CN109660338B - Anti-quantum computation digital signature method and system based on symmetric key pool - Google Patents

Anti-quantum computation digital signature method and system based on symmetric key pool Download PDF

Info

Publication number
CN109660338B
CN109660338B CN201811376928.4A CN201811376928A CN109660338B CN 109660338 B CN109660338 B CN 109660338B CN 201811376928 A CN201811376928 A CN 201811376928A CN 109660338 B CN109660338 B CN 109660338B
Authority
CN
China
Prior art keywords
key
signature
quantum
pool
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811376928.4A
Other languages
Chinese (zh)
Other versions
CN109660338A (en
Inventor
富尧
钟一民
余秋炜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201811376928.4A priority Critical patent/CN109660338B/en
Publication of CN109660338A publication Critical patent/CN109660338A/en
Application granted granted Critical
Publication of CN109660338B publication Critical patent/CN109660338B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention relates to a quantum computation resistant digital signature method and a quantum computation resistant digital signature system based on a symmetric key pool, wherein during signature, a signature party comprises the following steps: generating a private key and a corresponding public key, encrypting the public key by using the symmetric key pool to obtain a public key, and publishing the public key; signing the message by using a private key, and encrypting the obtained signature by using the symmetric key pool to obtain a secret signature; sending the message, the secret signature and encryption parameters related to the secret signature to a verifier; in the present invention, the quantum key fob used is a stand-alone hardware isolation device. Other related parameters such as a public key, a private key, a true random number and the like are stored or generated in the quantum key fob, so that the possibility of stealing the key by malicious software or malicious operation is greatly reduced, and the key cannot be acquired and cracked by a quantum computer.

