CN103873234B - Biological quantum secret key distribution method oriented to wireless body area network - Google Patents

Abstract

The invention discloses a biological quantum secret key distribution method, and mainly aims to solve the problems that public key cryptography of a wireless body area network is threatened by quantum calculation, communication traffic is large, and authentication is complex. The method includes the implementation steps that biological characteristics are extracted to generate biological secrete key templates and dimensionality reduction intermediate data, and the biological secrete key templates and the dimensionality reduction intermediate data are distributed to a personal data center and sensor nodes respectively; a B92 protocol is applied to the sensor nodes and the personal data center, the sensor nodes and the personal data center share a bit string of which the theoretical length is 256, and the last 128 bits are reserved as an initial secrete key, and the rest is used as the public content; the sensor nodes generate a secrete key through the distributed data and test biological data, and the secrete key and the public content are bound and sent; the personal data center restores the public content through the biological secrete key templates, the public content is compared with the shared public content, if the bit error rate is lower than an authentication threshold value, it is determined that authentication is successfully finished, an initial secrete key is used as the distribution secrete key, or else secret key distribution at this time is stopped. The method can effectively achieve node identity authentication and eavesdrop detection and can be used for electronic government affairs and other occasions.

Description

Biological quantum key delivering method towards wireless body area network

Technical field

The invention belongs to areas of information technology, further relate to the key distribution in field of information security technology, can use Distribute in the authentication of wireless body area network, E-Government, electronic banking etc. and key.

Background technology

Key distribution is the pith of network security, and in the case of needing to ensure data confidentiality, secure distribution is close Key is the basis of whole network safety.Traditional cryptographic key distribution method mainly applies public-key cryptosystem, and this kind of method is based on multiple Miscellaneous difficult math question, its safety depends on existing computing technique to be not enough to solve this difficult math question in finite time.Based on public affairs The scheme of the key distribution of key system needs repeatedly to exchange public key and authentication information, needs therebetween to carry out substantial amounts of exponent arithmetic And large module power multiplication, energy expenditure is larger, and authentication information is generally provided the complexity so that system by trusted third party Increase.Existing key distribution technique mainly has following several：

Drira W, Renault E, article " the A hybrid authentication that Zeghlache D delivers at it and key establishment scheme for wban”(Trust,Security and Privacy in Computing and Communications,2012IEEE 11th International Conference on.IEEE, 2012:A kind of hybrid authentication being applied to wireless body area network and cryptographic key distribution method are proposed in 78-83.), the method uses and is based on The curve public key method distribution key of discrete logarithm problem, and combine preallocated device id through computing as certification letter Breath, exchanges through multiple information and achieves sensor, Mobility Center, the certification of storage center and key distribution and management, need not Letter third party, but this method exchange information is many, calculates complicated.Additionally, Shor in 1994 propose solution count greatly the factors and from The quantum calculation algorithm of scattered logarithm, once can solve in linear session greatly the factors and discrete logarithm problem are counted it is meant that quantum Computer is born, and the public key system based on several greatly factors and discrete logarithm will be no longer safe.

The physical characteristics based on quantized system for the quantum key distribution, can achieve the secret communication being perfectly safe in theory, and And there is eavesdropping detection function, can effectively monitor third party in quantum channel and eavesdrop, can resisting quantum computation attack, safety is very Good.Huang X, Wijesekera S, article " the Implementation of Quantum Key that Sharma D delivers at it Distribution in Wi-Fi Wireless Networks”(Advanced Communication Technology, 2008.ICACT 2008.10th International Conference on.IEEE,2008,2:Propose one in 865-870) In kind of wireless network by quantum key delivering method, quantum key agreement is applied in wireless network to distribute close by the method Key, and distribution key and message authentication code XOR process are formed the initial key of network, and then ensure netkey system Safety, but, the verification process of the method uses based on the authentication method expanding authentication protocol EAP, in quantum key agreement Need before enforcement to communicate by multiple, whole process is complex.

Biological data contains the intrinsic information of human body, therefrom extracts feature and generates key and can effectively provide authentication work( Can, realize easy.Teoh A B J, article " the Random multispace that Goh A, Ngo D C L delivers at it quantization as an analytic mechanism for biohashing of biometric and random identity inputs”(Pattern Analysis and Machine Intelligence,IEEE Transactions on,2006,28(12):A kind of biological hash algorithm of revocable masterplate is proposed, by by biological characteristic in 1892-1901) Sequential value is mapped to a space being determined by orthogonal matrix, then to reach irreversible purpose by quantifying.But, the party Method does not ensure that communicating pair produces on all four Bit String as key.

