quantum key distribution.
(8a) sensor node sends first Frame, starts key distribution procedure, and personal data center receives the
After one Frame, send second Frame, to represent addition key distribution procedure, first Frame and second data
The frame format of frame is:
Quantum coding mode [0:3] | | quantum communications speed [4:7] | | reserved field [8:31]
Wherein, " | | " it is concatenation operation, the connection to binary string for the expression, [0:3] represent the quantum coding in Frame
Mode field accounts for 0~3 of Frame, and [4:7] represent that the quantum communications speed in Frame accounts for 4~7 of Frame, [8:
31] represent that the reserved field in Frame accounts for 8~31 of Frame;
(8b) sensor node and personal data center obtain shared bits string S with quantum key B92 agreement:
(8b.1) sensor node produces the random binary sequence b that length is Lnode, personal data center independently produces
The random binary sequence b of equal lengthcenter;
(8b.2) sensor node chooses one group of non-orthogonal quantum state | u0>、|u1>, and use the first quantum state | u0>To biography
Sensor node binary sequence bnodeIn 0 encoded, use the second quantum state | u1>To sensor node binary sequence bnode
In 1 encoded, then the quantum state sequence after encoding is sent to by personal data center by quantum channel;
(8b.3) one group of measurement base P is chosen at personal data center0=1- | u1><u11|、P1=1- | u0><u0|, and use first
Measurement base P0To personal data center binary sequence bcenterIn 0 coding, with the second measurement base P1To personal data center two
System sequence bcenterIn 1 coding, obtain by { P0,P1The measurement basic sequence M that forms;
(8b.4) personal data center is measured to the quantum state receiving successively using measurement basic sequence M:If measuring quantum
State, note measurement result is 1;If being not measured by quantum state, note measurement result is 0;After measurement terminates, obtain measurement result sequence
bresult, by measurement result sequence bresultIt is sent to sensor node;
(8b.5) personal data center is according to measurement result sequence bresultBinary value, it is determined whether retain number
According to center binary sequence bcenter:If bresultL ()=0, then abandon bcenter(l);If bresultL ()=1, then retain bcenter
(l);It is arranged in order retaining result, obtain personal data center and retain sequence b 'center, wherein, l=1,2 ... L, L are sequence
Length;
(8b.6) sensor node receives measurement result sequence bresultAfterwards, according to measurement result sequence bresultTwo enter
Value processed, it is determined whether retain sensor node binary sequence bnode:If bresultL ()=0, then abandon bnode(l);If bresult
L ()=1, then retain bnode(l), and be arranged in order retaining result, obtain sensor node and retain sequence b 'node;
(8b.7) sensor node is retained sequence b 'nodeRetain sequence b ' with personal data centercenterAs shared ratio
Special string S=b 'center=b 'node, as L=1024, the theoretical length of S is 256.
(8c) latter 128 of shared bits string S are retained as initial key Keyinit, initial by removing in shared bits string S
Remainder outside key is as disclosure Spub;Sensor node linear block codes Error Correction of Coding disclosure Spub,
Obtain the error correction representation of disclosure
Wherein, t=1,2 ..., LS, LSFor disclosure SpubLength, N be coding digit;
Error correction representation by disclosureWith biological secret key BioKey 'iMutually bind, obtain binding information:
Wherein,Represent XOR, if biological secret key BioKey ' in computingiLength be less than disclosure
Error correction representationLength, then to biological secret key BioKey 'iMend 0;If biological secret key BioKey 'iLength be more than public affairs
Open the error correction representation of contentLength, then to biological secret key BioKey 'iUnnecessary part is blocked;
(8d) binding information msg is sent to personal data center by sensor node, and personal data center data is trained
During distribution biological secret key template BioKeyiRecover disclosure from binding information msg:
Wherein, err_corr () represents error correction functions, if biological secret key template BioKey in XORiLength
Less than the length of binding information msg, then to biological key template BioKeyiMend 0;If biological secret key template BioKeyiLength
More than the length of binding information msg, then to biological key template BioKeyiUnnecessary part is blocked;
(8e) personal data center is by the recovery disclosure S ' in step (8d)pubWith the disclosure in step (8c)
SpubIt is compared, calculate bit error rate η of disclosure;
Wherein, lp=1,2 ..., Lpub, LpubRepresent disclosure SpubLength.