Description

Anti-quantum computation digital signature method and system based on symmetric key pool
Technical Field
The invention relates to a public key cryptosystem and a symmetric key pool technology, in particular to a DSA & ECDSA digital signature technology in the field.
Background
Digital signatures (also called electronic signatures) are an important security technology, and play an extremely important role in ensuring the integrity, privacy and non-repudiation of data. Meanwhile, with the development of information technology and its popularization in business, finance, law, government, and other departments, the research of digital signature technology will become more and more important.
Digital signature technology is currently used in the fields of commerce, finance, politics, military and the like, particularly in electronic mail (E-real), Electronic Funds Transfer (EFT), Electronic Data Interchange (EDI), electronic cash (E-cash), software distribution data storage and data integrity verification and source authentication, and the importance of digital signatures is seen.
The digital signature technology ensures the integrity of data by using a hash function, and simultaneously ensures the confidentiality and non-repudiation of information by combining the advantages of public and private encryption and decryption.
The security of a symmetric key cryptosystem depends on the following two factors. First, the encryption algorithm must be strong enough that it is practically impossible to decrypt information based solely on the ciphertext itself; second, the security of the encryption method comes from the secrecy of the key, not the secrecy of the algorithm. The biggest problem of symmetric encryption systems is that the distribution and management of keys is very complicated and costly. Another disadvantage of symmetric encryption algorithms is that digital signatures are not easily implemented. Therefore, the implementation of encryption algorithms in today's mobile e-commerce domain relies primarily on the public key system.
Whereas public key encryption systems employ different encryption keys (public keys) and decryption keys (private keys). Since the encryption key is public, the distribution and management of the key is simple, and the public key encryption system can easily implement digital signature.
Since the public key cryptosystem appeared, scholars proposed many public key encryption methods, and their security was based on complex mathematical problems. Classified according to the mathematical problem on which they are based, there are three types of systems currently considered safe and effective: large integer factorization systems (typically RSA), discrete logarithm systems (typically DSA), and elliptic discrete logarithm systems (ECC).
Digital Signature DSA (DSA-Digital Signature Algorithm) is a variant of the Schnorr and ElGamal Signature algorithms, adopted by the national institute of standards for standards (NIST) as a Digital Signature Standard (DSS). And the Elliptic Curve Digital Signature Algorithm (ECDSA) is a simulation of a Digital Signature Algorithm (DSA) using an Elliptic Curve Cipher (ECC). ECDSA became the ANSI standard in 1999 and the IEEE and NIST standards in 2000. It was accepted by ISO in 1998, and other standards that included it are under consideration by ISO. Unlike the common discrete logarithm problem (discrete logarithm DLP) and the large number decomposition problem (integral factorization distribution IFP), the elliptic curve discrete logarithm problem (elliptic curve discrete logarithm ECDLP) has no sub-exponential time solution. Therefore, the unit bit strength of the elliptic curve cryptography is higher than that of other public key systems.
However, with the development of quantum computers, the classical public key cryptosystem is no longer secure, and the quantum computer can obtain a private key through public key calculation regardless of encryption and decryption or a key exchange method, so that the asymmetric key-based signature method used in the current digital signature becomes overwhelming in the quantum era.
Disclosure of Invention
The invention provides a quantum computation resistant digital signature method capable of improving safety.
A quantum computation resistant digital signature method based on a symmetric key pool is implemented on a signing party, wherein the signing party is configured with a quantum key card, and the quantum key card stores the symmetric key pool corresponding to a verifying party; the quantum computation resistant digital signature method comprises the following steps:
generating a private key and a corresponding public key, encrypting the public key by using the symmetric key pool to obtain a public key, and publishing the public key;
signing the message by using a private key, and encrypting the obtained signature by using the symmetric key pool to obtain a secret signature;
sending the message, the secret signature and the encryption parameters related to the secret signature to a verifier.
Several alternatives are provided below, but not as an additional limitation to the above general solution, but merely as a further addition or preference, each alternative being combinable individually for the above general solution or among several alternatives without technical or logical contradictions.
Optionally, the process of encrypting the public key by using the symmetric key pool includes:
generating a true random number using a prescribed quantum key fob;
obtaining a key seed pointer by using the true random number in combination with a key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
encrypting the public key with the key.
Optionally, the public key further includes the true random number and a relationship parameter between the private key and the public key.
Optionally, the process of encrypting the obtained signature by using the symmetric key pool to obtain a secret signature includes:
generating a true random number using the squared quantum key fob, the true random number serving as the encryption parameter;
obtaining a key seed pointer by using the true random number in combination with a key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
and encrypting the signature by using the secret key to obtain the secret signature.