Content of the invention

Present invention aim at proposing a kind of biological quantum key delivering method towards wireless body area network, wireless to solve The problem that body area network public key cryptography is subject to quantum calculation threat, the traffic is big, certification is complicated, overcomes existing quantum key distribution simultaneously Method lacks the inconsistent problem of communicating pair biological secret key sequence in identity authentication function, and biological secret key distribution method.

The key problem in technology of the present invention be from test biology data extract biological characteristic, quantization encoding be biological secret key, use This biological secret key is mutually bound with the public information during quantum key distribution, is applied in wireless body area network, by sensor Node is sent to personal data center, and personal data center uses the biological secret key template of training stage distribution to receiving data solution Binding, the public information that recovery nodes send, and the corresponding letter obtaining during quantum key distribution to personal data center Breath compares, and the calculating bit error rate is compared with threshold value realizes authentication and eavesdropping detection.Implementation step is as follows：

(1) read the human face data of A people, wherein everyone human face data comprises B width image, common A × B width image, As tranining database；

(2) choose dimensionality reduction dimension p, using principal component analytical method, dimensionality reduction is carried out to training data, obtain biological data Mean vector X_m, transformation matrix W, the eigenmatrix after dimensionality reduction：

Q=[Q₁₁,Q₁₂,…,Q_1B,…,Q_i1,Q_i2,…,Q_ij,…,Q_iB,…,Q_A1,Q_A2,…,Q_AB], wherein, Q_ijFor p dimension Column vector, the characteristic vector of the jth width image of i-th people of expression, i=1,2 ..., A, j=1,2 ..., B；

(3) the characteristic vector statistical modeling to training data：

(3a) calculate the mean vector m of all column vectors in eigenmatrix Q_totalWith standard difference vector σ_total；

(3b) calculate the image character pair vector Q of i-th people_i1,Q_i2,…,Q_iBMean vector m_iWith standard difference vector σ_i, i=1,2 ..., A；

(3c) each dimension data according to statistic Modelling feature vector：If the data of characteristic vector kth dimension obeys normal state dividing ClothI-th people's kth dimension data cloth Normal DistributionK=1,2 ... p, i=1, 2,…,A；

(4) calculate and quantify threshold matrix：

(4a) for dimension k, in m_total, σ_totalMiddle average m taking out this dimension_total,kWith standard deviation sigma_total,k, calculate Quantized intervalWherein N=2,3 ... for encoding digit, n>0 is a coefficient；

(4b) with m_total,kFor axis, d_kR-th quantization threshold T for interval calculation kth dimension_kr：

T_kr=m_total,k+d_k(r-2^N-1),

Wherein, k=1,2 ..., p, r=1,2 ..., 2^N- 1, kth dimensional feature space is divided into 2 by quantization threshold^NIndividual interval；

(4c) calculate the quantization threshold of all dimensions, obtain quantization threshold matrix T=[T_kr]；

(5) quantization encoding generate key：

(5a) use thresholding T_krQuantify the characteristic mean m of i-th people's kth dimension_i,k, and quantized result is encoded, compiled Code value C_i,k；

(5b) for i-th people, quantify the characteristic mean of its all dimension, and quantized result is encoded, then press Being sequentially connected with from left to right, obtains the biological secret key masterplate BioKey of this people_i=C_i,1||C_i,2||…||C_i,p, i=1, 2,…,A；Wherein, " | | " it is concatenation operation, represent the connection to binary string；

(6) carry out the data distribution of registration phase：Will people i to be certified biological secret key template BioKey_iIt is stored in individual Personal data center；By quantization threshold matrix T, mean vector X_m, transformation matrix W is stored in sensor node；

(7) sensor node obtains the test biology data vector X of i-th people_i,new, to this vectorial X_i,newCarry out dimensionality reduction, Obtain characteristic vector Q_i,new, quantify and coding characteristic vector Q_i,new, obtain sensor node biological secret key BioKey '_i；

(8) distribute biological quantum key：

(8a) sensor node sends first Frame, starts key distribution procedure, and personal data center receives the After one Frame, send second Frame, to represent addition key distribution procedure；

(8b) sensor node and personal data center obtain shared bits string S, wherein, S's with quantum key B92 agreement Theoretical length is 256；

(8c) latter 128 of shared bits string S are retained as initial key Key_init, initial by removing in shared bits string S Remainder outside key is as disclosure S_pub；Sensor node linear block codes Error Correction of Coding disclosure S_pub, Obtain the error correction representation of disclosureError correction representation by disclosureWith biological secret key BioKey '_iMutually Binding, obtains binding information：