(8f) eavesdropping threshold value Th is chosen according to the angle between two nonopiate quantum states in quantum key B92 agreemente, root
Choose certification threshold value Th according to training biological dataa, two threshold values of bit error rate η and this are compared, determine final distribution key:
If η>TheThen it is assumed that there is eavesdropping attacking, terminate this key distribution procedure;
If Tha<η≤TheThen it is assumed that sensor node identity is illegal, terminate this key distribution procedure;
If η≤Tha, then sensor node and personal data center are by initial key KeyinitAs final distribution key
Key.
The effect of the present invention can be further illustrated by following simulation analysis:
1. simulated conditions
The emulated hardware environment of the present invention is intel Pentium E5800CPU, 2GB internal memory of 3.2GHz, software environment
For MatlabR2010b.Experimental data chooses everyone 6 width images of 100 people from AR face database, and wherein 5 width are as instruction
Practice data, 1 width is as test data.
2. emulation content and result
Simulation parameter chooses dimensionality reduction dimension p=90, quantization digit N=3, coefficient n=3, random binary sequence bnodeWith
bcenterLength L=1024, distribute key length 128, to the 100 people each self-generating biological secret key mould in training data
Plate BioKeytemplate, the numbering of template=1 ... the 100 expression corresponding people of biological secret key template, given birth to using test data
Become biological secret key BioKey 'test, test=1, the numbering of 2 ..., the 100 expression corresponding people of test data biological secret key;One group
Non-orthogonal quantum state | u0>、|u1>Between angle be
Emulation one:Biological quantum key distribution authentication performance analysis.
(1) work as template=test, when that is, test data and biological secret key masterplate are derived from same person, divide by the present invention
Send out key, choose different certification threshold values Tha, count the illegal number of times of node identities, mistake in computation reject rate FRR;
(2) as template ≠ test, when that is, test data and biological secret key masterplate are derived from different people, divide by the present invention
Send out key, choose different certification threshold values Tha, count the number of times successfully distributing key, mistake in computation receptance FAR, recognized
Card threshold value ThaWith the result of false rejection rate FRR/ false acceptance rate FAR, as shown in Figure 2.
By the FRR under different threshold values, FAR represents under the same coordinate system, obtains biological secret key distribution performance Dependence Results,
As shown in Figure 3.
From Fig. 2 and Fig. 3, with the raising of certification threshold value, false rejection rate reduces, and false acceptance rate raises, according to
The biological data of the present invention, point of intersection certification threshold value Th of two curvesa=0.095, as the final certification threshold value using.
Emulation two:Work as template=test, when carrying out encryption key distribution using the data of same person, divide by the present invention
Send out key, eavesdrop threshold value TheEmpirical value be 0.15~0.2, this emulation selection The=0.2, imitative during key distribution
Truly apply eavesdropping to attack, calculate bit error rate η of disclosure;Meanwhile, under the same conditions, distribute key by standard B92 agreement,
Same bit error rate η calculating disclosure, the bit error rate of the disclosure of invention and standard B92 agreement under the conditions of being eavesdropped
Disclosure bit error rate comparing result, as shown in Figure 4 it is seen that under the conditions of eavesdropping, the bit error rate of the present invention is not less than standard
B92 agreement, can attack in effective detection eavesdropping.
Emulation three:Attacker uses illegal test biology data genaration biological secret key, the test data such as accompanying drawing 5 of use
A, shown in (), test 1 is tested using 20 inhuman face images, test 2 is using the 20 width facial images chosen from the Internet
Tested, illegal sensor node attempts disguise as legitimate node and personal data center to center communications, chosen certification threshold value Tha
=0.095, key masterplate randomly selects, and distributes key using the present invention, and bit error rate η calculating disclosure is authenticated, and obtains
To shown in test result such as Fig. 5 (b) of different condition it is seen that when carrying out spoof attack using two groups of test images, disclosure
Bit error rate η be above certification threshold value and so that key is distributed and terminate, the present invention can effective certification sensor node identity.