The invention also provides a quantum computation resistant digital signature system based on the symmetric key pool, which is configured at a signing party, wherein the signing party is configured with a quantum key card, and the quantum key card stores the symmetric key pool corresponding to a verifying party; the quantum computation resistant digital signature system comprises a memory storing a computer program and a processor implementing the steps of the quantum computation resistant digital signature method according to any one of claims 1 to 4 when executing the computer program.
The invention also provides a quantum computation resistant digital signature method based on the symmetric key pool, which is implemented on a verifier, wherein the verifier is provided with a quantum key card, and the quantum key card stores the symmetric key pool corresponding to the signing party; the quantum computation resistant digital signature method comprises the following steps:
receiving a message from a signer, a secret signature, and encryption parameters associated with the secret signature;
decrypting by using the encryption parameter related to the secret signature and using a symmetric key pool of the square quantum key fob to obtain a signature;
obtaining a public key published by a signer, and decrypting by using a symmetric key pool of a quantum key fob of the signer to obtain a public key;
and signing the message by using the public key obtained by decryption, and comparing and authenticating the signature obtained by decryption from the secret signature.
Optionally, the message of the signer, the secret signature, and the encryption parameter related to the secret signature are generated by using the above method for resisting quantum computation digital signature.
The invention also provides a quantum computation resistant digital signature system based on the symmetric key pool, which is configured at a verifier, wherein the verifier is configured with a quantum key card, and the quantum key card stores the symmetric key pool corresponding to the signing party; the system for resisting quantum computation digital signature comprises a memory and a processor, wherein the memory stores a computer program, and the processor realizes the steps of the method for resisting quantum computation digital signature when executing the computer program.
The invention also provides a quantum computation resistant digital signature system based on the symmetric key pool, which comprises a signing party and a verifying party belonging to the same group, wherein the signing party and the verifying party are respectively provided with a quantum key card, and the quantum key card stores the corresponding symmetric key pool;
when signing, the signing party comprises:
generating a private key and a corresponding public key, encrypting the public key by using the symmetric key pool to obtain a public key, and publishing the public key;
signing the message by using a private key, and encrypting the obtained signature by using the symmetric key pool to obtain a secret signature;
sending the message, the secret signature and encryption parameters related to the secret signature to a verifier;
at the time of authentication, at the authenticating party:
receiving a message from a signer, a secret signature, and encryption parameters associated with the secret signature;
decrypting by using the encryption parameter related to the secret signature and using a symmetric key pool of the square quantum key fob to obtain a signature;
obtaining a public key published by a signer, and decrypting by using a symmetric key pool of a quantum key fob of the signer to obtain a public key;
and signing the message by using the public key obtained by decryption, and comparing and authenticating the signature obtained by decryption from the secret signature.
The quantum computation resistant digital signature system based on the symmetric key pool can be regarded as a computer device configured at a corresponding party, and particularly can be a terminal, and comprises a processor, a memory, a network interface, a display screen and an input device which are connected through a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement the quantum computation resistant digital signature method of the present invention. The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, an external keyboard, a touch pad or a mouse and the like.
In the present invention, the quantum key fob used is a stand-alone hardware isolation device. Other related parameters such as a public key, a private key, a true random number and the like are stored or generated in the quantum key fob, so that the possibility of stealing the key by malicious software or malicious operation is greatly reduced, and the key cannot be acquired and cracked by a quantum computer. Because the digital signature is encrypted in the transmission process, the encryption mode is symmetric encryption, and the public key information is encrypted by the key pool, only the members in the corresponding group can obtain the public key through calculation. Therefore, the digital signature in the invention is not easy to calculate the private key, and the security of the digital signature is improved.
Drawings
FIG. 1 is a flowchart of generating a signature of embodiment 1;
FIG. 2 is a flowchart of verifying a signature of embodiment 1;
FIG. 3 is a flowchart of generating a signature of embodiment 2;
fig. 4 is a flowchart of verifying a signature of embodiment 2.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
For a better description and illustration of embodiments of the application, reference may be made to one or more of the drawings, but additional details or examples used in describing the drawings should not be construed as limiting the scope of any of the inventive concepts of the present application, the presently described embodiments, or the preferred versions.
It should be understood that, although the steps in the flowcharts are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a portion of the steps may include multiple sub-steps or multiple stages that are not necessarily performed at the same time, but may be performed at different times, and the order of performance of the sub-steps or stages is not necessarily sequential, but may be performed in turn or alternating with other steps or at least a portion of the sub-steps or stages of other steps.