$msg={\mathrm{BioKey}}_i^{\′}\⊕S_{pub}^{corr},$

WhereinRepresent XOR；

(8d) binding information msg is sent to personal data center, personal data center biological secret key by sensor node Template BioKey_iRecover disclosure from binding information msg：

$S_{pub}^{\′}=err\_corr(msg\⊕{\mathrm{BioKey}}_i),$

Wherein, err_corr () represents error correction functions；

(8e) personal data center is by the recovery disclosure S ' in step (8d)_pubWith the disclosure in step (8c) S_pubIt is compared, calculate bit error rate η of disclosure；

(8f) eavesdropping threshold value Th is chosen according to the angle between two nonopiate quantum states in quantum key B92 agreement_e, root Choose certification threshold value Th according to training biological data_a, two threshold values of bit error rate η and this are compared, determine final distribution key：

If η>Th_eThen it is assumed that there is eavesdropping attacking, terminate this key distribution procedure；

If Th_a<η≤Th_eThen it is assumed that sensor node identity is illegal, terminate this key distribution procedure；

If η≤Th_a, then sensor node and personal data center are by initial key Key_initAs final distribution key Key.

The present invention compared with prior art has advantages below：

1. the present invention is due to being tied up with the public information in quantum key distribution using generation biological secret key from biological data Determine to realize authentication, overcoming traditional quantum key distribution does not have the problem of identity authentication function；

2. the present invention is due to using the key obtaining final distribution in the shared information during quantum key distribution, overcoming The key sequence inconsistence problems that only caused using biological secret key method；

3. compared to existing public key cryptography method, key distribution procedure of the present invention calculates simply, and the traffic is less, and distribution is close Key safe.

Brief description：

Fig. 1 is the flowchart of the present invention；

Fig. 2 is the result figure with false acceptance rate/false rejection rate for the certification threshold value of the present invention；

Fig. 3 is the performance curve result figure of the present invention；

Fig. 4 is the bit error rate of the present invention and the bit error rate comparison diagram of standard B92 agreement when there is eavesdropping；

Fig. 5 is the identity authentication result figure in identity spoof attack for the present invention.

Specific embodiment：

The present invention is described in further detail below in conjunction with the accompanying drawings.

With reference to Fig. 1, the present invention includes data training and key distributes two parts

One. data trains part

Step 1, builds tranining database.

Choose A people from face database, wherein everyone comprises B width image, and common A × B width image, as training number According to storehouse.

Step 2, using principal component analytical method to training data dimensionality reduction.

(2a) pixel value of width facial image each in tranining database is joined end to end by row, constitute column vector X_ij, X_ij Represent the jth width image of i-th people, wherein i=1,2 ... A, j=1,2 ... B；

(2b) according to column vector X_ij, calculate the mean vector of training data：

(2c) utilize mean vector X_mBuild the training data matrix X going equalization：

X=[X₁₁-X_m,…,X_1B-X_m,…,X_i1-X_m,…,X_ij-X_m,…,X_iB-X_m,…,X_A1-X_m,…,X_AB-X_m],

(2d) choose dimensionality reduction dimension p, calculate transformation matrix W：

(2d1) calculate the covariance matrix C of training data matrix X_X=XX^T, by C_XCarry out orthogonal diagonal factorization, and handle point Eigenvalue in diagonal matrix Λ after solution sorts from big to small, p maximum corresponding characteristic vector w of eigenvalue before selection₁′, w₂′,…,w′_pComposition initial transformation matrix W '=[w₁′,w₂′,…,w′_p]；

(2d2) to column vector w in initial transformation matrix W '_k' normalized：

$w_k=\frac{w_k^{\&prime;}}{\left|w_k^{\&prime;}\right|}$

Wherein, w_kFor the column vector after normalization, k=1,2 ..., p, | | represent modulus computing；

(2d3) according to column vector w after normalization₁,w₂,…,w_pComposition transformation matrix W=[w₁,w₂,…,w_p]；

(2e) according to the training data matrix X and transformation matrix W going equalization, obtain the eigenmatrix after dimensionality reduction：

Q=W^TX=[Q₁₁,Q₁₂,…,Q_1B,…,Q_i1,Q_i2,…,Q_ij,…,Q_iB,…,Q_A1,Q_A2,…,Q_AB],

Wherein Q_ijFor p dimensional vector, represent the characteristic vector of the jth width image of i-th people of training data, i=1,2 ..., A, j=1,2 ..., B.