Claims (5)
1. a kind of biological quantum key delivering method towards wireless body area network, comprises the steps:
(1) read the human face data of A people, wherein everyone human face data comprises B width image, common A × B width image, as
Tranining database;
(2) choose dimensionality reduction dimension p, using principal component analytical method, dimensionality reduction is carried out to training data, obtain the average of training data
Vectorial Xm, transformation matrix W, the eigenmatrix after dimensionality reduction:
Q=[Q11,Q12,…,Q1B,…,Qi1,Qi2,…,Qij,…,QiB,…,QA1,QA2,…,QAB], wherein, QijFor p dimension row to
Amount, the characteristic vector of the jth width image of i-th people of expression, i=1,2 ..., A, j=1,2 ..., B;
(3) the characteristic vector statistical modeling to training data:
(3a) calculate the mean vector m of all column vectors in eigenmatrix QtotalWith standard difference vector σtotal;
(3b) calculate the image character pair vector Q of i-th peoplei1,Qi2,…,QiBMean vector miWith standard difference vector σi, i
=1,2 ..., A;
(3c) each dimension data according to statistic Modelling feature vector:If the data Normal Distribution of characteristic vector kth dimensionI-th people's kth dimension data cloth Normal Distribution
(4) calculate and quantify threshold matrix:
(4a) for dimension k, in mtotal, σtotalMiddle average m taking out this dimensiontotal,kWith standard deviation sigmatotal,k, calculate and quantify
IntervalWherein N=2,3 ... for encoding digit, n>0 is a coefficient;
(4b) with mtotal,kFor axis, dkR-th quantization threshold T for interval calculation kth dimensionkr:
Tkr=mtotal,k+dk(r-2N-1),
Wherein, k=1,2 ..., p, r=1,2 ..., 2N- 1, kth dimensional feature space is divided into 2 by quantization thresholdNIndividual interval;
(4c) calculate the quantization threshold of all dimensions, obtain quantization threshold matrix T=[Tkr];
(5) quantization encoding generate key:
(5a) use thresholding TkrQuantify the characteristic mean m of i-th people's kth dimensioni,k, and quantized result is encoded, obtain encoded radio
Ci,k;
(5b) for i-th people, quantify the characteristic mean of its all dimension, and quantized result is encoded, then press from a left side
It is sequentially connected with to right, obtain the biological secret key masterplate BioKey of this peoplei=Ci,1||Ci,2||…||Ci,p, i=1,
2,…,A;Wherein, " | | " it is concatenation operation, represent the connection to binary string;
(6) carry out the data distribution of registration phase:Will people i to be certified biological secret key template BioKeyiIt is stored in personal data
Center;By quantization threshold matrix T, mean vector Xm, transformation matrix W is stored in sensor node;
(7) sensor node obtains the test biology data vector X of i-th peoplei,new, to this vectorial Xi,newCarry out dimensionality reduction, obtain
Characteristic vector Qi,new, quantify and coding characteristic vector Qi,new, obtain sensor node biological secret key BioKeyi′;
(8) distribute biological quantum key:
(8a) sensor node sends first Frame, starts key distribution procedure, personal data center receives first
After Frame, send second Frame, to represent addition key distribution procedure;
(8b) sensor node and personal data center obtain shared bits string S with quantum key B92 agreement:
(8b1) sensor node produces the random binary sequence b that length is Lnode, personal data center independently produces identical length
The random binary sequence b of degreecenter;
(8b2) sensor node chooses one group of non-orthogonal quantum state | u0>、|u1>, and use the first quantum state | u0>To sensor
Node binary sequence bnodeIn 0 encoded, use the second quantum state | u1>To sensor node binary sequence bnodeIn
1 is encoded, then by quantum channel, the quantum state sequence after encoding is sent to personal data center;
(8b3) one group of measurement base P is chosen at personal data center0=1- | u1><u1|、P1=1- | u0><u0|, and use the first measurement base
P0To personal data center binary sequence bcenterIn 0 coding, with the second measurement base P1To personal data center binary system sequence
Row bcenterIn 1 coding, obtain by { P0,P1The measurement basic sequence M that forms;