The implementation scenario of this embodiment is that any two users in a group with the same symmetric key pool are respectively called as a signer and a verifier. The symmetric key pool is composed of large data volume of true random numbers, the data volume is more than 1GB, and the data volume is stored in the quantum key card. Preferably, the true random number is a quantum random number. Quantum key fobs not only can store large amounts of data, but also have the ability to process information. Algorithms with corresponding requirements exist in the local systems of both the signer and the verifier.
Reference may also be made to the chinese patent application No. 201610843210.6 for the quantum key fob itself. When the mobile terminal is used, the quantum key card is preferably a quantum key SD card; when the terminal is a fixed terminal, the quantum key card is preferably a quantum key USBKey or a host quantum key card.
The mechanism of issuance of quantum key cards is different compared to chinese patent application No. 201610843210.6.
The issuer of the quantum key card is the supervisor of the quantum key card, generally the management department of a group, such as the management department of a certain enterprise or a public institution; the issuer of the quantum key fob is a member of the management of the principal of the quantum key fob, typically employees at various levels of a business or institution. The user first applies for an account opening to the supervisor of the quantum key fob. When the user side performs registration and approval, the quantum key card (with the unique quantum key card ID) is obtained. The quantum key card stores the customer registration information and is also internally provided with an identity authentication protocol, at least comprising a key generation algorithm and an authentication function, or other algorithms related to identity authentication. The user side keys in the quantum key fobs are all downloaded from the same quantum network service station, and the key pools stored in each quantum key fobs issued by the owner of the same quantum key fobs are completely consistent. Preferably, the key pool size stored in the quantum key fob may be 1G, 2G, 4G, 8G, 16G, 32G, 64G, 128G, 256G, 512G, 1024G, 2048G, 4096G, and so forth. The capacity depends on the requirement of the supervisor on safety, and the larger the capacity is, the higher the safety is.
The embedded chip and operating system of the quantum key fob may provide secure storage of keys and cryptographic algorithms, among other functions. Due to its independent data processing capabilities and good security, quantum key fobs become a secure carrier for private keys and key pools. Each quantum key fob has hardware PIN code protection, the PIN code and hardware constituting two essential factors for a user to use the quantum key fob. So-called "two-factor authentication" is a method in which a user can log in a system only by simultaneously acquiring a quantum key card and a user PIN code that store relevant authentication information. Even if the PIN code of the user is leaked, the identity of the legal user cannot be counterfeited as long as the quantum key card held by the user is not stolen; if the user's quantum key card is lost, the finder cannot imitate the identity of the legitimate user because the finder does not know the user PIN code.
Example 1
Step 1: signature party generates and publishes public key
1.1 the signer defines the required parameters: the signatory selects a large prime number p, 2L-1≤p<2L,512≤L<1024, and L is a multiple of 64. Selecting prime number q, q is prime factor of (p-1), and 2159<q<2160. The signature party generates a random integer h, and the parameter g ═ h is obtained through calculation(p-1)/q mod p。
1.2 the signatory calculates the public key and discloses: the signing party generates a true random number a (equivalent to the private key), and 0<a<p is the same as the formula (I). The signing party inputs the true random number a, the parameter g and the parameter p to calculate to obtain the public key y ═ ga mod p。
The signing party generates a true random number x, and obtains a key seed pointer kp1 through a key pointer algorithm fkp. The signer takes the corresponding random number sequence X from the symmetric key pool of the local system as the key seed according to the pointer kp 1. And the signing party calculates the random number sequence X by using a key generation algorithm fk to obtain a key xk. And the signing party encrypts the public key Y by using the key xk to obtain Y. The signer stores the public key { g, p, q, x, Y } in a trusted clearinghouse directory, accessible to any user. Where g, p, q can be considered as a relation parameter between the private key and the public key.
Step 2: the signer signs the message and sends the message
2.1 the signing party signs the message: let m be the message signed by the signer. The signing party generates a random number b, and 1<b<p is the same as the formula (I). Calculating r ═ gbmod p) mod q, calculating s ═ b-1(H(m)+ar)]mod q, where H (M) is the hash code of M generated using a hashing algorithm such as SHA-1 or SHA-2. The signer gets the signature (r, s).
2.2 the signing party encrypts the signature: the signing party generates a true random number c, and obtains a key seed pointer kp2 through a key pointer algorithm fkp. The signer takes the corresponding random number sequence C from the symmetric key pool of the local system as the key seed according to the pointer kp 2. And the signing party calculates the random number sequence C by using a key generation algorithm fk to obtain a key k. The signing party encrypts the signature (r, s) with the key k to obtain { r, s } k.
2.3 the signer sends a message to the verifier: and the signing party encrypts and sends the secret signature { r, s } k, the true random number c and the plaintext message m to the verifying party.
And step 3: the verifier decrypts the parsed message and verifies the signature
3.1 the verifier receives the message and decrypts and resolves: the verifier receives the message from the signer, and decrypts the message to obtain a plaintext message m ', a true random number c ' and a secret signature { r, s } k '. (the encryption of step 2.3 and the decryption of this step can be done in a corresponding conventional manner.)