Step 3, to training data characteristic vector statistical modeling.

(3a) calculate in eigenmatrix Q whole column vectors average on every dimension and standard deviation, obtain eigenmatrix Q In whole column vectors mean vector m_totalWith standard difference vector σ_total；

(3b) calculate the image character pair vector Q of i-th people_i1,Q_i2,…,Q_iBMean vector m_iWith standard difference vector σ_i, i=1,2 ..., A；

(3c) each dimension data according to statistic Modelling feature vector, that is, the data setting characteristic vector kth dimension obeys normal state DistributionI-th people's kth dimension data cloth Normal DistributionK=1,2 ... p, i=1, 2,…,A.

Step 4, calculates and quantifies threshold matrix.

(4a) for dimension k, in mean vector m_total, standard difference vector σ_totalMiddle average m taking out this dimension_total,kWith Standard deviation sigma_total,k, calculate quantized intervalWherein N=2,3 ... for encoding digit, n>0 is a coefficient；

(4b) with m_total,kFor axis, d_kR-th quantization threshold T for interval calculation kth dimension_kr：

T_kr=m_total,k+d_k(r-2^N-1),

Wherein, k=1,2 ..., p, r=1,2 ..., 2^N- 1, kth dimensional feature space is divided into 2 by quantization threshold^NIndividual interval；

(4c) calculate the quantization threshold of all dimensions, obtain quantization threshold matrix T=[T_kr].

Step 5, quantization encoding simultaneously generates key.

(5a) use thresholding T_krQuantify the characteristic mean m of i-th people's kth dimension_i,k, and quantized result is encoded：

$C_{i,k}=\left\{\begin{array}{cc}GrayCode\left(0\right)& m_{i,k}<T_{k1}\\ GrayCode\left(1\right)& T_{k1}\&le;m_{i,k}<T_{k2}\\ \mathrm{...}& \\ GrayCode(2^N-2)& T_{k(2^N-2)}\&le;m_{i,k}<T_{k(2^N-1)}\\ GrayCode(2^N-1)& m_{i,k}\&GreaterEqual;T_{k(2^N-1)}\end{array}\right.$

Wherein, C_i,kRepresent the coding result of the kth dimensional feature of i-th people, GrayCode () represents the fortune seeking Gray code Calculate, N is coding digit, T_krR-th quantization threshold of expression kth dimension, r=1,2 ... 2^N-1；

(5b) for i-th people, quantify the characteristic mean of its all dimension, and quantized result is encoded, then press Being sequentially connected with from left to right, obtains the biological secret key masterplate BioKey of this people_i=C_i,1||C_i,2||…||C_i,p, i=1, 2,…,A；Wherein, " | | " it is concatenation operation, represent the connection to binary string.

Step 6, the data distribution of registration phase.

Under the environment of safety, the data generating in training process is distributed as follows：

First by biological secret key template BioKey of people i to be certified_iIt is stored in the personal data center in wireless body area network；

Again by quantization threshold matrix T, mean vector X_m, transformation matrix W is stored in the sensor node in wireless body area network.

Two. key distributing portion

Step 7, according to the data of distribution in data training process, to test biology Data Dimensionality Reduction and generate biological secret key.

(7a) sensor node obtains the test biology data vector X of i-th people_i,newAnd carry out dimensionality reduction：

Q_k,new=W^T(X_k,new-X_m),

Wherein, W^TFor the transposed matrix of transformation matrix W, X_mFor the mean vector of training data, Q_k,newFor test biology number The characteristic vector obtaining according to dimensionality reduction,

(7b) use step 5 methods described to characteristic vector Q_i,newQuantization encoding simultaneously generates key, obtains sensor node life Thing key BioKey '_i.

Step 8：Biological quantum key distribution.

(8a) sensor node sends first Frame, starts key distribution procedure, and personal data center receives the After one Frame, send second Frame, to represent addition key distribution procedure, first Frame and second data The frame format of frame is：

Quantum coding mode [0:3] | | quantum communications speed [4:7] | | reserved field [8:31]

Wherein, " | | " it is concatenation operation, the connection to binary string for the expression, [0:3] represent the quantum coding in Frame Mode field accounts for 0～3 of Frame, and [4:7] represent that the quantum communications speed in Frame accounts for 4～7 of Frame, [8: 31] represent that the reserved field in Frame accounts for 8～31 of Frame；

(8b) sensor node and personal data center obtain shared bits string S with quantum key B92 agreement：

(8b.1) sensor node produces the random binary sequence b that length is L_node, personal data center independently produces The random binary sequence b of equal length_center；