(8b4) personal data center is measured to the quantum state receiving successively using measurement basic sequence M:If measuring quantum state, note
Measurement result is 1;If being not measured by quantum state, note measurement result is 0;After measurement terminates, obtain measurement result sequence
bresult, by measurement result sequence bresultIt is sent to sensor node;
(8b5) personal data center is according to measurement result sequence bresultBinary value, it is determined whether retain personal data center
Binary sequence bcenter:If bresultL ()=0, then abandon bcenter(l);If bresultL ()=1, then retain bcenter(l);Will
Retain result to be arranged in order, obtain personal data center and retain sequence bc′enter, wherein, l=1,2 ... L, L are sequence length;
(8b6) sensor node receives measurement result sequence bresultAfterwards, according to measurement result sequence bresultBinary value,
Determine whether to retain sensor node binary sequence bnode:If bresultL ()=0, then abandon bnode(l);If bresult(l)=
1, then retain bnode(l);Reservation result is arranged in order and obtains sensor node reservation sequence b 'node;
(8b7) sensor node is retained sequence b 'nodeRetain sequence b ' with personal data centercenterAs shared bits string S
=b 'center=b 'node, as L=1024, the theoretical length of S is 256;
(8c) latter 128 of shared bits string S are retained as initial key Keyinit, by shared bits string S remove initial key it
Outer remainder is as disclosure Spub;Sensor node linear block codes Error Correction of Coding disclosure Spub, obtain public affairs
Open the error correction representation of contentError correction representation by disclosureWith biological secret key BioKey 'iMutually bind, obtain
To binding information:
Wherein " " represents XOR;
(8d) binding information msg is sent to personal data center, personal data center biological secret key template by sensor node
BioKeyiRecover disclosure from binding information msg:
S′pub=err_corr (msg BioKeyi),
Wherein, err_corr () represents error correction functions;
(8e) personal data center is by the recovery disclosure S ' in step (8d)pubWith disclosure S in step (8c)pubEnter
Row compares, and calculates bit error rate η of disclosure;
(8f) eavesdropping threshold value Th is chosen according to the angle between two nonopiate quantum states in quantum key B92 agreemente, according to instruction
Practice biological data and choose certification threshold value Tha, two threshold values of bit error rate η and this are compared, determine final distribution key:
If η>TheThen it is assumed that there is eavesdropping attacking, terminate this key distribution procedure;
If Tha<η≤TheThen it is assumed that sensor node identity is illegal, terminate this key distribution procedure;
If η≤Tha, then sensor node and personal data center are by initial key KeyinitAs final distribution key Key.
2. the biological quantum key delivering method towards wireless body area network according to claim 1, wherein step (2) are described
Using principal component analytical method, dimensionality reduction is carried out to training data, carry out as follows:
(2.1) pixel value of width facial image each in tranining database is joined end to end by row, constitute column vector Xij, XijRepresent
The jth width image of i-th people, wherein i=1,2 ... A, j=1,2 ... B, A are the number comprising in training data, and B is training
Everyone image number in data;
(2.2) according to column vector Xij, calculate the mean vector of training data:
(2.3) utilize mean vector XmBuild the training data matrix X going equalization:
X=[X11-Xm,…,X1B-Xm,…,Xi1-Xm,…,Xij-Xm,…,XiB-Xm,…,XA1-Xm,…,XAB-Xm];
(2.4) build the covariance matrix C of matrix XX=XXT, by CXOrthogonal diagonal factorization, the diagonal matrix in decomposition result
Eigenvalue in Λ sorts from big to small, p maximum eigenvalue corresponding characteristic vector w ' before selection1,w′2,…,w′pComposition
Initial transformation matrix W '=[w '1,w′2,…,w′p], this W ' is obtained transformation matrix W by column vector normalized;
(2.5) according to the training data matrix X and transformation matrix W going equalization, obtain the eigenmatrix Q=W after dimensionality reductionTX.