3.2 the verifier calculates the secret key: the verifier obtains a key seed pointer kp2 'through a corresponding key pointer algorithm fkp by using the random number c' obtained through splitting. The verifier takes the corresponding random number sequence C 'from the symmetric key pool of the local system as the key seed according to the pointer kp 2'. The verifier calculates a random number sequence C 'by using a key generation algorithm fk to obtain a key k'. And the verifier obtains the signature r, s through a corresponding decryption algorithm by using the key k 'and the r, s k'.
The verifier also obtains the public key of the signer { g, p, q, x, Y } from the trusted clearinghouse directory.
3.3 the authenticator decrypts the public key: the verifier obtains a key seed pointer kp 1' according to the true random number x by a corresponding key pointer algorithm fkp. The verifier takes the corresponding random number sequence X 'from the symmetric key pool of the local system as the key seed according to the pointer kp 1'. The verifier calculates the random number sequence X 'by using a key generation algorithm fk to obtain a key xk'. The verifier decrypts the parameter Y with the key xk 'to obtain the public key Y'.
3.4 the verifier verifies the message signature: the verified party is calculated to obtain w ═ (s')-1mod q, u1 ═ H (m ') w mod q, u2 ═ r ' w mod q, and finally the verifier calculates v ═ ((g ') w mod qu1*y’u2) mod p) mod q. If v ═ r', then the signature of the message is a valid signature, otherwise, it is an invalid signature.
Example 2
Step 1: the signing party generates and publishes a public key, and generates a signature
1.1 the signer defines the required parameters to calculate the public key of the signer: the signer defines a prime p>3 and two non-negative integers a and b are selected that are less than p. Constructing an elliptic curve E: y is2=x3+ ax + b. While satisfying 4a3+27b2(mod p) ≠ 0, the order n of the elliptic curve is prime, and n ≠ p, n ≠ pk-1, and k is more than or equal to 1 and less than or equal to 20.
The signer defines the ellipse group Ep (a, b). The signing party picks out one element point, namely the base point G (x, y).
The signer generates a true random integer c smaller than p as the private key of the signer, and obtains the public key a ═ cG by calculation using the private key and the base point G. The process of the step is a calculation mode of the existing elliptic curve.
1.2 the signing party encrypts the public key and publishes the public key: the signing party generates a true random number t, and obtains a key seed pointer kp1 through a key pointer algorithm fkp. The signer takes the corresponding random number sequence T from the symmetric key pool of the local system as the key seed according to the pointer kp 1. And the signing party calculates the random number sequence T by using a key generation algorithm fk to obtain a key tk. And the signing party encrypts the public key A by using the key tk to obtain Ak.
The public key is { Ep (a, b), G, t, Ak, n }, and the private key is a true random integer c. Where Ep (a, b), G, t, n may be considered as a relation parameter between the private key and the public key.
The signer deposits the public key { Ep (a, b), G, t, Ak, n } in a trusted clearinghouse directory, accessible to any user.
1.3 signature party generates signature: let m be the message signed by the signer. The signing party generates a true random number d, the size of which is between 1 and (n-1). The signer computes points to get dG ═ e, f and the following computation gets r ═ e mod n, s ═ d-1{ h (m) + cr } mod n. The function h is a secure hash algorithm (such as SHA-1 or SHA-2). If s is equal to 0, the random number is reselected for calculation. The signer gets the signature (r, s).
1.4 signature party encrypted signature: the signing party generates a true random number z, and obtains a key seed pointer kp2 through a key pointer algorithm fkp. The signer takes the corresponding random number sequence Z from the symmetric key pool of the local system as the key seed according to the pointer kp 2. And the signing party calculates the random number sequence Z by using a key generation algorithm fk to obtain a key k. The signing party encrypts the signature (r, s) by using the key k to obtain { r, s } k.
1.5 the signer sends a message to the verifier: and the signing party encrypts and sends the secret signature { r, s } k, the true random number z and the plaintext message m to the verifying party.
Step 2: the verifier decrypts the parsed message and verifies the signature
3.1 the verifier receives the message and decrypts and resolves: the verifier receives the message from the signer, and decrypts the message to obtain the plaintext m ', the true random number z ' and the secret signature { r, s } k '.
3.2 the verifier decrypts the signature: the verifier obtains a key seed pointer kp2 'by using the split true random number z' through a corresponding key pointer algorithm fkp. The verifier takes the corresponding random number sequence Z 'from the symmetric key pool of the local system as the key seed according to the pointer kp 2'. The verifier calculates a random number sequence Z 'by using a key generation algorithm fk to obtain a key k'. The verifier obtains the signature (r, s) ' by the key k ' and the { r, s } k ' through a corresponding decryption algorithm.
3.3 the verifier gets the public key and decrypts: the verifier obtains the public key of the signer { Ep (a, b), G, t, Ak, n } from the trusted clearinghouse directory. The verifier obtains a key seed pointer kp 1' through a corresponding key pointer algorithm fkp according to the true random number t. The verifier takes the corresponding random number sequence T 'from the symmetric key pool of the local system as the key seed according to the pointer kp 1'. The verifier calculates a random number sequence T 'by using a key generation algorithm fk to obtain a key tk'. The verifier decrypts the parameter Ak by using the key tk 'to obtain the public key a'.
3.4 the verifier verifies the message signature: the verified party is calculated to obtain w ═ (s')-1mod n, the verifier calculates u1 ═ (h (m ') × w) mod n, u2 ═ (r ' × w) mod n, and finally the verifier calculates u1G + u2A ═ e ', f ', and calculates v ═ e ' mod n. If v ═ r', then the signature of the message is a valid signature, otherwise, it is an invalid signature.
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (7)