(8b.2) sensor node chooses one group of non-orthogonal quantum state | u₀>、|u₁>, and use the first quantum state | u₀>To biography Sensor node binary sequence b_nodeIn 0 encoded, use the second quantum state | u₁>To sensor node binary sequence b_node In 1 encoded, then the quantum state sequence after encoding is sent to by personal data center by quantum channel；

(8b.3) one group of measurement base P is chosen at personal data center₀=1- | u₁><u₁1|、P₁=1- | u₀><u₀|, and use first Measurement base P₀To personal data center binary sequence b_centerIn 0 coding, with the second measurement base P₁To personal data center two System sequence b_centerIn 1 coding, obtain by { P₀,P₁The measurement basic sequence M that forms；

(8b.4) personal data center is measured to the quantum state receiving successively using measurement basic sequence M：If measuring quantum State, note measurement result is 1；If being not measured by quantum state, note measurement result is 0；After measurement terminates, obtain measurement result sequence b_result, by measurement result sequence b_resultIt is sent to sensor node；

(8b.5) personal data center is according to measurement result sequence b_resultBinary value, it is determined whether retain number According to center binary sequence b_center：If b_resultL ()=0, then abandon b_center(l)；If b_resultL ()=1, then retain b_center (l)；It is arranged in order retaining result, obtain personal data center and retain sequence b '_center, wherein, l=1,2 ... L, L are sequence Length；

(8b.6) sensor node receives measurement result sequence b_resultAfterwards, according to measurement result sequence b_resultTwo enter Value processed, it is determined whether retain sensor node binary sequence b_node：If b_resultL ()=0, then abandon b_node(l)；If b_result L ()=1, then retain b_node(l), and be arranged in order retaining result, obtain sensor node and retain sequence b '_node；

(8b.7) sensor node is retained sequence b '_nodeRetain sequence b ' with personal data center_centerAs shared ratio Special string S=b '_center=b '_node, as L=1024, the theoretical length of S is 256.

(8c) latter 128 of shared bits string S are retained as initial key Key_init, initial by removing in shared bits string S Remainder outside key is as disclosure S_pub；Sensor node linear block codes Error Correction of Coding disclosure S_pub, Obtain the error correction representation of disclosure

Wherein, t=1,2 ..., L_S, L_SFor disclosure S_pubLength, N be coding digit；

Error correction representation by disclosureWith biological secret key BioKey '_iMutually bind, obtain binding information：

$msg={\mathrm{BioKey}}_i^{\&prime;}\&CirclePlus;S_{pub}^{corr},$

Wherein,Represent XOR, if biological secret key BioKey ' in computing_iLength be less than disclosure Error correction representationLength, then to biological secret key BioKey '_iMend 0；If biological secret key BioKey '_iLength be more than public affairs Open the error correction representation of contentLength, then to biological secret key BioKey '_iUnnecessary part is blocked；

(8d) binding information msg is sent to personal data center by sensor node, and personal data center data is trained During distribution biological secret key template BioKey_iRecover disclosure from binding information msg：

$S_{pub}^{\&prime;}=err\_corr(msg\&CirclePlus;{\mathrm{BioKey}}_i),$

Wherein, err_corr () represents error correction functions, if biological secret key template BioKey in XOR_iLength Less than the length of binding information msg, then to biological key template BioKey_iMend 0；If biological secret key template BioKey_iLength More than the length of binding information msg, then to biological key template BioKey_iUnnecessary part is blocked；

(8e) personal data center is by the recovery disclosure S ' in step (8d)_pubWith the disclosure in step (8c) S_pubIt is compared, calculate bit error rate η of disclosure；

$\mathrm{\&eta;}=\frac{\underset{l_p}{\&Sigma;}\left(S_{pub}\right(l_p)\&CirclePlus;S_{pub}^{\&prime;}(l_p\left)\right)}{L_{pub}}$

Wherein, l_p=1,2 ..., L_pub, L_pubRepresent disclosure S_pubLength.

(8f) eavesdropping threshold value Th is chosen according to the angle between two nonopiate quantum states in quantum key B92 agreement_e, root Choose certification threshold value Th according to training biological data_a, two threshold values of bit error rate η and this are compared, determine final distribution key：

If η>Th_eThen it is assumed that there is eavesdropping attacking, terminate this key distribution procedure；

If Th_a<η≤Th_eThen it is assumed that sensor node identity is illegal, terminate this key distribution procedure；

If η≤Th_a, then sensor node and personal data center are by initial key Key_initAs final distribution key Key.