3. the biological quantum key delivering method towards wireless body area network according to claim 1, wherein step (5a) institute
That states uses thresholding TkrQuantify the characteristic mean m of i-th people's kth dimensioni,k, and quantized result is encoded, enter in the following way
OK:
Wherein, Ci,kRepresent the coding result of the kth dimensional feature of i-th people, GrayCode () represents the computing seeking Gray code, N
For encoding digit, TkrR-th quantization threshold of expression kth dimension, r=1,2 ... 2N-1.
4. the biological quantum key delivering method towards wireless body area network according to claim 1, wherein said step (7)
In test biology data vector X to i-th peoplei,newCarry out dimensionality reduction, carried out by equation below:
Qk,new=WT(Xk,new-Xm),
Wherein, WTFor the transposed matrix of transformation matrix W, XmFor the mean vector of training data, Qk,newFor test biology Data Dimensionality Reduction
The characteristic vector obtaining.
5. the biological quantum key delivering method towards wireless body area network according to claim 1, wherein step (8a) institute
First Frame stated and the frame format of second Frame are:
Quantum coding mode [0:3] | | quantum communications speed [4:7] | | reserved field [8:31]
Wherein, " | | " it is concatenation operation, the connection to binary string for the expression, [0:3] represent the quantum coding mode in Frame
Field accounts for 0~3 of Frame, and [4:7] represent that the quantum communications speed in Frame accounts for 4~7 of Frame, [8:31] table
Show that the reserved field in Frame accounts for 8~31 of Frame.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410111746.XA CN103873234B (en) | 2014-03-24 | 2014-03-24 | Biological quantum secret key distribution method oriented to wireless body area network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410111746.XA CN103873234B (en) | 2014-03-24 | 2014-03-24 | Biological quantum secret key distribution method oriented to wireless body area network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103873234A CN103873234A (en) | 2014-06-18 |
CN103873234B true CN103873234B (en) | 2017-02-08 |
Family
ID=50911384
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410111746.XA Expired - Fee Related CN103873234B (en) | 2014-03-24 | 2014-03-24 | Biological quantum secret key distribution method oriented to wireless body area network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103873234B (en) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104468097B (en) * | 2015-01-13 | 2018-01-09 | 中国人民解放军理工大学 | A kind of secure data communication implementation method based on quantum key distribution |
GB2542751B (en) * | 2015-07-02 | 2021-08-18 | Kent Adrian | Future position commitment |
DE102015219999A1 (en) * | 2015-10-15 | 2017-04-20 | Robert Bosch Gmbh | A method of generating a secret in a network having at least two subscribers connected to a transmission medium |
CN105792198B (en) * | 2016-03-02 | 2019-03-26 | 西安电子科技大学 | Bioaugnentation wireless channel key generation method towards wireless body area network |
CN107135072B (en) * | 2017-06-05 | 2020-09-01 | 三峡大学 | Wireless sensor network system based on quantum encryption |
CN111400766B (en) * | 2020-03-25 | 2021-08-06 | 支付宝(杭州)信息技术有限公司 | Method and device for multi-party joint dimension reduction processing aiming at private data |
CN111970279B (en) * | 2020-08-18 | 2022-06-07 | 中南大学 | Continuous variable quantum key distribution attack detection method and detection system thereof |
CN112287316B (en) * | 2020-09-28 | 2022-07-12 | 山东师范大学 | Biological authentication method and system based on elliptic curve and removable biological characteristics |
CN113852616B (en) * | 2021-09-16 | 2023-07-14 | 国科量子通信网络有限公司 | Mutual authentication method and system of quantum security equipment |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101292455A (en) * | 2005-09-30 | 2008-10-22 | 威瑞森全球商务有限责任公司 | Quantum key distribution system |
CN102882674A (en) * | 2012-07-10 | 2013-01-16 | 中国电力科学研究院 | Transformer substation key generation and recovery system used for quantum key distribution |
CN103338448A (en) * | 2013-06-07 | 2013-10-02 | 国家电网公司 | Wireless local area network security communication method based on quantum key distribution |