1. A quantum computation resistant digital signature method based on a symmetric key pool is implemented on a signing party, and is characterized in that the signing party is configured with a quantum key card, and the quantum key card stores the symmetric key pool corresponding to a verifying party; the quantum computation resistant digital signature method comprises the following steps:
generating a private key and a corresponding public key, and encrypting the public key by using the symmetric key pool to obtain a public key, wherein the process comprises the following steps:
generating a true random number using a prescribed quantum key fob;
obtaining a key seed pointer by using the true random number in combination with a key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
encrypting the public key by using the key and obtaining a public key;
and publishes the public key;
the process of signing the message by using the private key and encrypting the obtained signature by using the symmetric key pool to obtain the secret signature comprises the following steps:
generating a true random number using the squared quantum key fob, the true random number serving as the encryption parameter;
obtaining a key seed pointer by using the true random number in combination with a key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
encrypting the signature by using the secret key to obtain the secret signature;
sending the message, the secret signature and the encryption parameters related to the secret signature to a verifier.
2. The method of claim 1, wherein the public key further comprises the true random number and a relationship parameter between the private key and a public key.
3. A quantum computation resistant digital signature system based on a symmetric key pool is configured at a signing party, and is characterized in that the signing party is configured with a quantum key card, and the quantum key card stores the symmetric key pool corresponding to a verifying party; the quantum computation resistant digital signature system comprises a memory storing a computer program and a processor implementing the steps of the quantum computation resistant digital signature method according to any one of claims 1 to 2 when executing the computer program.
4. A quantum computation resistant digital signature method based on a symmetric key pool is implemented on a verifier, and is characterized in that the verifier is provided with a quantum key card in which the symmetric key pool corresponding to a signing party is stored; the quantum computation resistant digital signature method comprises the following steps:
receiving a message from a signer, a secret signature, and encryption parameters associated with the secret signature;
the process of obtaining a signature by using the cryptographic parameters associated with the secret signature and the symmetric key pool decryption of the square quantum key fob to decrypt the signature comprises:
obtaining a key seed pointer by using the true random number obtained by splitting through a corresponding key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
obtaining a signature by using the secret key and the secret signature through a corresponding decryption algorithm;
the process of obtaining the public key published by the signer and obtaining the public key by utilizing the symmetric key pool decryption of the quantum key fob comprises the following steps:
obtaining a key seed pointer by using the true random number in the public key through a corresponding key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
decrypting the public key parameter by using the key to obtain a public key;
and signing the message by using the public key obtained by decryption, and comparing and authenticating the signature obtained by decryption from the secret signature.
5. The quantum-resistant computational digital signature method based on the symmetric key pool as claimed in claim 4, wherein the message of the signer, the secret signature and the encryption parameters related to the secret signature are generated by the quantum-resistant computational digital signature method as claimed in any one of claims 1 to 2.
6. A quantum computation resistant digital signature system based on a symmetric key pool is configured at a verifier, and is characterized in that the verifier is configured with a quantum key card in which the symmetric key pool corresponding to a signing party is stored; the system for quantum computation resistant digital signature comprises a memory storing a computer program and a processor implementing the steps of the method for quantum computation resistant digital signature as claimed in claim 4 or 5 when the processor executes the computer program.
7. A digital signature system of anti-quantum computation based on symmetric key pool, including signing party and verifier of the same group, characterized by that, signing party and verifier dispose the quantum key fob separately, store the corresponding symmetric key pool in the quantum key fob;
when signing, the signing party comprises:
generating a private key and a corresponding public key, and encrypting the public key by using the symmetric key pool to obtain a public key, wherein the process comprises the following steps:
generating a true random number using a prescribed quantum key fob;
obtaining a key seed pointer by using the true random number in combination with a key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
encrypting the public key by using the key and obtaining a public key;
and publishes the public key;
the process of signing the message by using the private key and encrypting the obtained signature by using the symmetric key pool to obtain the secret signature comprises the following steps:
generating a true random number using the squared quantum key fob, the true random number serving as the encryption parameter;
obtaining a key seed pointer by using the true random number in combination with a key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
encrypting the signature by using the secret key to obtain the secret signature;
sending the message, the secret signature and encryption parameters related to the secret signature to a verifier;
at the time of authentication, at the authenticating party:
receiving a message from a signer, a secret signature, and encryption parameters associated with the secret signature;
the process of obtaining a signature by using the cryptographic parameters associated with the secret signature and the symmetric key pool decryption of the square quantum key fob to decrypt the signature comprises:
obtaining a key seed pointer by using the true random number obtained by splitting through a corresponding key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
obtaining a signature by using the secret key and the secret signature through a corresponding decryption algorithm;
the process of obtaining the public key published by the signer and obtaining the public key by utilizing the symmetric key pool decryption of the quantum key fob comprises the following steps:
obtaining a key seed pointer by using the true random number in the public key through a corresponding key pointer algorithm;
taking out a corresponding random number sequence from a symmetric key pool of the square quantum key card by using the key seed pointer as a key seed;
calculating a key by using the key seed and a key generation algorithm;
decrypting the public key parameter by using the key to obtain a public key;
and signing the message by using the public key obtained by decryption, and comparing and authenticating the signature obtained by decryption from the secret signature.
CN201811376928.4A 2018-11-19 2018-11-19 Anti-quantum computation digital signature method and system based on symmetric key pool Active CN109660338B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811376928.4A CN109660338B (en) 2018-11-19 2018-11-19 Anti-quantum computation digital signature method and system based on symmetric key pool