The effect of the present invention can be further illustrated by following simulation analysis：

1. simulated conditions

The emulated hardware environment of the present invention is intel Pentium E5800CPU, 2GB internal memory of 3.2GHz, software environment For MatlabR2010b.Experimental data chooses everyone 6 width images of 100 people from AR face database, and wherein 5 width are as instruction Practice data, 1 width is as test data.

2. emulation content and result

Simulation parameter chooses dimensionality reduction dimension p=90, quantization digit N=3, coefficient n=3, random binary sequence b_nodeWith b_centerLength L=1024, distribute key length 128, to the 100 people each self-generating biological secret key mould in training data Plate BioKey_template, the numbering of template=1 ... the 100 expression corresponding people of biological secret key template, given birth to using test data Become biological secret key BioKey '_test, test=1, the numbering of 2 ..., the 100 expression corresponding people of test data biological secret key；One group Non-orthogonal quantum state | u₀>、|u₁>Between angle be

Emulation one：Biological quantum key distribution authentication performance analysis.

(1) work as template=test, when that is, test data and biological secret key masterplate are derived from same person, divide by the present invention Send out key, choose different certification threshold values Th_a, count the illegal number of times of node identities, mistake in computation reject rate FRR；

(2) as template ≠ test, when that is, test data and biological secret key masterplate are derived from different people, divide by the present invention Send out key, choose different certification threshold values Th_a, count the number of times successfully distributing key, mistake in computation receptance FAR, recognized Card threshold value Th_aWith the result of false rejection rate FRR/ false acceptance rate FAR, as shown in Figure 2.

By the FRR under different threshold values, FAR represents under the same coordinate system, obtains biological secret key distribution performance Dependence Results, As shown in Figure 3.

From Fig. 2 and Fig. 3, with the raising of certification threshold value, false rejection rate reduces, and false acceptance rate raises, according to The biological data of the present invention, point of intersection certification threshold value Th of two curves_a=0.095, as the final certification threshold value using.

Emulation two：Work as template=test, when carrying out encryption key distribution using the data of same person, divide by the present invention Send out key, eavesdrop threshold value Th_eEmpirical value be 0.15～0.2, this emulation selection Th_e=0.2, imitative during key distribution Truly apply eavesdropping to attack, calculate bit error rate η of disclosure；Meanwhile, under the same conditions, distribute key by standard B92 agreement, Same bit error rate η calculating disclosure, the bit error rate of the disclosure of invention and standard B92 agreement under the conditions of being eavesdropped Disclosure bit error rate comparing result, as shown in Figure 4 it is seen that under the conditions of eavesdropping, the bit error rate of the present invention is not less than standard B92 agreement, can attack in effective detection eavesdropping.

Emulation three：Attacker uses illegal test biology data genaration biological secret key, the test data such as accompanying drawing 5 of use A, shown in (), test 1 is tested using 20 inhuman face images, test 2 is using the 20 width facial images chosen from the Internet Tested, illegal sensor node attempts disguise as legitimate node and personal data center to center communications, chosen certification threshold value Th_a =0.095, key masterplate randomly selects, and distributes key using the present invention, and bit error rate η calculating disclosure is authenticated, and obtains To shown in test result such as Fig. 5 (b) of different condition it is seen that when carrying out spoof attack using two groups of test images, disclosure Bit error rate η be above certification threshold value and so that key is distributed and terminate, the present invention can effective certification sensor node identity.

Claims (5)

1. a kind of biological quantum key delivering method towards wireless body area network, comprises the steps：

(1) read the human face data of A people, wherein everyone human face data comprises B width image, common A × B width image, as Tranining database；

(2) choose dimensionality reduction dimension p, using principal component analytical method, dimensionality reduction is carried out to training data, obtain the average of training data Vectorial X_m, transformation matrix W, the eigenmatrix after dimensionality reduction：

Q=[Q₁₁,Q₁₂,…,Q_1B,…,Q_i1,Q_i2,…,Q_ij,…,Q_iB,…,Q_A1,Q_A2,…,Q_AB], wherein, Q_ijFor p dimension row to Amount, the characteristic vector of the jth width image of i-th people of expression, i=1,2 ..., A, j=1,2 ..., B；

(3) the characteristic vector statistical modeling to training data：

(3a) calculate the mean vector m of all column vectors in eigenmatrix Q_totalWith standard difference vector σ_total；

(3b) calculate the image character pair vector Q of i-th people_i1,Q_i2,…,Q_iBMean vector m_iWith standard difference vector σ_i, i =1,2 ..., A；