CN103491531A (en) * | 2013-08-23 | 2014-01-01 | 中国科学技术大学 | Method for using quantum keys to improve safety of electric power information transmission in power system WiMAX wireless communication network |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9219605B2 (en) * | 2011-02-02 | 2015-12-22 | Nokia Technologies Oy | Quantum key distribution |
-
2014
- 2014-03-24 CN CN201410111746.XA patent/CN103873234B/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101292455A (en) * | 2005-09-30 | 2008-10-22 | 威瑞森全球商务有限责任公司 | Quantum key distribution system |
CN102882674A (en) * | 2012-07-10 | 2013-01-16 | 中国电力科学研究院 | Transformer substation key generation and recovery system used for quantum key distribution |
CN103338448A (en) * | 2013-06-07 | 2013-10-02 | 国家电网公司 | Wireless local area network security communication method based on quantum key distribution |
CN103491531A (en) * | 2013-08-23 | 2014-01-01 | 中国科学技术大学 | Method for using quantum keys to improve safety of electric power information transmission in power system WiMAX wireless communication network |
Non-Patent Citations (2)
Title |
---|
A Hybrid Authentication and Key Establishment Scheme for WBAN;Wassim Drira;《2012IEEE 11th International Conference on Trust,Security and Privacy in Computing and Communications》;20120630;全文 * |
Implementation of Quantum key Distribution in Wi-Fi(IEEE802.11)Wireless Network;Xu Huang;《Advanced communication technology》;20080229;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN103873234A (en) | 2014-06-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103873234B (en) | Biological quantum secret key distribution method oriented to wireless body area network | |
Wu et al. | A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client–server networks | |
Renner et al. | Universally composable privacy amplification against quantum adversaries | |
Blanton et al. | Secure and efficient protocols for iris and fingerprint identification | |
CN109756893B (en) | Chaos mapping-based crowd sensing Internet of things anonymous user authentication method | |
Šeděnka et al. | Secure outsourced biometric authentication with performance evaluation on smartphones | |
CN105553657B (en) | A kind of fingerprint fuzzy vault implementation method of feature-based fusion | |
CN107615285A (en) | The Verification System and device encrypted including the unclonable function of physics and threshold value | |
CN110213060A (en) | A kind of quantum Proxy Signature method and system that the nothing based on quantum walking is tangled | |
Liu et al. | An efficient biometric identification in cloud computing with enhanced privacy security | |
Blass et al. | The F_f-family of protocols for RFID-privacy and authentication | |
CN113055394A (en) | Multi-service double-factor authentication method and system suitable for V2G network | |
Tian et al. | Pribioauth: Privacy-preserving biometric-based remote user authentication | |
Şengel et al. | An efficient generation and security analysis of substitution box using fingerprint patterns | |
CN107332829A (en) | The electric automobile payment information authenticated encryption system and method merged based on biological characteristic | |
Selvaraju et al. | A method to improve the security level of ATM banking systems using AES algorithm | |
JP4863283B2 (en) | Authentication system with lightweight authentication protocol | |
Tian et al. | Leakage-resilient biometric-based remote user authentication with fuzzy extractors | |
Kiefer et al. | Blind password registration for verifier-based PAKE | |
Jiang et al. | Lattice-based proxy signature scheme with reject sampling method | |
Lv et al. | Research on big data security storage based on compressed sensing | |
Li et al. | A PUF-based Group Key Transfer Protocol for Bluetooth. | |
Tian et al. | Privacy-preserving biometric-based remote user authentication | |
CN110336775B (en) | Quantum group authentication method based on Grover algorithm | |
Alarcon-Aquino et al. | Biometric Cryptosystem based on Keystroke Dynamics and K-medoids |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170208 |
|
CF01 | Termination of patent right due to non-payment of annual fee |