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811376928.4A CN109660338B (en) 2018-11-19 2018-11-19 Anti-quantum computation digital signature method and system based on symmetric key pool

Publications (2)

Publication Number Publication Date
CN109660338A CN109660338A (en) 2019-04-19
CN109660338B true CN109660338B (en) 2021-07-27

Family

ID=66111308

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811376928.4A Active CN109660338B (en) 2018-11-19 2018-11-19 Anti-quantum computation digital signature method and system based on symmetric key pool

Country Status (1)

Country Link
CN (1) CN109660338B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110138547B (en) * 2019-04-22 2023-09-01 如般量子科技有限公司 Quantum communication service station key negotiation method and system based on asymmetric key pool pair and serial number
CN110176989B (en) * 2019-05-15 2023-03-14 如般量子科技有限公司 Quantum communication service station identity authentication method and system based on asymmetric key pool
CN110557246B (en) * 2019-07-16 2023-05-05 如般量子科技有限公司 Quantum-resistant computing access control method and system based on disposable asymmetric key pair and movable identity recognition device
CN110519040B (en) * 2019-07-16 2023-04-18 如般量子科技有限公司 Anti-quantum computation digital signature method and system based on identity
CN110601845B (en) * 2019-08-28 2022-11-15 如般量子科技有限公司 Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC
CN111314084B (en) * 2020-01-21 2023-02-28 南京如般量子科技有限公司 Anti-quantum-computation RFID authentication method and system
CN113411187B (en) * 2020-03-17 2023-12-15 阿里巴巴集团控股有限公司 Identity authentication method and system, storage medium and processor