(3c) each dimension data according to statistic Modelling feature vector：If the data Normal Distribution of characteristic vector kth dimensionI-th people's kth dimension data cloth Normal Distribution

(4) calculate and quantify threshold matrix：

(4a) for dimension k, in m_total, σ_totalMiddle average m taking out this dimension_total,kWith standard deviation sigma_total,k, calculate and quantify IntervalWherein N=2,3 ... for encoding digit, n>0 is a coefficient；

(4b) with m_total,kFor axis, d_kR-th quantization threshold T for interval calculation kth dimension_kr：

T_kr=m_total,k+d_k(r-2^N-1),

Wherein, k=1,2 ..., p, r=1,2 ..., 2^N- 1, kth dimensional feature space is divided into 2 by quantization threshold^NIndividual interval；

(4c) calculate the quantization threshold of all dimensions, obtain quantization threshold matrix T=[T_kr]；

(5) quantization encoding generate key：

(5a) use thresholding T_krQuantify the characteristic mean m of i-th people's kth dimension_i,k, and quantized result is encoded, obtain encoded radio C_i,k；

(5b) for i-th people, quantify the characteristic mean of its all dimension, and quantized result is encoded, then press from a left side It is sequentially connected with to right, obtain the biological secret key masterplate BioKey of this people_i=C_i,1||C_i,2||…||C_i,p, i=1, 2,…,A；Wherein, " | | " it is concatenation operation, represent the connection to binary string；

(6) carry out the data distribution of registration phase：Will people i to be certified biological secret key template BioKey_iIt is stored in personal data Center；By quantization threshold matrix T, mean vector X_m, transformation matrix W is stored in sensor node；

(7) sensor node obtains the test biology data vector X of i-th people_i,new, to this vectorial X_i,newCarry out dimensionality reduction, obtain Characteristic vector Q_i,new, quantify and coding characteristic vector Q_i,new, obtain sensor node biological secret key BioKey_i′；

(8) distribute biological quantum key：

(8a) sensor node sends first Frame, starts key distribution procedure, personal data center receives first After Frame, send second Frame, to represent addition key distribution procedure；

(8b) sensor node and personal data center obtain shared bits string S with quantum key B92 agreement：

(8b1) sensor node produces the random binary sequence b that length is L_node, personal data center independently produces identical length The random binary sequence b of degree_center；

(8b2) sensor node chooses one group of non-orthogonal quantum state | u₀>、|u₁>, and use the first quantum state | u₀>To sensor Node binary sequence b_no_deIn 0 encoded, use the second quantum state | u₁>To sensor node binary sequence b_nodeIn 1 is encoded, then by quantum channel, the quantum state sequence after encoding is sent to personal data center；

(8b3) one group of measurement base P is chosen at personal data center₀=1- | u₁><u₁|、P₁=1- | u₀><u₀|, and use the first measurement base P₀To personal data center binary sequence b_centerIn 0 coding, with the second measurement base P₁To personal data center binary system sequence Row b_centerIn 1 coding, obtain by { P₀,P₁The measurement basic sequence M that forms；

(8b4) personal data center is measured to the quantum state receiving successively using measurement basic sequence M：If measuring quantum state, note Measurement result is 1；If being not measured by quantum state, note measurement result is 0；After measurement terminates, obtain measurement result sequence b_result, by measurement result sequence b_resultIt is sent to sensor node；

(8b5) personal data center is according to measurement result sequence b_resultBinary value, it is determined whether retain personal data center Binary sequence b_center：If b_resultL ()=0, then abandon b_center(l)；If b_resultL ()=1, then retain b_center(l)；Will Retain result to be arranged in order, obtain personal data center and retain sequence b_c′_enter, wherein, l=1,2 ... L, L are sequence length；

(8b6) sensor node receives measurement result sequence b_resultAfterwards, according to measurement result sequence b_resultBinary value, Determine whether to retain sensor node binary sequence b_node：If b_resultL ()=0, then abandon b_node(l)；If b_result(l)= 1, then retain b_node(l)；Reservation result is arranged in order and obtains sensor node reservation sequence b '_node；

(8b7) sensor node is retained sequence b '_nodeRetain sequence b ' with personal data center_centerAs shared bits string S =b '_center=b '_node, as L=1024, the theoretical length of S is 256；

(8c) latter 128 of shared bits string S are retained as initial key Key_init, by shared bits string S remove initial key it Outer remainder is as disclosure S_pub；Sensor node linear block codes Error Correction of Coding disclosure S_pub, obtain public affairs Open the error correction representation of contentError correction representation by disclosureWith biological secret key BioKey '_iMutually bind, obtain To binding information：

$msg={\mathrm{BioKey}}_i^{\&prime;}\&CirclePlus;S_{pub}^{corr},$

Wherein " " represents XOR；

(8d) binding information msg is sent to personal data center, personal data center biological secret key template by sensor node BioKey_iRecover disclosure from binding information msg：

S′_pub=err_corr (msg BioKey_i),

Wherein, err_corr () represents error correction functions；

(8e) personal data center is by the recovery disclosure S ' in step (8d)_pubWith disclosure S in step (8c)_pubEnter Row compares, and calculates bit error rate η of disclosure；

(8f) eavesdropping threshold value Th is chosen according to the angle between two nonopiate quantum states in quantum key B92 agreement_e, according to instruction Practice biological data and choose certification threshold value Th_a, two threshold values of bit error rate η and this are compared, determine final distribution key：

If η>Th_eThen it is assumed that there is eavesdropping attacking, terminate this key distribution procedure；

If Th_a<η≤Th_eThen it is assumed that sensor node identity is illegal, terminate this key distribution procedure；

If η≤Th_a, then sensor node and personal data center are by initial key Key_initAs final distribution key Key.

2. the biological quantum key delivering method towards wireless body area network according to claim 1, wherein step (2) are described Using principal component analytical method, dimensionality reduction is carried out to training data, carry out as follows：

(2.1) pixel value of width facial image each in tranining database is joined end to end by row, constitute column vector X_ij, X_ijRepresent The jth width image of i-th people, wherein i=1,2 ... A, j=1,2 ... B, A are the number comprising in training data, and B is training Everyone image number in data；

(2.2) according to column vector X_ij, calculate the mean vector of training data：

(2.3) utilize mean vector X_mBuild the training data matrix X going equalization：

X=[X₁₁-X_m,…,X_1B-X_m,…,X_i1-X_m,…,X_ij-X_m,…,X_iB-X_m,…,X_A1-X_m,…,X_AB-X_m]；

(2.4) build the covariance matrix C of matrix X_X=XX^T, by C_XOrthogonal diagonal factorization, the diagonal matrix in decomposition result Eigenvalue in Λ sorts from big to small, p maximum eigenvalue corresponding characteristic vector w ' before selection₁,w′₂,…,w′_pComposition Initial transformation matrix W '=[w '₁,w′₂,…,w′_p], this W ' is obtained transformation matrix W by column vector normalized；

(2.5) according to the training data matrix X and transformation matrix W going equalization, obtain the eigenmatrix Q=W after dimensionality reduction^TX.

3. the biological quantum key delivering method towards wireless body area network according to claim 1, wherein step (5a) institute That states uses thresholding T_krQuantify the characteristic mean m of i-th people's kth dimension_i,k, and quantized result is encoded, enter in the following way OK：

$C_{i,k}=\left\{\begin{array}{cc}GrayCode\left(0\right)& m_{i,k}<T_{k1}\\ GrayCode\left(1\right)& T_{k1}\&le;m_{i,k}<T_{k2}\\ ...& \\ GrayCode(2^N-2)& T_{k(2^N-2)}\&le;m_{i,k}<T_{k(2^N-1)}\\ GrayCode(2^N-1)& m_{i,k}\&GreaterEqual;T_{k(2^N-1)}\end{array}\right.$

Wherein, C_i,kRepresent the coding result of the kth dimensional feature of i-th people, GrayCode () represents the computing seeking Gray code, N For encoding digit, T_krR-th quantization threshold of expression kth dimension, r=1,2 ... 2^N-1.

4. the biological quantum key delivering method towards wireless body area network according to claim 1, wherein said step (7) In test biology data vector X to i-th people_i,newCarry out dimensionality reduction, carried out by equation below：

Q_k,new=W^T(X_k,new-X_m),

Wherein, W^TFor the transposed matrix of transformation matrix W, X_mFor the mean vector of training data, Q_k,newFor test biology Data Dimensionality Reduction The characteristic vector obtaining.

5. the biological quantum key delivering method towards wireless body area network according to claim 1, wherein step (8a) institute First Frame stated and the frame format of second Frame are：

Quantum coding mode [0:3] | | quantum communications speed [4:7] | | reserved field [8:31]

Wherein, " | | " it is concatenation operation, the connection to binary string for the expression, [0:3] represent the quantum coding mode in Frame Field accounts for 0～3 of Frame, and [4:7] represent that the quantum communications speed in Frame accounts for 4～7 of Frame, [8:31] table Show that the reserved field in Frame accounts for 8～31 of Frame.