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004102860A2 (en) * 2003-05-13 2004-11-25 Bsi2000, Inc. Cryptographically secure transactions with optical cards
CN106452793A (en) * 2016-11-21 2017-02-22 航天信息股份有限公司 Method and system of electronic signature
CN106888084A (en) * 2017-01-04 2017-06-23 浙江神州量子网络科技有限公司 A kind of quantum fort machine system and its authentication method
CN107888381A (en) * 2017-11-09 2018-04-06 飞天诚信科技股份有限公司 A kind of implementation method of key importing, apparatus and system
CN108737114A (en) * 2018-06-19 2018-11-02 天津中兴云链技术有限公司 A kind of endorsement method and device of the block catenary system based on quantum key distribution

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9479480B2 (en) * 2010-01-29 2016-10-25 Citrix Systems, Inc. Systems and methods of using SSL pools for WAN acceleration

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004102860A2 (en) * 2003-05-13 2004-11-25 Bsi2000, Inc. Cryptographically secure transactions with optical cards
CN106452793A (en) * 2016-11-21 2017-02-22 航天信息股份有限公司 Method and system of electronic signature
CN106888084A (en) * 2017-01-04 2017-06-23 浙江神州量子网络科技有限公司 A kind of quantum fort machine system and its authentication method
CN107888381A (en) * 2017-11-09 2018-04-06 飞天诚信科技股份有限公司 A kind of implementation method of key importing, apparatus and system
CN108737114A (en) * 2018-06-19 2018-11-02 天津中兴云链技术有限公司 A kind of endorsement method and device of the block catenary system based on quantum key distribution

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"State management for hash-based signatures";David McGrew1;《International Conference on Research in Security Standardisation》;20161231;全文 *
"量子通信若干理论研究";富尧;《中国博士学位论文全文数据库》;20160915;全文 *

Also Published As

Publication number Publication date
CN109660338A (en) 2019-04-19

Similar Documents

Publication Publication Date Title
CN109660338B (en) Anti-quantum computation digital signature method and system based on symmetric key pool
CN109672537B (en) Anti-quantum certificate acquisition system and method based on public key pool
CN109728906B (en) Anti-quantum-computation asymmetric encryption method and system based on asymmetric key pool
EP1676281B1 (en) Efficient management of cryptographic key generations
CN109936456B (en) Anti-quantum computation digital signature method and system based on private key pool
CN109921905B (en) Anti-quantum computation key negotiation method and system based on private key pool
CN109064324A (en) Method of commerce, electronic device and readable storage medium storing program for executing based on alliance&#39;s chain
CN109787758B (en) Anti-quantum computation MQV key agreement method and system based on private key pool and Elgamal
JP2020522205A (en) Progressive key encryption algorithm
CN109918888B (en) Anti-quantum certificate issuing method and issuing system based on public key pool
CN109905229B (en) Anti-quantum computing Elgamal encryption and decryption method and system based on group asymmetric key pool
CN109728905B (en) Anti-quantum computation MQV key negotiation method and system based on asymmetric key pool
CN110557247B (en) Identity-based blockchain method and system
CN110176989B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool
Kumar et al. An efficient implementation of digital signature algorithm with SRNN public key cryptography
US7424114B2 (en) Method for enhancing security of public key encryption schemas
Fanfara et al. Usage of asymmetric encryption algorithms to enhance the security of sensitive data in secure communication
CN110519040B (en) Anti-quantum computation digital signature method and system based on identity
CN110677253B (en) Anti-quantum computation RFID authentication method and system based on asymmetric key pool and ECC
CN117795901A (en) Generating digital signature shares
CN109905236B (en) Anti-quantum computing Elgamal encryption and decryption method and system based on private key pool
CN110768782B (en) Anti-quantum computation RFID authentication method and system based on asymmetric key pool and IBS
CN109687962B (en) Anti-quantum computation MQV key negotiation method and system based on private key pool
CN110601845B (en) Anti-quantum computation RFID authentication method and system based on symmetric key pool and ECC
CN110572256B (en) Anti-quantum computing asymmetric key management method and system based on asymmetric key pool and implicit certificate

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant